Submitted URL: https://mailer.digitalshadows.com/NDU3LVhFWS02NzEAAAF9hkxmo71TweRlLMJQm0hCnmBw_Zf8PzvUHlv0mmLjvcktd7uq1rDEZTduU2DSq1bRXx1YciE=
Effective URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-adm...
Submission: On June 07 via api from US

Summary

This website contacted 46 IPs in 7 countries across 34 domains to perform 206 HTTP transactions. The main IP is 52.60.165.183, located in Montreal, Canada and belongs to AMAZON-02, US. The main domain is resources.digitalshadows.com.
TLS certificate: Issued by R3 on May 3rd 2021. Valid for: 3 months.
This is the only time resources.digitalshadows.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.17.73.206 13335 (CLOUDFLAR...)
2 52.60.165.183 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
28 52.85.170.74 16509 (AMAZON-02)
9 2600:9000:206... 16509 (AMAZON-02)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 23.111.9.35 33438 (HIGHWINDS2)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 104.111.216.226 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
74 52.85.170.42 16509 (AMAZON-02)
1 52.85.170.35 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
2 52.49.20.76 16509 (AMAZON-02)
2 104.111.234.67 16625 (AKAMAI-AS)
1 5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 52.21.227.162 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
8 10 63.35.200.21 16509 (AMAZON-02)
6 162.13.202.201 15395 (RACKSPACE...)
6 52.85.170.17 16509 (AMAZON-02)
2 2 2620:119:50e3... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.231.126.55 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.197.47.23 16509 (AMAZON-02)
1 2 2.18.234.21 16625 (AKAMAI-AS)
1 69.173.144.139 26667 (RUBICONPR...)
1 64.202.112.31 23352 (SERVERCEN...)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 141.226.228.48 200478 (TABOOLA-AS)
1 2 35.157.135.222 16509 (AMAZON-02)
4 52.85.120.45 16509 (AMAZON-02)
7 52.85.170.49 16509 (AMAZON-02)
1 52.85.170.125 16509 (AMAZON-02)
11 54.147.21.139 14618 (AMAZON-AES)
1 143.204.209.100 16509 (AMAZON-02)
2 52.0.189.149 14618 (AMAZON-AES)
1 52.85.120.47 16509 (AMAZON-02)
206 46
Apex Domain
Subdomains
Transfer
74 driftt.com
js.driftt.com
752 KB
28 cdntwrk.com
content.cdntwrk.com
2 MB
14 sndcdn.com
widget.sndcdn.com
i1.sndcdn.com
cf-hls-media.sndcdn.com
wave.sndcdn.com
577 KB
14 adroll.com
s.adroll.com
d.adroll.com
39 KB
13 drift.com
metrics.api.drift.com
bootstrap.api.drift.com
targeting.api.drift.com
event.api.drift.com
5 KB
11 marketo.com
lonrtp1-cdn.marketo.com
rtp-static.marketo.com
lonrtp1.marketo.com
123 KB
10 uberflip.com
cihost.uberflip.com
flipbot.uberflip.com
181 KB
6 gstatic.com
fonts.gstatic.com
91 KB
6 soundcloud.com
w.soundcloud.com
api-widget.soundcloud.com
l9bjkkhaycw6f8f4.soundcloud.com
8 KB
4 linkedin.com
px.ads.linkedin.com
www.linkedin.com
px4.ads.linkedin.com
4 KB
4 googleapis.com
fonts.googleapis.com
3 KB
3 google-analytics.com
www.google-analytics.com
57 KB
3 ml314.com
ml314.com
in.ml314.com
14 KB
3 typekit.net
use.typekit.net
p.typekit.net
17 KB
3 unpkg.com
unpkg.com
57 KB
3 digitalshadows.com
mailer.digitalshadows.com
resources.digitalshadows.com
36 KB
2 3lift.com
eb2.3lift.com
741 B
2 casalemedia.com
dsum-sec.casalemedia.com
2 KB
2 marketo.net
munchkin.marketo.net
7 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com
35 KB
1 driftcdn.com
embeds.driftcdn.com
14 KB
1 taboola.com
sync.taboola.com
248 B
1 pubmatic.com
simage2.pubmatic.com
395 B
1 outbrain.com
sync.outbrain.com
477 B
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 advertising.com
pixel.advertising.com
125 B
1 google.de
www.google.de
107 B
1 google.com
www.google.com
107 B
1 doubleclick.net
stats.g.doubleclick.net
96 B
1 consensu.org
d.adroll.mgr.consensu.org
137 B
1 licdn.com
snap.licdn.com
2 KB
1 googletagmanager.com
www.googletagmanager.com
49 KB
1 cloudflare.com
cdnjs.cloudflare.com
7 KB
1 fontawesome.com
use.fontawesome.com
14 KB
206 34
Domain Requested by
74 js.driftt.com resources.digitalshadows.com
js.driftt.com
28 content.cdntwrk.com resources.digitalshadows.com
content.cdntwrk.com
9 d.adroll.com 7 redirects resources.digitalshadows.com
s.adroll.com
9 cihost.uberflip.com resources.digitalshadows.com
cihost.uberflip.com
6 metrics.api.drift.com js.driftt.com
6 widget.sndcdn.com w.soundcloud.com
widget.sndcdn.com
6 lonrtp1.marketo.com lonrtp1-cdn.marketo.com
6 fonts.gstatic.com fonts.googleapis.com
5 s.adroll.com 1 redirects resources.digitalshadows.com
www.googletagmanager.com
s.adroll.com
4 targeting.api.drift.com js.driftt.com
4 i1.sndcdn.com w.soundcloud.com
widget.sndcdn.com
resources.digitalshadows.com
4 api-widget.soundcloud.com widget.sndcdn.com
4 rtp-static.marketo.com lonrtp1-cdn.marketo.com
4 fonts.googleapis.com resources.digitalshadows.com
cihost.uberflip.com
js.driftt.com
3 cf-hls-media.sndcdn.com widget.sndcdn.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 unpkg.com 1 redirects resources.digitalshadows.com
unpkg.com
2 event.api.drift.com js.driftt.com
2 eb2.3lift.com 1 redirects resources.digitalshadows.com
2 dsum-sec.casalemedia.com 1 redirects resources.digitalshadows.com
2 px.ads.linkedin.com 2 redirects
2 munchkin.marketo.net resources.digitalshadows.com
munchkin.marketo.net
2 ml314.com resources.digitalshadows.com
ml314.com
2 stackpath.bootstrapcdn.com resources.digitalshadows.com
2 use.typekit.net resources.digitalshadows.com
use.typekit.net
2 resources.digitalshadows.com mailer.digitalshadows.com
content.cdntwrk.com
1 l9bjkkhaycw6f8f4.soundcloud.com widget.sndcdn.com
1 bootstrap.api.drift.com js.driftt.com
1 embeds.driftcdn.com js.driftt.com
1 wave.sndcdn.com widget.sndcdn.com
1 sync.taboola.com resources.digitalshadows.com
1 simage2.pubmatic.com resources.digitalshadows.com
1 sync.outbrain.com resources.digitalshadows.com
1 pixel.rubiconproject.com resources.digitalshadows.com
1 pixel.advertising.com resources.digitalshadows.com
1 www.google.de resources.digitalshadows.com
1 www.google.com resources.digitalshadows.com
1 stats.g.doubleclick.net www.google-analytics.com
1 in.ml314.com ml314.com
1 px4.ads.linkedin.com resources.digitalshadows.com
1 www.linkedin.com 1 redirects
1 d.adroll.mgr.consensu.org 1 redirects
1 snap.licdn.com www.googletagmanager.com
1 flipbot.uberflip.com content.cdntwrk.com
1 w.soundcloud.com resources.digitalshadows.com
1 p.typekit.net use.typekit.net
1 www.googletagmanager.com resources.digitalshadows.com
1 lonrtp1-cdn.marketo.com resources.digitalshadows.com
1 cdnjs.cloudflare.com resources.digitalshadows.com
1 use.fontawesome.com resources.digitalshadows.com
1 mailer.digitalshadows.com
206 51
Subject Issuer Validity Valid
mailer.digitalshadows.com
Cloudflare Inc ECC CA-3
2021-04-27 -
2022-04-26
a year crt.sh
san1987.cdntwrk.com
R3
2021-05-03 -
2021-08-01
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-05-10 -
2021-08-02
3 months crt.sh
content.cdntwrk.com
DigiCert TLS RSA SHA256 2020 CA1
2020-12-18 -
2022-01-17
a year crt.sh
*.uberflip.com
Amazon
2020-08-04 -
2021-09-04
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-02 -
2021-08-02
a year crt.sh
use.typekit.net
DigiCert SHA2 Secure Server CA
2020-01-28 -
2022-02-01
2 years crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-13 -
2021-12-14
a year crt.sh
*.marketo.com
DigiCert SHA2 Secure Server CA
2021-03-29 -
2022-04-06
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-05-10 -
2021-08-02
3 months crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA
2019-12-06 -
2021-12-10
2 years crt.sh
drift.com
Amazon
2020-09-21 -
2021-10-23
a year crt.sh
*.soundcloud.com
GlobalSign GCC R3 DV TLS CA 2020
2021-01-13 -
2022-02-14
a year crt.sh
*.google.com
GTS CA 1O1
2021-05-10 -
2021-08-02
3 months crt.sh
*.ml314.com
Amazon
2021-01-17 -
2022-02-14
a year crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA
2021-03-29 -
2022-04-06
a year crt.sh
adroll.com
R3
2021-03-30 -
2021-06-28
3 months crt.sh
flipbot.uberflip.com
R3
2021-05-17 -
2021-08-15
3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2021-04-30 -
2022-05-11
a year crt.sh
adroll.mgr.consensu.org
Amazon
2020-10-08 -
2021-11-07
a year crt.sh
*.sndcdn.com
GlobalSign GCC R3 DV TLS CA 2020
2021-01-13 -
2022-02-14
a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2021-04-15 -
2021-10-15
6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
www.google.com
GTS CA 1C3
2021-05-10 -
2021-08-02
3 months crt.sh
www.google.de
GTS CA 1C3
2021-05-10 -
2021-08-02
3 months crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA
2021-03-01 -
2021-08-24
6 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-02-05 -
2022-02-09
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2020-12-18 -
2022-01-18
a year crt.sh
*.outbrain.com
Thawte RSA CA 2018
2019-10-29 -
2021-11-23
2 years crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2020-12-07 -
2021-12-14
a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2020-11-25 -
2021-12-26
a year crt.sh
*.3lift.com
Amazon
2020-07-04 -
2021-08-05
a year crt.sh
*.driftcdn.com
Amazon
2021-03-12 -
2022-04-10
a year crt.sh

This page contains 4 frames:

Primary Page: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Frame ID: B8E3DBEA094498AF6BBEBA63063CFD22
Requests: 96 HTTP requests in this frame

Frame: https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1062002668&color=%23ff5500&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true
Frame ID: 3A44297DE9B1260B6788C9204EDA1C41
Requests: 21 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=8z7ynkcdvg2s&forceShow=false&skipCampaigns=false&sessionId=72fe4d35-88ef-42a6-8d41-80ad10c0906c&sessionStarted=1623087781&campaignRefreshToken=c3f5c7ae-93f6-4304-b7b5-ccf2572a9a3c&hideController=false&pageLoadStartTime=1623087779117&mode=CHAT
Frame ID: 69B7C003FC2208613549E8C02667B882
Requests: 40 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat
Frame ID: 6115AA95A806D82C68CB1CECB8A5FB5F
Requests: 45 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://mailer.digitalshadows.com/NDU3LVhFWS02NzEAAAF9hkxmo71TweRlLMJQm0hCnmBw_Zf8PzvUHlv0mmLjvcktd7uq1rDEZTdu... Page URL
  2. https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploi... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /(?:a|s)\.adroll\.com/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /munchkin\.marketo\.net\/munchkin\.js/i

Page Statistics

206
Requests

100 %
HTTPS

38 %
IPv6

34
Domains

51
Subdomains

46
IPs

7
Countries

3851 kB
Transfer

9293 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mailer.digitalshadows.com/NDU3LVhFWS02NzEAAAF9hkxmo71TweRlLMJQm0hCnmBw_Zf8PzvUHlv0mmLjvcktd7uq1rDEZTduU2DSq1bRXx1YciE= Page URL
  2. https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55
  • https://unpkg.com/ionicons@4.5.10-0/dist/fonts/ionicons.woff2?v=4.5.9-1 HTTP 302
  • https://unpkg.com/ionicons@4.5.10-0/dist/fonts/ionicons.woff2
Request Chain 58
  • https://s.adroll.com/j/exp/M2GUWUTBBJFFRJ7RPYG7FT/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 61
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/M2GUWUTBBJFFRJ7RPYG7FT?_s=ab42d2b4de20b461e5884376c81f11d9&_b=2 HTTP 302
  • https://d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT/?_s=ab42d2b4de20b461e5884376c81f11d9&_b=2
Request Chain 72
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1623087779721&url=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2017233%26time%3D1623087779721%26url%3Dhttps%253A%252F%252Fresources.digitalshadows.com%252Fthreat-intelligence-podcast-shadowtalk%252Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%253Fmkt_tok%253DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1623087779721&url=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1623087779721&url=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&liSync=true&e_ipv6=AQLgDfIUnI_AIgAAAXnnkhJPVOgoBBnM_RLhR7CPTjkLAARaM5Rz16tJN8C07JDPIhC0XZDJ
Request Chain 88
  • https://d.adroll.com/cm/aol/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 89
  • https://d.adroll.com/cm/index/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&expiration=1654623779 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&expiration=1654623779&C=1
Request Chain 90
  • https://d.adroll.com/cm/n/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&expires=365
Request Chain 91
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI
Request Chain 92
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 93
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI
Request Chain 94
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&dongle=c85e HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

206 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
NDU3LVhFWS02NzEAAAF9hkxmo71TweRlLMJQm0hCnmBw_Zf8PzvUHlv0mmLjvcktd7uq1rDEZTduU2DSq1bRXx1YciE=
mailer.digitalshadows.com/
607 B
1 KB
Document
General
Full URL
https://mailer.digitalshadows.com/NDU3LVhFWS02NzEAAAF9hkxmo71TweRlLMJQm0hCnmBw_Zf8PzvUHlv0mmLjvcktd7uq1rDEZTduU2DSq1bRXx1YciE=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf18a645a261091d5de4d21f52a2f4c355e90aa8195847df24c6e2421918e23b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
mailer.digitalshadows.com
:scheme
https
:path
/NDU3LVhFWS02NzEAAAF9hkxmo71TweRlLMJQm0hCnmBw_Zf8PzvUHlv0mmLjvcktd7uq1rDEZTduU2DSq1bRXx1YciE=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 17:42:57 GMT
content-type
text/html
cache-control
private, no-cache, no-store, max-age=0
x-cnection
close
x-content-type-options
nosniff
vary
Accept-Encoding
set-cookie
BIGipServerPOOL-162.13.131.123-go2.wire.com-80=!k4oP56998MolMYdbO1+Oh92Pa3vcjzHOYxc9kqF6e9mEAZQ0J4+jWVo3Saw7Cj7RX/eiFGfckuuCatQ=; path=/; Httponly; Secure __cf_bm=cd801ef863161a0e9bbefb4443f1bdf3a3eab048-1623087777-1800-AcM2ycjhsJEZR1r4EMXIEcC37nqtzU1SgdirLvkwFC5ZekJgzpqjmZlu7sDnIn9Jn8C5fu4UmXzYsHvF+18vG/w=; path=/; expires=Mon, 07-Jun-21 18:12:57 GMT; domain=.mailer.digitalshadows.com; HttpOnly; Secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0a892b202a0000d895f4360000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65bbae137a40d895-CPH
content-encoding
gzip
Primary Request weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware
resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/
206 KB
35 KB
Document
General
Full URL
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Requested by
Host: mailer.digitalshadows.com
URL: https://mailer.digitalshadows.com/NDU3LVhFWS02NzEAAAF9hkxmo71TweRlLMJQm0hCnmBw_Zf8PzvUHlv0mmLjvcktd7uq1rDEZTduU2DSq1bRXx1YciE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.165.183 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-165-183.ca-central-1.compute.amazonaws.com
Software
/
Resource Hash
536914b449bd803aa669ee434350b85f2939daa64d9bcf5c54127b7dded730bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
resources.digitalshadows.com
:scheme
https
:path
/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://mailer.digitalshadows.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://mailer.digitalshadows.com/

Response headers

content-encoding
gzip
content-language
en-US
content-type
text/html; charset=UTF-8
date
Mon, 07 Jun 2021 17:42:58 GMT
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
referrer-policy
unsafe-url
set-cookie
_MGZ_=n6pu9s8lf02ejhtir13lg7r5m9; path=/; secure; HttpOnly pdf_event=WyJbe1widXVpZFwiOjE1MDk5MDA2NzR9LDE2NTQ2MjM3NzhdIiwiY2E0YTE5ODI1OGVhZGU5NWU5N2ZlOGViMmQ4ODZmNDciXQ%3D%3D; expires=Tue, 07-Jun-2022 17:42:58 GMT; Max-Age=31536000; path=/; secure
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
35018
css
fonts.googleapis.com/
16 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C700
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a4666c8d5ff5aa5625a151f0c6791a0734e6aa8b75ffbc99181b99f3c8199b25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Jun 2021 17:42:59 GMT
server
ESF
date
Mon, 07 Jun 2021 17:42:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Jun 2021 17:42:59 GMT
hubs.a76c7d5ffeac5df5acba.css
content.cdntwrk.com/css/hubs/
262 KB
44 KB
Stylesheet
General
Full URL
https://content.cdntwrk.com/css/hubs/hubs.a76c7d5ffeac5df5acba.css
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93325ddc7a79a67b0c0fae14552e11e5b318b864dd235fe532011f71b05e0bb1

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 23:32:46 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 20:11:14 GMT
server
AmazonS3
age
497414
etag
W/"994505c15a0b59682dde64c9bb01e7ed"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
jGtRJ4pEEjCJa36vkVBrjSuh_SlIjZB8AmzOZbb_TbcH-hrOpfMzOQ==
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
style.css
cihost.uberflip.com/digitalshadows/master/build/
473 KB
56 KB
Stylesheet
General
Full URL
https://cihost.uberflip.com/digitalshadows/master/build/style.css
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12cb6f4a3c9fd0d20d99973654a5ee6a58e1e280a28327834a0a671370f9fded

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 13:56:18 GMT
content-encoding
gzip
last-modified
Thu, 10 Oct 2019 21:12:20 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1570733735/ctime:1570733736/gid:20/gname:staff/md5:f2ebaa768a782bff84a4f90e5d33a408/mode:33188/mtime:1570733736/uid:502/uname:modip
age
13602
etag
W/"f2ebaa768a782bff84a4f90e5d33a408"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
OCCi-7uZVNO8THN_MB_JS3DLIpxJYV6LnlNRNMbtNSx8b0wYi-a8Lg==
ionicons.min.css
unpkg.com/ionicons@4.5.10-0/dist/css/
44 KB
7 KB
Stylesheet
General
Full URL
https://unpkg.com/ionicons@4.5.10-0/dist/css/ionicons.min.css
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b82a2dd43936317fee3dc469880686b83caab009d9e71a9953f25bbe8c1b34ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 17:42:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
6635419
vary
Accept-Encoding
cf-request-id
0a892b24ca000006290a9a8000000001
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"b09c-0qR+qwWhl5h3I61TCWRhFVmJ40Y"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
1ec7dbed2f8c685fad9c5e56a9d8fb72
cache-control
public, max-age=31536000
cf-ray
65bbae1adb600629-FRA
grp0jzg.css
use.typekit.net/
2 KB
863 B
Stylesheet
General
Full URL
https://use.typekit.net/grp0jzg.css
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
64ee239b6faaad3cb754ec0c952a0c60c493c39e25116f6d352bc23c6fc522f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Mon, 07 Jun 2021 17:42:59 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
631
all.css
use.fontawesome.com/releases/v5.8.1/css/
54 KB
14 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Origin
https://resources.digitalshadows.com
Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 17:42:59 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2019 21:31:35 GMT
server
NetDNA-cache/2.2
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
ajax-loader-white-2x.gif
content.cdntwrk.com/img/hubs/
3 KB
3 KB
Image
General
Full URL
https://content.cdntwrk.com/img/hubs/ajax-loader-white-2x.gif?v=64ea6287d559
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1cd0852f3077f1b059e16529d8de16acb490990d6cb796dd74873de0bfd8a91

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 00:07:21 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Thu, 13 May 2021 20:11:17 GMT
server
AmazonS3
age
581230
etag
"5217392f882b27d35ec2e72946f2df7e"
access-control-allow-methods
GET, HEAD
content-type
image/gif
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
BUD50-C1
accept-ranges
bytes
content-length
2707
x-amz-cf-id
uRqeQ2vGxxbqwOUcaow5kfKmE1HqzRYYLMWE-gbQ17uud5x12x6ing==
chevron-down-64x64.png
content.cdntwrk.com/img/hubs/
760 B
1 KB
Image
General
Full URL
https://content.cdntwrk.com/img/hubs/chevron-down-64x64.png?v=78668873251b
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e240679c3215c840cf754104fe7291c77f2f52ad551c95e8c8364d0124938ec

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 15:53:24 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Thu, 13 May 2021 20:11:17 GMT
server
AmazonS3
age
579261
etag
"26818bdf0706c780af4a52b44ea17fdc"
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
BUD50-C1
accept-ranges
bytes
content-length
760
x-amz-cf-id
FXNw3lQ0Wdm1KgJk2As7c0anziZwMkrknYRg7xWExlExdAIVpHTznw==
aHViPTY4NzA5JmNtZD1zZWNvbmRhcnlfbG9nbyZ2ZXJzaW9uPTE1OTAxNDU5NTEmc2lnPTMyMDdiMTQyYTkxZWIzMWNkMWFhMmRlMDJiNTkyMWI4
content.cdntwrk.com/files/
17 KB
17 KB
Image
General
Full URL
https://content.cdntwrk.com/files/aHViPTY4NzA5JmNtZD1zZWNvbmRhcnlfbG9nbyZ2ZXJzaW9uPTE1OTAxNDU5NTEmc2lnPTMyMDdiMTQyYTkxZWIzMWNkMWFhMmRlMDJiNTkyMWI4
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
/
Resource Hash
99adc45d565dba2a61e0a68299ad0561bfe2a4abc4ed59bed31f02f516896dc8

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 15:48:06 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Sat, 01 Jun 2019 00:22:53 GMT
age
4413293
etag
"1559348573-7eec03779d987dde260b4a5d48bcfc47"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=15552000
content-disposition
inline; filename="secondary_logo.png"
x-amz-cf-pop
BUD50-C1
content-length
17384
x-amz-cf-id
EG1JqxVqbuug-kOrS8Zt7Hdbu5x0rd7f-mPcYMkXfSrmhahLNislFg==
css
fonts.googleapis.com/
2 KB
546 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cihost.uberflip.com/digitalshadows/master/build/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Jun 2021 17:41:14 GMT
server
ESF
date
Mon, 07 Jun 2021 17:42:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Jun 2021 17:42:59 GMT
aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYmE0NjNjNGIzNWIucG5nJnZlcnNpb249MDAwMCZzaWc9M2I3YzA2OGM1NDlhZDg3NjFkYmU5NDU4ZDY0NjE2OTk%253D
content.cdntwrk.com/files/
458 KB
459 KB
Image
General
Full URL
https://content.cdntwrk.com/files/aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYmE0NjNjNGIzNWIucG5nJnZlcnNpb249MDAwMCZzaWc9M2I3YzA2OGM1NDlhZDg3NjFkYmU5NDU4ZDY0NjE2OTk%253D
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
/
Resource Hash
d2d3262ff49a9af1fc37a9cc575c05654b26c25eb4b3db459a6a6c20904c8604

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 00:20:22 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Fri, 04 Jun 2021 15:26:53 GMT
age
148957
etag
"1622820413-25b836f0db2a6b6131d6aed1b8e8eaf2"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=15552000
content-disposition
inline; filename="itemeditorimage_60ba463c4b35b.png"
x-amz-cf-pop
BUD50-C1
content-length
469410
x-amz-cf-id
xFpvQ8Cclg1ne8qVOBG-M4ASD26S57j8QLNzJOq5f86_E1roFLqlMw==
mediaproxy
content.cdntwrk.com/
35 KB
36 KB
Image
General
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYjk0MzAxN2VhZWMuUE5HJnZlcnNpb249MDAwMCZzaWc9NDlhNjdmNjc3M2JiZTVjMGY3ODA2MmRlMjNiM2EzZGY%25253D&size=1&version=1622754086&sig=649fdb735afdee155f5381021b0819c6&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
/
Resource Hash
81a4d8d5ead2162ef4d3ff1628ae1bb645dfb91b1d9792db6b3815d1078cce61

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 07:54:01 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Fri, 04 Jun 2021 07:53:51 GMT
age
294538
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=1234567890
content-disposition
inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYjk0MzAxN2VhZWMuUE5HJnZlcnNpb249MDAwMCZzaWc9NDlhNjdmNjc3M2JiZTVjMGY3ODA2MmRlMjNiM2EzZGY%253D.jpg"
x-amz-cf-pop
BUD50-C1
content-length
35876
x-amz-cf-id
5U_8wtwZD6apjpMK-W5DUXh94cBzJMZTg93scy5Dwq2kEDnH1DEWZQ==
mediaproxy
content.cdntwrk.com/
47 KB
48 KB
Image
General
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYjExNzI0MjI1YjUuUE5HJnZlcnNpb249MDAwMCZzaWc9ZTZjM2M2YjRkNWQ1MGY4YmVjODliYTE2YjA2ODA0NWE%25253D&size=1&version=1622218568&sig=4ebb0a1f40686c7002897dcb2e508018&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
/
Resource Hash
c6bb53f0930f886bd09e31ace88d76fdbd656c3dd74c124031d61a73637f0ba3

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 13:25:10 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Sun, 30 May 2021 13:25:00 GMT
age
706669
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=1234567890
content-disposition
inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYjExNzI0MjI1YjUuUE5HJnZlcnNpb249MDAwMCZzaWc9ZTZjM2M2YjRkNWQ1MGY4YmVjODliYTE2YjA2ODA0NWE%253D.jpg"
x-amz-cf-pop
BUD50-C1
content-length
48188
x-amz-cf-id
tEkRbGNc1AMIltv7_S-pzYwb_eGsBQwxnjypH4zQDRFfcqCPIVpAdQ==
mediaproxy
content.cdntwrk.com/
36 KB
37 KB
Image
General
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYWQzN2NiYWM0ZTQucG5nJnZlcnNpb249MDAwMCZzaWc9NDkyZTdjMDQyZWIxZjQwZmIzNzY5MzQ2NmFlYWUwMDQ%25253D&size=1&version=1622038881&sig=a0af0dbdba695158e456a5c9bc99095b&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
/
Resource Hash
208a9227a271f478d6fd8bcf698c7e78a5582e7a8b5698b6a8e503b426be531e

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 05:57:53 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Thu, 27 May 2021 05:57:43 GMT
age
992706
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=1234567890
content-disposition
inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYWQzN2NiYWM0ZTQucG5nJnZlcnNpb249MDAwMCZzaWc9NDkyZTdjMDQyZWIxZjQwZmIzNzY5MzQ2NmFlYWUwMDQ%253D.jpg"
x-amz-cf-pop
BUD50-C1
content-length
37022
x-amz-cf-id
VMdu6rjtyBEHm8h3B-Z8NhpH9TpsrEmlbZ69yBL3PtlNiHfeR4LWDg==
mediaproxy
content.cdntwrk.com/
41 KB
41 KB
Image
General
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYTdkMjk0NzgxZDQucG5nJnZlcnNpb249MDAwMCZzaWc9ZmE0NTViY2EwZDkyYTkwMjk5YTE3YmY3Y2YxNTJhMTU%25253D&size=1&version=1621942643&sig=a6c2ba388c466cdfc85f7da8369c3abe&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
/
Resource Hash
2f5130bdca506ef5a667e15c9dcfb5e4d53ef0475f7a9934fc91a322b49b7fad

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 11:37:25 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Tue, 25 May 2021 11:37:15 GMT
age
1145134
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=1234567890
content-disposition
inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYTdkMjk0NzgxZDQucG5nJnZlcnNpb249MDAwMCZzaWc9ZmE0NTViY2EwZDkyYTkwMjk5YTE3YmY3Y2YxNTJhMTU%253D.jpg"
x-amz-cf-pop
BUD50-C1
content-length
41964
x-amz-cf-id
NdihJYhaqvbI-uLWiBLSL-PhdmLLgKz0QTw1XOSYCsgtZnBcISW6Fw==
mediaproxy
content.cdntwrk.com/
50 KB
51 KB
Image
General
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOWVhMmU1MmFmZWEuUE5HJnZlcnNpb249MDAwMCZzaWc9ZWRmMTNlMmUyNTA0NTJkODMwNmEzNzE2YzJhYjFiZjE%25253D&size=1&version=1621009164&sig=55fc95b6aeba8460046061f2d2e216c3&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
/
Resource Hash
e68a75095286baabfe05d0fa77fbe4ad87daf8ab426e22f29d4c2bf414d64699

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 16:41:44 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Fri, 14 May 2021 16:41:34 GMT
age
2077275
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=1234567890
content-disposition
inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOWVhMmU1MmFmZWEuUE5HJnZlcnNpb249MDAwMCZzaWc9ZWRmMTNlMmUyNTA0NTJkODMwNmEzNzE2YzJhYjFiZjE%253D.jpg"
x-amz-cf-pop
BUD50-C1
content-length
51611
x-amz-cf-id
1N4d5iTZ8RZ_Js8DOLeRR69hYE-2sfdCY2yEBB54hyjg36PZOng3Vw==
mediaproxy
content.cdntwrk.com/
33 KB
34 KB
Image
General
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOWU4ZTJjYjMwMWMucG5nJnZlcnNpb249MDAwMCZzaWc9Mjk0MDY2OGI3OTFiMmQzNzlhMGRiMjY1ZGU1MzFlZWU%25253D&size=1&version=1621003853&sig=1f5ae61248641a8334d2c19824177636&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
/
Resource Hash
12189c142e590f81abebf435bd3d8ce972def2493580ebe35af83b4c652a5e88

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 13:25:10 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Sun, 30 May 2021 13:25:00 GMT
age
706669
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=1234567890
content-disposition
inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOWU4ZTJjYjMwMWMucG5nJnZlcnNpb249MDAwMCZzaWc9Mjk0MDY2OGI3OTFiMmQzNzlhMGRiMjY1ZGU1MzFlZWU%253D.jpg"
x-amz-cf-pop
BUD50-C1
content-length
34137
x-amz-cf-id
YbstBF_rGc89FsH8yDrfLz7tOCfnQxgZCq7Vf9kmoH-S765yLKs2Uw==
mediaproxy
content.cdntwrk.com/
46 KB
47 KB
Image
General
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOTU1ZmNmZTMwOTQucG5nJnZlcnNpb249MDAwMCZzaWc9ZGRjNDRiZjA4MzZkZTBkZTJlN2Y3YzI1YTdlYWUzNDg%25253D&size=1&version=1620402539&sig=ab9e1d15d08ab901de5af9e604c14538&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
/
Resource Hash
391e82d13406c4bf676f02185f737fbbb4fd35b6f52db1c57670518076023477

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 19:32:51 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Fri, 07 May 2021 19:32:41 GMT
age
2671808
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=1234567890
content-disposition
inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOTU1ZmNmZTMwOTQucG5nJnZlcnNpb249MDAwMCZzaWc9ZGRjNDRiZjA4MzZkZTBkZTJlN2Y3YzI1YTdlYWUzNDg%253D.jpg"
x-amz-cf-pop
BUD50-C1
content-length
47264
x-amz-cf-id
gM8MNGvv5G8ICKkZXXTDI7OOh_682xtsjA--ac7QEEnR5qk-T8xUYg==
mediaproxy
content.cdntwrk.com/
31 KB
31 KB
Image
General
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOTQ0ZGVhNjg4ZDIucG5nJnZlcnNpb249MDAwMCZzaWc9ODBkMjYwN2M2MDMxMGQzYTAxODcwMmRhYTdiYzhlMWQ%25253D&size=1&version=1620332037&sig=0a21f5fc1133aaa6c9d3447a36f0ac26&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
/
Resource Hash
b976ac86fa196f6e836aaee2d36ad059fc8d93600cb7b511f8d3840cb27d3958

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 13:25:10 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Sun, 30 May 2021 13:25:00 GMT
age
706669
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=1234567890
content-disposition
inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOTQ0ZGVhNjg4ZDIucG5nJnZlcnNpb249MDAwMCZzaWc9ODBkMjYwN2M2MDMxMGQzYTAxODcwMmRhYTdiYzhlMWQ%253D.jpg"
x-amz-cf-pop
BUD50-C1
content-length
31356
x-amz-cf-id
fuVl_yhd4lv0FeOtVtqx1FzZLjo9JvngAQmB36dn2R0rfv_cFmaX9w==
mediaproxy
content.cdntwrk.com/
46 KB
46 KB
Image
General
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOGMxMzI5NGE4YTUucG5nJnZlcnNpb249MDAwMCZzaWc9MzkxNjk2Mzg1ZTJjOTRmZjZmM2JhNjY0ZGVmMjM4ZTM%25253D&size=1&version=1619796126&sig=0d21c93385550182c119335a612c8544&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
/
Resource Hash
bf5ad942f0146bb1f5c69e096fe80715448c3f857dc9317f0b7d7caabb31568b

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 15:24:45 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Fri, 30 Apr 2021 15:24:35 GMT
age
3291494
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=1234567890
content-disposition
inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOGMxMzI5NGE4YTUucG5nJnZlcnNpb249MDAwMCZzaWc9MzkxNjk2Mzg1ZTJjOTRmZjZmM2JhNjY0ZGVmMjM4ZTM%253D.jpg"
x-amz-cf-pop
BUD50-C1
content-length
46767
x-amz-cf-id
N7nvZX11FNn3BgNN8iZEegs2Q51z49aXiAhHV2idPnZoJn2ska9dxw==
mediaproxy
content.cdntwrk.com/
38 KB
38 KB
Image
General
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwODJlYTBjODgxMWYucG5nJnZlcnNpb249MDAwMCZzaWc9NzdkZWI4MzcxZjYyODk3Y2U1Nzg5ZmJlYTc0ZTMyYTI%25253D&size=1&version=1619192376&sig=1d58a07bcd5d2d1873a8843cdd110b92&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
/
Resource Hash
f073fc94623e5b384f0983aa10914f5d4cd5fd4fe08518f2948bea9e8a8410ad

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 07:03:04 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Mon, 10 May 2021 07:02:55 GMT
age
2457594
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=1234567890
content-disposition
inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwODJlYTBjODgxMWYucG5nJnZlcnNpb249MDAwMCZzaWc9NzdkZWI4MzcxZjYyODk3Y2U1Nzg5ZmJlYTc0ZTMyYTI%253D.jpg"
x-amz-cf-pop
BUD50-C1
content-length
38590
x-amz-cf-id
szjFAgO_lZ0uJ0K8HG8XIceAUdHNXm5IgbAfbC7963w4ytDnP2Nnng==
mediaproxy
content.cdntwrk.com/
43 KB
43 KB
Image
General
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNzlkYjk0MDVlOTIuUE5HJnZlcnNpb249MDAwMCZzaWc9ZWI1MjRjNWFjYTMzMDY4MDgyMmYwZmQ5NzgwMDk3YTE%25253D&size=1&version=1618598853&sig=559eb65e39a589898eb7abd6e3300866&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
/
Resource Hash
933aaa63196ad7eecd28c93c753a1d0010a94a2cac8466ab6ec5814da3184aea

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 07:03:05 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Mon, 10 May 2021 07:02:55 GMT
age
2457594
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=1234567890
content-disposition
inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNzlkYjk0MDVlOTIuUE5HJnZlcnNpb249MDAwMCZzaWc9ZWI1MjRjNWFjYTMzMDY4MDgyMmYwZmQ5NzgwMDk3YTE%253D.jpg"
x-amz-cf-pop
BUD50-C1
content-length
44005
x-amz-cf-id
062LNz_LMPxrinWBarJCiF0Hlu1dNL4YOAz18z92VZGbTJ5ei0XcEw==
mediaproxy
content.cdntwrk.com/
41 KB
42 KB
Image
General
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNzA4NGU2Mzg3NWIucG5nJnZlcnNpb249MDAwMCZzaWc9NGZlNzM3ODc1YjRlN2MxNzM2ZTVlN2Q1ZWIwYjkzZjE%25253D&size=1&version=1617986867&sig=c379a5530f8b422d2438a9838fcf6198&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
/
Resource Hash
26afc3a3183b7730ecad405371a9141e19cc9d027323ac6d4e6d8173d67e5f52

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 07:03:05 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Mon, 10 May 2021 07:02:55 GMT
age
2457594
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=1234567890
content-disposition
inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNzA4NGU2Mzg3NWIucG5nJnZlcnNpb249MDAwMCZzaWc9NGZlNzM3ODc1YjRlN2MxNzM2ZTVlN2Q1ZWIwYjkzZjE%253D.jpg"
x-amz-cf-pop
BUD50-C1
content-length
42396
x-amz-cf-id
7s8dXWAxoeKcIIpcSNlvr42rGWl_ltvolScxMxWTf5YBO-b7nMfhHg==
mediaproxy
content.cdntwrk.com/
37 KB
37 KB
Image
General
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNjczNjA5NmEzZjgucG5nJnZlcnNpb249MDAwMCZzaWc9OTE0N2VhMzZmZDVhZmViNzE3YjQ3NTRlMzZkZjNkM2M%25253D&size=1&version=1617376820&sig=12357177f65ef9bb55750050a8f53c67&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
/
Resource Hash
b322a728ade366021f79f97550eb78da570ec8ee20199c9d9cd11750cee8a441

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 May 2021 19:51:28 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Sun, 23 May 2021 19:51:18 GMT
age
1288291
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=1234567890
content-disposition
inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNjczNjA5NmEzZjgucG5nJnZlcnNpb249MDAwMCZzaWc9OTE0N2VhMzZmZDVhZmViNzE3YjQ3NTRlMzZkZjNkM2M%253D.jpg"
x-amz-cf-pop
BUD50-C1
content-length
37723
x-amz-cf-id
ZnD5QcY8yVa0NQIqEo_TehIn3YA1ybfOYdCjr9mlqbES9gI4l4s8aA==
mediaproxy
content.cdntwrk.com/
29 KB
29 KB
Image
General
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNjM0ZjAzOTFjMjYucG5nJnZlcnNpb249MDAwMCZzaWc9MWY4ZWI3MTJmZjE3YjQ4MmY3ZGVjYzI2NmViNDJjOGE%25253D&size=1&version=1617121119&sig=d0c1b923c0c629a383046e189aefb394&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
/
Resource Hash
34789f98cc72efc62fcc72db2ff546d844e4fd6513ccb64eaf99a8152d9e6df3

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 May 2021 19:51:29 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Sun, 23 May 2021 19:51:19 GMT
age
1288290
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=1234567890
content-disposition
inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNjM0ZjAzOTFjMjYucG5nJnZlcnNpb249MDAwMCZzaWc9MWY4ZWI3MTJmZjE3YjQ4MmY3ZGVjYzI2NmViNDJjOGE%253D.jpg"
x-amz-cf-pop
BUD50-C1
content-length
29574
x-amz-cf-id
VMBRTRD8KtjAH-VhkMnWfM0Stq8tMEpjPr0Yoy0hgDxiTqiZPh_rxg==
mediaproxy
content.cdntwrk.com/
45 KB
46 KB
Image
General
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNWUwY2VhZWI5YzAucG5nJnZlcnNpb249MDAwMCZzaWc9ZDZhMDY3MmQ1MmVjN2IzYjQxNDA3YTZjMjUyODNiOWE%25253D&size=1&version=1616776463&sig=73e2283dace5af772a7a2622a2c90eba&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
/
Resource Hash
9e8963fa542cea4c67f077b8c96dca2845075152898cdd46ebe3accbcdf8f970

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 17:18:41 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Fri, 26 Mar 2021 17:18:31 GMT
age
6308658
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=1234567890
content-disposition
inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNWUwY2VhZWI5YzAucG5nJnZlcnNpb249MDAwMCZzaWc9ZDZhMDY3MmQ1MmVjN2IzYjQxNDA3YTZjMjUyODNiOWE%253D.jpg"
x-amz-cf-pop
BUD50-C1
content-length
46200
x-amz-cf-id
7UBPXB_yg5J-2ZYqPQZrJepGJvKJxjBAkRiNV3-GNMu_5Tut4Ri2pQ==
mediaproxy
content.cdntwrk.com/
33 KB
34 KB
Image
General
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNWE0YjZhYzNlNGIucG5nJnZlcnNpb249MDAwMCZzaWc9ODNjOTUyZmQwNjgyODQyOTE5ZWQ1NjJlMmJkYWIwM2U%25253D&size=1&version=1616530391&sig=7a25efee2663aebece5f3bf68b78f426&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
/
Resource Hash
0747ff54c97be21f6b5976fbb1a8ae6e537dc7a6f6fbaa97e6cfe52bb11940a7

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 13:25:10 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Sun, 30 May 2021 13:25:00 GMT
age
706669
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=1234567890
content-disposition
inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNWE0YjZhYzNlNGIucG5nJnZlcnNpb249MDAwMCZzaWc9ODNjOTUyZmQwNjgyODQyOTE5ZWQ1NjJlMmJkYWIwM2U%253D.jpg"
x-amz-cf-pop
BUD50-C1
content-length
34051
x-amz-cf-id
etkZGSecr9KKLq-Lsg6-vrYR6wWUCxqyMI-6-ffMzikGT5cOpWOkng==
mediaproxy
content.cdntwrk.com/
43 KB
43 KB
Image
General
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNTRkMWVlNjNiNGYuUE5HJnZlcnNpb249MDAwMCZzaWc9NmI1NTQyYTA2OWQyNTk4OTY2MGI5MzlkNGNlMjViNjM%25253D&size=1&version=1616171546&sig=fd393772c9f78f2a105d5fed5eb68404&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
/
Resource Hash
933aaa63196ad7eecd28c93c753a1d0010a94a2cac8466ab6ec5814da3184aea

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 08:09:31 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Fri, 04 Jun 2021 08:09:21 GMT
age
293608
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=1234567890
content-disposition
inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNTRkMWVlNjNiNGYuUE5HJnZlcnNpb249MDAwMCZzaWc9NmI1NTQyYTA2OWQyNTk4OTY2MGI5MzlkNGNlMjViNjM%253D.jpg"
x-amz-cf-pop
BUD50-C1
content-length
44005
x-amz-cf-id
uvVsSoupRfEU3ST1MxlyeVcu5N8xnCuSDWocIPGSsYgM6vS_6YKZ1w==
mediaproxy
content.cdntwrk.com/
48 KB
49 KB
Image
General
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNGJiOGZlNWNiYTQucG5nJnZlcnNpb249MDAwMCZzaWc9MzhmZjlkOWY4NjE4NDE1ZGM4Y2YzZmNkYzQ5ZWE0YjY%25253D&size=1&version=1615575294&sig=f9a75ab766a03ab7015dffa10693a118&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
/
Resource Hash
f6147758447fff42053a630195696a0409d6fbb5bff518664461a672338a4551

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 10:04:23 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Wed, 28 Apr 2021 10:04:14 GMT
age
3483515
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=1234567890
content-disposition
inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNGJiOGZlNWNiYTQucG5nJnZlcnNpb249MDAwMCZzaWc9MzhmZjlkOWY4NjE4NDE1ZGM4Y2YzZmNkYzQ5ZWE0YjY%253D.jpg"
x-amz-cf-pop
BUD50-C1
content-length
49158
x-amz-cf-id
3BXZE-2T1j2dwPEZtRH4i7EqebbyylXGm5DKRzS1at3Us5J-1xnIWw==
mediaproxy
content.cdntwrk.com/
48 KB
48 KB
Image
General
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNDI1ZjEzODEwMGUuUE5HJnZlcnNpb249MDAwMCZzaWc9MWRkM2M1MDYxMWY2OWYyNDQyMWE4MTU4MjcxYzY3MGQ%25253D&size=1&version=1614962704&sig=1a62a84e91274456b5bddb8c673afa76&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
/
Resource Hash
a48bf122377ae956625be4a87785f8a6471190724d2eafb24a08fe5497c54006

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 May 2021 19:51:29 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Sun, 23 May 2021 19:51:19 GMT
age
1288290
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=1234567890
content-disposition
inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNDI1ZjEzODEwMGUuUE5HJnZlcnNpb249MDAwMCZzaWc9MWRkM2M1MDYxMWY2OWYyNDQyMWE4MTU4MjcxYzY3MGQ%253D.jpg"
x-amz-cf-pop
BUD50-C1
content-length
48944
x-amz-cf-id
tEMlkVC9A1KQzEiRzAQO6GS2Dc0NVs_caeJSzBzvXh3i8oLK-O3Vwg==
mediaproxy
content.cdntwrk.com/
45 KB
46 KB
Image
General
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwMzkzMjRlMjExYzYucG5nJnZlcnNpb249MDAwMCZzaWc9MjU4NmM4MzM3MTVlYTRjZmVjMWM0ZDhkNjQzOTM0NzE%25253D&size=1&version=1614361238&sig=222fcef4b5e51450258d294a88f7b9f8&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
/
Resource Hash
fc2d5ac3e4d6a84b97ac5858c03e2456a436e44256eac539c78665921509ba15

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 08:09:31 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Fri, 04 Jun 2021 08:09:21 GMT
age
293608
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=1234567890
content-disposition
inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwMzkzMjRlMjExYzYucG5nJnZlcnNpb249MDAwMCZzaWc9MjU4NmM4MzM3MTVlYTRjZmVjMWM0ZDhkNjQzOTM0NzE%253D.jpg"
x-amz-cf-pop
BUD50-C1
content-length
46572
x-amz-cf-id
UmtHaLCqFchufmgoBjfY9SddybqBm5xwPC2o47vEbmmmU16WJ8Lybg==
hubs_app.a76c7d5ffeac5df5acba.js
content.cdntwrk.com/js/hubs/
1 MB
311 KB
Script
General
Full URL
https://content.cdntwrk.com/js/hubs/hubs_app.a76c7d5ffeac5df5acba.js
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b1a42e37a1d6048a04aee2679303fcfb210e2df96abd3d753f09e767ddd245d4

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 01:00:18 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 20:11:21 GMT
server
AmazonS3
age
578562
etag
W/"08b152ceba8b03c4b1808105b942a78f"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
xKwh5xojIocpN_KtW_KgFbtSkEgva_C5YoPqLv3Pbt4zeZ52uWRkSg==
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
onbrand.bundle.js
cihost.uberflip.com/digitalshadows/master/build/
323 KB
100 KB
Script
General
Full URL
https://cihost.uberflip.com/digitalshadows/master/build/onbrand.bundle.js
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7ff3eb81405e14ba4c2f89a57c4adfaac486f0b2b0e9754fd68d2ccbd82e8c09

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 15:17:31 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 13:04:23 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1617282260/ctime:1617282260/gid:121/gname:docker/md5:b328763220d97af53c77409a848c9e00/mode:33188/mtime:1617282260/uid:1001/uname:runner
age
8729
etag
W/"b328763220d97af53c77409a848c9e00"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
ywK4vsDFxQZi97Yqb_bH5JzVTWnZEBIP6mMg3_H_DF4kZ4V5vfiaBw==
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/
152 KB
20 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://resources.digitalshadows.com
Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 17:42:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
3929013
cdn-cachedat
2021-04-23 08:09:03
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a892b25cf0000d725ee933000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
90533a7bac91cb591326933897315934
cf-ray
65bbae1c7b35d725-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/
21 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://resources.digitalshadows.com
Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 17:42:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6640279
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6646
cf-request-id
0a892b25dd00004e2046a14000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-520c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gQ9so8UfOb%2FueD2OdSs59NALX36EMd%2B4e5eCeQs36f0goqMyzlTWzOhjRweL2A88m2xUY76DHn%2FiVJ825LSTlvBBRME1E%2FIyPiFF5hLMEQK%2FK1DTKfEOPjeUb0NG9DMy4hHaA1wM7hRPn14Mkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
65bbae1c9f364e20-FRA
expires
Sat, 28 May 2022 17:42:59 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/
57 KB
15 KB
Script
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://resources.digitalshadows.com
Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 17:42:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617, 617, 617, 617, 617, 617
age
1019376
cdn-cachedat
2021-05-27 00:26:56
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a892b25d00000d725dea23000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
0b815e375b1e139070e50b52f7caac5b
cf-ray
65bbae1c8b3bd725-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
rtp.js
lonrtp1-cdn.marketo.com/rtp-api/v1/
151 KB
42 KB
Script
General
Full URL
https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-226.deploy.static.akamaitechnologies.com
Software
Jetty(7.3.1.v20110307) /
Resource Hash
7ffc641fd546db861d9fe2264fe5422f3cd3d7be32dd7aa8fe7e1d2d18d64505
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63113904
Content-Encoding
gzip
Last-Modified
Fri, 14 May 2021 02:48:44 GMT
Server
Jetty(7.3.1.v20110307)
Date
Mon, 07 Jun 2021 17:42:59 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=UTF-8
Cache-Control
public, max-age=220
Connection
keep-alive
Content-Length
42413
gtm.js
www.googletagmanager.com/
173 KB
49 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PG934MV
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c52956c4501510ba5ad2ac1b11f8ae403324a9d91bd70b664ff6c1726633ad8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 17:42:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49809
x-xss-protection
0
last-modified
Mon, 07 Jun 2021 17:04:56 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 07 Jun 2021 17:42:59 GMT
p.css
p.typekit.net/
5 B
162 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=grp0jzg&ht=tk&f=32231.32232&a=3933308&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/grp0jzg.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://use.typekit.net/grp0jzg.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 17:42:59 GMT
last-modified
Thu, 05 Nov 2020 13:49:42 GMT
server
nginx
etag
"5fa402f6-5"
content-type
text/css
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
8z7ynkcdvg2s.js
js.driftt.com/include/1623087900000/
214 KB
61 KB
Script
General
Full URL
https://js.driftt.com/include/1623087900000/8z7ynkcdvg2s.js
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-42.bud50.r.cloudfront.net
Software
nginx /
Resource Hash
e6c99ce8b235805f81979007460813bc645d6ad3f423ddac1dd8fbe5a7b12fff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 17:42:59 GMT
content-encoding
gzip
x-amz-cf-pop
BUD50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Fri, 04 Jun 2021 18:28:58 GMT
server
nginx
etag
W/"b41ab560720be12cb1ac449f6e643a71"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
KdQldqP0PQ7.ScpjaF8jbnhyM4W2_od0
via
1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront)
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
7PJXqaH0lgFpRSbJM5kzJqqlzIPTqzBN7P0wl-GzzPZMluLD60qlcQ==
/
w.soundcloud.com/player/ Frame 3A44
1 KB
1 KB
Document
General
Full URL
https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1062002668&color=%23ff5500&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-35.bud50.r.cloudfront.net
Software
am/2 /
Resource Hash
3f39269498936de2ed04dce9d3f22ea7098a3ea8c040e1189a1d153c1a2d34da
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Host
w.soundcloud.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Via
sssr, 1.1 4bcdb4b620ec4693e662abfb6a510094.cloudfront.net (CloudFront)
p3p
policyref="https://w.soundcloud.com/player/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV TAI PSAo PSDo OUR STP CNT"
Cache-Control
public, max-age=300
Date
Mon, 07 Jun 2021 17:42:59 GMT
strict-transport-security
max-age=63072000
Server
am/2
Content-Encoding
gzip
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
X-Amz-Cf-Pop
BUD50-C1
X-Amz-Cf-Id
VmiJvYauiesod7JLfA2L_PZakLcFCEv45wEJvQvHvGxdWrY45XbndA==
sprite-1x.png
content.cdntwrk.com/img/hubs/
59 KB
60 KB
Image
General
Full URL
https://content.cdntwrk.com/img/hubs/sprite-1x.png
Requested by
Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/css/hubs/hubs.a76c7d5ffeac5df5acba.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a249bcffb2d8e92a3bdff919def43b14841803ad93b80ffa864db1090e007594

Request headers

Referer
https://content.cdntwrk.com/css/hubs/hubs.a76c7d5ffeac5df5acba.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 00:35:18 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Thu, 13 May 2021 20:11:17 GMT
server
AmazonS3
age
579261
etag
"9e7227669aa01cd19bcc27e802668929"
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
BUD50-C1
accept-ranges
bytes
content-length
60511
x-amz-cf-id
FsqAa77HxOJCNeWopFoq5b0I8W0HfFqDAha0mXgGKQMB9KRb8onzBQ==
truncated
/
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://resources.digitalshadows.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 08:33:34 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
551365
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Wed, 01 Jun 2022 08:33:34 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://resources.digitalshadows.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:49:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
499992
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Wed, 01 Jun 2022 22:49:47 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://resources.digitalshadows.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 04:57:07 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
564352
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
expires
Wed, 01 Jun 2022 04:57:07 GMT
uparrow.png
content.cdntwrk.com/img/hubs/
194 B
566 B
Image
General
Full URL
https://content.cdntwrk.com/img/hubs/uparrow.png
Requested by
Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/css/hubs/hubs.a76c7d5ffeac5df5acba.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-74.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1fb7ee27fdfb34869f89aa51d9af1cf86ecc6800ab591ec3ca78f155742200b2

Request headers

Referer
https://content.cdntwrk.com/css/hubs/hubs.a76c7d5ffeac5df5acba.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 20:13:51 GMT
via
1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
last-modified
Thu, 13 May 2021 20:11:17 GMT
server
AmazonS3
age
509348
etag
"e5bbd7205c8f2ff1cd6c9f777f31da64"
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
BUD50-C1
accept-ranges
bytes
content-length
194
x-amz-cf-id
b_1iaj1i3jxTDvUs1QLFsrQqjl4KU52xUjflCUQEhYPWhwqmLYqOoA==
ajax_ping
resources.digitalshadows.com/hubsFront/
49 B
114 B
XHR
General
Full URL
https://resources.digitalshadows.com/hubsFront/ajax_ping
Requested by
Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.a76c7d5ffeac5df5acba.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.60.165.183 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-165-183.ca-central-1.compute.amazonaws.com
Software
/
Resource Hash
74935268619be1f087ce67765abd72f80107125f23b346f7615cc9e6a19d4595
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_MGZ_=n6pu9s8lf02ejhtir13lg7r5m9; pdf_event=WyJbe1widXVpZFwiOjE1MDk5MDA2NzR9LDE2NTQ2MjM3NzhdIiwiY2E0YTE5ODI1OGVhZGU5NWU5N2ZlOGViMmQ4ODZmNDciXQ%3D%3D
:path
/hubsFront/ajax_ping
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
resources.digitalshadows.com
referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 17:42:59 GMT
referrer-policy
unsafe-url
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-language
en-US
x-xss-protection
1; mode=block
content-type
application/json
content-length
49
x-content-type-options
nosniff
tag.aspx
ml314.com/
28 KB
13 KB
Script
General
Full URL
https://ml314.com/tag.aspx?75
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.20.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-20-76.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1b05ce33469db78a252caf0e176e3cb56cd4d1d17aa3c3cda89f8088bb3eefda

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 17:42:59 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Jun 2021 16:29:58 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=82019
Connection
keep-alive
Content-Length
12574
Expires
Tue, 08 Jun 2021 16:29:58 GMT
munchkin.js
munchkin.marketo.net/
1 KB
1 KB
Script
General
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-234-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
026c5db877da222d2316bf1197b8947a96c7623d51a4d462c91bf927dece3429

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 17:42:59 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 May 2021 01:40:41 GMT
Server
AkamaiNetStorage
ETag
"5379c4a40ff8ae9d2fc6484dd1c57349:1622166041.794746"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
753
roundtrip.js
s.adroll.com/j/M2GUWUTBBJFFRJ7RPYG7FT/
44 KB
15 KB
Script
General
Full URL
https://s.adroll.com/j/M2GUWUTBBJFFRJ7RPYG7FT/roundtrip.js
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f8527016d1ead6331a015e1fbf4e932d60b992eb004ad0a85fae18a232ba802

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
6sTciCGu6vFJmfL04tharXtf_AqyD_.h
Content-Encoding
gzip
ETag
"52b9fd6baab3612de808ee5bd541a144"
x-amz-request-id
0C3HRD05D2D45B8N
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
14288
x-amz-id-2
+5Y4Ga7rYY+DWetrh2+2NQM0OagjRWwIXaOCZBEMRmg1gUvmzruil5GgJXrz7N1nImR9mtcX9RQ=
Last-Modified
Mon, 07 Jun 2021 14:05:46 GMT
Server
AmazonS3
Date
Mon, 07 Jun 2021 17:42:59 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
logo.svg
cihost.uberflip.com/digitalshadows/master/assets/images/
3 KB
2 KB
Image
General
Full URL
https://cihost.uberflip.com/digitalshadows/master/assets/images/logo.svg
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47036c6546adb51c4a0f5c80986edcdd0dacae68b27ea6456a1f7b923ee0cff7

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 13:57:06 GMT
content-encoding
gzip
last-modified
Thu, 10 Oct 2019 21:12:09 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1570735108/ctime:1570733733/gid:20/gname:staff/md5:583031fb4ffc6aa9208f1e5e135e34ee/mode:33188/mtime:1570733733/uid:502/uname:modip
age
13553
etag
W/"583031fb4ffc6aa9208f1e5e135e34ee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
rE0SJ-m2wOJm5bf3tABA-_Q3crvlsDIhYo-yecNNKQGI9E2GcflcDg==
l
use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/
16 KB
16 KB
Font
General
Full URL
https://use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/grp0jzg.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
97829f8a6f2a471117ed06d0b06a81d543b091a262192369c531380779148c5c

Request headers

Origin
https://resources.digitalshadows.com
Referer
https://use.typekit.net/grp0jzg.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 17:42:59 GMT
server
nginx
etag
"b9e1ecdf0fe601a7e9dfc362b400290203e7b31c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16456
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://resources.digitalshadows.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 08:33:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
age
551387
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
expires
Wed, 01 Jun 2022 08:33:12 GMT
ionicons.woff2
unpkg.com/ionicons@4.5.10-0/dist/fonts/
Redirect Chain
  • https://unpkg.com/ionicons@4.5.10-0/dist/fonts/ionicons.woff2?v=4.5.9-1
  • https://unpkg.com/ionicons@4.5.10-0/dist/fonts/ionicons.woff2
49 KB
50 KB
Font
General
Full URL
https://unpkg.com/ionicons@4.5.10-0/dist/fonts/ionicons.woff2
Requested by
Host: unpkg.com
URL: https://unpkg.com/ionicons@4.5.10-0/dist/css/ionicons.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d02d165cb720aec2fde78a93113a459729e0503951353f719076bc5b4a7a845
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://unpkg.com/ionicons@4.5.10-0/dist/css/ionicons.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 17:42:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
5505334
vary
Accept-Encoding
content-length
50556
cf-request-id
0a892b27460000c2f977164000000001
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
"c57c-YMnhCnCYFRSL9KmzM6OWaSc5zVw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
access-control-allow-origin
*
x-cloud-trace-context
5cb61f2a2810c2ac2d5fe64fb1f7be70
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
65bbae1eddc4c2f9-FRA

Redirect headers

date
Mon, 07 Jun 2021 17:42:59 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01F7KR16GC54V3KQF1HFFAC4TH
server
cloudflare
age
1137
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/ionicons@4.5.10-0/dist/fonts/ionicons.woff2
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
65bbae1e0c13c2f9-FRA
access-control-allow-origin
*
cf-request-id
0a892b26c50000c2f941abc000000001
DINOffc-Light.woff2
cihost.uberflip.com/digitalshadows/master/build/fonts/
0
0
Font
General
Full URL
https://cihost.uberflip.com/digitalshadows/master/build/fonts/DINOffc-Light.woff2
Requested by
Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Origin
https://resources.digitalshadows.com
Referer
https://cihost.uberflip.com/digitalshadows/master/build/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 17:42:59 GMT
via
1.1 df7c0ba7857d5300ae11e7566c926f17.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA56-C1
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache
Error from cloudfront
content-type
application/xml
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
x-amz-cf-id
k1wux-f-LlDr9ZqsrHJKYDeBvtpzdb8PGiwXk53gsWbIOvuvqI9x1Q==
flipbot-v2.min.js
flipbot.uberflip.com/js/
23 KB
23 KB
Script
General
Full URL
https://flipbot.uberflip.com/js/flipbot-v2.min.js?_=1623087779386
Requested by
Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.a76c7d5ffeac5df5acba.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-227-162.compute-1.amazonaws.com
Software
Apache /
Resource Hash
373fafb398efb8e80d1e722c7c1aab823c1525490eb4b7c476bd0f99c6457b2f

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 17:42:59 GMT
Via
1.1 vegur
Last-Modified
Mon, 03 May 2021 18:23:51 GMT
Server
Apache
Etag
"5be9-5c17110361bc0"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23529
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/M2GUWUTBBJFFRJ7RPYG7FT/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
747 B
Script
General
Full URL
https://s.adroll.com/j/exp/index.js
Requested by
Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
E6Gl9B7gPbHVX38jHWUJV0Im5cXEZg8.
Content-Encoding
gzip
ETag
"5816cced8568d223aa09d889f300692b"
x-amz-request-id
6J6WV6RWN730WHRP
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
48
x-amz-id-2
5fY3mOf86PHfXzznpqyZ93VnsPjHl6TGgYcWIYb8oAwsAUfC3CR9Q6oHbvANb3at/wFXTkgrlzE=
Last-Modified
Thu, 20 May 2021 19:48:38 GMT
Server
AmazonS3
Date
Mon, 07 Jun 2021 17:42:59 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Mon, 07 Jun 2021 17:42:59 GMT
Server
AkamaiGHost
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script