www.darkreading.com Open in urlscan Pro
2606:4700::6811:7863 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Submission: On May 17 via api (May 17th 2023, 2:13:35 am UTC) from TR — Scanned from DE

Summary HTTP 262 Redirects Links 45 Behaviour Indicators

Summary

This website contacted 53 IPs in 6 countries across 37 domains to perform 262 HTTP transactions. The main IP is 2606:4700::6811:7863, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.darkreading.com. The Cisco Umbrella rank of the primary domain is 150493.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 9th 2023. Valid for: a year.

This is the only time www.darkreading.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 37	2606:4700::68... 2606:4700::6811:7863	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700::68... 2606:4700::6813:bb61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 28	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
10	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2b9e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	13.32.99.33 13.32.99.33	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.193.131 151.101.193.131	54113 (FASTLY) (FASTLY)
1	23.201.242.231 23.201.242.231	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.32.99.71 13.32.99.71	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:8800:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.122 13.32.99.122	16509 (AMAZON-02) (AMAZON-02)
1 2	142.0.173.15 142.0.173.15	7160 (NETDYNAMICS) (NETDYNAMICS)
1	52.222.236.74 52.222.236.74	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	108.138.17.124 108.138.17.124	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
2	52.72.174.214 52.72.174.214	14618 (AMAZON-AES) (AMAZON-AES)
1	34.193.26.185 34.193.26.185	14618 (AMAZON-AES) (AMAZON-AES)
2	18.194.32.95 18.194.32.95	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.19 18.66.112.19	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	52.17.38.186 52.17.38.186	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
12	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	185.221.87.23 185.221.87.23	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
31	23.32.185.123 23.32.185.123	16625 (AKAMAI-AS) (AKAMAI-AS)
11	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
3	95.101.149.35 95.101.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.224.217.157 54.224.217.157	14618 (AMAZON-AES) (AMAZON-AES)
2	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	46.51.147.53 46.51.147.53	16509 (AMAZON-02) (AMAZON-02)
1	34.239.95.171 34.239.95.171	14618 (AMAZON-AES) (AMAZON-AES)
41	18.66.112.49 18.66.112.49	16509 (AMAZON-02) (AMAZON-02)
2	23.35.229.56 23.35.229.56	16625 (AKAMAI-AS) (AKAMAI-AS)
4	54.86.156.61 54.86.156.61	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:8d:... 2a04:4e42:8d::159	54113 (FASTLY) (FASTLY)
262	53

37 2606:4700::6811:7863 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beta.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6813:bb61 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

eu-images.contentstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2b9e (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-33.fra60.r.cloudfront.net

static.iris.informa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.131 (United States)

ASN54113 (FASTLY, US)

6600d6d98e534115970f9529a45f3195.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.201.242.231 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-242-231.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-71.fra60.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:8800:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net

cdn.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.0.173.15 (Toronto, Canada) 1 redirects

ASN7160 (NETDYNAMICS, US)

trk.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-124.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.82 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.174.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-174-214.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.26.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-26-185.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.32.95 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-32-95.eu-central-1.compute.amazonaws.com

eu01.in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.38.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-38-186.eu-west-1.compute.amazonaws.com

iirexhibitionslimite.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

68872e820fb9afb0f1d2e9ae040e5212.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.221.87.23 (Ireland)

ASN54113 (FASTLY, US)

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 23.32.185.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-123.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.224.217.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-217-157.compute-1.amazonaws.com

ads.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.51.147.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-147-53.eu-west-1.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.239.95.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-95-171.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 18.66.112.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-49.fra56.r.cloudfront.net

cache-ssl.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.86.156.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-156-61.compute-1.amazonaws.com

track.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:8d::159 (United States)

ASN54113 (FASTLY, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	celtra.com ads.celtra.com — Cisco Umbrella Rank: 4028 cache-ssl.celtra.com — Cisco Umbrella Rank: 4897 track.celtra.com — Cisco Umbrella Rank: 4725	1 MB
39	darkreading.com 2 redirects www.darkreading.com — Cisco Umbrella Rank: 150493 beta.darkreading.com — Cisco Umbrella Rank: 408657 trk.darkreading.com — Cisco Umbrella Rank: 843604 c.darkreading.com — Cisco Umbrella Rank: 609624	834 KB
32	moatads.com z.moatads.com — Cisco Umbrella Rank: 499 geo.moatads.com — Cisco Umbrella Rank: 797 px.moatads.com — Cisco Umbrella Rank: 544	676 KB
32	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205 stats.g.doubleclick.net — Cisco Umbrella Rank: 91 cm.g.doubleclick.net — Cisco Umbrella Rank: 234	234 KB
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 68872e820fb9afb0f1d2e9ae040e5212.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 143	401 KB
12	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 449	40 KB
10	contentstack.com eu-images.contentstack.com — Cisco Umbrella Rank: 49650	82 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 410	289 KB
7	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4217 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 83	2 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	317 KB
5	teads.tv a.teads.tv — Cisco Umbrella Rank: 1435 t.teads.tv — Cisco Umbrella Rank: 2833	132 KB
4	youtube.com www.youtube.com — Cisco Umbrella Rank: 85	116 KB
3	ml314.com ml314.com — Cisco Umbrella Rank: 1908 in.ml314.com — Cisco Umbrella Rank: 10186	12 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5171 adservice.google.de — Cisco Umbrella Rank: 7680	1 KB
3	treasuredata.com cdn.treasuredata.com — Cisco Umbrella Rank: 15504 eu01.in.treasuredata.com — Cisco Umbrella Rank: 27145	20 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	21 KB
3	dpmsrv.com s.dpmsrv.com — Cisco Umbrella Rank: 29918 a.dpmsrv.com — Cisco Umbrella Rank: 24876	64 KB
3	informa.com static.iris.informa.com — Cisco Umbrella Rank: 58983	30 KB
2	nr-data.net bam.eu01.nr-data.net — Cisco Umbrella Rank: 9642	868 B
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	2 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 695 script.hotjar.com — Cisco Umbrella Rank: 957	74 KB
2	ubembed.com 6600d6d98e534115970f9529a45f3195.js.ubembed.com — Cisco Umbrella Rank: 411893 assets.ubembed.com — Cisco Umbrella Rank: 11949	49 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	157 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 775	56 KB
1	twimg.com pbs.twimg.com — Cisco Umbrella Rank: 840	2 KB
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 416	98 B
1	omtrdc.net iirexhibitionslimite.tt.omtrdc.net — Cisco Umbrella Rank: 479522	815 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2487	259 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1299	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1680	15 KB
1	en25.com img.en25.com — Cisco Umbrella Rank: 7031	3 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1019	49 KB
1	gstatic.com fonts.gstatic.com	20 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 636	295 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1018	7 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2649	15 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	7 KB
262	37

	Domain	Requested by
41	cache-ssl.celtra.com	ads.celtra.com www.darkreading.com
28	securepubads.g.doubleclick.net	1 redirects www.darkreading.com www.googletagservices.com
28	beta.darkreading.com	www.darkreading.com beta.darkreading.com
25	px.moatads.com
12	js-agent.newrelic.com	www.darkreading.com
11	tpc.googlesyndication.com	www.darkreading.com securepubads.g.doubleclick.net
10	eu-images.contentstack.com	www.darkreading.com
10	cdn.cookielaw.org	www.darkreading.com
8	pagead2.googlesyndication.com	www.darkreading.com tpc.googlesyndication.com www.googletagservices.com
7	www.darkreading.com	1 redirects www.darkreading.com
6	z.moatads.com	securepubads.g.doubleclick.net
6	www.googletagservices.com	securepubads.g.doubleclick.net
5	www.google.com	www.darkreading.com securepubads.g.doubleclick.net
4	track.celtra.com
4	www.youtube.com	www.darkreading.com www.youtube.com
3	a.teads.tv	securepubads.g.doubleclick.net www.darkreading.com
3	www.google-analytics.com	www.darkreading.com
3	static.iris.informa.com	www.darkreading.com
2	t.teads.tv
2	ml314.com	z.moatads.com ml314.com
2	bam.eu01.nr-data.net	www.darkreading.com
2	cm.g.doubleclick.net	2 redirects
2	eu01.in.treasuredata.com	www.darkreading.com
2	c.darkreading.com	www.darkreading.com
2	a.dpmsrv.com	www.darkreading.com
2	ib.adnxs.com	2 redirects
2	www.google.de	www.darkreading.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.darkreading.com
2	trk.darkreading.com	1 redirects www.darkreading.com
2	www.googletagmanager.com	www.darkreading.com
2	code.jquery.com	www.darkreading.com securepubads.g.doubleclick.net
1	pbs.twimg.com
1	in.ml314.com	ml314.com
1	geo.moatads.com	z.moatads.com
1	ads.celtra.com	www.darkreading.com
1	68872e820fb9afb0f1d2e9ae040e5212.safeframe.googlesyndication.com	www.darkreading.com
1	adservice.google.com	www.darkreading.com
1	adservice.google.de	www.darkreading.com
1	idsync.rlcdn.com	www.darkreading.com
1	iirexhibitionslimite.tt.omtrdc.net	www.darkreading.com
1	vc.hotjar.io	www.darkreading.com
1	ping.chartbeat.net	www.darkreading.com
1	assets.ubembed.com	www.darkreading.com
1	region1.analytics.google.com	www.googletagmanager.com
1	script.hotjar.com	www.darkreading.com
1	cdn.treasuredata.com	www.darkreading.com
1	static.chartbeat.com	www.darkreading.com
1	static.hotjar.com	www.darkreading.com
1	s.dpmsrv.com	www.darkreading.com
1	img.en25.com	www.darkreading.com
1	6600d6d98e534115970f9529a45f3195.js.ubembed.com	www.darkreading.com
1	www.googleoptimize.com	www.darkreading.com
1	fonts.gstatic.com	www.darkreading.com
1	geolocation.onetrust.com	www.darkreading.com
1	static.cloudflareinsights.com	www.darkreading.com
1	stackpath.bootstrapcdn.com	www.darkreading.com
1	cdnjs.cloudflare.com	www.darkreading.com
262	57

This site contains links to these domains. Also see Links.

Domain
ve.informaengage.com
www.blackhat.com
darkreading.tradepub.com
www.informationweek.com
messages.blackhat.com
www.justice.gov
www.interop.com
www.networkcomputing.com
www.itprotoday.com
www.datacenterknowledge.com
www.omdia.com
info.wrightsmedia.com
twitter.com
www.linkedin.com
www.facebook.com
www.youtube.com
news.google.com
tech.informa.com
www.informa.com
www.onetrust.com
adclick.g.doubleclick.net

Subject Issuer	Validity	Valid
darkreading.com Cloudflare Inc ECC CA-3	`2023-04-09` - `2024-04-08`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.contentstack.com Gandi Standard SSL CA 2	`2022-08-02` - `2023-07-22`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
static.iris.informa.com Amazon RSA 2048 M01	`2023-02-23` - `2023-09-01`	6 months	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-10-09` - `2023-11-10`	a year	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-17` - `2023-07-18`	a year	crt.sh
*.dpmsrv.com Amazon RSA 2048 M01	`2023-03-18` - `2024-04-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.treasuredata.com Amazon RSA 2048 M01	`2023-02-21` - `2023-09-16`	7 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
assets.ubembed.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-03`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
*.in.treasuredata.com Amazon RSA 2048 M02	`2023-02-13` - `2023-07-23`	5 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.eu01.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
celtra.com Amazon RSA 2048 M01	`2023-02-20` - `2024-02-07`	a year	crt.sh
ml314.com GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh
*.ml314.com Amazon RSA 2048 M02	`2023-02-27` - `2023-12-14`	10 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Frame ID: 8777439D771AC2518EED7445193BC8C1
Requests: 165 HTTP requests in this frame

Frame: https://68872e820fb9afb0f1d2e9ae040e5212.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E24C25C36FF681BF3E8EEC88DE3874B2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNWPy0jj4RCl_6Tk6mUKGG2oPivHPK7f377eh-0_NY7HU-GnEtYC7CdhU2173kmG9QF_dz5t0NfPhIf-t6cMfNCwXFARn7wIW7O10COOetUo0AdLEkjmB7wAi3VeyqIcN25l8k_K4sC-AbadEbL2bwm4i8xkBlQpNX1Hs5hixnPeiyM3h8J3NSTO69zuO_2uTpoE7m7cnRiiFKv_3wwxr21493jJt8Rg32zcuZwoKwWkllQRFJED6ZxpFpjY6UIclb08_GD99KBNGCn4DBOhTro_byNBz20fzM395kXQM_s9NPVZrXQp8ypU2_xNHwBxIliJLxPc9GwHFxKPzUTKGbPreLt1o0Lz6utdPEKk5yYPaSb-VYAkU2bV7VNXpBSJmVp983Okg&sai=AMfl-YSv-Gn4KbFUm1-aHa4x4Y5BhU6EOCObLJiIb-YxNr0qMIa80-M7mIpUU0xkm41s12J5sVYFeDNCeplGxZb3fhSDwxzwmoIg_dLkFUoayVh6BhJdzWoSBPcrb2DRXJU&sig=Cg0ArKJSzCjGyIxByiL_EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FDABF670A0129F3C6558D8EC945D5B67
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMRDNEzxisa_zGSgqmaKJynnojWAfkZNRjs0CtTKyoZV0sTvuUp-hcYwPB_vfsmJRvnFNiqOj1gosD_XWJUgcYLGQzo7YMOWR5xSpgsrnxqs9ZS0q86LUCEejurhGZnK_VDG4TM9-VXjCYN77-EHfpRoajfDQAhugJUYfVKGr5CpTnU-1OhhksoT2U62iwmEkYM4BBgBOskhMg8qVK91HR-SIC9QMDJa-7svTf5boI5PWWDiv4-LbbUtCbTA3AImeGj_TQ85OGGBgWxWklcH8n0U8WWj98RJntx9QzXznulv8GMscdD2KKVWi6mO1Jb3kzoEYk9C3WycnMMW1dkOJsM3YZawJsZ7GTHd5OkCb-1P46Ng&sai=AMfl-YTPjVvCnSsBG8HmxbKEQn3rFcJ9F53vw1dLr-qz9D8Qz7dfTfxKKYK-jkxi2hYRwZIAm9Ea0m1ztKOCg6IdcuioS5BdzD6U1W3O32nJnaPbYGM_z9DRMgmQH2Dp7eM&sig=Cg0ArKJSzJGZJxivNoGbEAE&uach_m=[UACH]&adurl=
Frame ID: AA281DB40EC4B223976CACE3DAE428F4
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDfqOk_5OziDpebjMca4vVhscvzSetJNIqr8GWYVl4gK6zKt26Y1G9KgneH8UpeKVKmQ3PR1L8GEYT3Vb03M9DcDG97lKN1e3QT8ZriqJlHErJ7jbWwdCdLF7uyYy7KC9TxZ9s8nqd7HV8T9ywKUpkQkNEtqysn5lQHkxc2g9IN2mcZBCXdcXgcLVFRR90yv1F7gdj-jQgyJ-XHsmeTgi711EaQlnVZ4ULsogPoDHlJLBd8meF-i2drkU_g4UZ_Vj6pBXy2dCzHehqOC2JXeNZ5LvsVvzLJ1Y3mqEnFpux0FyjVrXdLTp58d5ErbKVfXB_0f8WDF8QaVziJasml4DpF7ne22-hbVEmLi9M-7lLPKxvdw&sai=AMfl-YT21iDUXHgPVDCPcxME4epq_4HDt5_7wxN6Hc5VvtturJvfQePeprZAHL7eLKKHzJRZMy995SZY1DGfLpdAZyDPsuu3Y4NEB0jjXF_blMmh5zMeODV1-J5n1EpZWg&sig=Cg0ArKJSzAKXBpDsmbnmEAE&uach_m=[UACH]&adurl=
Frame ID: E268DA8E8EA6F93FF8E1C1723A0F5590
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8ImqQwYS472txhqg8hqGMTZNPNIxz7RGsWzYZex9ptpb4N3L2jMWBSJKfFn09aUbAHPoxbibe0_v9xdOZQTsoSovNA34YQfjbse-qaXthruc2Kohdz8tI85QzhxuVoJb1wpfiby2nvjtoRN7-s9Qm-CWkx8JjngD9SxB1CRRun3zfZ_7mFcJjqqLlWpRQiRIotnNKvojDEuprYyK-tAe8IT_3xidoxEAzpExItsU4kVtoWB1ntOy8cDPgApcboF4KHwdjap8pseU_l-jcLn2hf7Lu5idzL0m0EDiQmBGcBDNrr9IVfrgjtJXcJH-ErknsGNF9SSbI39GO5dHG_Ktsw-Loh8c2M_73vAozTWZ96VgI3Q&sai=AMfl-YQ4i9hcM8_GW96wJGJB2SZkZdMuZybjZqlOVa4QDvhd-zxRA8WvwfphsIYdM9rMw6oa9rcRL5NDm1VG7t7fLoO_JOANCQCvqwYI5f6XN0bo3rM7VL9mLrZxfrPOfw&sig=Cg0ArKJSzBCWNUO4nVLHEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 002956303880CD1C5DD1117957ED8F2C
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqHwV2gijnUkeG0PwJKLcTdMqMTVih9OvzO5FgMa83SLOvSaNUN5Eab32mkVoFbmBrakO3rKUPxlwDWaa3UW7uPk3wUZYifxf2D7xcSsLCL4cU6LaJwznz5cUQOoHsSVOW8So3z3nbGJKErQPcZf9T_1TR0RbMfArc-x2bTNEUDaLB8twkpGq6wGA8i3p3dqIf-4Y343BlxOGq79BXC6HIAmPlHSzgojP_TBw4-qsz3AHaa2qiLEBInXXuvjL8-_3Z-BjOvTP6hyYLooq1ozxaFRoDTWtGpWp2oLKbTGli4RAf-_Gz7B8YY3OEz95hUnl0FG3njTbj7e4ta62lRTXJJbJjC2JEgmiS1wcCCFfl3SeZhw&sai=AMfl-YQYDFMbYIIQXLLzSzsQ79PDplyYAmgXhf3XjarUMPQ-CunMWwHrYxtr1zeL9wsNM1yPMku2JVKdo0t9TNUdZIr3ZEUg7AY0GGZYUUe6g7IeHVvQJLn3ax3kf5G1Jzg&sig=Cg0ArKJSzNmUEOMElwtSEAE&uach_m=[UACH]&adurl=
Frame ID: A5982CF4BE480AEE8858EF16145AE940
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8TXllnlWeoYcWcbg3Ksx08SLWtnL8jBLfJ7IUQaVd_1K9AgKhjnjsVKS9EHcj438dTSkYMlvgmSEJpR9X45YPTZSfvJIlkyOy87Cv9NjkFrFHyz1Kiii8O5BcqSZ-gj5d97BHfi8Vtkf5uxAIdR1o3dgSRdgKd_RTFUBXsaWLVcd8lMchyks9e8vGUKMW7-xR1YcD0YHtT0eH6v8_MeIuVTq0KTKi5VSBOJ_8D-fAFvu95Duo1s5KgJQKIL1tx1IUcvNc6TWsWGlfm1-yaSOGrmbpWKWKuieBE2ac1__Cfz_Rau8JEBC1PKZDyv64VvFy5nm2YjdWG7SJlg6RzzFdLCfx71P92DynSYS22P0-WNAGiZcgpg&sai=AMfl-YSxWskNdkb0gHFTLfRkGCJh02Qx3NBjCuK-pWphUJ5-3u8heykvTm-qkPyKkKiAZ8Zw55oA4Mf5qnm-v0P9GID5p1UKbOWxAEEdP4RfLqOY99vqUFiWKAxOUl4nK24&sig=Cg0ArKJSzFuZ1rcP-wQaEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8680E087C9D529E6CA81D836002B9480
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurx8mTSlDVjKZD-JkeDRffnNbz7SFvm97USWkHtTMbaRp7PYQd1fNsZq1varmmEitp-vqx3H81YFSgV3abvADznduYT7LUNHO3TaX-sQWuNSfNYQk_Ac-twjPoj5A--Llpcp36afNOn7EkHobvD6SqSUVgWZXjfOCvCWdnu3_vm0gPjVZd91oXspl6LlV6pfUiI1HmRnarjFEtFmZQBx6Hw8DqVmrUXLgDcz8Pfe9sLHVZ6D7POwxSgfiQJoG9sT18RlzAOgL4R9G-CwA8hfBPzZy_yUFz1mLFyAHOsiaTvgFyaFYbvsZLNuzG3l0u472iRiM0cgG3AuJMeAnER5p2t-PykVVgGv1eFPOlTiQH&sai=AMfl-YTZfFOD2gdRVCZC83KWSGyN-HGSZ6krRdQAD3RVB-hk49_XW7_8D-7mBKkSlgTOw6yOf3_obOEVrBvnPBbqQ4DuWbjlvCusA0KS5DDIPYecMkFTTOa4mDDftNrKsaI&sig=Cg0ArKJSzM1kTJjKzUd1EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 5416E8B2D77EFC9A79C2C6875ADCC5DE
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 478D36E55CA7CBFA87302A7288E3D0E2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C7B8892723AC9A1F17A11DD77FDE69EF
Requests: 2 HTTP requests in this frame

Frame: https://cache-ssl.celtra.com/api/fonts/google/Lato:400/3_webfont.woff2?subset=BCDEGILORSTUVW
Frame ID: F5A0F9C47EEC0B81CF0DC2AD1A2380CB
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Russian Ransomware Perp Charged After High-Profile Hive, Babuk & LockBit HitsCookies ButtonBack ButtonSearch IconFilter Icon

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

262
Requests

97 %
HTTPS

46 %
IPv6

37
Domains

57
Subdomains

53
IPs

6
Countries

5225 kB
Transfer

13017 kB
Size

38
Cookies

45 Outgoing links

These are links going to different origins than the main page.

URL: https://ve.informaengage.com/virtual-events/dr-anatomy-of-a-data-breach-and-what-to-do-if-it-happens-to-you/?kcode=sbx&cid=smartbox_techweb_session_16.500296&_mc=smartbox_techweb_session_16.500296
Title: Anatomy of a Data Breach - A Dark Reading June 22 Event

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/?cid=smartbox_techweb_session_16.500287&_mc=smartbox_techweb_session_16.500287
Title: Black Hat USA - August 5-10 - Learn More

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_palo192&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001294&_mc=smartbox_techweb_upcoming_webinars_8.500001294
Title: Building the SOC of the Future: Next-Gen Security Operations

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_ingg114&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001295&_mc=smartbox_techweb_upcoming_webinars_8.500001295
Title: Everything you Need to Know about DNS Attacks

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper/Security
Title: White Papers >

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper
Title: Tech Library >

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa3135&ch=dr_header
Title: Newsletter Sign-Up

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_manf45&ch=drsitebell
Title: Event

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4076&ch=drsitebell
Title: Event

Search URL Search Domain Scan URL

URL: https://messages.blackhat.com/2022-attendee-report-2022?kcode=drsite
Title: Report

Search URL Search Domain Scan URL

URL: https://www.justice.gov/opa/pr/russian-national-charged-ransomware-attacks-against-critical-infrastructure
Title: charges against the alleged ransomware operator

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa3135&ch=dr_eoa
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_invj39&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005381&_mc=smartbox_techweb_whitepaper_14.500005381
Title: ESG Report: Automated Application Security Testing for Faster Development

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4020&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005377&_mc=smartbox_techweb_whitepaper_14.500005377
Title: Adopting a Defense-in-Depth Approach to IT Security

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_invj50&ch=sbx&cid=smartbox_techweb_analytics_7.300005987&_mc=smartbox_techweb_analytics_7.300005987
Title: How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_defa4088&ch=sbx&cid=smartbox_techweb_analytics_7.300005984&_mc=smartbox_techweb_analytics_7.300005984
Title: Successfully Managing Identity in Modern Cloud and Hybrid Environments

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_synp02&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001296&_mc=smartbox_techweb_upcoming_webinars_8.500001296
Title: Why Threat Modeling Is Critical for Enterprise Cyber Defense

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_forq204&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001297&_mc=smartbox_techweb_upcoming_webinars_8.500001297
Title: Securing the Remote Worker: How to Monitor and Mitigate Offsite Cyberattacks

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4298&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001298&_mc=smartbox_techweb_upcoming_webinars_8.500001298
Title: Next-Generation Supply Chain Security

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_defa3977&ch=sbx&cid=smartbox_techweb_analytics_7.300005981&_mc=smartbox_techweb_analytics_7.300005981
Title: The 10 Most Impactful Types of Vulnerabilities for Enterprises Today

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_darl08&ch=sbx&cid=smartbox_techweb_analytics_7.300005973&_mc=smartbox_techweb_analytics_7.300005973
Title: The Promise and Reality of Cloud Security

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_defa3521&ch=sbx&cid=smartbox_techweb_analytics_7.300005970&_mc=smartbox_techweb_analytics_7.300005970
Title: 10 Hot Talks From Black Hat USA 2022

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4001&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005373&_mc=smartbox_techweb_whitepaper_14.500005373
Title: A Security Leader's Guide to Leveraging MDR for Security Maturity and Development

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4000&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005372&_mc=smartbox_techweb_whitepaper_14.500005372
Title: Every Minute Matters: Real-World Incident Response Timelines In Action

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_wiza05&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005364&_mc=smartbox_techweb_whitepaper_14.500005364
Title: 2023 Gartner Market Guide for Cloud-Native Application Protection Platforms (CNAPP)

Search URL Search Domain Scan URL

URL: https://www.interop.com/
Title: Interop

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/
Title: InformationWeek

Search URL Search Domain Scan URL

URL: https://www.networkcomputing.com/
Title: Network Computing

Search URL Search Domain Scan URL

URL: https://www.itprotoday.com/
Title: ITPro Today

Search URL Search Domain Scan URL

URL: https://www.datacenterknowledge.com/
Title: Data Center Knowledge

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/
Title: Black Hat

Search URL Search Domain Scan URL

URL: http://www.omdia.com/
Title: Omdia

Search URL Search Domain Scan URL

URL: https://info.wrightsmedia.com/informa-licensing-reprints-request
Title: Reprints

Search URL Search Domain Scan URL

URL: https://twitter.com/DarkReading

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/dark-reading/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/darkreadingcom

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@DarkReadingOfficialYT

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMKmknwswtq63Aw?ceid=US:en&oc=3

Search URL Search Domain Scan URL

URL: https://tech.informa.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://tech.informa.com/cookie-policy
Title: Cookies

Search URL Search Domain Scan URL

URL: https://tech.informa.com/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://tech.informa.com/terms-and-conditions
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.informa.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvEQXld5inmXXy8sxnS33a2w6lOCvAwpJIMZ43JbUj1wlEMapmwryXd-S8fvf0CRMqtz4ctjALELgAA3HcQTjIidYpXhMpat2VhCYNY7v3rejK8b7lkAjCzIkLc1o4RW4s--jMyD-pvTEzE_ihweL2e_bLIrVEfHnxILn2JD9splFcOlOA8sYnJKrs3wQ0SdbW5V6_2ZmAQwaEprhdP3fd35JsbZDSOhrye82KfZ1k0WqXWsj9HJ_KGZg8PmMu6pM4e9qtSCwlh7ju_tHBNOAk0byhttdw9vuh94jjCPOWM-EgjvC2CvMVkDx6ffvwUp_sFiIWf_seuDF6P8axKSuB8nDRb_CkL97blFURFhxz-4Q&sai=AMfl-YS1nkD4jYXE_7jTSTV-ri83Lsbf7htLSpjZxdWpFiQg1rqxI5soEJcojamqvNFs9o34J1wANJq2k5-cccLvrwZpnKMyuipAg9PyzoxLKwSVL6dxOyDd892IVqNHv7Q&sig=Cg0ArKJSzKEMGfQKyto3EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://www.sophos.com/en-us/products/managed-detection-and-response?cmp=153278&utm_source=awareness&utm_medium=field-sponsored-ads&utm_campaign=2022-11-AMER-USA-Dark-Reading-Threat-Intelligence-TAP-Q3-153278&utm_content=ad-link(banner)

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&ref2=elqNone&tzo=0&ms=296&optin=disabled&firstPartyCookieDomain=trk.darkreading.com HTTP 302
https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&ref2=elqNone&tzo=0&ms=296&optin=disabled&elq1pcGUID=2C4FA7C36D0D463D9DDBC3F6BA095B2F

Request Chain 81

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D55%26pixelIndex%3D0%26r%3D59436%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.darkreading.com%252Fthreat-intelligence%252Frussian-ransomware-perp-charged-hive-babuk-lockbit HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D55%2526pixelIndex%253D0%2526r%253D59436%2526tzOffset%253D0%2526url%253Dhttps%25253A%25252F%25252Fwww.darkreading.com%25252Fthreat-intelligence%25252Frussian-ransomware-perp-charged-hive-babuk-lockbit HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=7311600654837879752&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=59436&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=7311600654837879752&pixelIndex=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=7311600654837879752&pixelIndex=0&google_tc= HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7311600654837879752&pixelIndex=0&google_gid=CAESELi7YkFm3OdmgOSmHfl1RsI&google_cver=1

Request Chain 132

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNWPy0jj4RCl_6Tk6mUKGG2oPivHPK7f377eh-0_NY7HU-GnEtYC7CdhU2173kmG9QF_dz5t0NfPhIf-t6cMfNCwXFARn7wIW7O10COOetUo0AdLEkjmB7wAi3VeyqIcN25l8k_K4sC-AbadEbL2bwm4i8xkBlQpNX1Hs5hixnPeiyM3h8J3NSTO69zuO_2uTpoE7m7cnRiiFKv_3wwxr21493jJt8Rg32zcuZwoKwWkllQRFJED6ZxpFpjY6UIclb08_GD99KBNGCn4DBOhTro_byNBz20fzM395kXQM_s9NPVZrXQp8ypU2_xNHwBxIliJLxPc9GwHFxKPzUTKGbPreLt1o0Lz6utdPEKk5yYPaSb-VYAkU2bV7VNXpBSJmVp983Okg&sai=AMfl-YSv-Gn4KbFUm1-aHa4x4Y5BhU6EOCObLJiIb-YxNr0qMIa80-M7mIpUU0xkm41s12J5sVYFeDNCeplGxZb3fhSDwxzwmoIg_dLkFUoayVh6BhJdzWoSBPcrb2DRXJU&sig=Cg0ArKJSzCjGyIxByiL_EAE&uach_m=[UACH]&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/17673440086834564063? HTTP 302
https://tpc.googlesyndication.com/simgad/17673440086834564063

Request Chain 195

https://www.darkreading.com/sites/all/themes/penton_core_theme/images/ContentPillar_Welcome_1200.png HTTP 302
https://www.darkreading.com/404

262 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request russian-ransomware-perp-charged-hive-babuk-lockbit Show response
www.darkreading.com/threat-intelligence/ 475 KB
74 KB 841ms
798ms Document
text/html 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ee8592d2c44590b7f48e81ea68315a4cf85e9954570d3a8888349ac25c8cd4e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c88576669e1373e-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 17 May 2023 02:13:29 GMT
server: cloudflare
vary: Accept-Encoding, Origin
x-proxy-by: https://www.darkreading.com

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 14 KB
4 KB 75ms
31ms Script
application/x-javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/OtAutoBlock.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8751c85d4da8af34fb4d78a2ab5bb92b7a3b5380f2d0d5ca89d11fc2b5bfb6ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /FIp/4zYapfYlY6Lvx04NA==
age: 77150
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3637
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:27 GMT
server: cloudflare
etag: 0x8DAE1C578B651FF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3126707b-901e-017e-65e1-5a017c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c88576c7c35bc03-FRA
expires: Thu, 18 May 2023 02:13:29 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 72ms
29ms Script
application/javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f9b264d67f09652f9fa3bcde1801166d5c888d9f89c006764a9776dd8f9e9ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: +GAQ9uZzuyMATxU6dGRBFA==
age: 24367
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6741
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:54 GMT
server: cloudflare
etag: 0x8DB55BF363F57D6
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d73a39c4-e01e-0135-5329-8830e6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c88576c7c36bc03-FRA

GET
H2 200 adsensebase.js Show response
beta.darkreading.com/js/prebid-ads/ad_utils/ 24 B
201 B 126ms
125ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/js/prebid-ads/ad_utils/adsensebase.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 757c66837cfbe8c2533e8c41099d8e50b20f83fbf84ead6a6d7435dcc2ad0884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Apr 2023 16:58:59 GMT
server: cloudflare
etag: W/"18-187c3a76038"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7c88576c3d9d373e-FRA
content-length: 24
expires: Wed, 17 May 2023 04:13:29 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 85ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a605b833fb05ce642cf51b3cda75bd1926e7e97bac8c8108f61d719ac3765915

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25290
x-xss-protection: 0
server: cafe
etag: 228 / 19494 / 31074558 / config-hash: 9226864318299560434
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 17 May 2023 02:13:29 GMT

GET
H2 200 4d90ad636859e6d5.css
beta.darkreading.com/_next/static/css/ 410 KB
60 KB 36ms
35ms Stylesheet
text/css 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/css/4d90ad636859e6d5.css
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d993d894f9713b3d26ccd12fb9bfdd84e48131d1eef5d20d41f1cdc7bcc9c00f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 16 Mar 2023 11:04:30 GMT
server: cloudflare
age: 5324181
etag: W/"66670-186ea17be30"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576c3d9b373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 webpack-3ce7f1753013b3ec.js Show response
beta.darkreading.com/_next/static/chunks/ 4 KB
2 KB 29ms
29ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/webpack-3ce7f1753013b3ec.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ecf52614cfcf19d9e54f6315e8469693c03fc619115da7ce952bd4257b76f03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 16 Mar 2023 11:04:30 GMT
server: cloudflare
age: 5324181
etag: W/"ef3-186ea17be30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576cfe17373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 framework-70134ee1270fb32c.js Show response
beta.darkreading.com/_next/static/chunks/ 128 KB
42 KB 40ms
38ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/framework-70134ee1270fb32c.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c662be26daa544e07f7170870e306427b9fcf0d9f30e6f602c7fb67005bfda3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1678610
etag: W/"1fec8-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576d1e27373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 main-9bc1cfd325d1370f.js Show response
beta.darkreading.com/_next/static/chunks/ 111 KB
30 KB 34ms
31ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/main-9bc1cfd325d1370f.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03b6f9934a86e8d5472f0b2449d99983b33aceba85871c5ac10ff79a70afab97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1678610
etag: W/"1bd10-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576d1e28373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 _app-dbedff49d537494d.js Show response
beta.darkreading.com/_next/static/chunks/pages/ 497 KB
158 KB 59ms
57ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/pages/_app-dbedff49d537494d.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d847022b4855577f07071ade28e6ffba86c014283f02fbba7d326690b157ee9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 16 Mar 2023 11:04:30 GMT
server: cloudflare
age: 5324181
etag: W/"7c38f-186ea17be30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576d1e29373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 af537566-88286964f7a0b5d1.js Show response
beta.darkreading.com/_next/static/chunks/ 269 KB
80 KB 49ms
46ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/af537566-88286964f7a0b5d1.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f84daf0174e2c6f686b5864ff7dafc119dae3c2ca88f213dcbfc3f70b2b39571

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1678610
etag: W/"43344-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576d1e2b373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 80f08544-c91db5296fc68d77.js Show response
beta.darkreading.com/_next/static/chunks/ 72 KB
19 KB 46ms
44ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/80f08544-c91db5296fc68d77.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36069dae705692548e4a2c2d3c504cea29cf7756771c054130f14e48f3492b58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 25 Jan 2023 10:19:08 GMT
server: cloudflare
age: 9058874
etag: W/"11e1b-185e8703d60"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576d1e2d373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 265-2f47a5945553d0a6.js Show response
beta.darkreading.com/_next/static/chunks/ 49 KB
17 KB 41ms
41ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/265-2f47a5945553d0a6.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb1589f0619e41e0fa1d0770121be244be9fa07d5a6c5938d5988f9726927307

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1678610
etag: W/"c216-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576d2e3b373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 106-6e732169920a1a66.js Show response
beta.darkreading.com/_next/static/chunks/ 8 KB
3 KB 36ms
36ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/106-6e732169920a1a66.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 720b074e114854f5c2b347ee013066f2ff6e8a1da750d605c8df6936b997eb60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1678610
etag: W/"1eec-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576d4e4d373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 330-44b99de39ae2ad82.js Show response
beta.darkreading.com/_next/static/chunks/ 91 KB
29 KB 33ms
32ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/330-44b99de39ae2ad82.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e00d3935f6a747eedf83365b8b957f71ec570e9ac018426c07f59e7e1a32126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1678610
etag: W/"16df9-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576d5e51373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 410-87a058ee18a2e683.js Show response
beta.darkreading.com/_next/static/chunks/ 179 KB
52 KB 33ms
33ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/410-87a058ee18a2e683.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e168f400859a54ae28705c297c4d347eacbbcfee972a38744b8f9d890022a898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1678610
etag: W/"2cbc2-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576d7e61373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 644-10fece11b4038bdb.js Show response
beta.darkreading.com/_next/static/chunks/ 18 KB
7 KB 36ms
36ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/644-10fece11b4038bdb.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 429f7e0fe891676debcf572bce666bf67cabfd82e6774895d4800283a05df589

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1678610
cf-polished: origSize=18434
etag: W/"4802-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576d7e62373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 727-cb4d0a5251be82c9.js Show response
beta.darkreading.com/_next/static/chunks/ 7 KB
2 KB 37ms
34ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/727-cb4d0a5251be82c9.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 061873fb71d654fc87404592fbb9cd1665e8882c1ab3423f92ddc61f940be783

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1678610
etag: W/"1ad3-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576d9e6c373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 353-c5fb30de1cdcd743.js Show response
beta.darkreading.com/_next/static/chunks/ 115 KB
28 KB 34ms
32ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/353-c5fb30de1cdcd743.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1848ed0b2a54ed644ee182f2e2c012164080f1be7c475041f8d0a2ebe456c89f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 25 Jan 2023 10:19:08 GMT
server: cloudflare
age: 9058873
cf-polished: origSize=117839
etag: W/"1cc4f-185e8703d60"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576d9e6d373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 314-d27066328fe72a2d.js Show response
beta.darkreading.com/_next/static/chunks/ 131 KB
38 KB 34ms
33ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/314-d27066328fe72a2d.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35396bc1fe0457ca063caaf18161f4d252b66dda7bdf4dc83bd7291c5a763b5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1678611
etag: W/"20a76-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576d9e6e373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 274-e20cb371d1281709.js Show response
beta.darkreading.com/_next/static/chunks/ 135 KB
43 KB 35ms
35ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/274-e20cb371d1281709.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9e40e17ef48acdd8fbbd4ab434adcd35602a939c19816f297baaa91e675a067

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 25 Jan 2023 10:19:08 GMT
server: cloudflare
age: 9058872
etag: W/"21d94-185e8703d60"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576d9e6f373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 244-ff3831dc21292b31.js Show response
beta.darkreading.com/_next/static/chunks/ 53 KB
14 KB 39ms
39ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/244-ff3831dc21292b31.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fc9226c1dac21a7182d442ae225403735a06132fa0d3339f9b691161f226870

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 1673616
etag: W/"d4e2-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576dbe94373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 497-8d7ba2757a8dafee.js Show response
beta.darkreading.com/_next/static/chunks/ 17 KB
6 KB 30ms
30ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/497-8d7ba2757a8dafee.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42a69348bb53b155c5d4fa084e826b2ca4f80cdcd131455fe33c8ab8b1f32ddc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 02 Mar 2023 12:10:22 GMT
server: cloudflare
age: 6529890
etag: W/"443d-186a23b03b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576dbe95373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 411-d3fb60788f626717.js Show response
beta.darkreading.com/_next/static/chunks/ 14 KB
3 KB 37ms
30ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/411-d3fb60788f626717.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ac768d479fd8627d59a5298f7175cf51f4ace4eea8feda66a04b1e32244d6ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 1678610
etag: W/"399e-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576ddea5373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 424-e8fa1fe0f531e88a.js Show response
beta.darkreading.com/_next/static/chunks/ 80 KB
15 KB 39ms
34ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/424-e8fa1fe0f531e88a.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f2731b7ddbfae256839a740f6dda68ec6e67a4cf1e62a8ed4ffce75a589d16d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 1673616
etag: W/"141ac-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576ddea7373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 %5BhybidPage%5D-f6822043d08df330.js Show response
beta.darkreading.com/_next/static/chunks/pages/%5Bcategory%5D/ 37 KB
11 KB 33ms
31ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/pages/%5Bcategory%5D/%5BhybidPage%5D-f6822043d08df330.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c870bc0b6e52de133e3273be305bda03afd6aba5d5064c034f2a50a3af3edc01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 438865
etag: W/"93f1-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576ddea9373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 _buildManifest.js Show response
beta.darkreading.com/_next/static/C2tjWCko0KV7QDScNLDsq/ 3 KB
1 KB 29ms
29ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/C2tjWCko0KV7QDScNLDsq/_buildManifest.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81d50aff02889109dbd93d915814d4b8cabd50d108b081827416f8d5dfb8f87d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 1673616
etag: W/"c10-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576ddeaa373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 _ssgManifest.js Show response
beta.darkreading.com/_next/static/C2tjWCko0KV7QDScNLDsq/ 91 B
160 B 32ms
32ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/C2tjWCko0KV7QDScNLDsq/_ssgManifest.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:02:19 GMT
server: cloudflare
age: 1673616
etag: W/"5b-187c3aa6d78"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576deeb4373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 _middlewareManifest.js Show response
beta.darkreading.com/_next/static/C2tjWCko0KV7QDScNLDsq/ 92 B
126 B 28ms
28ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/C2tjWCko0KV7QDScNLDsq/_middlewareManifest.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:02:19 GMT
server: cloudflare
age: 1673616
etag: W/"5c-187c3aa6d78"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576dfeb5373e-FRA
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 russia_ransomware_f_nalinframe_Alamy.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltb6d66deaafba3e2a/6463ccc2d25e7e27bc74ae43/ 57 KB
58 KB 71ms
25ms Image
image/webp 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltb6d66deaafba3e2a/6463ccc2d25e7e27bc74ae43/russia_ransomware_f_nalinframe_Alamy.jpg?quality=80&format=webply&width=690

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

0698c0cb2ed5f13588a68a424b3000106ad739b7ff17ec0291e33e88a3f4cef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 27527
x-cache: HIT, HIT
fastly-io-info: ifsz=2491361 idim=5534x3770 ifmt=jpeg ofsz=58740 odim=690x470 ofmt=webp
filename1: custom
content-disposition: inline; filename=russia_ransomware_f_nalinframe_Alamy.webp
fastly-stats: io=1
content-length: 58740
x-request-id: 4f31e68cc3b73fca41200af4b7c9ddb7
x-served-by: cache-ams12730-AMS, cache-fra-eddf8230096-FRA
x-runtime: 65ms
server: contentstack
x-timer: S1684289610.820272,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
etag: "+Xl1r4sfAiaaknRi0dhHAsEAm+QplTAiwRGTPCH03CU"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 8, 1

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 75ms
23ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1111d"
vary: Accept-Encoding
x-hw: 1684289609.dop223.fr8.t,1684289609.cds331.fr8.hn,1684289609.cds274.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24038

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 20 KB
7 KB 72ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 512510
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6458
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-500f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xq9WmvFyI5mSrnU4Qu7KE39ZB5sWakhq%2FGoE76FjDGZUOXGDqp9u5UMET%2BgykVGOcDMsf4Tvy2xRjJftt5qHcH0vMFf06oWdFTMBDT4Q9wt%2FxsdlxBojjXEjralrvPjmheTJqJ%2FG7va3N89WFdzq7P%2B7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c88576d5e0137e0-FRA
expires: Mon, 06 May 2024 02:13:29 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ 49 KB
15 KB 74ms
29ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 718
age: 9060712
cdn-cachedat: 03/12/2022 16:20:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"ce6e785579ae4cb555c9de311d1b9271"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
access-control-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: c340165fb5fde93a6299092ceae22e6c
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7c88576da9503685-FRA
cdn-requestpullsuccess: True

GET
H2 200 Whitelogo_1.png
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt3edeb23396a4b5dc/60b1ea7a9afdef577986633e/ 8 KB
8 KB 24ms
23ms Image
image/png 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt3edeb23396a4b5dc/60b1ea7a9afdef577986633e/Whitelogo_1.png

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b315181f1047d35cc29f1b83c9c31ea493c5006f21930ba0a5e790a80ca2b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 697195
x-cache: HIT, HIT
fastly-io-info: ifsz=7774 idim=336x84 ifmt=png ofsz=7760 odim=336x84 ofmt=png
content-disposition: inline; filename=Whitelogo_1.png
fastly-stats: io=1
content-length: 7760
x-request-id: 33915
x-served-by: cache-ams12733-AMS, cache-fra-eddf8230096-FRA
x-runtime: 112ms
x-timer: S1684289610.820224,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "FBb/Cijd5djg1i0f+YDwTH/riGkit5+W1YBTK34Yz3o"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 18, 1

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 94ms
49ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7c88576dae918fe6-FRA

GET
H2 200 4b083961-e2ac-4755-8801-f7c83a5fb187.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 5 KB
2 KB 74ms
31ms XHR
application/x-javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/4b083961-e2ac-4755-8801-f7c83a5fb187.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127c7ead87e287db401c5a3173fd190cc2c7211711e97486294ca2086754f793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: gKK4h+x/dMka9W5jOr1Sww==
age: 74953
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1918
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:27 GMT
server: cloudflare
etag: 0x8DAE1C578B1E5D5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 91fc5fcf-001e-003b-56e1-5a9ab8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c88576cfcd818b5-FRA
expires: Thu, 18 May 2023 02:13:29 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 247 KB
71 KB 104ms
48ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T52Z3Z3

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e2aa1b9ad49f926d8f522018a78f5c556748d2eae07873cacbd144515610292e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72098
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 May 2023 02:13:29 GMT

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb4787d6337aa1e504d8d2dc49629d5b46a49c30a6da6f4bb964e8875dd4bc43

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 84ms
39ms XHR
application/json 2606:4700:4400::6812:2b9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7c88576d7fd630fa-FRA
access-control-allow-headers: Content-Type

GET
H2 200 pdf.fd517ede.png
beta.darkreading.com/_next/static/media/ 8 KB
8 KB 32ms
32ms Image
image/png 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beta.darkreading.com/_next/static/media/pdf.fd517ede.png
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/_next/static/css/4d90ad636859e6d5.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e153b77b7b590360c91df38e894d46fd6061ce57cc0bbbc09f4c408a66bd0c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beta.darkreading.com/_next/static/css/4d90ad636859e6d5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Wed, 25 Jan 2023 10:19:08 GMT
server: cloudflare
age: 9058872
cf-polished: origSize=11781
etag: W/"2e05-185e8703d60"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c88576d5e55373e-FRA
content-length: 8484
expires: Thu, 16 May 2024 02:13:29 GMT

GET
H2 200 4UaOrEtFpBISc36j2jDu5w.woff2
fonts.gstatic.com/s/exo/v20/ 20 KB
20 KB 77ms
22ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo/v20/4UaOrEtFpBISc36j2jDu5w.woff2

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb657972079f36258237fd79c9b7cf160c82943f31fe5ff1b0e10be49e27be5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:06:28 GMT
x-content-type-options: nosniff
age: 292021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20268
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:19:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 17:06:28 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/ 406 KB
125 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1724b4bef54c6783a92933aad501fd9fe01ceb5225301c744ff0883030e72f00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 08:36:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63434
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128048
x-xss-protection: 0
server: cafe
etag: 352811828592807000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 15 May 2024 08:36:15 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 54 B
68 B 73ms
30ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.darkreading.com

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a6fa14cfa3cdcf85341187d29abcda5038766aab39a879ea09d993d5423d1ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44
x-xss-protection: 0
expires: Wed, 17 May 2023 02:13:29 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.39.0/ 372 KB
89 KB 36ms
36ms Script
application/javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 02:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Zp/CcrZmK7hQ2S6c/t9Tpw==
age: 79429
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 90454
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:04 GMT
server: cloudflare
etag: 0x8DA87805EB35DE2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 526a626c-301e-007c-66e1-5a45d3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c88576dfcebbc03-FRA

GET
H2 200 78.c180425dea40d393.js Show response
beta.darkreading.com/_next/static/chunks/ 3 KB
1 KB 27ms
27ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/78.c180425dea40d393.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc57fb7726d7a86c273bebb59f12bc63a69ea93c695f971f73bb035f9bbe928b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:30 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 25 Jan 2023 10:19:08 GMT
server: cloudflare
age: 9058873
etag: W/"a48-185e8703d60"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c88576f6f78373e-FRA
expires: Thu, 16 May 2024 02:13:30 GMT

GET
H2 200 iris-t.js Show response
static.iris.informa.com/widgets/v2.0/ 7 KB
3 KB 73ms
22ms Script
application/javascript 13.32.99.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v2.0/iris-t.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-33.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f8650c7f614694fbf353e3690b981a651ce8aa79ee32c82f21ef303eeeb5421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: ID.rFhUQG21hU9hnrAlmgiwMuXmUIHpx
content-encoding: br
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
date: Tue, 16 May 2023 14:32:09 GMT
last-modified: Wed, 15 Feb 2023 16:44:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 42082
x-amz-server-side-encryption: AES256
etag: W/"2e8cb32ecd32a154a16f47e5344c4733"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 0iK0X4eAhPzAqGXnL8bZVBJjwfoKqEOlu8l1XQtFQlnPnD58pcq74Q==

GET
H2 200 session Show response
www.darkreading.com/api/auth/ 2 B
206 B 137ms
137ms Fetch
application/json 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/api/auth/session
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
tracestate: 3288925@nr=0-1-3288925-322548631-eb1be6081e870d39----1684289610170
traceparent: 00-f2f31cfef9179260cad5b771c5a87c00-eb1be6081e870d39-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyODg5MjUiLCJhcCI6IjMyMjU0ODYzMSIsImlkIjoiZWIxYmU2MDgxZTg3MGQzOSIsInRyIjoiZjJmMzFjZmVmOTE3OTI2MGNhZDViNzcxYzVhODdjMDAiLCJ0aSI6MTY4NDI4OTYxMDE3MH19

Response headers

date: Wed, 17 May 2023 02:13:30 GMT
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: "2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7c88576f9f85373e-FRA
content-length: 2

GET
H2 200 session Show response
www.darkreading.com/api/auth/ 2 B
403 B 134ms
131ms Fetch
application/json 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/api/auth/session
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
tracestate: 3288925@nr=0-1-3288925-322548631-ec3d8197dd317804----1684289610171
traceparent: 00-a063931d2e7c507347a121b454e52000-ec3d8197dd317804-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyODg5MjUiLCJhcCI6IjMyMjU0ODYzMSIsImlkIjoiZWMzZDgxOTdkZDMxNzgwNCIsInRyIjoiYTA2MzkzMWQyZTdjNTA3MzQ3YTEyMWI0NTRlNTIwMDAiLCJ0aSI6MTY4NDI4OTYxMDE3MX19

Response headers

date: Wed, 17 May 2023 02:13:30 GMT
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: "2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7c88576f9f87373e-FRA
content-length: 2

GET
H2 200 Dark_Reading_Logo.svg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4ff4a7f9bc8e31f7/619f4fb0a0cb8076d613e3ba/ 5 KB
2 KB 25ms
23ms Image
image/svg+xml 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4ff4a7f9bc8e31f7/619f4fb0a0cb8076d613e3ba/Dark_Reading_Logo.svg?quality=80&format=webply&width=222

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0e198a2d521948c31a85eff04b881542d8b31d8b5824f900a950ea34bf5ef811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:30 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
age: 1914397
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Dark_Reading_Logo.svg+xml
fastly-stats: io=1
content-length: 2021
x-request-id: 77944
x-served-by: cache-ams12720-AMS, cache-fra-eddf8230096-FRA
x-runtime: 99ms
x-timer: S1684289610.181367,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 3151, 1

GET
H2 200 Article.svg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt27dca7fd9a7ec07d/60da98a6537dbc26a0e2a2d3/ 3 KB
1 KB 27ms
25ms Image
image/svg+xml 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt27dca7fd9a7ec07d/60da98a6537dbc26a0e2a2d3/Article.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de06fea245b0036d21764fcf2b9a4791c0a0f1e927e3916c7d779cb44a1977bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:30 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
age: 691380
x-cache: HIT, HIT
content-disposition: inline; filename=Article.svg
fastly-stats: io=1
content-length: 1177
x-request-id: 67846
x-served-by: cache-ams21065-AMS, cache-fra-eddf8230096-FRA
x-runtime: 91ms
x-timer: S1684289610.182545,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 6, 1

GET
H2 200 dr_staff_125x125.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blte161b23f0fd3a84b/60b1ea374e7eb868c4c6a293/ 1 KB
2 KB 26ms
25ms Image
image/webp 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blte161b23f0fd3a84b/60b1ea374e7eb868c4c6a293/dr_staff_125x125.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9e72ec301ab43f86ea55f8eb4406deec95f1096d938c302cb6b488dc5dd586dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:30 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 1912348
x-cache: HIT, HIT
fastly-io-info: ifsz=2939 idim=125x125 ifmt=jpeg ofsz=1252 odim=100x100 ofmt=webp
filename1: custom
content-disposition: inline; filename=dr_staff_125x125.webp
fastly-stats: io=1
content-length: 1252
x-request-id: 30876
x-served-by: cache-ams12762-AMS, cache-fra-eddf8230096-FRA
x-runtime: 77ms
x-timer: S1684289610.182561,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "PIlOJH1i+u1snOIHpiazPd9/OP9zZ8K86jGZ5CJLLZk"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 553, 1

GET
H2 200 Microsoft_SundryPhotography-AdobeStock.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltf05a4f9304613dd7/60b1ea7852bd6156414f344a/ 1 KB
2 KB 25ms
24ms Image
image/webp 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltf05a4f9304613dd7/60b1ea7852bd6156414f344a/Microsoft_SundryPhotography-AdobeStock.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

9a47677017938ab7f7b611e7b40933d538a27d24fdbb4584be88f622acb62507

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: frame-ancestors none;
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Wed, 17 May 2023 02:13:30 GMT
strict-transport-security: max-age=31557600
age: 560746
x-dns-prefetch-control: off
x-cache: HIT, HIT
fastly-io-info: ifsz=24804 idim=487x325 ifmt=jpeg ofsz=1290 odim=100x67 ofmt=webp
filename1: custom
content-disposition: inline; filename=Microsoft_SundryPhotography-AdobeStock.webp
fastly-stats: io=1
content-length: 1290
x-xss-protection: 1; mode=block
x-request-id: e80eb315e83a962270d311b09b3f083a
x-served-by: cache-ams12736-AMS, cache-fra-eddf8230096-FRA
x-runtime: 73ms
referrer-policy: no-referrer
server: contentstack
x-timer: S1684289610.182003,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "xB/CYrHGwL/xtfZ3z86nNANPFVw0lg5EJDH2DDNsfcY"
x-download-options: noopen
x-frame-options: deny
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
feature-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
accept-ranges: bytes
x-cache-hits: 12, 1

GET
H2 200 menaglobe-incamerastock-alamy.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt38a2dce672acbe24/645be5d44bc9ce058c5d7cfe/ 1 KB
2 KB 26ms
24ms Image
image/webp 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt38a2dce672acbe24/645be5d44bc9ce058c5d7cfe/menaglobe-incamerastock-alamy.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

cbcb05acea6125ad2bf4812c6ab9ebd0258fc7e08d4019d08d8659fe42664022

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: frame-ancestors none;
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Wed, 17 May 2023 02:13:30 GMT
strict-transport-security: max-age=31557600
age: 545397
x-dns-prefetch-control: off
x-cache: HIT, HIT
fastly-io-info: ifsz=582743 idim=1200x800 ifmt=jpeg ofsz=1236 odim=100x67 ofmt=webp
filename1: custom
content-disposition: inline; filename=menaglobe-incamerastock-alamy.webp
fastly-stats: io=1
content-length: 1236
x-xss-protection: 1; mode=block
x-request-id: f1467fca39390110426577a21061449f
x-served-by: cache-ams21077-AMS, cache-fra-eddf8230096-FRA
x-runtime: 47ms
referrer-policy: no-referrer
server: contentstack
x-timer: S1684289610.181991,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "nQO+PG8geC+ssfuxbGEIgOkoisue33YpbGhHJ9tq3bI"
x-download-options: noopen
x-frame-options: deny
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
feature-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
accept-ranges: bytes
x-cache-hits: 9, 1

GET
H2 200 crop_playbook_Panther_Media_GmbH_Alamy.png
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltfbc8835d295a8667/6427292ca17bce665a84be0f/ 1 KB
2 KB 24ms
23ms Image
image/webp 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltfbc8835d295a8667/6427292ca17bce665a84be0f/crop_playbook_Panther_Media_GmbH_Alamy.png?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

332be8338c36d31c73519e17af7df81c34188319ba032325031df6ad299fac1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:30 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 90814
x-cache: HIT, HIT
fastly-io-info: ifsz=108374 idim=640x320 ifmt=png ofsz=1320 odim=100x50 ofmt=webp
filename1: custom
content-disposition: inline; filename=crop_playbook_Panther_Media_GmbH_Alamy.webp
fastly-stats: io=1
content-length: 1320
x-request-id: 18ce34a5785a9fc1ac18fa416cd691e5
x-served-by: cache-ams12735-AMS, cache-fra-eddf8230096-FRA
x-runtime: 107ms
server: contentstack
x-timer: S1684289610.181982,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "031m2nqL3GZ7xf6UXa44q+TwU+kiCqyZg9v8qMcbICg"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 27, 1

GET
H2 200 NOC.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt9da782e07ecc3ec8/645e1fa1d6f62d23db63d2a6/ 3 KB
3 KB 25ms
24ms Image
image/webp 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt9da782e07ecc3ec8/645e1fa1d6f62d23db63d2a6/NOC.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

345f767f6836a9f017fa9380c6b19b3f1541af1b858b7026aa80d047940072f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:30 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 399528
x-cache: HIT, HIT
fastly-io-info: ifsz=277783 idim=1280x960 ifmt=jpeg ofsz=2656 odim=100x75 ofmt=webp
filename1: custom
content-disposition: inline; filename=NOC.webp
fastly-stats: io=1
content-length: 2656
x-request-id: 873e2b6d60cd02167fe2ea69c2474a97
x-served-by: cache-ams12773-AMS, cache-fra-eddf8230096-FRA
x-runtime: 108ms
server: contentstack
x-timer: S1684289610.181978,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "GWER28g98BGOV/VySgjKukj1DwWYMdFRfDptfny5+tg"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 13, 1

GET
H2 200 image
www.darkreading.com/_next/ 654 B
879 B 142ms
141ms Image
image/webp 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/_next/image?url=https%3A%2F%2Fbeta.darkreading.com%2F_next%2Fstatic%2Fmedia%2Firibbon-logo.fed34d59.png&w=96&q=75

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab36b8356d4b7e3e3591b161427e6fb18512a2ccc8a787f8cc03294cf2f30478

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:30 GMT
content-security-policy: script-src 'none'; sandbox;
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: qza4NW1Lfj41kbFhQn5vsYUSoszIp4f4zAMpTPLzBHg=
vary: Accept, Origin, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000, must-revalidate
content-disposition: inline; filename="iribbon-logo.webp"
cf-ray: 7c88576f9f88373e-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/657fbdf5-ad27-4981-b321-b96d0ec59709/ 81 KB
18 KB 31ms
31ms Fetch
application/x-javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/657fbdf5-ad27-4981-b321-b96d0ec59709/en.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1866a87b4c049fb761b0218db2aecbef33496d878706bc56f2701965efaf88a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 02:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NMyqdpBtpYEfMyyUOi/oVQ==
age: 66056
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 18270
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:33 GMT
server: cloudflare
etag: 0x8DAE1C57C3EAB90
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 86b120cf-e01e-013e-67e1-5a2892000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c88576fde7418b5-FRA
expires: Thu, 18 May 2023 02:13:30 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 127 KB
49 KB 85ms
35ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-W6LRXN3

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

113d6a4412ceb344b6a915504bd4accc611c763e40eb7f21d065171cb22a14d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 49323
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 17 May 2023 02:13:30 GMT

GET
H2 200 / Show response
6600d6d98e534115970f9529a45f3195.js.ubembed.com/ 480 B
774 B 73ms
25ms Script
application/json 151.101.193.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://6600d6d98e534115970f9529a45f3195.js.ubembed.com/
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6731235163da1f9e2222437b17ce909efe401295559e7219848619c7b5ebb135

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:30 GMT
content-encoding: br
x-backend-region: eu_west_1
x-amz-cf-pop: AMS54-C1
age: 3154
etag: W/aaab40e12ca91eabbcb0f8f10bd5715a-v0.180.1
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
accept-ranges: none
x-amz-apigw-id: FCvO2FlwjoEFv6Q=

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 66ms
25ms Script
application/x-javascript 23.201.242.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.201.242.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-242-231.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 17 May 2023 02:13:30 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 06 Apr 2023 15:05:41 GMT
ETag: "12a0ef409968d91:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Wed, 17 May 2023 02:13:30 GMT

GET
H/1.1 200
OK dpm_8effee409c625e1a2d8f5033631840e6ce1dcb64.min.js Show response
s.dpmsrv.com/ 747 KB
62 KB 65ms
23ms Script
application/x-javascript 13.32.99.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_8effee409c625e1a2d8f5033631840e6ce1dcb64.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-71.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dddb939f2fb146a699ea1cf0efd984d4b8f429aa49d70246bff358fdbdf7fe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 06:23:34 GMT
Content-Encoding: gzip
Via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
Last-Modified: Thu, 29 Sep 2022 16:23:20 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P3
Age: 71398
ETag: "4c2c9bc43f06a59cee56d3211f043fa3"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63462
X-Amz-Cf-Id: 8Wc13rvnDJxwMZroKGs-NOXdgrJi0hZtaXX5bwGUr4enJ2oG3NP1YQ==

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 90ms
39ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce9c18a953a2eeb6d5efef7d4c04f4d73b055d3789152cbf42bd1b4dfd7e167b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 17 May 2023 02:13:30 GMT

GET
H2 200 hotjar-2610568.js Show response
static.hotjar.com/c/ 14 KB
6 KB 66ms
22ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2610568.js?sv=6

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

a18b6fb01cd5abafa3da1063ab739bc7292399d799be83faf3cca8b1e10b734b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 4
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/b0cff886fa9119b928995bb952ea48a6
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: y5W3cEoySW54Fr__iJOfz_XDPR1wKN8N52QX_ncE-TzFBCFvhQcQNw==

GET
H2 200 adobe-target.js Show response
beta.darkreading.com/js/third-party/ 191 KB
42 KB 497ms
497ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/js/third-party/adobe-target.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92e2472635cbca31d4b0694c1248618677a5279d6e841b23191c3d5a76ac09f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 27 Apr 2023 16:58:59 GMT
server: cloudflare
etag: W/"2fa26-187c3a76038"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=7200
cf-ray: 7c88576fffb4373e-FRA
expires: Wed, 17 May 2023 04:13:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 17 May 2023 01:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4110
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 17 May 2023 03:05:00 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 67ms
23ms Script
application/x-javascript 2600:9000:2057:8800:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8800:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 01:10:22 GMT
content-encoding: gzip
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 17:25:10 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 3788
etag: W/"63921df6-9377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: AaYZF03_6G6OqZTF2yAqX9cVFO2HL37R_CizCap2u4B5i3qNNonlRQ==
expires: Thu, 18 May 2023 01:10:22 GMT

GET
H2 200 iris-t.js Show response
static.iris.informa.com/widgets/v3.0/ 14 KB
5 KB 23ms
23ms Script
application/javascript 13.32.99.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v3.0/iris-t.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-33.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2adfabdca47e7ea3ca23597e24f6415dea9842d97159920b12d55796273b50f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: HcerYY2f5.DoKJ.hjtbegnr29y5KQGEN
content-encoding: br
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
date: Tue, 16 May 2023 14:32:17 GMT
last-modified: Tue, 25 Apr 2023 09:00:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 42078
x-amz-server-side-encryption: AES256
etag: W/"c38ba007b23d2b241c1008f782a80ab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: yrR6udGheJgct8aomqIDcJh8tgi1ectrAbupvF7jOGw5SwjoS3Avaw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
86 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b50b975e980f84d2dd92d9aae6ec52925ef8819811ab66dd52b69b8483bc686

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87748
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 17 May 2023 02:13:30 GMT

GET ZGFya3JlYWRpbmcuY29t.json
static.iris.informa.com/widgets/config/cdl/ 0
0

GET
H2 200 otFloatingRoundedIcon.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 16 KB
4 KB 32ms
31ms Fetch
application/json 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFloatingRoundedIcon.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 02:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Mbb70m5YOd2/+METBtRttw==
age: 72832
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3803
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:56 GMT
server: cloudflare
etag: 0x8DA87805A12E7D8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: cc8087dd-c01e-00e1-07e1-5a3f93000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c8857703f1918b5-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/ 64 KB
13 KB 32ms
31ms Fetch
application/json 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcPanel.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 02:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Kw22gRKC0ogRtsT2RwAR9Q==
age: 71515
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13290
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:57 GMT
server: cloudflare
etag: 0x8DA87805AF0078C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 82d0c884-001e-00f7-54e1-5afe0d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c8857703f1b18b5-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 22 KB
5 KB 31ms
31ms Fetch
text/css 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 02:13:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: B55i3ZY9miZIaUrwjufy0w==
age: 49707
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 372018e9-a01e-001f-18e1-5a03f6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c8857703f1c18b5-FRA

GET ZGFya3JlYWRpbmcuY29t.json
static.iris.informa.com/widgets/config/cdl/ 0
0

GET
H2 200 f23io39d.js Show response
static.iris.informa.com/ 70 KB
22 KB 29ms
28ms Script
application/javascript 13.32.99.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/f23io39d.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-33.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: r.70SgccGRmRk8cXfo6q55SZB1TmHyVy
content-encoding: br
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
date: Wed, 17 May 2023 00:32:23 GMT
last-modified: Thu, 02 Sep 2021 16:02:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 6068
x-amz-server-side-encryption: AES256
etag: W/"a790df23a63287b42b6e7324cb81afd9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: y1BL4U8TP4A43IBIm9RlWkRQ9txAd4YHpOYkrZNO4TzCFHzNfDFWHA==

GET
H/1.1 200
OK td.min.js Show response
cdn.treasuredata.com/sdk/3.0/ 58 KB
20 KB 70ms
27ms Script
application/javascript 13.32.99.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.treasuredata.com/sdk/3.0/td.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-122.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 01:36:21 GMT
Content-Encoding: gzip
Via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
Age: 434230
X-Amz-Cf-Pop: FRA60-P3
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Mon, 05 Jul 2021 08:58:13 GMT
Server: AmazonS3
Etag: W/"4b9abb36767431f05495228eb82edf01"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=315360000
X-Amz-Cf-Id: h0QVYoYorOvhxd-p09aQDwAocdbL5aDv7RkEJtr17OTe9oLMsDRvcg==

GET
H/1.1

200
OK

svrGP
trk.darkreading.com/visitor/v200/
Redirect Chain

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&ref2=elqNone&tzo=0&...
https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&ref2=elqNone&tzo=0&...

49 B
504 B

1150ms
1150ms

Image
image/gif

142.0.173.15
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&ref2=elqNone&tzo=0&ms=296&optin=disabled&elq1pcGUID=2C4FA7C36D0D463D9DDBC3F6BA095B2F

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

HTTP/1.1

Server

142.0.173.15 Toronto, Canada, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2023 02:13:31 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Date: Wed, 17 May 2023 02:13:30 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&ref2=elqNone&tzo=0&ms=296&optin=disabled&elq1pcGUID=2C4FA7C36D0D463D9DDBC3F6BA095B2F
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 407
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 modules.bfe9b3974f4dbc4fd0a0.js Show response
script.hotjar.com/ 264 KB
68 KB 75ms
24ms Script
application/javascript 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.bfe9b3974f4dbc4fd0a0.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-74.fra56.r.cloudfront.net

Software

Resource Hash

b370162829a0f77bc0bc9b78c8f97e9cbf8bcd9279ac2f8555f8dd9d7e328f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 12:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 50662
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69472
last-modified: Tue, 16 May 2023 12:08:21 GMT
etag: "f7d169b59737e4c81422827687d2c665"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: z8Bn7u6PeS9oH-98rcsGvInzxNxnjklZhnZvlDyR9pdGxra68L0JJA==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 78ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1X1EHQ3PFR&gtm=45je35a0&_p=1364161654&_gaz=1&cid=152832024.1684289610&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1684289610&sct=1&seg=0&dl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&dt=Russian%20Ransomware%20Perp%20Charged%20After%20High-Profile%20Hive%2C%20Babuk%20%26%20LockBit%20Hits&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_type=article&ep.content_contributor=dark%20reading%20staff&ep.content_publish_date=May%2016%2C%202023&ep.content_main_topic=threat-intelligence&ep.content_id=blt2bec93f24d465c5c&ep.ad_unit_path_code=3834%2Fdarkreading.home%2Farticle%2Fthreat-intelligence&ep.content_sponsor=&ep.content_label=Quick%20Hits&ep.content_additional_topics=attacks-breaches%2Ccareers-and-people%2Coperations&ep.gtm_container_detail=SCM%7C1.5%7C123&ep.content_topic_real_text=Threat%20Intelligence&ep.content_read_time=1&ep.content_topic-real_text=Threat%20Intelligence
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 97ms
29ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1X1EHQ3PFR&cid=152832024.1684289610&gtm=45je35a0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 97ms
37ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1X1EHQ3PFR&cid=152832024.1684289610&gtm=45je35a0&aip=1&z=1376171540

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.1/ 176 KB
48 KB 72ms
23ms Script
application/javascript 108.138.17.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.1/bundle.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:37 GMT
content-encoding: gzip
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 18:18:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 373794
etag: W/"feaa1c0619023f29d47853e5ffd5cec4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: yB2YUnm2dc4_RwNRXRzYadAhoGn64OY_Vge1Xh5DUCV7_bNEiWCwyQ==

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D55%26pixelIndex%3D0%26r%3D59436%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.da...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D55%2526pixelIndex%253D0%2526r%253...
https://a.dpmsrv.com/dpmpxl/index.php?id=7311600654837879752&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=59436&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomw...

249 B
999 B

451ms
111ms

Script
text/javascript

52.72.174.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=7311600654837879752&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=59436&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: HTTP/1.1
Server: 52.72.174.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-174-214.compute-1.amazonaws.com
Software: /
Resource Hash: b01f76ec05e93010280c22113025d84589fbd2c8c67ba107a77dbcc95996fda0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: content-type, accept
Content-Length: 220
Expires: 0

Redirect headers

Date: Wed, 17 May 2023 02:13:30 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5228efea-2005-4be1-822c-96ba5b05cde2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=7311600654837879752&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=59436&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Informa_Logo_1Line_Indigo_Grad_RGB.jpg
cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/ce37e4cd-9426-40d2-9adb-174d6acdf507/b0d971e9-0178-47c1-aace-784223d87041/ 145 KB
145 KB 37ms
37ms Image
image/jpeg 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/ce37e4cd-9426-40d2-9adb-174d6acdf507/b0d971e9-0178-47c1-aace-784223d87041/Informa_Logo_1Line_Indigo_Grad_RGB.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21102c999da99aa5a6c8403c9e2367ca2e8d3e7fd2d6b5c1aef9e4fab888749c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 02:13:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8NigNwrkdBmjWsQuvIR/Tg==
age: 46660
content-length: 148084
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 26 Nov 2021 15:49:29 GMT
server: cloudflare
etag: 0x8D9B0F4552FB1EF
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: b3e3f85e-601e-00e7-74e1-5ac8eb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c8857713f16bc03-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 30ms
30ms Image
image/svg+xml 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 02:13:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 31058
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: bed475ff-601e-0149-251c-88add3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c8857713f17bc03-FRA

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 340ms
113ms Image
image/gif 34.193.26.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=darkreading.com&p=%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&u=DEJhJbCOai3GC_qhC-&d=darkreading.com&g=53678&g0=threat-intelligence&g1=dark%20reading%20staff&g4=article&n=1&f=00001&c=0&x=0&m=0&y=2886&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&b=1793&t=DrHZ8XB7Joa1CcTpnYCf0IimCqLCAt&V=139&i=Russian%20Ransomware%20Perp%20Charged%20After%20High-Profile%20Hive%2C%20Babuk%20%26%20LockBit%20Hits&tz=0&sn=1&sv=DYVCBeB1UHJtCRzroUDLwiEsC6dXAL&sd=1&im=067b2fff&_
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.26.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-26-185.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 17 May 2023 02:13:30 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

OPTIONS
H2 200 ed0
c.darkreading.com/com.iiris/ Frame 0
0 198ms
154ms Preflight 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 600
cf-cache-status: DYNAMIC
cf-ray: 7c885771e9122bc7-FRA
content-length: 0
date: Wed, 17 May 2023 02:13:30 GMT
server: cloudflare

POST
H2 200 ed0 Show response
c.darkreading.com/com.iiris/ 2 B
303 B 145ms
145ms XHR
text/plain 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 17 May 2023 02:13:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 7c885772e979373e-FRA
content-length: 2

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/cfa9e7cb/www-widgetapi.vflset/ 185 KB
57 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/cfa9e7cb/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14f5566d4c764cd781dad9a4f1a9530797597bac11661a2b8def07c4e59f1985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 484
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58043
x-xss-protection: 0
last-modified: Wed, 10 May 2023 01:29:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 May 2024 02:05:26 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 28ms
28ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1364161654&t=pageview&_s=1&dl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&dp=%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&ul=en-us&de=UTF-8&dt=Russian%20Ransomware%20Perp%20Charged%20After%20High-Profile%20Hive%2C%20Babuk%20%26%20LockBit%20Hits&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&exp=0yXzgh3iSjOeRpygmZwteQ.0&_u=aCDACEABRAAAACACI~&jid=1200347283&gjid=2079866803&cid=152832024.1684289610&tid=UA-135180592-2&_gid=1635761514.1684289611&_r=1&_slc=1&gtm=45He35a0n81T52Z3Z3&cg1=article&cg2=Quick%20Hits&cg3=Threat%20Intelligence&cd1=article&cd2=dark%20reading%20staff&cd3=&cd4=Quick%20Hits&cd5=May%2016%2C%202023&cd6=threat-intelligence&cd9=attacks-breaches%2Ccareers-and-people%2Coperations&cd10=0&cd16=blt2bec93f24d465c5c&cd17=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&cd18=3834%2Fdarkreading.home%2Farticle%2Fthreat-intelligence&cd20=vanguard%20-%20123&z=732516316

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 js_pageviews_itcyber_darkreading
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ Frame 0
0 66ms
22ms Preflight 18.194.32.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1684289610551

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.32.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-32-95.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-td-fetch-api,x-td-write-key
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 7200
date: Wed, 17 May 2023 02:13:30 GMT
strict-transport-security: max-age=31536000

POST
H2 200 js_pageviews_itcyber_darkreading Show response
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ 16 B
478 B 70ms
24ms Fetch
application/json 18.194.32.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1684289610551

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.32.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-32-95.eu-central-1.compute.amazonaws.com

Software

Resource Hash

56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-TD-Write-Key: 100/bb9cbe21de3db7a5428506d7528e45b2c801a48c
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
X-TD-Fetch-Api: true
Content-Type: application/json

Response headers

date: Wed, 17 May 2023 02:13:30 GMT
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST
p3p: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
access-control-allow-origin: https://www.darkreading.com
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
content-length: 16

GET
H2 204 2610568 Show response
vc.hotjar.io/sessions/ 0
259 B 98ms
48ms XHR
text/plain 18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2610568?s=0.25&r=0.04496792003836392
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:30 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: UOdqx2Hx_ZzuJXBqKdgNqNeZBAAoTozPEYChuFbmDXemAu184fq5rQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 29ms
28ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-135180592-2&cid=152832024.1684289610&jid=1200347283&gjid=2079866803&_gid=1635761514.1684289611&_u=aCDACEAARAAAACACI~&z=1023244289

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 17 May 2023 02:13:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 82ms
32ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-135180592-2&cid=152832024.1684289610&jid=1200347283&_u=aCDACEAARAAAACACI~&z=260256913

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
32ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-135180592-2&cid=152832024.1684289610&jid=1200347283&_u=aCDACEAARAAAACACI~&z=260256913

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 delivery Show response
iirexhibitionslimite.tt.omtrdc.net/rest/v1/ 296 B
815 B 153ms
56ms XHR
application/json 52.17.38.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://iirexhibitionslimite.tt.omtrdc.net/rest/v1/delivery?client=iirexhibitionslimite&sessionId=3aad37b3f3784ea78fc90c954ac4a3f5&version=2.8.1

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.38.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-38-186.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7c786b4eafe79e524ffba9be980ddd45af883917a9d4db61dc2a276895bf302d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 17 May 2023 02:13:30 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: 043c50112c384eff691477fdccc79486

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=7311600654837879752&pixelIndex=0
https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=7311600654837879752&pixelIndex=0&google_tc=
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7311600654837879752&pixelIndex=0&google_gid=CAESELi7YkFm3OdmgOSmHfl1RsI&google_cver=1

0
598 B

111ms
111ms

Script
text/javascript

52.72.174.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7311600654837879752&pixelIndex=0&google_gid=CAESELi7YkFm3OdmgOSmHfl1RsI&google_cver=1
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: HTTP/1.1
Server: 52.72.174.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-174-214.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7311600654837879752&pixelIndex=0&google_gid=CAESELi7YkFm3OdmgOSmHfl1RsI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 348
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
98 B 74ms
29ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=7311600654837879752
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 async-api.ad3273bd-1.232.0.min.js Show response
js-agent.newrelic.com/ 3 KB
2 KB 66ms
21ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/async-api.ad3273bd-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e9e3652349e81228cb2c0309b3e6a9f23da99f571017f01a984da348ddb4a257

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: OjwEEoZjF9pbnlt.Cg9dV5pJF0e7Bjo3
content-encoding: gzip
via: 1.1 varnish
date: Wed, 17 May 2023 02:13:32 GMT
strict-transport-security: max-age=300
x-amz-request-id: 2HV6J6QHFFESHJRR
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1353
x-amz-id-2: BXEPYmEflhh8Vht8sn9Q1DUjjjCdyno/0vK0P4vna65JsDaTt7F35BfMmDx7zQLw8OCOg9e2TFA=
x-served-by: cache-fra-eddf8230078-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684289612.028083,VS0,VE0
etag: "d7011e3a3501d54c9be8929572a18598"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1105

GET
H2 200 session-manager.2a8d47d1-1.232.0.min.js Show response
js-agent.newrelic.com/ 15 KB
6 KB 64ms
20ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session-manager.2a8d47d1-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

de1b63b04b142bb4eef4fd7311fc5b56fe61563db26d21bc69b2f7c42fcdd994

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: D9U.McFOdEj4dYMN5VJBUueQRx486Iwz
content-encoding: gzip
via: 1.1 varnish
date: Wed, 17 May 2023 02:13:32 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33YC9JCZQM6STQJG
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5781
x-amz-id-2: MFfb7MGqGrqmfqqSXBRxyB8p3seuC8FOIGAdlP3GdJhGKDscVqHW57p863nKhRGgnkRzZizmvC4=
x-served-by: cache-fra-eddf8230078-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684289612.028096,VS0,VE0
etag: "e42e9b9282d7865427c32ad60eea44b4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 796

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 79ms
29ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.darkreading.com

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 78ms
28ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.darkreading.com

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
13 KB 145ms
145ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1410518998997751&correlator=1540064083690509&eid=31074558&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&adks=2734278250&sfv=1-0-40&prev_scp=pos%3Dwelcome_v%26ptype%3Darticle%26pageid%3Dblt2bec93f24d465c5c%26aid%3D944480%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1684289612097&lmt=1684289612&dlt=1684289609502&idt=507&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&frm=20&vis=1&psz=1600x2886&msz=0x0&fws=132&ohw=1600&ga_vid=152832024.1684289610&ga_sid=1684289612&ga_hid=1364161654&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab0f1e0a0feb0e1a12dd45d7404c4cb627f7b4fe528b8e0a552ef78182995034

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13324
x-xss-protection: 0
google-lineitem-id: 6143667001
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138433037584
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 565 B
321 B 143ms
143ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1410518998997751&correlator=1540064083690509&eid=31074558&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=2&adks=2045221590&sfv=1-0-40&prev_scp=pos%3Dbigsky_v%26ptype%3Darticle%26pageid%3Dblt2bec93f24d465c5c%26aid%3D944480%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1684289612105&lmt=1684289612&dlt=1684289609502&idt=507&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&frm=20&vis=1&psz=1600x2886&msz=0x0&fws=132&ohw=1600&ga_vid=152832024.1684289610&ga_sid=1684289612&ga_hid=1364161654&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d92a51d2b7a17143c96ca658cd08259d1166830de75a6c2a9197b978f94c1567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 292
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
4 KB 189ms
189ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1410518998997751&correlator=1540064083690509&eid=31074558&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=3&adks=4210692985&sfv=1-0-40&ists=1&prev_scp=pos%3Dwallpaper_v%26ptype%3Darticle%26pageid%3Dblt2bec93f24d465c5c%26aid%3D944480%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1684289612108&lmt=1684289612&dlt=1684289609502&idt=507&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&frm=20&vis=1&psz=1600x2886&msz=0x0&fws=132&ohw=1600&ga_vid=152832024.1684289610&ga_sid=1684289612&ga_hid=1364161654&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15dc2238919ab50494dbe59c725aa79f15b68b9f608d9eb0ac1bc3f58462b97e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4395
x-xss-protection: 0
google-lineitem-id: 6139510966
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138413419007
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 565 B
321 B 144ms
143ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1410518998997751&correlator=1540064083690509&eid=31074558&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=4&adks=4255599861&sfv=1-0-40&ists=1&prev_scp=pos%3Doop_v%26ptype%3Darticle%26pageid%3Dblt2bec93f24d465c5c%26aid%3D944480%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1684289612110&lmt=1684289612&dlt=1684289609502&idt=507&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&frm=20&vis=1&psz=1600x2886&msz=0x0&fws=132&ohw=1600&ga_vid=152832024.1684289610&ga_sid=1684289612&ga_hid=1364161654&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed58764b92edfce9ab71bec3adaf6ec0ddeba37b7f8cf2bc695ba4a5732fb291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 292
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 565 B
316 B 182ms
181ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1410518998997751&correlator=1540064083690509&eid=31074558&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=5&adks=1007812694&sfv=1-0-40&prev_scp=pos%3Dfloor_v%26gdpr_banner%3Don%26ptype%3Darticle%26pageid%3Dblt2bec93f24d465c5c%26aid%3D944480%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1684289612113&lmt=1684289612&dlt=1684289609502&idt=507&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&frm=20&vis=1&psz=1600x2886&msz=0x0&fws=132&ohw=1600&ga_vid=152832024.1684289610&ga_sid=1684289612&ga_hid=1364161654&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1d0a56f914e17ee694a79e6506061a58f84876bdfe88cebf7902e7809d26b89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 287
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 565 B
321 B 182ms
182ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1410518998997751&correlator=1540064083690509&eid=31074558&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=7x7&ifi=6&adks=2857532071&sfv=1-0-40&prev_scp=pos%3Dadhesion_v%26gdpr_banner%3Don%26ptype%3Darticle%26pageid%3Dblt2bec93f24d465c5c%26aid%3D944480%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1684289612116&lmt=1684289612&dlt=1684289609502&idt=507&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&frm=20&vis=1&psz=1600x2886&msz=7x0&fws=132&ohw=1600&ga_vid=152832024.1684289610&ga_sid=1684289612&ga_hid=1364161654&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

741ad23625cb4e2adff00c3f6701050b9e7c1353e451d0b6574bc157749661db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 292
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 183ms
183ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1410518998997751&correlator=1540064083690509&eid=31074558&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=970x90%7C970x250%7C728x90&ifi=7&adks=2365694968&sfv=1-0-40&prev_scp=pos%3D728_1v%26ptype%3Darticle%26pageid%3Dblt2bec93f24d465c5c%26aid%3D944480%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1684289612118&lmt=1684289612&dlt=1684289609502&idt=507&adxs=315&adys=86&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&frm=20&vis=1&psz=984x0&msz=970x0&fws=4&ohw=1600&ga_vid=152832024.1684289610&ga_sid=1684289612&ga_hid=1364161654&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a11a7cfbbc42e44d6d3b00771e9d81e67d48f9df07d6f7674dc29cee936335b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14096
x-xss-protection: 0
google-lineitem-id: 6157543105
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138430455658
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 189ms
189ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1410518998997751&correlator=1540064083690509&eid=31074558&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=8&adks=1698320716&sfv=1-0-40&prev_scp=pos%3Dvideo_v%26ptype%3Darticle%26pageid%3Dblt2bec93f24d465c5c%26aid%3D944480%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1684289612120&lmt=1684289612&dlt=1684289609502&idt=507&adxs=308&adys=945&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&frm=20&vis=1&psz=646x568&msz=646x0&fws=4&ohw=1600&ga_vid=152832024.1684289610&ga_sid=1684289612&ga_hid=1364161654&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db26cc218a2f76d858bc04cbcb19014311e6f1e0b194190490ce0634d6cd5842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10498
x-xss-protection: 0
google-lineitem-id: 5674929725
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138347225724
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 143ms
143ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1410518998997751&correlator=1540064083690509&eid=31074558&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=9&adks=2634791055&sfv=1-0-40&prev_scp=pos%3D300_1v_article%26ptype%3Darticle%26pageid%3Dblt2bec93f24d465c5c%26aid%3D944480%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1684289612122&lmt=1684289612&dlt=1684289609502&idt=507&adxs=654&adys=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=152832024.1684289610&ga_sid=1684289612&ga_hid=1364161654&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e8d41e0dbecd3e7187a9da5bbccd956ebdfa893398796bfc904e57f6631b18d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14095
x-xss-protection: 0
google-lineitem-id: 6254775512
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138427198710
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
12 KB 182ms
181ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1410518998997751&correlator=1540064083690509&eid=31074558&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250%7C5x5&ifi=10&adks=1721872252&sfv=1-0-40&prev_scp=pos%3D300_1v%26ptype%3Darticle%26pageid%3Dblt2bec93f24d465c5c%26aid%3D944480%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1684289612125&lmt=1684289612&dlt=1684289609502&idt=507&adxs=988&adys=126&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&frm=20&vis=1&psz=308x0&msz=300x0&fws=4&ohw=1600&ga_vid=152832024.1684289610&ga_sid=1684289612&ga_hid=1364161654&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90658bd0149ee32386a0897fd8fc0abe48207f67342cab5a862a05452da5b955

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11752
x-xss-protection: 0
google-lineitem-id: 6139510966
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138368021044
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 181ms
181ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1410518998997751&correlator=1540064083690509&eid=31074558&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=11&adks=4270765103&sfv=1-0-40&prev_scp=pos%3D300_2v%26ptype%3Darticle%26pageid%3Dblt2bec93f24d465c5c%26aid%3D944480%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1684289612127&lmt=1684289612&dlt=1684289609502&idt=507&adxs=988&adys=126&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&frm=20&vis=1&psz=308x0&msz=300x0&fws=4&ohw=1600&ga_vid=152832024.1684289610&ga_sid=1684289612&ga_hid=1364161654&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40a1ddef329ed50a50b1bba6c79d93a95361668254be46a2b726c294d7521e42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
google-lineitem-id: 6139510966
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138413429909
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 160ms
109ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305110101&st=env

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

469d6ae11d3de74e33b695e1a63736fe6171fbac441de7295f479cfa9b59b13d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11075
x-xss-protection: 0

GET
H2 200 container.html Show response
68872e820fb9afb0f1d2e9ae040e5212.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E24C 6 KB
3 KB 177ms
28ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://68872e820fb9afb0f1d2e9ae040e5212.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 17 May 2023 02:13:32 GMT
expires: Thu, 16 May 2024 02:13:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 rum Show response
www.darkreading.com/cdn-cgi/ 0
160 B 127ms
127ms XHR
text/plain 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/rum?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: VwQPWV9RDRACUVdUDwYAVVc=
tracestate: 3288925@nr=0-1-3288925-322548631-9ec964874b6df333----1684289612147
traceparent: 00-3684bac62d8e13489ce6e9f5d6eba500-9ec964874b6df333-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyODg5MjUiLCJhcCI6IjMyMjU0ODYzMSIsImlkIjoiOWVjOTY0ODc0YjZkZjMzMyIsInRyIjoiMzY4NGJhYzYyZDhlMTM0ODljZTZlOWY1ZDZlYmE1MDAiLCJ0aSI6MTY4NDI4OTYxMjE0N319
content-type: application/json
Referer: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.darkreading.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7c88577bff14373e-FRA

GET
H2 200 lazy-loader.c8cd494b-1.232.0.min.js Show response
js-agent.newrelic.com/ 921 B
616 B 21ms
21ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/lazy-loader.c8cd494b-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

24b5fa9227e2539d460d47bb58bc2cfd5ab7b460b10ed08f5f237a1c4227fa30

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: JxOZDsaCO.84OJr88feb47MQNIiB.lPY
content-encoding: gzip
via: 1.1 varnish
date: Wed, 17 May 2023 02:13:32 GMT
strict-transport-security: max-age=300
x-amz-request-id: HFKEC7V8RSG7GQ3Z
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 410
x-amz-id-2: sMPeOof8K4e91kQ20uXJDDwefRnsVFND0s9EnxyiOeAw9CM1xr2qBuk5sozOrYVezXVrvqQ6llg=
x-served-by: cache-fra-eddf8230078-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684289612.162254,VS0,VE0
etag: "43b458adcc5ab7566291590de5438262"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 708

GET
H2 200 875.2c240adb-1.232.0.min.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 21ms
20ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/875.2c240adb-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d16927d37f8e26f8565d8f37936c1cac3ae49299c69cfe76f84baf43677c3ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: hJYscwmqXwVNvHS80_0vRqxt_Uk.MPpY
content-encoding: gzip
via: 1.1 varnish
date: Wed, 17 May 2023 02:13:32 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33Y6DMYX2M755T46
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3692
x-amz-id-2: 12ESXK8BgHWgzbN3nQPaydy+L59jXSGMNsIQOuRJSUSgpXbpopBHG7CYiWTsgYBLZaJ3F98QqLg=
x-served-by: cache-fra-eddf8230078-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684289612.184681,VS0,VE0
etag: "12b760183a18786621f95a5599ea91d1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 693

GET
H2 200 page_view_event-aggregate.5a238c1f-1.232.0.min.js Show response
js-agent.newrelic.com/ 11 KB
4 KB 21ms
21ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_event-aggregate.5a238c1f-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b759dcb812df0caaa1b5a8d4b4d86a8f6f41f4b4f4c53589f54cf4d15bc82124

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: m6hQu7Qmu3oSTIZPOga15if6q1_usD02
content-encoding: gzip
via: 1.1 varnish
date: Wed, 17 May 2023 02:13:32 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33Y1F68V5R4G1R1S
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4123
x-amz-id-2: LE8Mmxf56EgzLRhRoenpxF0OXZIwo/pswFnDB4N8n+EeKaME6HXt1Xk7L6rvqhOxcNjSk/xOwSY=
x-served-by: cache-fra-eddf8230078-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684289612.184883,VS0,VE0
etag: "397497131773c37606e11fcb4222917f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 702

GET
H2 200 page_view_timing-aggregate.ddd91465-1.232.0.min.js Show response
js-agent.newrelic.com/ 12 KB
5 KB 22ms
22ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_timing-aggregate.ddd91465-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

55ae2bb63b3739d001918259bb945000b092bfa1a7347ba9330239ce0c96de4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: ZN8S09QpTi3DRaBHssxUl.rChDa0uNQQ
content-encoding: gzip
via: 1.1 varnish
date: Wed, 17 May 2023 02:13:32 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33Y867HS6MYT7985
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4571
x-amz-id-2: CILtP2UgtVGD48J+UTjWq+irCqTwzRZs1VccfZLy4xzSBKIMwL+jwnc8ZZpkzmwxwhHr4pdQKRs=
x-served-by: cache-fra-eddf8230078-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684289612.185217,VS0,VE0
etag: "38f4d68378bfe3989db669dc9385b7c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 695

GET
H2 200 metrics-aggregate.c2ad263a-1.232.0.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 23ms
23ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/metrics-aggregate.c2ad263a-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

04c3e27b4e50b05e753624b18d153a73a64bd66f8544d04d73278b9cca80b643

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: Kwxbmu4apiKNi1wg_2QBa578nUzXK.xS
content-encoding: gzip
via: 1.1 varnish
date: Wed, 17 May 2023 02:13:32 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33YF3D3MNZZ7XXTH
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1663
x-amz-id-2: 0t28v8WC4ksNHlPsbHnq2BFvbag9JdhBEGj1l2cZmwZMryjnQUGTG7J4qr+P0dP0z2Q8RhqNGa0=
x-served-by: cache-fra-eddf8230078-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684289612.185431,VS0,VE0
etag: "581d99ebc34c05e0a160a0c4a848cae7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 691

GET
H2 200 jserrors-aggregate.017d6ea4-1.232.0.min.js Show response
js-agent.newrelic.com/ 7 KB
3 KB 23ms
23ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/jserrors-aggregate.017d6ea4-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0307f3b9d8215b1581f25bdf8ba24881d8f7030f53ed17b33e3ca6a5e6c8582f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: UxM2U4jEHw4DYwuY_JCWcBxAYgS2_JE2
content-encoding: gzip
via: 1.1 varnish
date: Wed, 17 May 2023 02:13:32 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33Y3P9H1YVPCYW5A
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2704
x-amz-id-2: fOJjkf623X4+LNu7HUnbPEqkESbCVUXfegtTcDGCJTSYPYnZIMHyyD/3Rdyml/9Mp1DAV3/tTMA=
x-served-by: cache-fra-eddf8230078-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684289612.185759,VS0,VE0
etag: "3eccc20152284ae6154ef68728b49a85"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 446

GET
H2 200 ajax-aggregate.666f66ea-1.232.0.min.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 23ms
23ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/ajax-aggregate.666f66ea-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f4d7f3eafb4d9820dd9f359b637ee8df4136b8bdba6705b9dd0a15faf2bc025

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: P1.nxkPqX_AEcic3nbSwWvQGlnr.3FTJ
content-encoding: gzip
via: 1.1 varnish
date: Wed, 17 May 2023 02:13:32 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33YAMGSAT4509J8D
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2159
x-amz-id-2: +/vlhDJIBkrB07I08TN2xKY9QCT+tReD92GfPWcSfMLZ777mczQvriIxrhC3OuLLFI+tLbuC4X0=
x-served-by: cache-fra-eddf8230078-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684289612.186080,VS0,VE0
etag: "6f55903bceeb36daf6c5579103364266"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 393

GET
H2 200 session_trace-aggregate.c0ef217a-1.232.0.min.js Show response
js-agent.newrelic.com/ 8 KB
4 KB 24ms
24ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session_trace-aggregate.c0ef217a-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

be222ebe8d76ed95e6241fd6e80b43e87cee11ee97871ba3e0e6dcf439ad66b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: g_UxNBJ25wtvYc3oM8Pj1uCRZQPEEsvZ
content-encoding: gzip
via: 1.1 varnish
date: Wed, 17 May 2023 02:13:32 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33YBT10PFQDKE050
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3302
x-amz-id-2: F/iivEdVcfTjYq8AJFOWGRk4GEFQq3Y9nQ2WJaA8DbfFJtDlso2/z2dRKKVQr/qXereUel72lF0=
x-served-by: cache-fra-eddf8230078-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684289612.186437,VS0,VE0
etag: "8658ef92a475808fc6ed23b10731217d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 447

GET
H2 200 page_action-aggregate.64dc4751-1.232.0.min.js Show response
js-agent.newrelic.com/ 2 KB
1 KB 25ms
25ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_action-aggregate.64dc4751-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ca72e8893a0cf88efb844d01e3629ad7751979f01026f6149de72285279b7968

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: K0wCLFJIIdjTzGgJZSujBvyTIxwFP3oQ
content-encoding: gzip
via: 1.1 varnish
date: Wed, 17 May 2023 02:13:32 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33Y9SYP2S871NYYN
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 985
x-amz-id-2: wXfzGJOuvfsWptsVhCX8TS9ZOOpumIcusC5MtXYWezjm85aH+z+a4UhZtORNDBtZ1lQIvruadOE=
x-served-by: cache-fra-eddf8230078-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684289612.186820,VS0,VE0
etag: "19f8af5dbc48da5cec8a15e4e37572a2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 451

GET
H2 200 spa-aggregate.342172b1-1.232.0.min.js Show response
js-agent.newrelic.com/ 18 KB
7 KB 25ms
25ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/spa-aggregate.342172b1-1.232.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7674813d4294e6367c27576ac6ee63106685165081325a67fc0b3582ed53182f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: GBrIcCPmmG.WN_66aFejQ6H_fNPpwe_q
content-encoding: gzip
via: 1.1 varnish
date: Wed, 17 May 2023 02:13:32 GMT
strict-transport-security: max-age=300
x-amz-request-id: 33YAJ6WYP1J8ME4A
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6574
x-amz-id-2: VgAy+MrhxuFl5jVpUDdrAu+k2F0/keKUs9t2baLmPjDCGwinsdlSaDKFL2sbJxn1je0+kg2OvCU=
x-served-by: cache-fra-eddf8230078-FRA
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684289612.187053,VS0,VE0
etag: "cd8a824b2ab07e7b696cf7565028153b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 361

GET
H/1.1 200
OK NRJS-4eee28fd5f21ed85217 Show response
bam.eu01.nr-data.net/1/ 49 B
452 B 75ms
34ms Script
text/javascript 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/1/NRJS-4eee28fd5f21ed85217?a=256687733&v=1.232.0&to=MhBSZQoZXkEAUkFdDgtafl4KFVFeCEtQUDQXHB8b&rst=3545&ck=0&s=9f85d8f61fcfb210&ref=https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit&ap=345.667078&be=842&fe=2642&dc=685&tt=17a7d624c0f24856&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1684289608658,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:20,%22ce%22:44,%22rq%22:44,%22rp%22:842,%22rpe%22:1032,%22di%22:1157,%22ds%22:1527,%22de%22:1527,%22dc%22:3309,%22l%22:3316,%22le%22:3484%7D,%22navigation%22:%7B%7D%7D&fp=1157&fcp=1849&jsonp=NREUM.setToken
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 49
x-served-by: cache-fra-eddf8230045-FRA

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FDAB 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNWPy0jj4RCl_6Tk6mUKGG2oPivHPK7f377eh-0_NY7HU-GnEtYC7CdhU2173kmG9QF_dz5t0NfPhIf-t6cMfNCwXFARn7wIW7O10COOetUo0AdLEkjmB7wAi3VeyqIcN25l8k_K4sC-AbadEbL2bwm4i8xkBlQpNX1Hs5hixnPeiyM3h8J3NSTO69zuO_2uTpoE7m7cnRiiFKv_3wwxr21493jJt8Rg32zcuZwoKwWkllQRFJED6ZxpFpjY6UIclb08_GD99KBNGCn4DBOhTro_byNBz20fzM395kXQM_s9NPVZrXQp8ypU2_xNHwBxIliJLxPc9GwHFxKPzUTKGbPreLt1o0Lz6utdPEKk5yYPaSb-VYAkU2bV7VNXpBSJmVp983Okg&sai=AMfl-YSv-Gn4KbFUm1-aHa4x4Y5BhU6EOCObLJiIb-YxNr0qMIa80-M7mIpUU0xkm41s12J5sVYFeDNCeplGxZb3fhSDwxzwmoIg_dLkFUoayVh6BhJdzWoSBPcrb2DRXJU&sig=Cg0ArKJSzCjGyIxByiL_EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 jquery-1.11.0.min.js Show response
code.jquery.com/ Frame FDAB 94 KB
33 KB 23ms
22ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.0.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:01 GMT
server: nginx
etag: W/"62f659d5-1787d"
vary: Accept-Encoding
x-hw: 1684289612.dop223.fr8.t,1684289612.cds331.fr8.hn,1684289612.cds001.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33357

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FDAB 170 KB
53 KB 91ms
43ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 02:13:32 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame FDAB 326 KB
112 KB 62ms
20ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49e087d73bcccb37cff38615607eecb98579e662f784f309b2968a2998748353

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: gzip
last-modified: Tue, 16 May 2023 18:22:53 GMT
server: AmazonS3
x-amz-request-id: 5CY7FDEVWJF5K6D4
etag: "c1281e3b54e4407d835c8db200a5084d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=48941
accept-ranges: bytes
content-length: 113748
x-amz-id-2: s77ZV0ZWVWg/4aaB9G/zUfSZmcL4weCEFuihRO57b5MKj0Hp4kPeWsKYwefj7OuQku8dtNJHi2g=

GET
H2

200

17673440086834564063
tpc.googlesyndication.com/simgad/ Frame FDAB
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNWPy0jj4RCl_6Tk6mUKGG2oPivHPK7f377eh-0_NY7HU-GnEtYC7CdhU2173kmG9QF_dz5t0NfPhIf-t6cMfNCwXFARn7wIW7O10COOetUo0AdLEkjmB7wAi3VeyqIcN25l8k_K4sC...
https://tpc.googlesyndication.com/simgad/17673440086834564063?

35 KB
35 KB

31ms
28ms

Image
image/png

2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17673440086834564063?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66a2d24e9c295ecb9a23346122ee36ebb7797f79b63888a5bc9febcc6bc8f707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 04:38:09 GMT
x-content-type-options: nosniff
age: 77723
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35403
x-xss-protection: 0
last-modified: Tue, 09 May 2023 19:28:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 May 2024 04:38:09 GMT

Redirect headers

date: Wed, 17 May 2023 02:13:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: https://tpc.googlesyndication.com/simgad/17673440086834564063?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Dark_Reading_Logo.svg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4ff4a7f9bc8e31f7/619f4fb0a0cb8076d613e3ba/ Frame FDAB 5 KB
2 KB 23ms
23ms Image
image/svg+xml 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4ff4a7f9bc8e31f7/619f4fb0a0cb8076d613e3ba/Dark_Reading_Logo.svg?quality=80&format=jpg&width=222

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0e198a2d521948c31a85eff04b881542d8b31d8b5824f900a950ea34bf5ef811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
age: 1914400
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Dark_Reading_Logo.svg+xml
fastly-stats: io=1
content-length: 2021
x-request-id: 77944
x-served-by: cache-ams12720-AMS, cache-fra-eddf8230096-FRA
x-runtime: 99ms
x-timer: S1684289612.319714,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1448, 1

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1364161654&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&dp=%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&ul=en-us&de=UTF-8&dt=Russian%20Ransomware%20Perp%20Charged%20After%20High-Profile%20Hive%2C%20Babuk%20%26%20LockBit%20Hits&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=welcome%20ad%20served&ea=6143667001&el=138433037584&_u=aCDACEABRAAAACACIAC~&jid=&gjid=&cid=152832024.1684289610&tid=UA-135180592-2&_gid=1635761514.1684289611&gtm=45He35a0n81T52Z3Z3&cg1=article&cg2=Quick%20Hits&cg3=Threat%20Intelligence&cd1=article&cd2=dark%20reading%20staff&cd3=&cd4=Quick%20Hits&cd5=May%2016%2C%202023&cd6=threat-intelligence&cd9=attacks-breaches%2Ccareers-and-people%2Coperations&cd10=0&cd16=blt2bec93f24d465c5c&cd17=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&cd18=3834%2Fdarkreading.home%2Farticle%2Fthreat-intelligence&cd20=vanguard%20-%20123&z=779885406

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:07:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 342
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AA28 0
0 60ms
60ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMRDNEzxisa_zGSgqmaKJynnojWAfkZNRjs0CtTKyoZV0sTvuUp-hcYwPB_vfsmJRvnFNiqOj1gosD_XWJUgcYLGQzo7YMOWR5xSpgsrnxqs9ZS0q86LUCEejurhGZnK_VDG4TM9-VXjCYN77-EHfpRoajfDQAhugJUYfVKGr5CpTnU-1OhhksoT2U62iwmEkYM4BBgBOskhMg8qVK91HR-SIC9QMDJa-7svTf5boI5PWWDiv4-LbbUtCbTA3AImeGj_TQ85OGGBgWxWklcH8n0U8WWj98RJntx9QzXznulv8GMscdD2KKVWi6mO1Jb3kzoEYk9C3WycnMMW1dkOJsM3YZawJsZ7GTHd5OkCb-1P46Ng&sai=AMfl-YTPjVvCnSsBG8HmxbKEQn3rFcJ9F53vw1dLr-qz9D8Qz7dfTfxKKYK-jkxi2hYRwZIAm9Ea0m1ztKOCg6IdcuioS5BdzD6U1W3O32nJnaPbYGM_z9DRMgmQH2Dp7eM&sig=Cg0ArKJSzJGZJxivNoGbEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame AA28 3 KB
2 KB 81ms
20ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:32:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 17:32:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AA28 170 KB
53 KB 83ms
69ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 02:13:32 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame AA28 326 KB
112 KB 28ms
20ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49e087d73bcccb37cff38615607eecb98579e662f784f309b2968a2998748353

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: gzip
last-modified: Tue, 16 May 2023 18:22:53 GMT
server: AmazonS3
x-amz-request-id: 5CY7FDEVWJF5K6D4
etag: "c1281e3b54e4407d835c8db200a5084d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=48941
accept-ranges: bytes
content-length: 113748
x-amz-id-2: s77ZV0ZWVWg/4aaB9G/zUfSZmcL4weCEFuihRO57b5MKj0Hp4kPeWsKYwefj7OuQku8dtNJHi2g=

GET
H2 200 16204869891264180262
tpc.googlesyndication.com/simgad/ Frame AA28 61 KB
62 KB 82ms
21ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16204869891264180262

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f9e4b998c3839e7e544b929557a4408b28d94975d484ef79763e50ccc2647b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 10:15:52 GMT
x-content-type-options: nosniff
age: 489460
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62646
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 18:52:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 10 May 2024 10:15:52 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AA28 0
0 29ms
28ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnfLCuO32d6t4GFWgn6gMTSbJ9MIVydRckvcq3Emme6bPIPRZJhYiXts0nUffQa7s-CIuh
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame AA28 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7d68cd0cf59f647d2c9799e0147cc847234e7c5b79cb8be6bbb46ecf6784303

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 129ms
76ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 17 May 2023 02:13:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E268 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDfqOk_5OziDpebjMca4vVhscvzSetJNIqr8GWYVl4gK6zKt26Y1G9KgneH8UpeKVKmQ3PR1L8GEYT3Vb03M9DcDG97lKN1e3QT8ZriqJlHErJ7jbWwdCdLF7uyYy7KC9TxZ9s8nqd7HV8T9ywKUpkQkNEtqysn5lQHkxc2g9IN2mcZBCXdcXgcLVFRR90yv1F7gdj-jQgyJ-XHsmeTgi711EaQlnVZ4ULsogPoDHlJLBd8meF-i2drkU_g4UZ_Vj6pBXy2dCzHehqOC2JXeNZ5LvsVvzLJ1Y3mqEnFpux0FyjVrXdLTp58d5ErbKVfXB_0f8WDF8QaVziJasml4DpF7ne22-hbVEmLi9M-7lLPKxvdw&sai=AMfl-YT21iDUXHgPVDCPcxME4epq_4HDt5_7wxN6Hc5VvtturJvfQePeprZAHL7eLKKHzJRZMy995SZY1DGfLpdAZyDPsuu3Y4NEB0jjXF_blMmh5zMeODV1-J5n1EpZWg&sig=Cg0ArKJSzAKXBpDsmbnmEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame E268 3 KB
1 KB 49ms
20ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:32:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 17:32:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E268 170 KB
53 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 02:13:32 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame E268 326 KB
112 KB 67ms
67ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49e087d73bcccb37cff38615607eecb98579e662f784f309b2968a2998748353

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: gzip
last-modified: Tue, 16 May 2023 18:22:53 GMT
server: AmazonS3
x-amz-request-id: 5CY7FDEVWJF5K6D4
etag: "c1281e3b54e4407d835c8db200a5084d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=48941
accept-ranges: bytes
content-length: 113748
x-amz-id-2: s77ZV0ZWVWg/4aaB9G/zUfSZmcL4weCEFuihRO57b5MKj0Hp4kPeWsKYwefj7OuQku8dtNJHi2g=

GET
H2 200 11387180448008369947
tpc.googlesyndication.com/simgad/ Frame E268 10 KB
10 KB 83ms
56ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11387180448008369947

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e04433a74ec26a9b149ee31234bc5a607d43e93ff3e314107c52c4a0e495308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 03:14:07 GMT
x-content-type-options: nosniff
age: 169165
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9807
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 21:49:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 May 2024 03:14:07 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E268 0
0 29ms
28ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRNjI4SiQ_KoBiMYdbHyZF0mVmXa3_LQ2V8KLAaWIiXcZP6v5RGEIKyysdncOPBCWgF5fhO
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0029 0
0 61ms
57ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8ImqQwYS472txhqg8hqGMTZNPNIxz7RGsWzYZex9ptpb4N3L2jMWBSJKfFn09aUbAHPoxbibe0_v9xdOZQTsoSovNA34YQfjbse-qaXthruc2Kohdz8tI85QzhxuVoJb1wpfiby2nvjtoRN7-s9Qm-CWkx8JjngD9SxB1CRRun3zfZ_7mFcJjqqLlWpRQiRIotnNKvojDEuprYyK-tAe8IT_3xidoxEAzpExItsU4kVtoWB1ntOy8cDPgApcboF4KHwdjap8pseU_l-jcLn2hf7Lu5idzL0m0EDiQmBGcBDNrr9IVfrgjtJXcJH-ErknsGNF9SSbI39GO5dHG_Ktsw-Loh8c2M_73vAozTWZ96VgI3Q&sai=AMfl-YQ4i9hcM8_GW96wJGJB2SZkZdMuZybjZqlOVa4QDvhd-zxRA8WvwfphsIYdM9rMw6oa9rcRL5NDm1VG7t7fLoO_JOANCQCvqwYI5f6XN0bo3rM7VL9mLrZxfrPOfw&sig=Cg0ArKJSzBCWNUO4nVLHEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0029 170 KB
53 KB 52ms
49ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 02:13:32 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame 0029 326 KB
112 KB 55ms
52ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49e087d73bcccb37cff38615607eecb98579e662f784f309b2968a2998748353

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: gzip
last-modified: Tue, 16 May 2023 18:22:53 GMT
server: AmazonS3
x-amz-request-id: 5CY7FDEVWJF5K6D4
etag: "c1281e3b54e4407d835c8db200a5084d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=48941
accept-ranges: bytes
content-length: 113748
x-amz-id-2: s77ZV0ZWVWg/4aaB9G/zUfSZmcL4weCEFuihRO57b5MKj0Hp4kPeWsKYwefj7OuQku8dtNJHi2g=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A598 0
0 58ms
57ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqHwV2gijnUkeG0PwJKLcTdMqMTVih9OvzO5FgMa83SLOvSaNUN5Eab32mkVoFbmBrakO3rKUPxlwDWaa3UW7uPk3wUZYifxf2D7xcSsLCL4cU6LaJwznz5cUQOoHsSVOW8So3z3nbGJKErQPcZf9T_1TR0RbMfArc-x2bTNEUDaLB8twkpGq6wGA8i3p3dqIf-4Y343BlxOGq79BXC6HIAmPlHSzgojP_TBw4-qsz3AHaa2qiLEBInXXuvjL8-_3Z-BjOvTP6hyYLooq1ozxaFRoDTWtGpWp2oLKbTGli4RAf-_Gz7B8YY3OEz95hUnl0FG3njTbj7e4ta62lRTXJJbJjC2JEgmiS1wcCCFfl3SeZhw&sai=AMfl-YQYDFMbYIIQXLLzSzsQ79PDplyYAmgXhf3XjarUMPQ-CunMWwHrYxtr1zeL9wsNM1yPMku2JVKdo0t9TNUdZIr3ZEUg7AY0GGZYUUe6g7IeHVvQJLn3ax3kf5G1Jzg&sig=Cg0ArKJSzNmUEOMElwtSEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame A598 3 KB
1 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:32:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 17:32:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A598 170 KB
53 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 02:13:32 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame A598 326 KB
112 KB 51ms
51ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49e087d73bcccb37cff38615607eecb98579e662f784f309b2968a2998748353

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: gzip
last-modified: Tue, 16 May 2023 18:22:53 GMT
server: AmazonS3
x-amz-request-id: 5CY7FDEVWJF5K6D4
etag: "c1281e3b54e4407d835c8db200a5084d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=48941
accept-ranges: bytes
content-length: 113748
x-amz-id-2: s77ZV0ZWVWg/4aaB9G/zUfSZmcL4weCEFuihRO57b5MKj0Hp4kPeWsKYwefj7OuQku8dtNJHi2g=

GET
H2 200 5027517339664842723
tpc.googlesyndication.com/simgad/ Frame A598 72 KB
72 KB 50ms
49ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5027517339664842723

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1e779400a82dc66165854384cab22bed09762f0d1b9d5e0da2a31563adb740c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 08:03:12 GMT
x-content-type-options: nosniff
age: 238220
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74079
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 18:06:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 13 May 2024 08:03:12 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A598 0
0 27ms
27ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRWc8m_FPNAnEyQBEbuZSaQIA3Fcdb7TnkFS7J4oiLm-L-moKOv-EYDliAVMDU_8utuOvkt
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 79423132981870977
tpc.googlesyndication.com/simgad/ 178 KB
178 KB 47ms
46ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/79423132981870977?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67a5c5246d878c5d5687d1ff9a986a79fbf00e754d44e5cf24bf0ea8f4aae1b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 03:14:06 GMT
x-content-type-options: nosniff
age: 169166
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 181782
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 20:51:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 May 2024 03:14:06 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8680 0
26 B 85ms
84ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8TXllnlWeoYcWcbg3Ksx08SLWtnL8jBLfJ7IUQaVd_1K9AgKhjnjsVKS9EHcj438dTSkYMlvgmSEJpR9X45YPTZSfvJIlkyOy87Cv9NjkFrFHyz1Kiii8O5BcqSZ-gj5d97BHfi8Vtkf5uxAIdR1o3dgSRdgKd_RTFUBXsaWLVcd8lMchyks9e8vGUKMW7-xR1YcD0YHtT0eH6v8_MeIuVTq0KTKi5VSBOJ_8D-fAFvu95Duo1s5KgJQKIL1tx1IUcvNc6TWsWGlfm1-yaSOGrmbpWKWKuieBE2ac1__Cfz_Rau8JEBC1PKZDyv64VvFy5nm2YjdWG7SJlg6RzzFdLCfx71P92DynSYS22P0-WNAGiZcgpg&sai=AMfl-YSxWskNdkb0gHFTLfRkGCJh02Qx3NBjCuK-pWphUJ5-3u8heykvTm-qkPyKkKiAZ8Zw55oA4Mf5qnm-v0P9GID5p1UKbOWxAEEdP4RfLqOY99vqUFiWKAxOUl4nK24&sig=Cg0ArKJSzFuZ1rcP-wQaEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5416 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurx8mTSlDVjKZD-JkeDRffnNbz7SFvm97USWkHtTMbaRp7PYQd1fNsZq1varmmEitp-vqx3H81YFSgV3abvADznduYT7LUNHO3TaX-sQWuNSfNYQk_Ac-twjPoj5A--Llpcp36afNOn7EkHobvD6SqSUVgWZXjfOCvCWdnu3_vm0gPjVZd91oXspl6LlV6pfUiI1HmRnarjFEtFmZQBx6Hw8DqVmrUXLgDcz8Pfe9sLHVZ6D7POwxSgfiQJoG9sT18RlzAOgL4R9G-CwA8hfBPzZy_yUFz1mLFyAHOsiaTvgFyaFYbvsZLNuzG3l0u472iRiM0cgG3AuJMeAnER5p2t-PykVVgGv1eFPOlTiQH&sai=AMfl-YTZfFOD2gdRVCZC83KWSGyN-HGSZ6krRdQAD3RVB-hk49_XW7_8D-7mBKkSlgTOw6yOf3_obOEVrBvnPBbqQ4DuWbjlvCusA0KS5DDIPYecMkFTTOa4mDDftNrKsaI&sig=Cg0ArKJSzM1kTJjKzUd1EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 tag Show response
a.teads.tv/page/130102/ Frame 5416 752 B
812 B 88ms
23ms Script
application/javascript 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/130102/tag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 120be5c1f0c3158ea3f36d14321d28e8bad8f3c6fcf6eadd240020c1836eff98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 470
expires: Wed, 17 May 2023 03:13:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5416 170 KB
53 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 02:13:32 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame 5416 326 KB
112 KB 21ms
19ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49e087d73bcccb37cff38615607eecb98579e662f784f309b2968a2998748353

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: gzip
last-modified: Tue, 16 May 2023 18:22:53 GMT
server: AmazonS3
x-amz-request-id: 5CY7FDEVWJF5K6D4
etag: "c1281e3b54e4407d835c8db200a5084d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=48941
accept-ranges: bytes
content-length: 113748
x-amz-id-2: s77ZV0ZWVWg/4aaB9G/zUfSZmcL4weCEFuihRO57b5MKj0Hp4kPeWsKYwefj7OuQku8dtNJHi2g=

GET
DATA 200
OK truncated
/ Frame E268 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b012aa4cd220c70aa9d246001d2336eaa7ceffca0e6a5b29792dcef541fcddea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A598 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfe4cd9c1f7700c36d3c29ca204ba2c2e7d6a0755b3a76f5f72f91c64a7a99e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK web.js Show response
ads.celtra.com/ba18906d/ Frame 0029 14 KB
5 KB 479ms
138ms Script
application/javascript 54.224.217.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.celtra.com/ba18906d/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuTvHbDgDd8wMSYEoGUrAq39dRBTc1SJznRY8FK_YN424W4mt4hKbxcucyC1q1nyX6LhhWdh5jdgA2V6aHHHatzAxV0CPmKLZ8TROgBcqvxnLxUw-Ly37rgrl7OaruMQ5YuLubTxJGKwS6djo2kS9Lvpj_8AY06XNr4O2q2zHx_QPOSh1aRzXsHCZjtd8It9PPtmZZSDwxqcf1cyoXhmBuelFGqbnGFtWkovOac6tCJzrLqOmI_EoVnWD8foSgyQU6cYrp9n76PmBOkOmFnGddC8R5lFLYmPREY86CP4Slw7e0zgW6FSW__5uWmJiZsjYzwSNogRosLqvxHvfswe5k0nHbwXzcU6UTkH6oeFbjx7g%26sai%3DAMfl-YS57NJxHRYArN8GIzEkZLPJrVP7X17AHhB7OOiubtctlY8YyYir0XcTZ5nBcdwnt3oIqUprGxGAPa8tzrKMRflNS8-m-AkiS5CGgLOetH56s5A5Xjz_1u0skb-GrA%26sig%3DCg0ArKJSzH__IHz0x64NEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138368021044&externalCreativeId=138368021044&externalPlacementId=22339890152&externalSiteId=22316126855&externalSiteName=darkreading.com&externalLineItemId=6139510966&externalCampaignId=3099799181&externalAdvertiserId=5004764576&coppa=0&scriptId=celtra-script-1&clientTimestamp=1684289612.472&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=15283971821729136
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.217.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-217-157.compute-1.amazonaws.com
Software: /
Resource Hash: 796fb577d901800fdce147b46494720f86f23c8964bde1ecf6a6cf6f88a462ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: gzip
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 4829
Expires: 0

POST
H/1.1 200
OK NRJS-4eee28fd5f21ed85217 Show response
bam.eu01.nr-data.net/resources/1/ 36 B
416 B 38ms
38ms XHR
text/plain 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/resources/1/NRJS-4eee28fd5f21ed85217?a=256687733&v=1.232.0&to=MhBSZQoZXkEAUkFdDgtafl4KFVFeCEtQUDQXHB8b&rst=3832&ck=0&s=9f85d8f61fcfb210&ref=https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit&st=1684289608658
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 0a620e251ee73c3d588f0a1b02012391be0c9e049e5140e4119770438e2b9681

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 36
x-served-by: cache-fra-eddf8230045-FRA

GET
DATA 200
OK truncated
/ Frame FDAB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73f64b02b9413d6bcdef1ae19f7daf70b97d5f8f16ca53c3a8ec47fa8b96b955

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 tag.aspx Show response
ml314.com/ Frame FDAB 31 KB
11 KB 66ms
22ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?1742023
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 01:51:38 GMT
content-encoding: br
age: 1314
x-guploader-uploadid: ADPycdtJjw8cbBEHyP8oLSqxi02oTDag55TMZV0pdn5m61kbrB9C5P_862gOd3lQTrXI0TZKyQ5pZVcGvI0yBCovp_Y6YUL4XBFy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10518
last-modified: Mon, 10 Apr 2023 17:13:24 GMT
server: UploadServer
etag: W/"b0965f051977c0dd95ffe2c736cac352"
vary: Accept-Encoding
x-goog-generation: 1681146804366265
x-goog-hash: crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type: application/javascript
cache-id: FRA-fa985ced
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32213
accept-ranges: none

GET
H2 200 n.js Show response
geo.moatads.com/ 98 B
271 B 550ms
52ms Script
text/html 46.51.147.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qZ6yR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-OXHdlqV6UCoP6g%3D%3D&sc=1&os=1-iQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1684289612573&de=434354446778&m=0&ar=fde231f50fe-clean&iw=a6e1dfe&q=2&cb=0&ym=0&cu=1684289612573&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5137568839%3A3101799994%3A6143667001%3A138433037584&zMoatPS=welcome_v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A1158%3A1850%3A3484%3A1157&iq=na&tt=na&fs=203695&na=1282649456&cs=0&callback=MoatDataJsonpRequest_5717445
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.147.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-147-53.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 1276cc8c00d4c0a5dc75f06fde5f578ade21cdf3ed9e52b786c3d07dc820bd1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:33 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "ecf78851b54c244acba96ddd0697c0cd3a49492a"
content-length: 98
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1684289612573&de=434354446778&m=0&ar=fde231f50fe-clean&iw=a6e1dfe&q=3&cb=0&ym=0&cu=1684289612573&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5137568839%3A3101799994%3A6143667001%3A138433037584&zMoatPS=welcome_v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A1158%3A1850%3A3484%3A1157&iq=na&tt=na&fs=203695&na=1279123565&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:32 GMT

GET
DATA 200
OK truncated
/ Frame 0029 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20ad0be7e3caf0a6ba6ab76d067da9cb2ab3cec52a0d5e532f8b0bb43a6a9b3a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AA28 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvibxKJx5Q4wd3etUAMln8UcCMz2_LYNgHET6sfaRk_BaPaheb0ijadK3W9bn3tAN5k4Y7nheMKJ_Cgf6pTHSrZBFm_JPh2HrW1V7dUahSAe46Ji-m8r__9eGJTwCjGW2sQebhUXbpf9ECq3PSZQjawIvXPWOv7HKTpIkhpNBlE_ZpugJY1b2cZMGnKaC7ttVpB_WthdEVDNXN4Vji_nYtovK2Dp_qa06RXk3vKoPsVkPGv9iLTJ3wFGrhza9DQH_PPVGmRPA5WnRvdfRDhCDHKw_eCzBLIL2mwZyIVfODgDYPf5V1gkE-c8CynPtf5dhJ1ZnXWHDS54xdZzElpQOmX5VPlre7QX4jfEhyFcYi5nZx7YRdb&sai=AMfl-YSiUTK_vgl4IJVbPfZBQrq_XNSBqKKKtjZphymg4eeBugSgTdmfIXvkNpAWiP1MYgD5ziIPG-QvTbx4miu7Dfl-frNTxr5W2tudAekvUE6IW1QZDCS9LmD6a3xjfwc&sig=Cg0ArKJSzFnESN1EtRO4EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 17 May 2023 02:13:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FDAB 0
0 60ms
60ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstj93Op_hTJadNTqViXlfZ8H2t1OtVOXQRa1Kn8m4FVTJi6Wq4I8rsG797t_QF33cWBae85lcaP1ZXZrk3pqB6Y8Pv9xryvIhpTHxT5TtEJw57y_uDqaeZO5fsyM1KSHZfUHA0WQ0IGCvqWDH_nX9ukblc8-NDjQV07xsXA0EEkUtUh8C0q4ZUBWwDH11vZIrPyBaTAUZ65JrE0bQoF4FPSy80VbDY2WmqYSEcmuqEpRl8UiN4IFGajvaEBwCpY3KwUl1ZHFv2-LsGmtQttSO1yZHFDSiAeg4vWU5TxxTu7M6BX-0o95ojQ58pZXZvlmSdPGoLULRHIw6yF2POx-piRdzxvh-o6NboKtbEs9auOIOchtkijSKJ0A7c&sai=AMfl-YTTlWNm1g-mXNO2aLthelNmYYrRJnNRjVry5syVqVXe_qPrKU1gGOlWe3YZN0rhKsJR4c7arc1fi-h96W-TDYiSwyrlfiq3eGaheAznt0Xfje1ZYwHkAli1-CzPl5U&sig=Cg0ArKJSzBtaRHyqPbzvEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 17 May 2023 02:13:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 478D 13 KB
5 KB 29ms
21ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26597
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 18:50:16 GMT
expires: Wed, 15 May 2024 18:50:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C7B8 783 B
535 B 37ms
29ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a6784657ebfaa2e63661973e6d9005928a02a7ada5918af3bf54d7eddf204c5c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Cl4PY-EPwx9XqZqATputqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Cl4PY-EPwx9XqZqATputqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 17 May 2023 02:13:33 GMT
expires: Wed, 17 May 2023 02:13:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 5416 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc3e40d6ac657f0cab86fbd40aac335a1882985b625431b28193625ec0d67b57

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A598 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKMmL4Jm7rzWH3CRPKh_eMvlSWSnRb6w7OYDMa8D3_-UnNn6-gTfGgMPhriYxK9NvY7w2mARcPoVnvDXvjZjfqWdf4SE6-W4kVE3y8V9YZW6a8yL-kO_pTtCDPN2nbuNdLrVkjJM8wSxg-Tt1PWz-TpJNtC9hs13LstUIeQ1NYY8ciIFBWpel_SVI1ZHAiGHwaKRCdehAI3wY0DAL6Z7xOuTlCsvJ7t9rKCBcBrIVbOlKKhiBUx4OKGB5GxjbInTsKOYFZ5ArCjJuBk8rqw6euU-CpvTJIepLCVt0H_fvEzVoInaSw1MhOnXQUK43VgotbXB47K2858TPCQlH1P2kg5jYIj42vMr6mDUY9BZqD5-rJIl5l&sai=AMfl-YSpnBOjfe3Cr3S4mPs_y0TIgEaIMpAoSeL_YKHVEFX5c6tUmlB3dUZ8EFSxrR2APtRhZYJkEwlk4LX4ohu0GC5DtuSVnWiohMzWFStzbadMtp4Jfq3GTTXCxqhCLU4&sig=Cg0ArKJSzPpcu0mS5-bWEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 17 May 2023 02:13:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E268 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCV6gcWoLOIPssg6l3QSanAQDm3nYD-Of850wfkbmiQaru2ay_wxkpGQZnVGzLTD-W11917GCLZ8-B34-M5r60JBZUNJNNn79QXwljOnisfHRzS2JTFNnrc3vPg3i4VrXc8LVjIMf3-iv5C6TmpntxqV35qKNi1IDWccvz_Auamb0Dl7793Y9CyuG02b8TvYC0cBAvFEyy0Rfy8ITcqi9PKAz-sng4h9cWS1PS6IhEwPwNmaJc_GNSCIxWtQTm8YBqZj3bx3CdGjb99VpsvuhUwKlqhzRbK2BOfA9Du--RO9J7tfuM5zn3TP6wLd8FocS0x7j7ZSqhJTJpEdAZu8264d0lC8hZojppeRBTbNBOjJ5AqIK-&sai=AMfl-YTdoc1XWnJXv2Y767U4oCHVwdvoh4sdfM9_qmBgIZT_EZwtTnVz8n6x5CNiL_HtDdZMx-d41lDbPNhcUNmNRPPxeV4myBbgf46x231EBCjUh3uPAbQQx5TlUmFXFg&sig=Cg0ArKJSzHA-X-JfSUWQEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 17 May 2023 02:13:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1684289612689&de=567322816293&m=0&ar=fde231f50fe-clean&iw=a6e1dfe&q=7&cb=0&ym=0&cu=1684289612689&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5226629485%3A3174470628%3A6254775512%3A138427198710&zMoatPS=300_1v_article&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&bo=22316126855&bp=22339890152&bd=300_1v_article&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A1158%3A1850%3A3484%3A1157&iq=na&tt=na&fs=203695&na=1539581040&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:32 GMT

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 596 KB
130 KB 22ms
21ms Script
text/javascript 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 48057ce15d71e4fca4e37f5fd751f992bef87b6fcf527c4731556cf65652864e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
content-encoding: br
last-modified: Tue, 16 May 2023 14:02:30 GMT
x-amz-request-id: S3MKH5483PH0K2TR
etag: "e820de15bfa4bf6d31aea69f9479d632"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 4
accept-ranges: bytes
content-length: 132878
x-amz-id-2: 5VwtBV50dMuig+3hjFsqpPg2RtqsDGrT5R9UhXrENhqIUU2GpHW26pEwlFN1BMZ3pwoMxozW3Qo=
expires: Wed, 17 May 2023 02:43:32 GMT

GET
H2 200 utsync.ashx Show response
ml314.com/ Frame FDAB 62 B
309 B 48ms
48ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=62439&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&pv=1684289612822_uoz3ngbyh&bl=en-us&cb=6239337&return=&ht=&d=&dc=&si=1684289612822_uoz3ngbyh&cid=&s=1600x1200&rp=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&v=2.5.3.49
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1742023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:32 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/javascript; charset=utf-8
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ Frame FDAB 20 B
482 B 594ms
178ms Script
application/javascript 34.239.95.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=1742023&v=2.5.3.49
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1742023
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.95.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-95-171.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Wed, 17 May 2023 02:13:32 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Thu, 18 May 2023 02:13:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5416 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssX6RYeYY3nE-E8bv8Z-s2LLvXilC59LKZXyDPR4HAUdkdq2PDHt4hHBCPlUA76MNnNTVvrvyOipakrecDiVxyZZuAfGfRp3Zc2QTf0uQkS2EXV-YIBXmAh0EnyN5cuqdVwVonWb5SlB_RkK-QAeuVulZI9jGOi0nhb0EIIsBXiDkhcRdX_c-b2yJcJIBdonqXlIDONocS6WPxxaIEkhzSlS8bH72XUAO7xSp2d9-J4Om3dj78rVI4MgRnxLPpQWIqynQGmpFvAP87ifzunBZZQR2u8Uu3eGGAJP4sz0qifwCyEyb-HwNYgFL4owo_dq4Ey3nl9KwexKIZcohrE9FHQtBqeXUQemYEd02jUrfVPhww&sai=AMfl-YQKf1EIOBff02s0I7poOk5VzMzjdGzmm8idire7zagwBUDd9wNaEtqBkab62gyLxZXS_eqx4fplf4E8PGcqdxnUMv5eek-RZwk6wNVVOYfmu7yPipQjbqp-tfVE2vw&sig=Cg0ArKJSzFYSNGmjmvtVEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 17 May 2023 02:13:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F16204869891264180262&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qZ6yR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-OXHdlqV6UCoP6g%3D%3D&sc=1&os=1-iQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&f=0&j=&t=1684289612689&de=567322816293&cu=1684289612689&m=17&ar=fde231f50fe-clean&iw=a6e1dfe&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3369&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1158%3A1850%3A3484%3A1157&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6&cd=0&ah=6&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5226629485%3A3174470628%3A6254775512%3A138427198710&bo=22316126855&bp=22339890152&bd=300_1v_article&zMoatPS=300_1v_article&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatDfpSlotId=9_0h7grxq4r7os00000h7grxq4r7os00000h7&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=9_0h7grxq4r7os00000h7grxq4r7os00000h7&iq=na&tt=na&tc=0&fs=203695&na=1191793627&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1684289612764&de=818947933583&m=0&ar=fde231f50fe-clean&iw=a6e1dfe&q=11&cb=0&ym=0&cu=1684289612764&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5004764576%3A3099799181%3A6139510966%3A138413429909&zMoatPS=300_2v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&bo=22316126855&bp=22339890152&bd=300_2v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A1158%3A1850%3A3484%3A1157&iq=na&tt=na&fs=203695&na=1755380998&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F11387180448008369947&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qZ6yR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-OXHdlqV6UCoP6g%3D%3D&sc=1&os=1-iQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=251&w=301&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&f=0&j=&t=1684289612764&de=818947933583&cu=1684289612764&m=15&ar=fde231f50fe-clean&iw=a6e1dfe&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3369&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1158%3A1850%3A3484%3A1157&as=0&ag=2&an=0&gf=2&gg=0&ix=2&ic=2&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=2&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5004764576%3A3099799181%3A6139510966%3A138413429909&bo=22316126855&bp=22339890152&bd=300_2v&zMoatPS=300_2v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatDfpSlotId=13_mlb57mfhkhj00000mlb57mfhkhj00000mlb&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=13_mlb57mfhkhj00000mlb57mfhkhj00000mlb&iq=na&tt=na&tc=0&fs=203695&na=1115677297&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1684289612781&de=914414386184&m=0&ar=fde231f50fe-clean&iw=a6e1dfe&q=15&cb=0&ym=0&cu=1684289612781&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5004764576%3A3099799181%3A6139510966%3A138368021044&zMoatPS=300_1v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&bo=22316126855&bp=22339890152&bd=300_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A1158%3A1850%3A3484%3A1157&iq=na&tt=na&fs=203695&na=1615416894&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
19ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1684289612786&de=142757190581&m=0&ar=fde231f50fe-clean&iw=a6e1dfe&q=19&cb=0&ym=0&cu=1684289612786&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5134346611%3A3110972346%3A6157543105%3A138430455658&zMoatPS=728_1v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&bo=22316126855&bp=22339890152&bd=728_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A1158%3A1850%3A3484%3A1157&iq=na&tt=na&fs=203695&na=125317548&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F5027517339664842723&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qZ6yR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-OXHdlqV6UCoP6g%3D%3D&sc=1&os=1-iQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&f=0&j=&t=1684289612786&de=142757190581&cu=1684289612786&m=7&ar=fde231f50fe-clean&iw=a6e1dfe&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3369&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1158%3A1850%3A3484%3A1157&as=0&ag=1&an=0&gf=1&gg=0&ix=1&ic=1&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=1&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2&cd=0&ah=2&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5134346611%3A3110972346%3A6157543105%3A138430455658&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatDfpSlotId=7_24ps5x946ox0000024ps5x946ox0000024p&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=7_24ps5x946ox0000024ps5x946ox0000024p&iq=na&tt=na&tc=0&fs=203695&na=1985544192&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:32 GMT

GET
H2 200 web.js Show response
cache-ssl.celtra.com/api/creatives/ae21f920/compiled/ Frame 0029 861 KB
863 KB 69ms
25ms Script
application/javascript 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/creatives/ae21f920/compiled/web.js?v=44-e76cfd07bd&secure=1&cachedVariantChoices=W10-&isPurposePreview=0&eventMetadataExperiment=newMeta&inmobi=0&adx-in-banner-video=1
Requested by: Host: ads.celtra.com
URL: https://ads.celtra.com/ba18906d/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuTvHbDgDd8wMSYEoGUrAq39dRBTc1SJznRY8FK_YN424W4mt4hKbxcucyC1q1nyX6LhhWdh5jdgA2V6aHHHatzAxV0CPmKLZ8TROgBcqvxnLxUw-Ly37rgrl7OaruMQ5YuLubTxJGKwS6djo2kS9Lvpj_8AY06XNr4O2q2zHx_QPOSh1aRzXsHCZjtd8It9PPtmZZSDwxqcf1cyoXhmBuelFGqbnGFtWkovOac6tCJzrLqOmI_EoVnWD8foSgyQU6cYrp9n76PmBOkOmFnGddC8R5lFLYmPREY86CP4Slw7e0zgW6FSW__5uWmJiZsjYzwSNogRosLqvxHvfswe5k0nHbwXzcU6UTkH6oeFbjx7g%26sai%3DAMfl-YS57NJxHRYArN8GIzEkZLPJrVP7X17AHhB7OOiubtctlY8YyYir0XcTZ5nBcdwnt3oIqUprGxGAPa8tzrKMRflNS8-m-AkiS5CGgLOetH56s5A5Xjz_1u0skb-GrA%26sig%3DCg0ArKJSzH__IHz0x64NEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138368021044&externalCreativeId=138368021044&externalPlacementId=22339890152&externalSiteId=22316126855&externalSiteName=darkreading.com&externalLineItemId=6139510966&externalCampaignId=3099799181&externalAdvertiserId=5004764576&coppa=0&scriptId=celtra-script-1&clientTimestamp=1684289612.472&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=15283971821729136
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 12be6226c7fe4ab7fc12d15d0893ec76925dd7e83134c61ba8cd9dc390688a6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 07:22:23 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 67870
x-cache: Hit from cloudfront
server: Apache
etag: W/"e70358466e437068a2b24889b7b6a5450a26a4260a5b924491ba2b485d9531b8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 33187
accept-ranges: bytes
x-amz-cf-id: -yRRKqzgP0jTide3wTtt1yiZwr5KBbMxoXfQfmnLPvfNuLsVA3bcQA==

GET
DATA 200
OK truncated
/ Frame 0029 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 619ffb18-3a81-46f5-bfbd-8a08c761301b
https://www.darkreading.com/ Frame 0029 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.darkreading.com/619ffb18-3a81-46f5-bfbd-8a08c761301b
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length: 167
Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1684289612794&de=768753030108&m=0&ar=fde231f50fe-clean&iw=a6e1dfe&q=23&cb=0&ym=0&cu=1684289612794&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4448790601%3A2827245798%3A5674929725%3A138347225724&zMoatPS=video_v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&bo=22316126855&bp=22339890152&bd=video_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A1158%3A1850%3A3484%3A1157&iq=na&tt=na&fs=203695&na=420690349&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:33 GMT

GET
H2

404

404
www.darkreading.com/ Frame FDAB
Redirect Chain

https://www.darkreading.com/sites/all/themes/penton_core_theme/images/ContentPillar_Welcome_1200.png
https://www.darkreading.com/404

46 KB
46 KB

343ms
342ms

Image
text/html

2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.darkreading.com/404
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84ed2736d108268726b798eee2ec152bdf9e0895eba738da43e74eac01e861e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:33 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-ray: 7c885784cc96373e-FRA

Redirect headers

date: Wed, 17 May 2023 02:13:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: MISS
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/html
location: /404
cache-control: public, max-age=7200
cf-ray: 7c8857822af7373e-FRA
expires: Wed, 17 May 2023 04:13:33 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 21ms
20ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Feu-images.contentstack.com%2Fv3%2Fassets%2Fblt66983808af36a8ef%2Fblt4ff4a7f9bc8e31f7%2F619f4fb0a0cb8076d613e3ba%2FDark_Reading_Logo.svg%3Fquality%3D80%26format%3Djpg%26width%3D222&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qZ6yR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-OXHdlqV6UCoP6g%3D%3D&sc=1&os=1-iQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=62&w=248&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&f=0&j=&t=1684289612573&de=434354446778&cu=1684289612573&m=570&ar=fde231f50fe-clean&iw=a6e1dfe&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3369&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1158%3A1850%3A3484%3A1157&as=0&ag=4&an=0&gf=4&gg=0&ix=4&ic=4&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=4&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=8&cd=0&ah=8&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5137568839%3A3101799994%3A6143667001%3A138433037584&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatPS=welcome_v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-welcome&iq=na&tt=na&tc=0&fs=203695&na=1257908916&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:33 GMT

GET
H2 200 track
t.teads.tv/ 23 B
113 B 125ms
62ms Image
image/gif 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=9009bd1b-e182-42f3-ad5b-bef364968b40&pageId=130102&pid=142873&debug_metadata=HPCUcvPPoH&fv=1188&ts=1684289613199&f=1&referer=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:33 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 114ms
52ms Image
image/gif 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=9009bd1b-e182-42f3-ad5b-bef364968b40&pageId=130102&pid=142873&slot=polymorph&fv=1188&ts=1684289613205&f=1&referer=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Wed, 17 May 2023 02:13:33 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

POST
H2 200 ad Show response
a.teads.tv/page/130102/ 540 B
718 B 56ms
56ms XHR
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/130102/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&auctid=9009bd1b-e182-42f3-ad5b-bef364968b40&formatVersion=1188&env=js-web&netBw=10&ttfb=798
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e7dd16094e5660eb6281a006f32c055e11ddfafc76dc9278d340db803f57171e

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:33 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.darkreading.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 366
expires: Wed, 17 May 2023 02:13:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C7B8 0
0 95ms
53ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305110101&jk=1410518998997751&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame 478D 37 KB
14 KB 46ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 05:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 05:39:02 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 478D 0
10 B 21ms
20ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?PnhXWQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0029 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssWURe-7MBrvrRSc2RpFteNpy_7aT7p2CQ8dOdOKCxpR64j2nQrFkCQCqz5yytUI4U4RthoRnIoHPdIoXBx8RH2l0XYmdXJQsoCmgdkrrF8WBZTbw6csm-lUnbtm6REzpyxlqx8P262yjhDXGoXiZiUqcgjpLAAvNW2M0I0VWpY3Vx8K9CgGAVsF9Bz7VCz_PXco_Cea3m4EzC8W1f8oecunmLPmjSK5XZwqVFG6QadoawGwUkw1LEFfAivb2DI-KVVM2WJtCNJjHhgOD2PPyV7aaBISIdzCG2IUklEd1mnYQBDVGrbtiEi05kzjSWNBhopdPzRPH5iGINtIx_luyPpZmb919kc-_fxaV1Sw9PbDcznyqG&sai=AMfl-YSB-kobHWixMQoJ8rfcLKwx-kOEkRF-Mu14GYAnvRiENsf9j2SpPT8NucD7iXmr5wkElFn83bKwkuTXNj-qR4E18IDVLipnXSqZLGftjoe-WJIlWwFu89fvm7m-Hw&sig=Cg0ArKJSzNL1nhByiBgtEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 17 May 2023 02:13:33 GMT

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjg0Mjg5NjEyeGY5MTUwMDI4MmJkNGNkeDIzMjE1MzA1IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyOTA4Mzg2NTIzMjk0MTIiLCJpbmRleCI6M...
track.celtra.com/json/ 35 B
242 B 499ms
113ms Image
image/gif 54.86.156.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjg0Mjg5NjEyeGY5MTUwMDI4MmJkNGNkeDIzMjE1MzA1IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyOTA4Mzg2NTIzMjk0MTIiLCJpbmRleCI6MCwiY2xpZW50VGltZXN0YW1wIjoxNjg0Mjg5NjEzLjQyNSwibmFtZSI6ImNvbnRhaW5lckJlY2FtZVZpZXdhYmxlIn1dfQ==?crc32c=2136465416
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.156.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-156-61.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Wed, 17 May 2023 02:13:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 3_webfont.woff2
cache-ssl.celtra.com/api/fonts/google/Lato:400/ Frame F5A0 4 KB
4 KB 61ms
21ms Font
application/font-woff2 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/google/Lato:400/3_webfont.woff2?subset=BCDEGILORSTUVW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 4e3544834b91e44441b532b1543211033bbf7dfdb06b1c540c6539ce2f04c806

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 07:46:00 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4127253
x-cache: Hit from cloudfront
content-length: 4052
server: Apache
etag: "4e3544834b91e44441b532b1543211033bbf7dfdb06b1c540c6539ce2f04c806"
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1415853
accept-ranges: bytes
x-amz-cf-id: ISkBbQRFOKaP2OOr2HHqxJb1aP8bsGGvLzHKAiekZyMG-DG_MdsNdA==

GET
H2 200 DR_Sophos_2023-Threat-Report.jpg
cache-ssl.celtra.com/api/blobs/a8ebb8e65380225718e105013b044990bf309124db6a063d2993489fa88cebe9/ Frame F5A0 40 KB
40 KB 23ms
22ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/a8ebb8e65380225718e105013b044990bf309124db6a063d2993489fa88cebe9/DR_Sophos_2023-Threat-Report.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d8f2a6eb1c5b845fbc8ff1d6e3b48b9429d8e320e3925144bc7a07795ab534ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:58:25 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 12824107
x-cache: Hit from cloudfront
content-length: 40672
server: Apache
etag: "d8f2a6eb1c5b845fbc8ff1d6e3b48b9429d8e320e3925144bc7a07795ab534ad"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 19803895
accept-ranges: bytes
x-amz-cf-id: dOa_ulYD9YeZhDpFeP448VmkNl_LwM11_fmrW1u8Gs8NejiQrQLurA==

GET
H2 200 DR_Sophos_Extended-Detection-and-Response.png
cache-ssl.celtra.com/api/blobs/76e8b236cf163e361e7e04c519d560c500713d3dbcbca935fa82314b9708ecad/ Frame F5A0 5 KB
6 KB 24ms
24ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/76e8b236cf163e361e7e04c519d560c500713d3dbcbca935fa82314b9708ecad/DR_Sophos_Extended-Detection-and-Response.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2f27b92b9b966ffdd166be51401f836aa3aa6dac8cdd60736582a14a83f8538f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:31:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 17322143
x-cache: Hit from cloudfront
content-length: 5524
server: Apache
etag: "2f27b92b9b966ffdd166be51401f836aa3aa6dac8cdd60736582a14a83f8538f"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 34012
accept-ranges: bytes
x-amz-cf-id: mQq3C3mna63muKJadKvRThYs-pU7zf6CTLuOcYca_M0jSRjX1B9Ujw==

GET
H2 200 w_soph131c8.jpg
cache-ssl.celtra.com/api/blobs/eebcdb014ca52ef87cab677be63d3383da1cc3bd515e6c05a2b7a2453482a44b/ Frame F5A0 25 KB
25 KB 26ms
26ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/eebcdb014ca52ef87cab677be63d3383da1cc3bd515e6c05a2b7a2453482a44b/w_soph131c8.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: e5836b0f5b9092c9f810ad6ccd9db01c1fcd57889e8222f558d9c2b59b082d7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:39:40 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 112519
x-cache: Hit from cloudfront
content-length: 25237
server: Apache
etag: "e5836b0f5b9092c9f810ad6ccd9db01c1fcd57889e8222f558d9c2b59b082d7c"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 3834183 1621184
accept-ranges: bytes
x-amz-cf-id: Txjsro7IqGu8-PBVlIWbfc52DV98sp0YeZ4cNykIrpccldnj4BVrpg==

GET
H2 200 w_soph132c8.jpg
cache-ssl.celtra.com/api/blobs/6775b06cde3ac0ea81dd4bca3d6f9e2863628455c1ae139c882380f0ae798a06/ Frame F5A0 33 KB
33 KB 29ms
29ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/6775b06cde3ac0ea81dd4bca3d6f9e2863628455c1ae139c882380f0ae798a06/w_soph132c8.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 118804ffb57d9794c6dcb47c2cf07d9468e29c024e34d462517f24b74061300d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:51:51 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 112519
x-cache: Hit from cloudfront
content-length: 33540
server: Apache
etag: "118804ffb57d9794c6dcb47c2cf07d9468e29c024e34d462517f24b74061300d"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 4129189 1149283
accept-ranges: bytes
x-amz-cf-id: f4YmbRNdYZWzEfflqTV9aGJBBu9ISUcblQsalHg-Mn1FXPymLZYZIg==

GET
H2 200 sophos-incident-response-guide.jpg
cache-ssl.celtra.com/api/blobs/3012f852b79f7c7ae122bb767f543ea60e1e286eae21b30549729042b1beab20/ Frame F5A0 161 KB
161 KB 32ms
32ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/3012f852b79f7c7ae122bb767f543ea60e1e286eae21b30549729042b1beab20/sophos-incident-response-guide.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: cf3119fdbf0f06025ca1ee2409e2e10a29785c6184c927084c8da22fc0db2e79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:25:22 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4970889
x-cache: Hit from cloudfront
content-length: 164485
server: Apache
etag: "cf3119fdbf0f06025ca1ee2409e2e10a29785c6184c927084c8da22fc0db2e79"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 886414 1868390
accept-ranges: bytes
x-amz-cf-id: rLokLZlAufSOmHixStU2DqsiSg26ZtjoHoCdq139z30HKHXl_f0Qsw==

GET
H2 200 rss_hover.png
cache-ssl.celtra.com/api/blobs/82a3278077b1fa57b623faca8218253948280aafcfffcf15d53c579aeff15a03/ Frame F5A0 990 B
1 KB 52ms
52ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/82a3278077b1fa57b623faca8218253948280aafcfffcf15d53c579aeff15a03/rss_hover.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2b8322bfccaa5c0aa4a37e06b916b11d517b7a2974ce3cd810ea57ba3a1ffd68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:31:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 17322143
x-cache: Hit from cloudfront
content-length: 990
server: Apache
etag: "2b8322bfccaa5c0aa4a37e06b916b11d517b7a2974ce3cd810ea57ba3a1ffd68"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1770757
accept-ranges: bytes
x-amz-cf-id: YskLotrPb1vXlAha1p1l2amvd0gi4KlCTKuE4utniRFRqo4I9f4zsw==

GET
H2 200 rss.png
cache-ssl.celtra.com/api/blobs/b1cdc0ecb51975dba9ab6759d0985f34bf971d517bb87e169f46d806ce108101/ Frame F5A0 988 B
1 KB 55ms
55ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/b1cdc0ecb51975dba9ab6759d0985f34bf971d517bb87e169f46d806ce108101/rss.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 4e668c3c5ead2707062c31387d0b2fc6883cbff5895585e08d923f3759a33140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:15:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 17323102
x-cache: Hit from cloudfront
content-length: 988
server: Apache
etag: "4e668c3c5ead2707062c31387d0b2fc6883cbff5895585e08d923f3759a33140"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 58885315 49348652
accept-ranges: bytes
x-amz-cf-id: oatgOGly8CJB_b4MTI8bKgbHmAIm-_mtU5JtqqIsqyCmyfZrgo3btw==

GET
H2 200 yt_hover.png
cache-ssl.celtra.com/api/blobs/05c871534a66ba01deefbc75b6ed2f9281993581e903223785a6f6a7ff82bebb/ Frame F5A0 918 B
1 KB 55ms
55ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/05c871534a66ba01deefbc75b6ed2f9281993581e903223785a6f6a7ff82bebb/yt_hover.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 6e504d72d0b8fe63b71774d746594a7d13607ee5313241cc546a1bcd47909677

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 04:30:42 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 682971
x-cache: Hit from cloudfront
content-length: 918
server: Apache
etag: "6e504d72d0b8fe63b71774d746594a7d13607ee5313241cc546a1bcd47909677"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2380009
accept-ranges: bytes
x-amz-cf-id: YQr-vvkjfwqk5k1Z8rf70ZwHPtqgLQ5VUs4M8oMIMCmW3rL8cL4c-Q==

GET
H2 200 yt.png
cache-ssl.celtra.com/api/blobs/13d77e3befd746d58356da2f0b0d1d20af11ba13ea0ca8cd7b73871ef1d40edd/ Frame F5A0 914 B
1 KB 54ms
53ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/13d77e3befd746d58356da2f0b0d1d20af11ba13ea0ca8cd7b73871ef1d40edd/yt.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:13:41 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 17323192
x-cache: Hit from cloudfront
content-length: 914
server: Apache
etag: "8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 90112054
accept-ranges: bytes
x-amz-cf-id: 3tqWhs_YCQUL3FMqR7Pid4AD587m3mF5dT1N7J-pr6JsFUg9NWaqDg==

GET
H2 200 li_hover.png
cache-ssl.celtra.com/api/blobs/e3228348fc17573d7db7d135ba5cf60985157f70dae6643939d3a6686b2aa699/ Frame F5A0 591 B
1 KB 55ms
55ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/e3228348fc17573d7db7d135ba5cf60985157f70dae6643939d3a6686b2aa699/li_hover.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: c19345a03fed44d267abbe2f427bdcd261aa86a447320f15f3eef8e121690794

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:41:22 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 17325130
x-cache: Hit from cloudfront
content-length: 591
server: Apache
etag: "c19345a03fed44d267abbe2f427bdcd261aa86a447320f15f3eef8e121690794"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 4685902
accept-ranges: bytes
x-amz-cf-id: HRXJ4ZxbMtrNpbQlk64HxOMl_sHJbxScwcG66ej28N5rY3XKDIOWgw==

GET
H2 200 li.png
cache-ssl.celtra.com/api/blobs/2e1d1ae5940fbdaa5f95c1c17393175faf02b27a8c6b37dca2419c70113760ab/ Frame F5A0 585 B
1 KB 56ms
55ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/2e1d1ae5940fbdaa5f95c1c17393175faf02b27a8c6b37dca2419c70113760ab/li.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 07:46:01 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4127252
x-cache: Hit from cloudfront
content-length: 585
server: Apache
etag: "d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2695399
accept-ranges: bytes
x-amz-cf-id: 8luylYazbD7heSDCZa_20YmmjOSDLhLQlofM4Do7CNIS5UW-pKxpBw==

GET
H2 200 tw_hover.png
cache-ssl.celtra.com/api/blobs/f0cccd681d168932db801410643c93f0df03370d5c638ab3e4a16e92b80b3aa0/ Frame F5A0 777 B
1 KB 66ms
66ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/f0cccd681d168932db801410643c93f0df03370d5c638ab3e4a16e92b80b3aa0/tw_hover.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 1ace1b17e77ec3828eda87eb3fea3671ce2a0f706426fbd158873546c4f9366e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:13:44 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 17323188
x-cache: Hit from cloudfront
content-length: 777
server: Apache
etag: "1ace1b17e77ec3828eda87eb3fea3671ce2a0f706426fbd158873546c4f9366e"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 101941290
accept-ranges: bytes
x-amz-cf-id: Th_X_-Df0d5aHMijb426WsKVLVfZG74KhS_qIO_ybU7PZcRMksxhRQ==

GET
H2 200 tw.png
cache-ssl.celtra.com/api/blobs/9ad81786e386c3155cbc468769eddcc96e3e991156ad745860288c59c63a417c/ Frame F5A0 781 B
1 KB 56ms
56ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/9ad81786e386c3155cbc468769eddcc96e3e991156ad745860288c59c63a417c/tw.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:41:34 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 17325119
x-cache: Hit from cloudfront
content-length: 781
server: Apache
etag: "308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 35553383
accept-ranges: bytes
x-amz-cf-id: d1Y69mynTwWmMJZE8rQAcjvQcaZ_4oaGXi0UK4C1QxyhRgIsnzuPnA==

GET
H2 200 fb_hover.png
cache-ssl.celtra.com/api/blobs/652ab50d0e331e4269bb4d847fcc5a5a4e3def07bb1ebca4d2d6fda889e52604/ Frame F5A0 348 B
865 B 66ms
66ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/652ab50d0e331e4269bb4d847fcc5a5a4e3def07bb1ebca4d2d6fda889e52604/fb_hover.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 9250f0b586e89674ec647d8dfb6fe7aedcb588be13ebb6aeb1286efa9d3cfb39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:11:04 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 17323348
x-cache: Hit from cloudfront
content-length: 348
server: Apache
etag: "9250f0b586e89674ec647d8dfb6fe7aedcb588be13ebb6aeb1286efa9d3cfb39"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 54493221 55607330
accept-ranges: bytes
x-amz-cf-id: -uZw3ODxXGViHNI_KhBxelDC_cgXTjnGuQbg40a-osMJx4s8ybIxoQ==

GET
H2 200 fb.png
cache-ssl.celtra.com/api/blobs/44f24c3edfffb11dd41284fe3c7bddb08dc29236aa3509e3a243c10f9804b28d/ Frame F5A0 348 B
848 B 64ms
64ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/44f24c3edfffb11dd41284fe3c7bddb08dc29236aa3509e3a243c10f9804b28d/fb.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:21:07 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5003546
x-cache: Hit from cloudfront
content-length: 348
server: Apache
etag: "e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 16308006
accept-ranges: bytes
x-amz-cf-id: WnCcAOd3RKCqI0crbT_RAkFNfTFu9LkGN4Ddx4wpPpCCs7h0NeIWWw==

GET
H2 200 sophos-logo-blue-rgb.png
cache-ssl.celtra.com/api/blobs/5fe443e06af1a176d1a4b198892695d2b9c3001bfd898280f1f30fe11de7e391/ Frame F5A0 2 KB
3 KB 56ms
56ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/5fe443e06af1a176d1a4b198892695d2b9c3001bfd898280f1f30fe11de7e391/sophos-logo-blue-rgb.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2936fe13574318d83664642a376fa2fb1701a6b54af72ba96c3ee0ea3e975814

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 06:18:01 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 13722931
x-cache: Hit from cloudfront
content-length: 2145
server: Apache
etag: "2936fe13574318d83664642a376fa2fb1701a6b54af72ba96c3ee0ea3e975814"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2093189 1290029
accept-ranges: bytes
x-amz-cf-id: 2CAYgyiMXlzgT0RiThh-JYXqwTjYFL40_5HeAkfB4NUWyrdhbUmB8A==

GET
H2 200 sophos-logo-blue-rgb.png
cache-ssl.celtra.com/api/blobs/5fe443e06af1a176d1a4b198892695d2b9c3001bfd898280f1f30fe11de7e391/ Frame F5A0 2 KB
3 KB 25ms
25ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/5fe443e06af1a176d1a4b198892695d2b9c3001bfd898280f1f30fe11de7e391/sophos-logo-blue-rgb.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2936fe13574318d83664642a376fa2fb1701a6b54af72ba96c3ee0ea3e975814

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 06:18:01 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 13722931
x-cache: Hit from cloudfront
content-length: 2145
server: Apache
etag: "2936fe13574318d83664642a376fa2fb1701a6b54af72ba96c3ee0ea3e975814"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2093189 1290029
accept-ranges: bytes
x-amz-cf-id: wyiRLNlgVNl_mwGJHedYpjX6OjKRO6FQ2qfwxjGoa58_Hpu_TtgbNg==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/a8ebb8e65380225718e105013b044990bf309124db6a063d2993489fa88cebe9/DR_Sophos_2023-Threat-Report.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d8f2a6eb1c5b845fbc8ff1d6e3b48b9429d8e320e3925144bc7a07795ab534ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:58:25 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 12824107
x-cache: Hit from cloudfront
content-length: 40672
server: Apache
etag: "d8f2a6eb1c5b845fbc8ff1d6e3b48b9429d8e320e3925144bc7a07795ab534ad"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 19803895
accept-ranges: bytes
x-amz-cf-id: HQbSilEKQbRxjMh0A4DN8rCnm1yZos5dSXK8zmVk55FuPUTjbXdUow==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/76e8b236cf163e361e7e04c519d560c500713d3dbcbca935fa82314b9708ecad/DR_Sophos_Extended-Detection-and-Response.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2f27b92b9b966ffdd166be51401f836aa3aa6dac8cdd60736582a14a83f8538f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:31:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 17322143
x-cache: Hit from cloudfront
content-length: 5524
server: Apache
etag: "2f27b92b9b966ffdd166be51401f836aa3aa6dac8cdd60736582a14a83f8538f"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 34012
accept-ranges: bytes
x-amz-cf-id: ljWay6P8hAbdHaozhGHVSzgItsTjVwZzmrSnch7JtnrtAzTr6BZWPA==

GET
H2 200 w_soph131c8.jpg
cache-ssl.celtra.com/api/blobs/eebcdb014ca52ef87cab677be63d3383da1cc3bd515e6c05a2b7a2453482a44b/ Frame F5A0 25 KB
25 KB 29ms
29ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/eebcdb014ca52ef87cab677be63d3383da1cc3bd515e6c05a2b7a2453482a44b/w_soph131c8.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: e5836b0f5b9092c9f810ad6ccd9db01c1fcd57889e8222f558d9c2b59b082d7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:39:40 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 112519
x-cache: Hit from cloudfront
content-length: 25237
server: Apache
etag: "e5836b0f5b9092c9f810ad6ccd9db01c1fcd57889e8222f558d9c2b59b082d7c"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 3834183 1621184
accept-ranges: bytes
x-amz-cf-id: CWSH57eUE8yDn0tLnCeHnGd1khXWPlitJ4EBBZwlBegGhV2Yip-ZRw==

GET
H2 200 w_soph132c8.jpg
cache-ssl.celtra.com/api/blobs/6775b06cde3ac0ea81dd4bca3d6f9e2863628455c1ae139c882380f0ae798a06/ Frame F5A0 33 KB
33 KB 26ms
26ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/6775b06cde3ac0ea81dd4bca3d6f9e2863628455c1ae139c882380f0ae798a06/w_soph132c8.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 118804ffb57d9794c6dcb47c2cf07d9468e29c024e34d462517f24b74061300d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:51:51 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 112519
x-cache: Hit from cloudfront
content-length: 33540
server: Apache
etag: "118804ffb57d9794c6dcb47c2cf07d9468e29c024e34d462517f24b74061300d"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 4129189 1149283
accept-ranges: bytes
x-amz-cf-id: qNYQmw_vfXTiLxtChUZhJ9wuzreRMMFqIq7QuOb1pVmR5OQm65hhqw==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/3012f852b79f7c7ae122bb767f543ea60e1e286eae21b30549729042b1beab20/sophos-incident-response-guide.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: cf3119fdbf0f06025ca1ee2409e2e10a29785c6184c927084c8da22fc0db2e79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:25:22 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4970889
x-cache: Hit from cloudfront
content-length: 164485
server: Apache
etag: "cf3119fdbf0f06025ca1ee2409e2e10a29785c6184c927084c8da22fc0db2e79"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 886414 1868390
accept-ranges: bytes
x-amz-cf-id: 7o7fD_oDGNd93vrKA9i_RInTxcc_-tSDyAYRi52kqW6usuvWFUhg2w==

GET
H2 200 rss.png
cache-ssl.celtra.com/api/blobs/b1cdc0ecb51975dba9ab6759d0985f34bf971d517bb87e169f46d806ce108101/ Frame F5A0 988 B
1 KB 36ms
35ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/b1cdc0ecb51975dba9ab6759d0985f34bf971d517bb87e169f46d806ce108101/rss.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 4e668c3c5ead2707062c31387d0b2fc6883cbff5895585e08d923f3759a33140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:15:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 17323102
x-cache: Hit from cloudfront
content-length: 988
server: Apache
etag: "4e668c3c5ead2707062c31387d0b2fc6883cbff5895585e08d923f3759a33140"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 58885315 49348652
accept-ranges: bytes
x-amz-cf-id: K7U1ZnQpZrpfOKB3L7S9bal4cbHD3lPP5SJ4XdYoilhWWmKNST2lpA==

GET
H2 200 yt.png
cache-ssl.celtra.com/api/blobs/13d77e3befd746d58356da2f0b0d1d20af11ba13ea0ca8cd7b73871ef1d40edd/ Frame F5A0 914 B
1 KB 24ms
23ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/13d77e3befd746d58356da2f0b0d1d20af11ba13ea0ca8cd7b73871ef1d40edd/yt.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:13:41 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 17323192
x-cache: Hit from cloudfront
content-length: 914
server: Apache
etag: "8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 90112054
accept-ranges: bytes
x-amz-cf-id: afsWgOlg6tcYVGUMLy9-0bZxodhwDdkygPDFkomtQBcBVvr9jKm-dg==

GET
H2 200 li.png
cache-ssl.celtra.com/api/blobs/2e1d1ae5940fbdaa5f95c1c17393175faf02b27a8c6b37dca2419c70113760ab/ Frame F5A0 585 B
1 KB 24ms
24ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/2e1d1ae5940fbdaa5f95c1c17393175faf02b27a8c6b37dca2419c70113760ab/li.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 07:46:01 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4127252
x-cache: Hit from cloudfront
content-length: 585
server: Apache
etag: "d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2695399
accept-ranges: bytes
x-amz-cf-id: 6VtklKb4JpttkZEFnIpSsU5-IH8upZij7R9AWQMaaigo2_xiT61jlg==

GET
H2 200 tw.png
cache-ssl.celtra.com/api/blobs/9ad81786e386c3155cbc468769eddcc96e3e991156ad745860288c59c63a417c/ Frame F5A0 781 B
1 KB 28ms
27ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/9ad81786e386c3155cbc468769eddcc96e3e991156ad745860288c59c63a417c/tw.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:41:34 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 17325119
x-cache: Hit from cloudfront
content-length: 781
server: Apache
etag: "308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 35553383
accept-ranges: bytes
x-amz-cf-id: Q6F6sPajLpiin0x7F6PWHs4vrMzuzh5oCW9Bdh-10e63gHxe4cM4uw==

GET
H2 200 fb.png
cache-ssl.celtra.com/api/blobs/44f24c3edfffb11dd41284fe3c7bddb08dc29236aa3509e3a243c10f9804b28d/ Frame F5A0 348 B
847 B 29ms
28ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/44f24c3edfffb11dd41284fe3c7bddb08dc29236aa3509e3a243c10f9804b28d/fb.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:21:07 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5003546
x-cache: Hit from cloudfront
content-length: 348
server: Apache
etag: "e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 16308006
accept-ranges: bytes
x-amz-cf-id: FPcy0ThFJo7iZ7Zhmd2Ozo4319MreAr7w452pg4EG3cd3JmVMZVSIg==

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjg0Mjg5NjEyeGY5MTUwMDI4MmJkNGNkeDIzMjE1MzA1IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyOTA4Mzg2NTIzMjk0MTIiLCJpbmRleCI6M...
track.celtra.com/json/ 35 B
242 B 364ms
112ms Image
image/gif 54.86.156.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjg0Mjg5NjEyeGY5MTUwMDI4MmJkNGNkeDIzMjE1MzA1IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyOTA4Mzg2NTIzMjk0MTIiLCJpbmRleCI6MSwiY2xpZW50VGltZXN0YW1wIjoxNjg0Mjg5NjEzLjQzNiwic2NvcGUiOiJnbG9iYWwiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi45MiBTYWZhcmkvNTM3LjM2Iiwib3JpZW50YXRpb24iOjAsInRvcG1vc3RSZWFjaGFibGVXaW5kb3ciOnsid2lkdGgiOjE2MDAsImhlaWdodCI6MTIwMH0sImhvc3RXaW5kb3ciOnsid2lkdGgiOjUsImhlaWdodCI6NX0sIm5lc3RpbmciOnsiaWZyYW1lIjp0cnVlLCJmcmllbmRseUlmcmFtZSI6dHJ1ZSwiaWFiRnJpZW5kbHlJZnJhbWUiOnRydWUsImhvc3RpbGVJZnJhbWUiOmZhbHNlLCJpZnJhbWVEZXB0aCI6MX0sInBhZ2VWaXNpYmlsaXR5QXBpIjp0cnVlLCJyZXF1ZXN0QW5pbWF0aW9uRnJhbWUiOnRydWUsInRvcFdpbmRvd05hdGl2ZVJBRlN1cHBvcnRlZCI6ZmFsc2UsImFsbG93Tm9uTmF0aXZlUkFGRm9yVmlld2FibGVUaW1lVXNlZCI6ZmFsc2UsImNsaWVudFRpbWVab25lT2Zmc2V0SW5NaW51dGVzIjowLCJzdXBwb3J0c0NvbnRhaW5lclZpZXdhYmlsaXR5Ijp0cnVlLCJzdXBwb3J0c0NvbnRhaW5lckluaXRpYWxWaWV3YWJpbGl0eSI6dHJ1ZSwidGFnUGFyZW50V2lkdGgiOjAsInRhZ1BhcmVudEhlaWdodCI6MCwiYW1wRGV0ZWN0ZWQiOmZhbHNlLCJhbXBOZXN0aW5nTGV2ZWwiOiIiLCJzYWZlRnJhbWVEZXRlY3RlZCI6ZmFsc2UsImZldGNoU3VwcG9ydGVkIjp0cnVlLCJhc2FwRW5hYmxlZCI6bnVsbCwibmF0aXZlUHJvbWlzZXNTdXBwb3J0ZWQiOnRydWUsImJlYWNvblN1cHBvcnRlZCI6dHJ1ZSwiSW50ZXJzZWN0aW9uT2JzZXJ2ZXJTdXBwb3J0ZWQiOnRydWUsImlzTXV0YXRpb25PYnNlcnZlclN1cHBvcnRlZCI6dHJ1ZSwid2ViVmlldyI6bnVsbCwiaXNXaW5kb3dPcGVuTmF0aXZlIjp0cnVlLCJwcm90b0xvYWRpbmciOnsiZGF0YUxvYWRTdGF0dXMiOiJzdXBwb3J0ZWQiLCJibG9iTG9hZFN0YXR1cyI6InN1cHBvcnRlZCJ9LCJ0b3BXaW5kb3dMb2NhdGlvbiI6Imh0dHBzOi8vd3d3LmRhcmtyZWFkaW5nLmNvbSIsInRvcFdpbmRvd0xvY2F0aW9uTGVuZ3RoIjoyNywibmFtZSI6ImVudmlyb25tZW50SW5mbyJ9LHsic2Vzc2lvbklkIjoiczE2ODQyODk2MTJ4ZjkxNTAwMjgyYmQ0Y2R4MjMyMTUzMDUiLCJhY2NvdW50SWQiOiI0NGI3NGIzNSIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjI5MDgzODY1MjMyOTQxMiIsImluZGV4IjoyLCJjbGllbnRUaW1lc3RhbXAiOjE2ODQyODk2MTMuNjYyLCJuYW1lIjoiY3JlYXRpdmVMb2FkZWQiLCJ2aWV3YWJpbGl0eTAwTWVhc3VyYWJsZSI6dHJ1ZSwidmlld2FiaWxpdHk1MDFNZWFzdXJhYmxlIjp0cnVlLCJ2aWV3YWJsZVRpbWVNZWFzdXJhYmxlIjpmYWxzZSwiY2RuVmFyaWFudCI6Im5vbmUifSx7InNlc3Npb25JZCI6InMxNjg0Mjg5NjEyeGY5MTUwMDI4MmJkNGNkeDIzMjE1MzA1IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyOTA4Mzg2NTIzMjk0MTIiLCJpbmRleCI6MywiY2xpZW50VGltZXN0YW1wIjoxNjg0Mjg5NjEzLjY3OSwibmFtZSI6InZpZXdwb3J0UGxhY2VtZW50R2VvbWV0cnkiLCJwYWdlRGltZW5zaW9ucyI6eyJoZWlnaHQiOjM5NDgsIndpZHRoIjoxNjAwfSwidmlld3BvcnRQb3NpdGlvblJlY3QiOnsid2lkdGgiOjE2MDAsImhlaWdodCI6MTIwMCwibGVmdCI6MCwidG9wIjowfSwiZmlyc3RQbGFjZW1lbnRQb3NpdGlvblJlY3QiOnsibGVmdCI6OTg4LCJ0b3AiOjI5Niwid2lkdGgiOjMwMCwiaGVpZ2h0Ijo2MDB9fV19?crc32c=2039392492
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.156.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-156-61.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Wed, 17 May 2023 02:13:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 user_timeline Show response
cache-ssl.celtra.com/api/twitter/statuses/ Frame F5A0 57 KB
57 KB 22ms
22ms Script
application/javascript 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/twitter/statuses/user_timeline?screen_name=Sophos&jsonp=jsonp_celtra_twitter_proxy_366
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 8d8be0b015e37c3f8fa5783f53b59ea2bce04b97642a944ea6e6ef3ddf3ed9e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:06:03 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 450
x-cache: Hit from cloudfront
content-length: 57885
server: Apache
etag: W/"d7271868e531c73723c8a5a04de905ffd1b8f9618adc66bb55e016bbbbaf9c81"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=900
access-control-allow-credentials: false
x-varnish: 1159643 2435769
accept-ranges: bytes
x-amz-cf-id: bp8a3qWDdf4ClphQvy5jxBdocdwJpfvcIWdTrEXRPKDNvANUQiZmUA==

GET
H3 200 iframe_api Show response
www.youtube.com/ Frame F5A0 1 KB
559 B 39ms
38ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce9c18a953a2eeb6d5efef7d4c04f4d73b055d3789152cbf42bd1b4dfd7e167b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:13:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 17 May 2023 02:13:33 GMT

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjg0Mjg5NjEyeGY5MTUwMDI4MmJkNGNkeDIzMjE1MzA1IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyOTA4Mzg2NTIzMjk0MTIiLCJpbmRleCI6N...
track.celtra.com/json/ 35 B
242 B 340ms
114ms Image
image/gif 54.86.156.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjg0Mjg5NjEyeGY5MTUwMDI4MmJkNGNkeDIzMjE1MzA1IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyOTA4Mzg2NTIzMjk0MTIiLCJpbmRleCI6NCwiY2xpZW50VGltZXN0YW1wIjoxNjg0Mjg5NjEzLjY5OCwibmFtZSI6InZpZXdhYmxlMDAiLCJjcml0ZXJpb24iOnsibmFtZSI6IkNvcmUiLCJyYXRpbyI6MCwidGltZSI6MH19LHsic2Vzc2lvbklkIjoiczE2ODQyODk2MTJ4ZjkxNTAwMjgyYmQ0Y2R4MjMyMTUzMDUiLCJhY2NvdW50SWQiOiI0NGI3NGIzNSIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjI5MDgzODY1MjMyOTQxMiIsImluZGV4Ijo1LCJjbGllbnRUaW1lc3RhbXAiOjE2ODQyODk2MTMuNywidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOm51bGwsInNjcmVlbkxvY2FsSWQiOjEzNjgsInNjcmVlblRpdGxlIjoiUmVzb3VyY2VzIiwic2NyZWVuSXNNYXN0ZXIiOmZhbHNlLCJvYmplY3RMb2NhbElkIjpudWxsLCJvYmplY3ROYW1lIjpudWxsLCJvYmplY3RDbGF6eiI6bnVsbCwiaW5pdGlhdGlvblRpbWVzdGFtcCI6MTY4NDI4OTYxMy43LCJuYW1lIjoic2NyZWVuU2hvd24ifSx7InNlc3Npb25JZCI6InMxNjg0Mjg5NjEyeGY5MTUwMDI4MmJkNGNkeDIzMjE1MzA1IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyOTA4Mzg2NTIzMjk0MTIiLCJpbmRleCI6NiwiY2xpZW50VGltZXN0YW1wIjoxNjg0Mjg5NjEzLjcsIm5hbWUiOiJjcmVhdGl2ZVJlbmRlcmVkIn1dfQ==?crc32c=703892222
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.156.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-156-61.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Wed, 17 May 2023 02:13:34 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 yt_hover.png
cache-ssl.celtra.com/api/blobs/05c871534a66ba01deefbc75b6ed2f9281993581e903223785a6f6a7ff82bebb/ Frame F5A0 918 B
1 KB 22ms
20ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/05c871534a66ba01deefbc75b6ed2f9281993581e903223785a6f6a7ff82bebb/yt_hover.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 6e504d72d0b8fe63b71774d746594a7d13607ee5313241cc546a1bcd47909677

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 04:30:42 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 682971
x-cache: Hit from cloudfront
content-length: 918
server: Apache
etag: "6e504d72d0b8fe63b71774d746594a7d13607ee5313241cc546a1bcd47909677"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2380009
accept-ranges: bytes
x-amz-cf-id: s26IOV0Qoco6KuE2JYbUmCc4JX0y9Ix9VL3Y-09yaA3nXoC8bdk-PA==

GET
H2 200 yt.png
cache-ssl.celtra.com/api/blobs/13d77e3befd746d58356da2f0b0d1d20af11ba13ea0ca8cd7b73871ef1d40edd/ Frame F5A0 914 B
1 KB 23ms
21ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/13d77e3befd746d58356da2f0b0d1d20af11ba13ea0ca8cd7b73871ef1d40edd/yt.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:13:41 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 17323192
x-cache: Hit from cloudfront
content-length: 914
server: Apache
etag: "8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 90112054
accept-ranges: bytes
x-amz-cf-id: -HD389LdJC4dXu05rYQzX2afVqoLfsOCf_zMDDkbZY1AtYdad25HCQ==

GET
H2 200 li_hover.png
cache-ssl.celtra.com/api/blobs/e3228348fc17573d7db7d135ba5cf60985157f70dae6643939d3a6686b2aa699/ Frame F5A0 591 B
1 KB 23ms
22ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/e3228348fc17573d7db7d135ba5cf60985157f70dae6643939d3a6686b2aa699/li_hover.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: c19345a03fed44d267abbe2f427bdcd261aa86a447320f15f3eef8e121690794

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:41:22 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 17325130
x-cache: Hit from cloudfront
content-length: 591
server: Apache
etag: "c19345a03fed44d267abbe2f427bdcd261aa86a447320f15f3eef8e121690794"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 4685902
accept-ranges: bytes
x-amz-cf-id: o3-sDhN_GVWjjU5I_ukBT7PIiDGbOA5_XenfLp58P92iYsUCXASxrg==

GET
H2 200 li.png
cache-ssl.celtra.com/api/blobs/2e1d1ae5940fbdaa5f95c1c17393175faf02b27a8c6b37dca2419c70113760ab/ Frame F5A0 585 B
1 KB 24ms
22ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/2e1d1ae5940fbdaa5f95c1c17393175faf02b27a8c6b37dca2419c70113760ab/li.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 07:46:01 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4127252
x-cache: Hit from cloudfront
content-length: 585
server: Apache
etag: "d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2695399
accept-ranges: bytes
x-amz-cf-id: ZBWHJsg6ffOgP5biEYKalPL7Ar9NlE2Ov8ez-LOpgMkYArgoMJuj6w==

GET
H2 200 fb_hover.png
cache-ssl.celtra.com/api/blobs/652ab50d0e331e4269bb4d847fcc5a5a4e3def07bb1ebca4d2d6fda889e52604/ Frame F5A0 348 B
855 B 24ms
23ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/652ab50d0e331e4269bb4d847fcc5a5a4e3def07bb1ebca4d2d6fda889e52604/fb_hover.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 9250f0b586e89674ec647d8dfb6fe7aedcb588be13ebb6aeb1286efa9d3cfb39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:11:04 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 17323348
x-cache: Hit from cloudfront
content-length: 348
server: Apache
etag: "9250f0b586e89674ec647d8dfb6fe7aedcb588be13ebb6aeb1286efa9d3cfb39"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 54493221 55607330
accept-ranges: bytes
x-amz-cf-id: r_2HnGzaFIZkHM3CyscE1nW5eLWsMQpemCMuczn8j-D93YsadcRm6w==

GET
H2 200 fb.png
cache-ssl.celtra.com/api/blobs/44f24c3edfffb11dd41284fe3c7bddb08dc29236aa3509e3a243c10f9804b28d/ Frame F5A0 348 B
848 B 24ms
23ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/44f24c3edfffb11dd41284fe3c7bddb08dc29236aa3509e3a243c10f9804b28d/fb.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:21:07 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5003546
x-cache: Hit from cloudfront
content-length: 348
server: Apache
etag: "e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 16308006
accept-ranges: bytes
x-amz-cf-id: 1_r1oQbEMXB3eUR7hwQcLZGG0L9tqs_CbRZKtXIQQ9bdPJz3x1lOsg==

GET
H2 200 rss_hover.png
cache-ssl.celtra.com/api/blobs/82a3278077b1fa57b623faca8218253948280aafcfffcf15d53c579aeff15a03/ Frame F5A0 990 B
1 KB 25ms
24ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/82a3278077b1fa57b623faca8218253948280aafcfffcf15d53c579aeff15a03/rss_hover.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2b8322bfccaa5c0aa4a37e06b916b11d517b7a2974ce3cd810ea57ba3a1ffd68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:31:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 17322143
x-cache: Hit from cloudfront
content-length: 990
server: Apache
etag: "2b8322bfccaa5c0aa4a37e06b916b11d517b7a2974ce3cd810ea57ba3a1ffd68"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1770757
accept-ranges: bytes
x-amz-cf-id: 0MYtPQpK6W5DBKfe0VAJd7AZSQX_0ihTEb1Ojg24UAORDA469Fr4vg==

GET
H2 200 tw.png
cache-ssl.celtra.com/api/blobs/9ad81786e386c3155cbc468769eddcc96e3e991156ad745860288c59c63a417c/ Frame F5A0 781 B
1 KB 24ms
23ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/9ad81786e386c3155cbc468769eddcc96e3e991156ad745860288c59c63a417c/tw.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:41:34 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 17325119
x-cache: Hit from cloudfront
content-length: 781
server: Apache
etag: "308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 35553383
accept-ranges: bytes
x-amz-cf-id: 5YVyjvC26NBSwdacoaLU2FSiBZ-cgyB-DjbNdjsuxDmzB9EHOnid5Q==

GET
H2 200 tw_hover.png
cache-ssl.celtra.com/api/blobs/f0cccd681d168932db801410643c93f0df03370d5c638ab3e4a16e92b80b3aa0/ Frame F5A0 777 B
1 KB 24ms
24ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/f0cccd681d168932db801410643c93f0df03370d5c638ab3e4a16e92b80b3aa0/tw_hover.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 1ace1b17e77ec3828eda87eb3fea3671ce2a0f706426fbd158873546c4f9366e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:13:44 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 17323188
x-cache: Hit from cloudfront
content-length: 777
server: Apache
etag: "1ace1b17e77ec3828eda87eb3fea3671ce2a0f706426fbd158873546c4f9366e"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 101941290
accept-ranges: bytes
x-amz-cf-id: WrHUkWJfQrU2rv8w6EhJ7DOKSTEyuWU90hxeNXn_wN1C8VAF8cu2ig==

GET
H2 200 rss.png
cache-ssl.celtra.com/api/blobs/b1cdc0ecb51975dba9ab6759d0985f34bf971d517bb87e169f46d806ce108101/ Frame F5A0 988 B
1 KB 24ms
24ms Image
image/png 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/b1cdc0ecb51975dba9ab6759d0985f34bf971d517bb87e169f46d806ce108101/rss.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 4e668c3c5ead2707062c31387d0b2fc6883cbff5895585e08d923f3759a33140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:15:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 17323102
x-cache: Hit from cloudfront
content-length: 988
server: Apache
etag: "4e668c3c5ead2707062c31387d0b2fc6883cbff5895585e08d923f3759a33140"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 58885315 49348652
accept-ranges: bytes
x-amz-cf-id: _9Wl37lX24zaI3Vl5RlTA2L3SkKLqRiYwSoXUX3yrKvZT6L4_Diw9w==

GET
H2 200 8ec7eeb9565eac7df7bc780ed5a35e56df0ba6c8522262e69f565a31717e7fb7
cache-ssl.celtra.com/api/videoThumb/ Frame F5A0 4 KB
4 KB 24ms
24ms Image
image/jpeg 18.66.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/videoThumb/8ec7eeb9565eac7df7bc780ed5a35e56df0ba6c8522262e69f565a31717e7fb7?position=50&transform=crush&resize=nullx200&quality=90&colorAccurate=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-49.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 1525351d3893be6380f4274e46148720c51d967e58b4b3fdd942a77c40add3cb

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:31:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 17322142
x-cache: Hit from cloudfront
content-length: 4057
server: Apache
etag: "1525351d3893be6380f4274e46148720c51d967e58b4b3fdd942a77c40add3cb"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 329290
accept-ranges: bytes
x-amz-cf-id: behURDzdQ4Y8tfpZ6KWW2nk_avwWR8ZOR3YnhOurWlXxBxsmj5iwKA==

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FDAB 42 B
174 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskgjKKOSTr69ZnhjIe9X31ipy7h4B55zXLmQl2ov5QmNenZ8mSmqYFH7k3CWvops8st6gdKA5SDC1jYSJjbvdaH-5jenDoKu_BL-ypE2rq3lvwZLha&sig=Cg0ArKJSzGGIHeeY5DjNEAE&id=lidar2&mcvt=1017&p=0,0,1200,1600&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20230515&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2734278250&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684289612301&rpt=410&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gJYmF_1N_normal.jpg
pbs.twimg.com/profile_images/1512056237537607694/ Frame F5A0 2 KB
2 KB 63ms
20ms Image
image/jpeg 2a04:4e42:8d::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1512056237537607694/gJYmF_1N_normal.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6091defa8440cb54c820ff6b73e47842002d99015048223b8587275245b2dbd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Wed, 17 May 2023 02:13:33 GMT
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1883
x-served-by: cache-lhr7357-LHR, cache-fra-eddf8230090-FRA, cache-tw-ZZZ1
last-modified: Thu, 07 Apr 2022 13:12:34 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: ffa6e977417084b2
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/cfa9e7cb/www-widgetapi.vflset/ Frame F5A0 185 KB
57 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/cfa9e7cb/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14f5566d4c764cd781dad9a4f1a9530797597bac11661a2b8def07c4e59f1985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 17 May 2023 02:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58043
x-xss-protection: 0
last-modified: Wed, 10 May 2023 01:29:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 May 2024 02:05:26 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 21ms
20ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=3&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.darkreading.com%2F%2Fthreat-intelligence%2F-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qZ6yR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-OXHdlqV6UCoP6g%3D%3D&sc=1&os=1-iQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&f=0&j=&t=1684289612781&de=914414386184&cu=1684289612781&m=1009&ar=fde231f50fe-clean&iw=a6e1dfe&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3948&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1158%3A1850%3A3484%3A1157&as=0&ag=4&an=0&gf=4&gg=0&ix=4&ic=4&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=4&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=7&cd=0&ah=7&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5004764576%3A3099799181%3A6139510966%3A138368021044&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatDfpSlotId=12_x84zof1ya8000000x84zof1ya8000000x84&hv=Celtra%20API&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=12_x84zof1ya8000000x84zof1ya8000000x84&iq=na&tt=na&tc=0&fs=203695&na=1402661419&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:33 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E268 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVIED5651vHEkmVk7gFwaklwORcvDX-zM7GiFzej921Gi7IW-irf0o4budeyoYW3Ybu8o2TtIYRkljOtstLXcXGBL3nlGX67Z-lnDr4on10BO9O5Xz&sig=Cg0ArKJSzKm9rOSQI52PEAE&id=lidar2&mcvt=1001&p=337,988,588,1289&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230515&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4270765103&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684289612369&rpt=392&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A598 42 B
64 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKEZ4ZXLeVzdSGpwoej_gms00GTbuip7b3UD2f2C4ypui2MRPs10hT42iNQox-ORerDZaig_6HQ9resLtcRkQjYcG-1s-Xx_j2xG4N7JJQZAgsXVll&sig=Cg0ArKJSzIFhFOu9hA8WEAE&id=lidar2&mcvt=1003&p=126,436,216,1164&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230515&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2365694968&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684289612409&rpt=335&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5416 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwLk8w-zbsS2mmzDeBhdYuQ58iES4qOYwHXCyRt2Uq033oA9F90WuTFkq__t-Jg0D5e7xZC7yBaFM9hGY8k2ccD3968yuq8kFvz8Nkho11zVuWCyjD&sig=Cg0ArKJSzIgq9mjfK_dfEAE&id=lidar2&mcvt=1000&p=1115,308,1116,309&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230515&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1698320716&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684289612447&rpt=378&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
55ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305110101&jk=1410518998997751&bg=!lpWllcHNAAYldGN0BXQ7ADkAdvg8WoLS3FvPnYavH1waNzayCj-cdJ2FjVPjO6dOpnQKIsORjUHnS6TImhOxg_xcj6EmzVhu24cCAAAAdlIAAAADaAEHCgB4pyCVQ5wzjA-cH5O6N-IYlpp55sXXvTCteT3DX2oyM6jFOxfL0cy9O-yqWcg_k14XPwrfb3atLToO-OJhd2s_sPRatkySj0eAtp7kILTOVFHAEJynkHT4uU0jkcioeR2KfWYbbFTCaz3JGSwFzuyB23G6dJth62xemQKeCWs6Vkj2h0TTXUYf7eiompFlAEYOQhoC9cQMQrp0XWpj3YLzXMDWYdVBMx36TcZlB8jXL-9yRefZl-gUFEp05ZignmXlvXTYVCW0-hAiypjjeN9PupNUftIkeq33H8JInipxTWrPTL6DyP61T4mjArYWjnDTRWgVbbuoV1X12eONNpW6HUMp1pDxK8u7T2HKF41Aa6gtXVNJAJgrLnEkv_0OICL5BX3GzKP-gjy1zv-b1Nk1hdgowpv5Tm2JNYfARsTMPksR-OoGCf2-GSlD7p7QZNIzSIp7rvN3idWgt62jv_q6Ya-L4Pl-2YYpQDvw3M2LpyIVLR_T9Us74VHceiH09MSLXQJ6tWWLL7b7XSt-0G3sQ8z57MxeXUK0i1Ty0IW6Xsi9Zk4ZPCb2o6YJUKxj8DRqAu5HBNDQGmdqUI2P6tniec9R24EwdB_8jXT22VKaCC3TkzMZXBhs3aBnMmD-oB4hWfr0HGn6a6OJd6WZmbd6cggR0_sG0pNFCBvdKoPQSnPPSXJsjn8BIfRQknDpmwHX9zyYZjSwJoVKPpUwhShzE6gVvGRBrj9w5-APEcrEXX4AcVh0MA6hVTWYxqFDHy-deCNOIFIkH-5SbrO0bixbzbICZhY3iJMco6FCJCftjgaDJOx0uHYmdq35eJQaxbVndwTJ0DPtMAgA9D71h3aPyYT5A-0Ugimpt3sBhtTORTyhgklOVwgbIJirIVeiS4Ib2YwQvengyi4STH3LqsFlCzlajSKg5p24rLywE5oesTPjoHHsVIPs3bvpphQ3XRBaw7zkL9atlQ_zcFIxxDnwTsOy6FNkXJZ5vhs54PkWhYQUII8VOu961ojDNE830cXHpyUEJ8GHix-GCdIWA9teyuFkmc4QKQ3qqQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 21ms
20ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qZ6yR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-OXHdlqV6UCoP6g%3D%3D&sc=1&os=1-iQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=251&w=301&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&f=0&j=&t=1684289612764&de=818947933583&cu=1684289612764&m=1214&ar=fde231f50fe-clean&iw=a6e1dfe&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3948&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1158%3A1850%3A3484%3A1157&as=1&ag=1201&an=2&gi=1&gf=1201&gg=2&ix=1201&ic=1201&ez=1&ck=1201&kw=1000&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1201&bx=2&ci=1201&jz=1000&dj=1&aa=1&ad=1022&cn=0&gn=1&gk=1022&gl=0&ik=1022&co=1022&cp=1000&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1000&cd=3&ah=1000&am=3&xd=00&rf=0&re=1&ft=1022&fv=0&fw=1022&wb=1&cl=0&at=0&d=5004764576%3A3099799181%3A6139510966%3A138413429909&bo=22316126855&bp=22339890152&bd=300_2v&zMoatPS=300_2v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatDfpSlotId=13_mlb57mfhkhj00000mlb57mfhkhj00000mlb&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=13_mlb57mfhkhj00000mlb57mfhkhj00000mlb&iq=na&tt=na&tc=0&fs=203695&na=46541120&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:33 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qZ6yR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-OXHdlqV6UCoP6g%3D%3D&sc=1&os=1-iQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=251&w=301&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&f=0&j=&t=1684289612764&de=818947933583&cu=1684289612764&m=1215&ar=fde231f50fe-clean&iw=a6e1dfe&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3948&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1158%3A1850%3A3484%3A1157&as=1&ag=1201&an=1201&gi=1&gf=1201&gg=1201&ix=1201&ic=1201&ez=1&ck=1201&kw=1000&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1201&bx=1201&ci=1201&jz=1000&dj=1&aa=1&ad=1022&cn=1022&gn=1&gk=1022&gl=1022&ik=1022&co=1022&cp=1000&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1000&cd=1000&ah=1000&am=1000&xd=00&rf=0&re=1&ft=1022&fv=1022&fw=1022&wb=1&cl=0&at=0&d=5004764576%3A3099799181%3A6139510966%3A138413429909&bo=22316126855&bp=22339890152&bd=300_2v&zMoatPS=300_2v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatDfpSlotId=13_mlb57mfhkhj00000mlb57mfhkhj00000mlb&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=13_mlb57mfhkhj00000mlb57mfhkhj00000mlb&iq=na&tt=na&tc=0&fs=203695&na=412622874&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:34 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qZ6yR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-OXHdlqV6UCoP6g%3D%3D&sc=1&os=1-iQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=251&w=301&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&f=0&j=&t=1684289612764&de=818947933583&cu=1684289612764&m=1216&ar=fde231f50fe-clean&iw=a6e1dfe&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3948&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1158%3A1850%3A3484%3A1157&as=1&ag=1201&an=1201&gi=1&gf=1201&gg=1201&ix=1201&ic=1201&ez=1&ck=1201&kw=1000&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1201&bx=1201&ci=1201&jz=1000&dj=1&aa=1&ad=1022&cn=1022&gn=1&gk=1022&gl=1022&ik=1022&co=1022&cp=1000&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1000&cd=1000&ah=1000&am=1000&xd=00&rf=0&re=1&ft=1022&fv=1022&fw=1022&wb=1&cl=0&at=0&d=5004764576%3A3099799181%3A6139510966%3A138413429909&bo=22316126855&bp=22339890152&bd=300_2v&zMoatPS=300_2v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatDfpSlotId=13_mlb57mfhkhj00000mlb57mfhkhj00000mlb&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=13_mlb57mfhkhj00000mlb57mfhkhj00000mlb&iq=na&tt=na&tc=0&fs=203695&na=86866778&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:34 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 21ms
21ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qZ6yR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-OXHdlqV6UCoP6g%3D%3D&sc=1&os=1-iQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&f=0&j=&t=1684289612786&de=142757190581&cu=1684289612786&m=1198&ar=fde231f50fe-clean&iw=a6e1dfe&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3948&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1158%3A1850%3A3484%3A1157&as=1&ag=1193&an=1&gi=1&gf=1193&gg=1&ix=1193&ic=1193&ez=1&ck=1193&kw=992&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1193&bx=1&ci=1193&jz=992&dj=1&aa=1&ad=1022&cn=0&gn=1&gk=1022&gl=0&ik=1022&co=1022&cp=992&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=992&cd=2&ah=992&am=2&xd=00&rf=0&re=1&ft=1022&fv=0&fw=1022&wb=1&cl=0&at=0&d=5134346611%3A3110972346%3A6157543105%3A138430455658&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatDfpSlotId=7_24ps5x946ox0000024ps5x946ox0000024p&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=7_24ps5x946ox0000024ps5x946ox0000024p&iq=na&tt=na&tc=0&fs=203695&na=1821412725&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:34 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qZ6yR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-OXHdlqV6UCoP6g%3D%3D&sc=1&os=1-iQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&f=0&j=&t=1684289612786&de=142757190581&cu=1684289612786&m=1199&ar=fde231f50fe-clean&iw=a6e1dfe&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3948&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1158%3A1850%3A3484%3A1157&as=1&ag=1193&an=1193&gi=1&gf=1193&gg=1193&ix=1193&ic=1193&ez=1&ck=1193&kw=992&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1193&bx=1193&ci=1193&jz=992&dj=1&aa=1&ad=1022&cn=1022&gn=1&gk=1022&gl=1022&ik=1022&co=1022&cp=992&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=992&cd=992&ah=992&am=992&xd=00&rf=0&re=1&ft=1022&fv=1022&fw=1022&wb=1&cl=0&at=0&d=5134346611%3A3110972346%3A6157543105%3A138430455658&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatDfpSlotId=7_24ps5x946ox0000024ps5x946ox0000024p&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=7_24ps5x946ox0000024ps5x946ox0000024p&iq=na&tt=na&tc=0&fs=203695&na=1356483648&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:34 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qZ6yR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-OXHdlqV6UCoP6g%3D%3D&sc=1&os=1-iQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&f=0&j=&t=1684289612786&de=142757190581&cu=1684289612786&m=1199&ar=fde231f50fe-clean&iw=a6e1dfe&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3948&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1158%3A1850%3A3484%3A1157&as=1&ag=1193&an=1193&gi=1&gf=1193&gg=1193&ix=1193&ic=1193&ez=1&ck=1193&kw=992&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1193&bx=1193&ci=1193&jz=992&dj=1&aa=1&ad=1022&cn=1022&gn=1&gk=1022&gl=1022&ik=1022&co=1022&cp=992&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=992&cd=992&ah=992&am=992&xd=00&rf=0&re=1&ft=1022&fv=1022&fw=1022&wb=1&cl=0&at=0&d=5134346611%3A3110972346%3A6157543105%3A138430455658&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatDfpSlotId=7_24ps5x946ox0000024ps5x946ox0000024p&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=7_24ps5x946ox0000024ps5x946ox0000024p&iq=na&tt=na&tc=0&fs=203695&na=48736417&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:34 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 21ms
20ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qZ6yR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-OXHdlqV6UCoP6g%3D%3D&sc=1&os=1-iQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=62&w=248&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&f=0&j=&t=1684289612573&de=434354446778&cu=1684289612573&m=1619&ar=fde231f50fe-clean&iw=a6e1dfe&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3948&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1158%3A1850%3A3484%3A1157&as=1&ag=1054&an=4&gi=1&gf=1054&gg=4&ix=1054&ic=1054&ez=1&ck=1054&kw=853&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1054&bx=4&ci=1054&jz=853&dj=1&aa=0&ad=953&cn=0&gk=953&gl=0&ik=953&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=853&cd=8&ah=853&am=8&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5137568839%3A3101799994%3A6143667001%3A138433037584&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatPS=welcome_v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-welcome&iq=na&tt=na&tc=0&fs=203695&na=1995529959&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:34 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 21ms
20ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qZ6yR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-OXHdlqV6UCoP6g%3D%3D&sc=1&os=1-iQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=62&w=248&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&f=0&j=&t=1684289612573&de=434354446778&cu=1684289612573&m=1619&ar=fde231f50fe-clean&iw=a6e1dfe&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3948&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1158%3A1850%3A3484%3A1157&as=1&ag=1054&an=1054&gi=1&gf=1054&gg=1054&ix=1054&ic=1054&ez=1&ck=1054&kw=853&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1054&bx=1054&ci=1054&jz=853&dj=1&aa=0&ad=953&cn=953&gk=953&gl=953&ik=953&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=853&cd=853&ah=853&am=853&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5137568839%3A3101799994%3A6143667001%3A138433037584&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatPS=welcome_v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-welcome&iq=na&tt=na&tc=0&fs=203695&na=1085457891&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:34 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qZ6yR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-OXHdlqV6UCoP6g%3D%3D&sc=1&os=1-iQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=62&w=248&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&f=0&j=&t=1684289612573&de=434354446778&cu=1684289612573&m=1620&ar=fde231f50fe-clean&iw=a6e1dfe&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3948&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1158%3A1850%3A3484%3A1157&as=1&ag=1054&an=1054&gi=1&gf=1054&gg=1054&ix=1054&ic=1054&ez=1&ck=1054&kw=853&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1054&bx=1054&ci=1054&jz=853&dj=1&aa=0&ad=953&cn=953&gk=953&gl=953&ik=953&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=853&cd=853&ah=853&am=853&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5137568839%3A3101799994%3A6143667001%3A138433037584&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatPS=welcome_v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-welcome&iq=na&tt=na&tc=0&fs=203695&na=1285318900&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:34 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qZ6yR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-OXHdlqV6UCoP6g%3D%3D&sc=1&os=1-iQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=62&w=248&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&f=0&j=&t=1684289612573&de=434354446778&cu=1684289612573&m=1821&ar=fde231f50fe-clean&iw=a6e1dfe&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3948&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1158%3A1850%3A3484%3A1157&as=1&ag=1257&an=1054&gi=1&gf=1257&gg=1054&ix=1257&ic=1257&ez=1&ck=1054&kw=853&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1257&bx=1054&ci=1054&jz=853&dj=1&aa=1&ad=1156&cn=953&gn=1&gk=1156&gl=953&ik=1156&co=1156&cp=1058&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1058&cd=853&ah=1058&am=853&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5137568839%3A3101799994%3A6143667001%3A138433037584&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatPS=welcome_v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-welcome&iq=na&tt=na&tc=0&fs=203695&na=1037176182&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:34 GMT

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjg0Mjg5NjEyeGY5MTUwMDI4MmJkNGNkeDIzMjE1MzA1IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyOTA4Mzg2NTIzMjk0MTIiLCJpbmRleCI6N...
track.celtra.com/json/ 35 B
242 B 114ms
114ms Image
image/gif 54.86.156.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjg0Mjg5NjEyeGY5MTUwMDI4MmJkNGNkeDIzMjE1MzA1IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyOTA4Mzg2NTIzMjk0MTIiLCJpbmRleCI6NywiY2xpZW50VGltZXN0YW1wIjoxNjg0Mjg5NjE0LjcwOCwibmFtZSI6InZpZXdhYmxlNTAxIiwiY3JpdGVyaW9uIjp7Im5hbWUiOiI1MC8xIiwicmF0aW8iOjAuNSwidGltZSI6MTAwMH19XX0=?crc32c=2050755671
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.156.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-156-61.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Wed, 17 May 2023 02:13:34 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 21ms
21ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=3&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qZ6yR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-OXHdlqV6UCoP6g%3D%3D&sc=1&os=1-iQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&f=0&j=&t=1684289612781&de=914414386184&cu=1684289612781&m=2005&ar=fde231f50fe-clean&iw=a6e1dfe&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3948&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1158%3A1850%3A3484%3A1157&as=1&ag=1002&an=4&gi=1&gf=1002&gg=4&ix=1002&ic=1002&ez=1&ck=1002&kw=804&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1002&bx=4&ci=1002&jz=804&dj=1&aa=0&ad=901&cn=0&gk=901&gl=0&ik=901&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=804&cd=7&ah=804&am=7&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5004764576%3A3099799181%3A6139510966%3A138368021044&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatDfpSlotId=12_x84zof1ya8000000x84zof1ya8000000x84&hv=Exps%3A%20Celtra%20Banner%2FVideo%20%7C%20Celtra%20API&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=12_x84zof1ya8000000x84zof1ya8000000x84&iq=na&tt=na&tc=0&fs=203695&na=578813492&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:34 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=3&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qZ6yR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-OXHdlqV6UCoP6g%3D%3D&sc=1&os=1-iQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&f=0&j=&t=1684289612781&de=914414386184&cu=1684289612781&m=2005&ar=fde231f50fe-clean&iw=a6e1dfe&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3948&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1158%3A1850%3A3484%3A1157&as=1&ag=1002&an=1002&gi=1&gf=1002&gg=1002&ix=1002&ic=1002&ez=1&ck=1002&kw=804&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1002&bx=1002&ci=1002&jz=804&dj=1&aa=0&ad=901&cn=901&gk=901&gl=901&ik=901&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=804&cd=804&ah=804&am=804&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5004764576%3A3099799181%3A6139510966%3A138368021044&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatDfpSlotId=12_x84zof1ya8000000x84zof1ya8000000x84&hv=Exps%3A%20Celtra%20Banner%2FVideo%20%7C%20Celtra%20API&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=12_x84zof1ya8000000x84zof1ya8000000x84&iq=na&tt=na&tc=0&fs=203695&na=1859991415&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:34 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=3&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qZ6yR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-OXHdlqV6UCoP6g%3D%3D&sc=1&os=1-iQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&f=0&j=&t=1684289612781&de=914414386184&cu=1684289612781&m=2006&ar=fde231f50fe-clean&iw=a6e1dfe&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3948&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1158%3A1850%3A3484%3A1157&as=1&ag=1002&an=1002&gi=1&gf=1002&gg=1002&ix=1002&ic=1002&ez=1&ck=1002&kw=804&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1002&bx=1002&ci=1002&jz=804&dj=1&aa=0&ad=901&cn=901&gk=901&gl=901&ik=901&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=804&cd=804&ah=804&am=804&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5004764576%3A3099799181%3A6139510966%3A138368021044&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatDfpSlotId=12_x84zof1ya8000000x84zof1ya8000000x84&hv=Exps%3A%20Celtra%20Banner%2FVideo%20%7C%20Celtra%20API&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=12_x84zof1ya8000000x84zof1ya8000000x84&iq=na&tt=na&tc=0&fs=203695&na=1813724215&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:34 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
20ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=3&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BM%24%3D!!t%3FagkKj2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qZ6yR1d6%2F1aF%2FI5oZrvQatT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-OXHdlqV6UCoP6g%3D%3D&sc=1&os=1-iQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&id=1&ii=4&f=0&j=&t=1684289612781&de=914414386184&cu=1684289612781&m=2210&ar=fde231f50fe-clean&iw=a6e1dfe&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3948&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1158%3A1850%3A3484%3A1157&as=1&ag=1207&an=1002&gi=1&gf=1207&gg=1002&ix=1207&ic=1207&ez=1&ck=1002&kw=804&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1207&bx=1002&ci=1002&jz=804&dj=1&aa=1&ad=1106&cn=901&gn=1&gk=1106&gl=901&ik=1106&co=1106&cp=1005&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1005&cd=804&ah=1005&am=804&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5004764576%3A3099799181%3A6139510966%3A138368021044&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&zMoatDev=Desktop&zMoatDfpSlotId=12_x84zof1ya8000000x84zof1ya8000000x84&hv=Exps%3A%20Celtra%20Banner%2FVideo%20%7C%20Celtra%20API&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=12_x84zof1ya8000000x84zof1ya8000000x84&iq=na&tt=na&tc=0&fs=203695&na=228371854&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 02:13:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 17 May 2023 02:13:34 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.iris.informa.com
URL: https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json

Domain: static.iris.informa.com
URL: https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.darkreading.com/	1970-01-20 14:01:05	Name: _gcl_au Value: 1.1.1697852359.1684289610
.darkreading.com/	1969-12-31 23:59:59	Name: __Secure-next-auth.callback-url Value: https%3A%2F%2Fwww.darkreading.com
www.darkreading.com/	1969-12-31 23:59:59	Name: __Host-next-auth.csrf-token Value: c16d4447ff6330804954e21022254f155c1f0f15c349608b4153d99b78413d83%7C92efd6536751753b57d91939c9b87fbefbaa2b8ab467835642b6b41a66684d8d
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: y7-iJs5WkR8
.youtube.com/	1970-01-20 16:10:41	Name: VISITOR_INFO1_LIVE Value: r5w9-ZcCaRo
.darkreading.com/	1970-01-20 21:27:29	Name: _ga_1X1EHQ3PFR Value: GS1.1.1684289610.1.0.1684289610.60.0.0
www.darkreading.com/	1969-12-31 23:59:59	Name: dpm_url_count Value: 1
.darkreading.com/	1970-01-20 16:10:41	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+May+17+2023+02%3A13%3A30+GMT%2B0000+(GMT)&version=6.39.0&isIABGlobal=false&hosts=&consentId=f1f26821-74bd-4844-96b7-363a0a096850&interactionCount=0&landingPath=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Frussian-ransomware-perp-charged-hive-babuk-lockbit&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.darkreading.com/	1970-01-20 21:20:17	Name: _cb Value: DEJhJbCOai3GC_qhC-
.darkreading.com/	1970-01-20 21:20:17	Name: _chartbeat2 Value: .1684289610443.1684289610443.1.DYVCBeB1UHJtCRzroUDLwiEsC6dXAL.1
.darkreading.com/	1970-01-20 11:51:31	Name: _cb_svref Value: null
.darkreading.com/	1970-01-20 11:51:31	Name: _sp_ses.94c4 Value: *
.darkreading.com/	1970-01-20 21:27:29	Name: _sp_id.94c4 Value: eb97cf3c-3f03-49a0-a074-e22c8ac793ee.1684289610.1.1684289610.1684289610.f1d1f95b-cb77-4a22-bfec-b27cf8b238b4
.adnxs.com/	1970-01-20 14:01:05	Name: uuid2 Value: 7311600654837879752
.darkreading.com/	1970-01-20 13:43:40	Name: _gaexp Value: GAX1.2.0yXzgh3iSjOeRpygmZwteQ.19572.0
.darkreading.com/	1970-01-20 21:27:29	Name: _ga Value: GA1.2.152832024.1684289610
.darkreading.com/	1970-01-20 11:52:56	Name: _gid Value: GA1.2.1635761514.1684289611
.darkreading.com/	1970-01-20 11:51:29	Name: _gat_UA-135180592-2 Value: 1
.darkreading.com/	1970-01-20 21:27:29	Name: __td_signed Value: true
.darkreading.com/	1970-01-20 21:27:29	Name: _td Value: bdef5541-fa3e-472e-91b8-52c3e54bdd9d
.darkreading.com/	1970-01-20 20:37:05	Name: _hjSessionUser_2610568 Value: eyJpZCI6IjMyZDFiZTFiLWExZmYtNTlkMy1hYTkzLWE5NDYyZGI2Mzc5YSIsImNyZWF0ZWQiOjE2ODQyODk2MTA1ODEsImV4aXN0aW5nIjpmYWxzZX0=
.darkreading.com/	1970-01-20 11:51:31	Name: _hjFirstSeen Value: 1
.darkreading.com/	1970-01-20 11:51:29	Name: _hjIncludedInSessionSample_2610568 Value: 0
.darkreading.com/	1970-01-20 11:51:31	Name: _hjSession_2610568 Value: eyJpZCI6IjA3YjcyMjQ0LWExMmEtNDkxYi04NzhlLWFiNDlmZWJiY2E3ZiIsImNyZWF0ZWQiOjE2ODQyODk2MTA1ODksImluU2FtcGxlIjpmYWxzZX0=
.darkreading.com/	1970-01-20 11:51:31	Name: _hjAbsoluteSessionInProgress Value: 1
.in.treasuredata.com/	1970-01-20 21:27:29	Name: _td_global Value: a0bb4296-6b79-4f53-826f-6194eb2a22f3
.darkreading.com/	1969-12-31 23:59:59	Name: at_check Value: true
.darkreading.com/	1970-01-20 20:37:05	Name: sp Value: c625f702-ebde-4dfe-8130-24c72cb8c964
.darkreading.com/	1970-01-20 21:27:29	Name: mbox Value: session#3aad37b3f3784ea78fc90c954ac4a3f5#1684291471\|PC#3aad37b3f3784ea78fc90c954ac4a3f5.37_0#1747534411
.darkreading.com/	1970-01-20 11:51:31	Name: mboxEdgeCluster Value: 37
.dpmsrv.com/	1970-01-20 21:27:29	Name: dpm_pxl Value: ff488c0d541a58e5e0b05675424d23b06ce02216
.dpmsrv.com/	1970-01-20 21:27:29	Name: dpm_pxl_aid Value: 7311600654837879752
www.darkreading.com/	1969-12-31 23:59:59	Name: hasLiveRampMatch Value: true
.doubleclick.net/	1970-01-20 21:13:05	Name: IDE Value: AHWqTUnWeMa_BWuolyQPkOjwZMk-C4hFjYhgX4k7xzoJfdleJP9W5PBXwzaPYAu3h_8
.darkreading.com/	1970-01-20 21:23:10	Name: ELOQUA Value: GUID=2C4FA7C36D0D463D9DDBC3F6BA095B2F
.darkreading.com/	1970-01-20 21:13:05	Name: __gads Value: ID=f5258450c53461e5:T=1684289612:S=ALNI_MYbDIzIcmFuRc7r8Gn47HZcIs5hTg
.darkreading.com/	1970-01-20 21:13:05	Name: __gpi Value: UID=00000c170285e5dc:T=1684289612:RT=1684289612:S=ALNI_MZHhq6pV6IpVHbnGQvWNVjocjHnBA
www.darkreading.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 4.005

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit Message: Access to fetch at 'https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json' from origin 'https://www.darkreading.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.darkreading.com/threat-intelligence/russian-ransomware-perp-charged-hive-babuk-lockbit Message: Access to fetch at 'https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json' from origin 'https://www.darkreading.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://idsync.rlcdn.com/423396.gif?partner_uid=7311600654837879752 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://www.darkreading.com/404 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6600d6d98e534115970f9529a45f3195.js.ubembed.com
68872e820fb9afb0f1d2e9ae040e5212.safeframe.googlesyndication.com
a.dpmsrv.com
a.teads.tv
ads.celtra.com
adservice.google.com
adservice.google.de
assets.ubembed.com
bam.eu01.nr-data.net
beta.darkreading.com
c.darkreading.com
cache-ssl.celtra.com
cdn.cookielaw.org
cdn.treasuredata.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
eu-images.contentstack.com
eu01.in.treasuredata.com
fonts.gstatic.com
geo.moatads.com
geolocation.onetrust.com
ib.adnxs.com
idsync.rlcdn.com
iirexhibitionslimite.tt.omtrdc.net
img.en25.com
in.ml314.com
js-agent.newrelic.com
ml314.com
pagead2.googlesyndication.com
pbs.twimg.com
ping.chartbeat.net
px.moatads.com
region1.analytics.google.com
s.dpmsrv.com
script.hotjar.com
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
static.chartbeat.com
static.cloudflareinsights.com
static.hotjar.com
static.iris.informa.com
stats.g.doubleclick.net
t.teads.tv
tpc.googlesyndication.com
track.celtra.com
trk.darkreading.com
vc.hotjar.io
www.darkreading.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
z.moatads.com
static.iris.informa.com
108.138.17.124
13.32.99.122
13.32.99.33
13.32.99.71
142.0.173.15
142.250.184.194
151.101.130.137
151.101.193.131
151.101.194.137
18.194.32.95
18.66.112.19
18.66.112.49
18.66.97.10
185.221.87.23
185.89.210.82
2001:4860:4802:34::36
2001:4de0:ac18::1:a:2b
23.201.242.231
23.32.185.123
23.35.229.56
2600:9000:2057:8800:18:1fcd:351:7bc1
2606:4700:4400::6812:2b9e
2606:4700::6810:3965
2606:4700::6811:190e
2606:4700::6811:7863
2606:4700::6812:bcf
2606:4700::6813:bb61
2a00:1450:4001:802::2004
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9c
2a04:4e42:8d::159
34.111.234.236
34.193.26.185
34.239.95.171
35.244.174.68
46.51.147.53
52.17.38.186
52.222.236.74
52.72.174.214
54.224.217.157
54.86.156.61
95.101.149.35
011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
0307f3b9d8215b1581f25bdf8ba24881d8f7030f53ed17b33e3ca6a5e6c8582f
03b6f9934a86e8d5472f0b2449d99983b33aceba85871c5ac10ff79a70afab97
04c3e27b4e50b05e753624b18d153a73a64bd66f8544d04d73278b9cca80b643
061873fb71d654fc87404592fbb9cd1665e8882c1ab3423f92ddc61f940be783
0698c0cb2ed5f13588a68a424b3000106ad739b7ff17ec0291e33e88a3f4cef9
0a620e251ee73c3d588f0a1b02012391be0c9e049e5140e4119770438e2b9681
0b50b975e980f84d2dd92d9aae6ec52925ef8819811ab66dd52b69b8483bc686
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0e153b77b7b590360c91df38e894d46fd6061ce57cc0bbbc09f4c408a66bd0c7
0e198a2d521948c31a85eff04b881542d8b31d8b5824f900a950ea34bf5ef811
0ecf52614cfcf19d9e54f6315e8469693c03fc619115da7ce952bd4257b76f03
113d6a4412ceb344b6a915504bd4accc611c763e40eb7f21d065171cb22a14d7
118804ffb57d9794c6dcb47c2cf07d9468e29c024e34d462517f24b74061300d
120be5c1f0c3158ea3f36d14321d28e8bad8f3c6fcf6eadd240020c1836eff98
1276cc8c00d4c0a5dc75f06fde5f578ade21cdf3ed9e52b786c3d07dc820bd1c
127c7ead87e287db401c5a3173fd190cc2c7211711e97486294ca2086754f793
12be6226c7fe4ab7fc12d15d0893ec76925dd7e83134c61ba8cd9dc390688a6e
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
14f5566d4c764cd781dad9a4f1a9530797597bac11661a2b8def07c4e59f1985
1525351d3893be6380f4274e46148720c51d967e58b4b3fdd942a77c40add3cb
15dc2238919ab50494dbe59c725aa79f15b68b9f608d9eb0ac1bc3f58462b97e
1724b4bef54c6783a92933aad501fd9fe01ceb5225301c744ff0883030e72f00
1848ed0b2a54ed644ee182f2e2c012164080f1be7c475041f8d0a2ebe456c89f
1866a87b4c049fb761b0218db2aecbef33496d878706bc56f2701965efaf88a7
1ace1b17e77ec3828eda87eb3fea3671ce2a0f706426fbd158873546c4f9366e
1f9b264d67f09652f9fa3bcde1801166d5c888d9f89c006764a9776dd8f9e9ae
20ad0be7e3caf0a6ba6ab76d067da9cb2ab3cec52a0d5e532f8b0bb43a6a9b3a
21102c999da99aa5a6c8403c9e2367ca2e8d3e7fd2d6b5c1aef9e4fab888749c
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4
24b5fa9227e2539d460d47bb58bc2cfd5ab7b460b10ed08f5f237a1c4227fa30
262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2936fe13574318d83664642a376fa2fb1701a6b54af72ba96c3ee0ea3e975814
2adfabdca47e7ea3ca23597e24f6415dea9842d97159920b12d55796273b50f0
2b8322bfccaa5c0aa4a37e06b916b11d517b7a2974ce3cd810ea57ba3a1ffd68
2f27b92b9b966ffdd166be51401f836aa3aa6dac8cdd60736582a14a83f8538f
2f8650c7f614694fbf353e3690b981a651ce8aa79ee32c82f21ef303eeeb5421
2f9e4b998c3839e7e544b929557a4408b28d94975d484ef79763e50ccc2647b6
2fc9226c1dac21a7182d442ae225403735a06132fa0d3339f9b691161f226870
308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332be8338c36d31c73519e17af7df81c34188319ba032325031df6ad299fac1e
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
345f767f6836a9f017fa9380c6b19b3f1541af1b858b7026aa80d047940072f0
35396bc1fe0457ca063caaf18161f4d252b66dda7bdf4dc83bd7291c5a763b5a
36069dae705692548e4a2c2d3c504cea29cf7756771c054130f14e48f3492b58
3a6fa14cfa3cdcf85341187d29abcda5038766aab39a879ea09d993d5423d1ce
3d847022b4855577f07071ade28e6ffba86c014283f02fbba7d326690b157ee9
40a1ddef329ed50a50b1bba6c79d93a95361668254be46a2b726c294d7521e42
429f7e0fe891676debcf572bce666bf67cabfd82e6774895d4800283a05df589
42a69348bb53b155c5d4fa084e826b2ca4f80cdcd131455fe33c8ab8b1f32ddc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
469d6ae11d3de74e33b695e1a63736fe6171fbac441de7295f479cfa9b59b13d
48057ce15d71e4fca4e37f5fd751f992bef87b6fcf527c4731556cf65652864e
49e087d73bcccb37cff38615607eecb98579e662f784f309b2968a2998748353
4c662be26daa544e07f7170870e306427b9fcf0d9f30e6f602c7fb67005bfda3
4e3544834b91e44441b532b1543211033bbf7dfdb06b1c540c6539ce2f04c806
4e668c3c5ead2707062c31387d0b2fc6883cbff5895585e08d923f3759a33140
4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ae2bb63b3739d001918259bb945000b092bfa1a7347ba9330239ce0c96de4d
56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5f4d7f3eafb4d9820dd9f359b637ee8df4136b8bdba6705b9dd0a15faf2bc025
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6091defa8440cb54c820ff6b73e47842002d99015048223b8587275245b2dbd0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66a2d24e9c295ecb9a23346122ee36ebb7797f79b63888a5bc9febcc6bc8f707
6731235163da1f9e2222437b17ce909efe401295559e7219848619c7b5ebb135
67a5c5246d878c5d5687d1ff9a986a79fbf00e754d44e5cf24bf0ea8f4aae1b8
6ac768d479fd8627d59a5298f7175cf51f4ace4eea8feda66a04b1e32244d6ed
6e00d3935f6a747eedf83365b8b957f71ec570e9ac018426c07f59e7e1a32126
6e504d72d0b8fe63b71774d746594a7d13607ee5313241cc546a1bcd47909677
6ee8592d2c44590b7f48e81ea68315a4cf85e9954570d3a8888349ac25c8cd4e
6f2731b7ddbfae256839a740f6dda68ec6e67a4cf1e62a8ed4ffce75a589d16d
720b074e114854f5c2b347ee013066f2ff6e8a1da750d605c8df6936b997eb60
73f64b02b9413d6bcdef1ae19f7daf70b97d5f8f16ca53c3a8ec47fa8b96b955
741ad23625cb4e2adff00c3f6701050b9e7c1353e451d0b6574bc157749661db
757c66837cfbe8c2533e8c41099d8e50b20f83fbf84ead6a6d7435dcc2ad0884
7674813d4294e6367c27576ac6ee63106685165081325a67fc0b3582ed53182f
796fb577d901800fdce147b46494720f86f23c8964bde1ecf6a6cf6f88a462ce
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7c786b4eafe79e524ffba9be980ddd45af883917a9d4db61dc2a276895bf302d
7e8d41e0dbecd3e7187a9da5bbccd956ebdfa893398796bfc904e57f6631b18d
81d50aff02889109dbd93d915814d4b8cabd50d108b081827416f8d5dfb8f87d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84ed2736d108268726b798eee2ec152bdf9e0895eba738da43e74eac01e861e2
86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda
8751c85d4da8af34fb4d78a2ab5bb92b7a3b5380f2d0d5ca89d11fc2b5bfb6ca
8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28
8d8be0b015e37c3f8fa5783f53b59ea2bce04b97642a944ea6e6ef3ddf3ed9e5
90658bd0149ee32386a0897fd8fc0abe48207f67342cab5a862a05452da5b955
9250f0b586e89674ec647d8dfb6fe7aedcb588be13ebb6aeb1286efa9d3cfb39
92e2472635cbca31d4b0694c1248618677a5279d6e841b23191c3d5a76ac09f4
9a47677017938ab7f7b611e7b40933d538a27d24fdbb4584be88f622acb62507
9dddb939f2fb146a699ea1cf0efd984d4b8f429aa49d70246bff358fdbdf7fe7
9e04433a74ec26a9b149ee31234bc5a607d43e93ff3e314107c52c4a0e495308
9e72ec301ab43f86ea55f8eb4406deec95f1096d938c302cb6b488dc5dd586dd
a11a7cfbbc42e44d6d3b00771e9d81e67d48f9df07d6f7674dc29cee936335b1
a18b6fb01cd5abafa3da1063ab739bc7292399d799be83faf3cca8b1e10b734b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a605b833fb05ce642cf51b3cda75bd1926e7e97bac8c8108f61d719ac3765915
a6784657ebfaa2e63661973e6d9005928a02a7ada5918af3bf54d7eddf204c5c
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
ab0f1e0a0feb0e1a12dd45d7404c4cb627f7b4fe528b8e0a552ef78182995034
ab36b8356d4b7e3e3591b161427e6fb18512a2ccc8a787f8cc03294cf2f30478
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b012aa4cd220c70aa9d246001d2336eaa7ceffca0e6a5b29792dcef541fcddea
b01f76ec05e93010280c22113025d84589fbd2c8c67ba107a77dbcc95996fda0
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b315181f1047d35cc29f1b83c9c31ea493c5006f21930ba0a5e790a80ca2b7f2
b370162829a0f77bc0bc9b78c8f97e9cbf8bcd9279ac2f8555f8dd9d7e328f94
b759dcb812df0caaa1b5a8d4b4d86a8f6f41f4b4f4c53589f54cf4d15bc82124
be222ebe8d76ed95e6241fd6e80b43e87cee11ee97871ba3e0e6dcf439ad66b9
c19345a03fed44d267abbe2f427bdcd261aa86a447320f15f3eef8e121690794
c7d68cd0cf59f647d2c9799e0147cc847234e7c5b79cb8be6bbb46ecf6784303
c870bc0b6e52de133e3273be305bda03afd6aba5d5064c034f2a50a3af3edc01
c9e40e17ef48acdd8fbbd4ab434adcd35602a939c19816f297baaa91e675a067
ca72e8893a0cf88efb844d01e3629ad7751979f01026f6149de72285279b7968
cb4787d6337aa1e504d8d2dc49629d5b46a49c30a6da6f4bb964e8875dd4bc43
cbcb05acea6125ad2bf4812c6ab9ebd0258fc7e08d4019d08d8659fe42664022
cc3e40d6ac657f0cab86fbd40aac335a1882985b625431b28193625ec0d67b57
ce9c18a953a2eeb6d5efef7d4c04f4d73b055d3789152cbf42bd1b4dfd7e167b
cf3119fdbf0f06025ca1ee2409e2e10a29785c6184c927084c8da22fc0db2e79
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c
d16927d37f8e26f8565d8f37936c1cac3ae49299c69cfe76f84baf43677c3ec4
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
d8f2a6eb1c5b845fbc8ff1d6e3b48b9429d8e320e3925144bc7a07795ab534ad
d92a51d2b7a17143c96ca658cd08259d1166830de75a6c2a9197b978f94c1567
d993d894f9713b3d26ccd12fb9bfdd84e48131d1eef5d20d41f1cdc7bcc9c00f
db26cc218a2f76d858bc04cbcb19014311e6f1e0b194190490ce0634d6cd5842
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be
de06fea245b0036d21764fcf2b9a4791c0a0f1e927e3916c7d779cb44a1977bd
de1b63b04b142bb4eef4fd7311fc5b56fe61563db26d21bc69b2f7c42fcdd994
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
dfe4cd9c1f7700c36d3c29ca204ba2c2e7d6a0755b3a76f5f72f91c64a7a99e6
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
e168f400859a54ae28705c297c4d347eacbbcfee972a38744b8f9d890022a898
e1e779400a82dc66165854384cab22bed09762f0d1b9d5e0da2a31563adb740c
e2aa1b9ad49f926d8f522018a78f5c556748d2eae07873cacbd144515610292e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5836b0f5b9092c9f810ad6ccd9db01c1fcd57889e8222f558d9c2b59b082d7c
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e7dd16094e5660eb6281a006f32c055e11ddfafc76dc9278d340db803f57171e
e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395
e9e3652349e81228cb2c0309b3e6a9f23da99f571017f01a984da348ddb4a257
ed58764b92edfce9ab71bec3adaf6ec0ddeba37b7f8cf2bc695ba4a5732fb291
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f1d0a56f914e17ee694a79e6506061a58f84876bdfe88cebf7902e7809d26b89
f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef
f84daf0174e2c6f686b5864ff7dafc119dae3c2ca88f213dcbfc3f70b2b39571
fb1589f0619e41e0fa1d0770121be244be9fa07d5a6c5938d5988f9726927307
fb657972079f36258237fd79c9b7cf160c82943f31fe5ff1b0e10be49e27be5b
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fc57fb7726d7a86c273bebb59f12bc63a69ea93c695f971f73bb035f9bbe928b
fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6

www.darkreading.com Open in urlscan Pro 2606:4700::6811:7863 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

262 Requests

97 %HTTPS

46 %IPv6

37 Domains

57 Subdomains

53 IPs

6 Countries

5225 kBTransfer

13017 kBSize

38 Cookies

45 Outgoing links

Redirected requests

262 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.darkreading.com Open in urlscan Pro
2606:4700::6811:7863 Public Scan

Screenshot
Live screenshot

Full Image

262
Requests

97 %
HTTPS

46 %
IPv6

37
Domains

57
Subdomains

53
IPs

6
Countries

5225 kB
Transfer

13017 kB
Size

38
Cookies

262 HTTP transactions
10 data transactions