resources.digitalshadows.com Open in urlscan Pro
52.60.165.183 

44 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://mailer.digitalshadows.com/NDU3LVhFWS02NzEAAAF9hkxmo71TweRlLMJQm0hCnmBw_Zf8PzvUHlv0mmLjvcktd7uq1rDEZTduU2DSq1bRXx1YciE= Page URL
2. https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

• https://unpkg.com/ionicons@4.5.10-0/dist/fonts/ionicons.woff2?v=4.5.9-1 HTTP 302
• https://unpkg.com/ionicons@4.5.10-0/dist/fonts/ionicons.woff2

Request Chain 58

• https://s.adroll.com/j/exp/M2GUWUTBBJFFRJ7RPYG7FT/index.js HTTP 302
• https://s.adroll.com/j/exp/index.js

Request Chain 61

• https://d.adroll.mgr.consensu.org/consent/iabcheck/M2GUWUTBBJFFRJ7RPYG7FT?_s=ab42d2b4de20b461e5884376c81f11d9&_b=2 HTTP 302
• https://d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT/?_s=ab42d2b4de20b461e5884376c81f11d9&_b=2

Request Chain 72

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1623087779721&url=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2017233%26time%3D1623087779721%26url%3Dhttps%253A%252F%252Fresources.digitalshadows.com%252Fthreat-intelligence-podcast-shadowtalk%252Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%253Fmkt_tok%253DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1623087779721&url=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1623087779721&url=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&liSync=true&e_ipv6=AQLgDfIUnI_AIgAAAXnnkhJPVOgoBBnM_RLhR7CPTjkLAARaM5Rz16tJN8C07JDPIhC0XZDJ

Request Chain 88

• https://d.adroll.com/cm/aol/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
• https://pixel.advertising.com/ups/55980/sync?uid=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 89

• https://d.adroll.com/cm/index/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&expiration=1654623779 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&expiration=1654623779&C=1

Request Chain 90

• https://d.adroll.com/cm/n/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&expires=365

Request Chain 91

• https://d.adroll.com/cm/outbrain/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
• https://sync.outbrain.com/cookie-sync?p=adroll&uid=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI

Request Chain 92

• https://d.adroll.com/cm/pubmatic/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 93

• https://d.adroll.com/cm/taboola/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
• https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI

Request Chain 94

• https://d.adroll.com/cm/triplelift/out?adroll_fpc=2b78f3abea6d542f30fcd95dd574e2e3-1623087779929&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2Fthreat-intelligence-podcast-shadowtalk%2Fweekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware%3Fmkt_tok%3DNDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
• https://eb2.3lift.com/xuid?mid=4714&xuid=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&dongle=c85e HTTP 302
• https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OTYxZDM3NmQzZWNjNjI1ZTgzZjlkMmU5YjkwMGFkMTI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

206 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	NDU3LVhFWS02NzEAAAF9hkxmo71TweRlLMJQm0hCnmBw_Zf8PzvUHlv0mmLjvcktd7uq1rDEZTduU2DSq1bRXx1YciE= Show response mailer.digitalshadows.com/	607 B 1 KB	275ms 97ms	Document text/html	104.17.73.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mailer.digitalshadows.com/NDU3LVhFWS02NzEAAAF9hkxmo71TweRlLMJQm0hCnmBw_Zf8PzvUHlv0mmLjvcktd7uq1rDEZTduU2DSq1bRXx1YciE= Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.73.206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bf18a645a261091d5de4d21f52a2f4c355e90aa8195847df24c6e2421918e23b Security Headers Name Value X-Content-Type-Options nosniff Request headers :method GET :authority mailer.digitalshadows.com :scheme https :path /NDU3LVhFWS02NzEAAAF9hkxmo71TweRlLMJQm0hCnmBw_Zf8PzvUHlv0mmLjvcktd7uq1rDEZTduU2DSq1bRXx1YciE= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 07 Jun 2021 17:42:57 GMT content-type text/html cache-control private, no-cache, no-store, max-age=0 x-cnection close x-content-type-options nosniff vary Accept-Encoding set-cookie BIGipServerPOOL-162.13.131.123-go2.wire.com-80=!k4oP56998MolMYdbO1+Oh92Pa3vcjzHOYxc9kqF6e9mEAZQ0J4+jWVo3Saw7Cj7RX/eiFGfckuuCatQ=; path=/; Httponly; Secure __cf_bm=cd801ef863161a0e9bbefb4443f1bdf3a3eab048-1623087777-1800-AcM2ycjhsJEZR1r4EMXIEcC37nqtzU1SgdirLvkwFC5ZekJgzpqjmZlu7sDnIn9Jn8C5fu4UmXzYsHvF+18vG/w=; path=/; expires=Mon, 07-Jun-21 18:12:57 GMT; domain=.mailer.digitalshadows.com; HttpOnly; Secure; SameSite=None cf-cache-status DYNAMIC cf-request-id 0a892b202a0000d895f4360000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 65bbae137a40d895-CPH content-encoding gzip
GET H2	200	Primary Request weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware Show response resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/	206 KB 35 KB	1016ms 690ms	Document text/html	52.60.165.183 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Requested by Host: mailer.digitalshadows.com URL: https://mailer.digitalshadows.com/NDU3LVhFWS02NzEAAAF9hkxmo71TweRlLMJQm0hCnmBw_Zf8PzvUHlv0mmLjvcktd7uq1rDEZTduU2DSq1bRXx1YciE= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.60.165.183 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-60-165-183.ca-central-1.compute.amazonaws.com Software / Resource Hash 536914b449bd803aa669ee434350b85f2939daa64d9bcf5c54127b7dded730bf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority resources.digitalshadows.com :scheme https :path /threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest document referer https://mailer.digitalshadows.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mailer.digitalshadows.com/ Response headers content-encoding gzip content-language en-US content-type text/html; charset=UTF-8 date Mon, 07 Jun 2021 17:42:58 GMT p3p CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" referrer-policy unsafe-url set-cookie _MGZ_=n6pu9s8lf02ejhtir13lg7r5m9; path=/; secure; HttpOnly pdf_event=WyJbe1widXVpZFwiOjE1MDk5MDA2NzR9LDE2NTQ2MjM3NzhdIiwiY2E0YTE5ODI1OGVhZGU5NWU5N2ZlOGViMmQ4ODZmNDciXQ%3D%3D; expires=Tue, 07-Jun-2022 17:42:58 GMT; Max-Age=31536000; path=/; secure x-content-type-options nosniff x-xss-protection 1; mode=block content-length 35018
GET H2	200	css fonts.googleapis.com/	16 KB 1 KB	16ms 15ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C700 Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a4666c8d5ff5aa5625a151f0c6791a0734e6aa8b75ffbc99181b99f3c8199b25 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 07 Jun 2021 17:42:59 GMT server ESF date Mon, 07 Jun 2021 17:42:59 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 07 Jun 2021 17:42:59 GMT
GET H2	200	hubs.a76c7d5ffeac5df5acba.css content.cdntwrk.com/css/hubs/	262 KB 44 KB	213ms 73ms	Stylesheet text/css	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://content.cdntwrk.com/css/hubs/hubs.a76c7d5ffeac5df5acba.css Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software AmazonS3 / Resource Hash 93325ddc7a79a67b0c0fae14552e11e5b318b864dd235fe532011f71b05e0bb1 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 01 Jun 2021 23:32:46 GMT content-encoding gzip last-modified Thu, 13 May 2021 20:11:14 GMT server AmazonS3 age 497414 etag W/"994505c15a0b59682dde64c9bb01e7ed" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * x-cache Hit from cloudfront x-amz-cf-pop BUD50-C1 x-amz-cf-id jGtRJ4pEEjCJa36vkVBrjSuh_SlIjZB8AmzOZbb_TbcH-hrOpfMzOQ== via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
GET H2	200	style.css cihost.uberflip.com/digitalshadows/master/build/	473 KB 56 KB	38ms 8ms	Stylesheet text/css	2600:9000:206f:2600:12:53a8:95c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cihost.uberflip.com/digitalshadows/master/build/style.css Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:2600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 12cb6f4a3c9fd0d20d99973654a5ee6a58e1e280a28327834a0a671370f9fded Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 07 Jun 2021 13:56:18 GMT content-encoding gzip last-modified Thu, 10 Oct 2019 21:12:20 GMT server AmazonS3 x-amz-meta-s3cmd-attrs atime:1570733735/ctime:1570733736/gid:20/gname:staff/md5:f2ebaa768a782bff84a4f90e5d33a408/mode:33188/mtime:1570733736/uid:502/uname:modip age 13602 etag W/"f2ebaa768a782bff84a4f90e5d33a408" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 x-amz-cf-id OCCi-7uZVNO8THN_MB_JS3DLIpxJYV6LnlNRNMbtNSx8b0wYi-a8Lg==
GET H2	200	ionicons.min.css unpkg.com/ionicons@4.5.10-0/dist/css/	44 KB 7 KB	40ms 23ms	Stylesheet text/css	2606:4700::6810:7baf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/ionicons@4.5.10-0/dist/css/ionicons.min.css Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b82a2dd43936317fee3dc469880686b83caab009d9e71a9953f25bbe8c1b34ae Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 07 Jun 2021 17:42:59 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 6635419 vary Accept-Encoding cf-request-id 0a892b24ca000006290a9a8000000001 last-modified Sat, 26 Oct 1985 08:15:00 GMT server cloudflare etag W/"b09c-0qR+qwWhl5h3I61TCWRhFVmJ40Y" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 access-control-allow-origin * x-cloud-trace-context 1ec7dbed2f8c685fad9c5e56a9d8fb72 cache-control public, max-age=31536000 cf-ray 65bbae1adb600629-FRA
GET H2	200	grp0jzg.css use.typekit.net/	2 KB 863 B	19ms 6ms	Stylesheet text/css	2a02:26f0:6c00::210:ba0a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/grp0jzg.css Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 64ee239b6faaad3cb754ec0c952a0c60c493c39e25116f6d352bc23c6fc522f3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip server nginx date Mon, 07 Jun 2021 17:42:59 GMT vary Accept-Encoding content-type text/css;charset=utf-8 access-control-allow-origin * cache-control private, max-age=600, stale-while-revalidate=604800 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 631
GET H2	200	all.css use.fontawesome.com/releases/v5.8.1/css/	54 KB 14 KB	142ms 47ms	Stylesheet text/css	23.111.9.35 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.8.1/css/all.css Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3 Request headers Origin https://resources.digitalshadows.com Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 07 Jun 2021 17:42:59 GMT content-encoding gzip last-modified Thu, 21 Mar 2019 21:31:35 GMT server NetDNA-cache/2.2 etag W/"e4c542a7f6bf6f74fdd8cdf6e8096396" vary Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type text/css access-control-allow-origin * access-control-max-age 3000 cache-control max-age=31556926 x-cache HIT
GET H2	200	ajax-loader-white-2x.gif content.cdntwrk.com/img/hubs/	3 KB 3 KB	68ms 63ms	Image image/gif	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/img/hubs/ajax-loader-white-2x.gif?v=64ea6287d559 Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software AmazonS3 / Resource Hash c1cd0852f3077f1b059e16529d8de16acb490990d6cb796dd74873de0bfd8a91 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 02 Jun 2021 00:07:21 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Thu, 13 May 2021 20:11:17 GMT server AmazonS3 age 581230 etag "5217392f882b27d35ec2e72946f2df7e" access-control-allow-methods GET, HEAD content-type image/gif access-control-allow-origin * x-cache Hit from cloudfront x-amz-cf-pop BUD50-C1 accept-ranges bytes content-length 2707 x-amz-cf-id uRqeQ2vGxxbqwOUcaow5kfKmE1HqzRYYLMWE-gbQ17uud5x12x6ing==
GET H2	200	chevron-down-64x64.png content.cdntwrk.com/img/hubs/	760 B 1 KB	68ms 63ms	Image image/png	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/img/hubs/chevron-down-64x64.png?v=78668873251b Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software AmazonS3 / Resource Hash 5e240679c3215c840cf754104fe7291c77f2f52ad551c95e8c8364d0124938ec Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 06 Jun 2021 15:53:24 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Thu, 13 May 2021 20:11:17 GMT server AmazonS3 age 579261 etag "26818bdf0706c780af4a52b44ea17fdc" access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * x-cache Hit from cloudfront x-amz-cf-pop BUD50-C1 accept-ranges bytes content-length 760 x-amz-cf-id FXNw3lQ0Wdm1KgJk2As7c0anziZwMkrknYRg7xWExlExdAIVpHTznw==
GET H2	200	aHViPTY4NzA5JmNtZD1zZWNvbmRhcnlfbG9nbyZ2ZXJzaW9uPTE1OTAxNDU5NTEmc2lnPTMyMDdiMTQyYTkxZWIzMWNkMWFhMmRlMDJiNTkyMWI4 content.cdntwrk.com/files/	17 KB 17 KB	68ms 63ms	Image image/png	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/files/aHViPTY4NzA5JmNtZD1zZWNvbmRhcnlfbG9nbyZ2ZXJzaW9uPTE1OTAxNDU5NTEmc2lnPTMyMDdiMTQyYTkxZWIzMWNkMWFhMmRlMDJiNTkyMWI4 Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software / Resource Hash 99adc45d565dba2a61e0a68299ad0561bfe2a4abc4ed59bed31f02f516896dc8 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 17 Apr 2021 15:48:06 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Sat, 01 Jun 2019 00:22:53 GMT age 4413293 etag "1559348573-7eec03779d987dde260b4a5d48bcfc47" x-cache Hit from cloudfront content-type image/png cache-control max-age=15552000 content-disposition inline; filename="secondary_logo.png" x-amz-cf-pop BUD50-C1 content-length 17384 x-amz-cf-id EG1JqxVqbuug-kOrS8Zt7Hdbu5x0rd7f-mPcYMkXfSrmhahLNislFg==
GET H3-29	200	css fonts.googleapis.com/	2 KB 546 B	25ms 24ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans Requested by Host: cihost.uberflip.com URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://cihost.uberflip.com/digitalshadows/master/build/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 07 Jun 2021 17:41:14 GMT server ESF date Mon, 07 Jun 2021 17:42:59 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 07 Jun 2021 17:42:59 GMT
GET H2	200	aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYmE0NjNjNGIzNWIucG5nJnZlcnNpb249MDAwMCZzaWc9M2I3YzA2OGM1NDlhZDg3NjFkYmU5NDU4ZDY0NjE2OTk%253D content.cdntwrk.com/files/	458 KB 459 KB	112ms 107ms	Image image/png	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/files/aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYmE0NjNjNGIzNWIucG5nJnZlcnNpb249MDAwMCZzaWc9M2I3YzA2OGM1NDlhZDg3NjFkYmU5NDU4ZDY0NjE2OTk%253D Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software / Resource Hash d2d3262ff49a9af1fc37a9cc575c05654b26c25eb4b3db459a6a6c20904c8604 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 06 Jun 2021 00:20:22 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Fri, 04 Jun 2021 15:26:53 GMT age 148957 etag "1622820413-25b836f0db2a6b6131d6aed1b8e8eaf2" x-cache Hit from cloudfront content-type image/png cache-control max-age=15552000 content-disposition inline; filename="itemeditorimage_60ba463c4b35b.png" x-amz-cf-pop BUD50-C1 content-length 469410 x-amz-cf-id xFpvQ8Cclg1ne8qVOBG-M4ASD26S57j8QLNzJOq5f86_E1roFLqlMw==
GET H2	200	mediaproxy content.cdntwrk.com/	35 KB 36 KB	118ms 113ms	Image image/jpeg	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYjk0MzAxN2VhZWMuUE5HJnZlcnNpb249MDAwMCZzaWc9NDlhNjdmNjc3M2JiZTVjMGY3ODA2MmRlMjNiM2EzZGY%25253D&size=1&version=1622754086&sig=649fdb735afdee155f5381021b0819c6&default=hubs%2Ftilebg-blogs.jpg Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software / Resource Hash 81a4d8d5ead2162ef4d3ff1628ae1bb645dfb91b1d9792db6b3815d1078cce61 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 07:54:01 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Fri, 04 Jun 2021 07:53:51 GMT age 294538 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=1234567890 content-disposition inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYjk0MzAxN2VhZWMuUE5HJnZlcnNpb249MDAwMCZzaWc9NDlhNjdmNjc3M2JiZTVjMGY3ODA2MmRlMjNiM2EzZGY%253D.jpg" x-amz-cf-pop BUD50-C1 content-length 35876 x-amz-cf-id 5U_8wtwZD6apjpMK-W5DUXh94cBzJMZTg93scy5Dwq2kEDnH1DEWZQ==
GET H2	200	mediaproxy content.cdntwrk.com/	47 KB 48 KB	114ms 109ms	Image image/jpeg	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYjExNzI0MjI1YjUuUE5HJnZlcnNpb249MDAwMCZzaWc9ZTZjM2M2YjRkNWQ1MGY4YmVjODliYTE2YjA2ODA0NWE%25253D&size=1&version=1622218568&sig=4ebb0a1f40686c7002897dcb2e508018&default=hubs%2Ftilebg-blogs.jpg Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software / Resource Hash c6bb53f0930f886bd09e31ace88d76fdbd656c3dd74c124031d61a73637f0ba3 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 30 May 2021 13:25:10 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Sun, 30 May 2021 13:25:00 GMT age 706669 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=1234567890 content-disposition inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYjExNzI0MjI1YjUuUE5HJnZlcnNpb249MDAwMCZzaWc9ZTZjM2M2YjRkNWQ1MGY4YmVjODliYTE2YjA2ODA0NWE%253D.jpg" x-amz-cf-pop BUD50-C1 content-length 48188 x-amz-cf-id tEkRbGNc1AMIltv7_S-pzYwb_eGsBQwxnjypH4zQDRFfcqCPIVpAdQ==
GET H2	200	mediaproxy content.cdntwrk.com/	36 KB 37 KB	124ms 118ms	Image image/jpeg	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYWQzN2NiYWM0ZTQucG5nJnZlcnNpb249MDAwMCZzaWc9NDkyZTdjMDQyZWIxZjQwZmIzNzY5MzQ2NmFlYWUwMDQ%25253D&size=1&version=1622038881&sig=a0af0dbdba695158e456a5c9bc99095b&default=hubs%2Ftilebg-blogs.jpg Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software / Resource Hash 208a9227a271f478d6fd8bcf698c7e78a5582e7a8b5698b6a8e503b426be531e Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 27 May 2021 05:57:53 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Thu, 27 May 2021 05:57:43 GMT age 992706 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=1234567890 content-disposition inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYWQzN2NiYWM0ZTQucG5nJnZlcnNpb249MDAwMCZzaWc9NDkyZTdjMDQyZWIxZjQwZmIzNzY5MzQ2NmFlYWUwMDQ%253D.jpg" x-amz-cf-pop BUD50-C1 content-length 37022 x-amz-cf-id VMdu6rjtyBEHm8h3B-Z8NhpH9TpsrEmlbZ69yBL3PtlNiHfeR4LWDg==
GET H2	200	mediaproxy content.cdntwrk.com/	41 KB 41 KB	127ms 122ms	Image image/jpeg	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYTdkMjk0NzgxZDQucG5nJnZlcnNpb249MDAwMCZzaWc9ZmE0NTViY2EwZDkyYTkwMjk5YTE3YmY3Y2YxNTJhMTU%25253D&size=1&version=1621942643&sig=a6c2ba388c466cdfc85f7da8369c3abe&default=hubs%2Ftilebg-blogs.jpg Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software / Resource Hash 2f5130bdca506ef5a667e15c9dcfb5e4d53ef0475f7a9934fc91a322b49b7fad Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 11:37:25 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Tue, 25 May 2021 11:37:15 GMT age 1145134 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=1234567890 content-disposition inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYTdkMjk0NzgxZDQucG5nJnZlcnNpb249MDAwMCZzaWc9ZmE0NTViY2EwZDkyYTkwMjk5YTE3YmY3Y2YxNTJhMTU%253D.jpg" x-amz-cf-pop BUD50-C1 content-length 41964 x-amz-cf-id NdihJYhaqvbI-uLWiBLSL-PhdmLLgKz0QTw1XOSYCsgtZnBcISW6Fw==
GET H2	200	mediaproxy content.cdntwrk.com/	50 KB 51 KB	140ms 135ms	Image image/jpeg	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOWVhMmU1MmFmZWEuUE5HJnZlcnNpb249MDAwMCZzaWc9ZWRmMTNlMmUyNTA0NTJkODMwNmEzNzE2YzJhYjFiZjE%25253D&size=1&version=1621009164&sig=55fc95b6aeba8460046061f2d2e216c3&default=hubs%2Ftilebg-blogs.jpg Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software / Resource Hash e68a75095286baabfe05d0fa77fbe4ad87daf8ab426e22f29d4c2bf414d64699 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 May 2021 16:41:44 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Fri, 14 May 2021 16:41:34 GMT age 2077275 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=1234567890 content-disposition inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOWVhMmU1MmFmZWEuUE5HJnZlcnNpb249MDAwMCZzaWc9ZWRmMTNlMmUyNTA0NTJkODMwNmEzNzE2YzJhYjFiZjE%253D.jpg" x-amz-cf-pop BUD50-C1 content-length 51611 x-amz-cf-id 1N4d5iTZ8RZ_Js8DOLeRR69hYE-2sfdCY2yEBB54hyjg36PZOng3Vw==
GET H2	200	mediaproxy content.cdntwrk.com/	33 KB 34 KB	138ms 133ms	Image image/jpeg	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOWU4ZTJjYjMwMWMucG5nJnZlcnNpb249MDAwMCZzaWc9Mjk0MDY2OGI3OTFiMmQzNzlhMGRiMjY1ZGU1MzFlZWU%25253D&size=1&version=1621003853&sig=1f5ae61248641a8334d2c19824177636&default=hubs%2Ftilebg-blogs.jpg Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software / Resource Hash 12189c142e590f81abebf435bd3d8ce972def2493580ebe35af83b4c652a5e88 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 30 May 2021 13:25:10 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Sun, 30 May 2021 13:25:00 GMT age 706669 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=1234567890 content-disposition inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOWU4ZTJjYjMwMWMucG5nJnZlcnNpb249MDAwMCZzaWc9Mjk0MDY2OGI3OTFiMmQzNzlhMGRiMjY1ZGU1MzFlZWU%253D.jpg" x-amz-cf-pop BUD50-C1 content-length 34137 x-amz-cf-id YbstBF_rGc89FsH8yDrfLz7tOCfnQxgZCq7Vf9kmoH-S765yLKs2Uw==
GET H2	200	mediaproxy content.cdntwrk.com/	46 KB 47 KB	169ms 164ms	Image image/jpeg	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOTU1ZmNmZTMwOTQucG5nJnZlcnNpb249MDAwMCZzaWc9ZGRjNDRiZjA4MzZkZTBkZTJlN2Y3YzI1YTdlYWUzNDg%25253D&size=1&version=1620402539&sig=ab9e1d15d08ab901de5af9e604c14538&default=hubs%2Ftilebg-blogs.jpg Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software / Resource Hash 391e82d13406c4bf676f02185f737fbbb4fd35b6f52db1c57670518076023477 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 19:32:51 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Fri, 07 May 2021 19:32:41 GMT age 2671808 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=1234567890 content-disposition inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOTU1ZmNmZTMwOTQucG5nJnZlcnNpb249MDAwMCZzaWc9ZGRjNDRiZjA4MzZkZTBkZTJlN2Y3YzI1YTdlYWUzNDg%253D.jpg" x-amz-cf-pop BUD50-C1 content-length 47264 x-amz-cf-id gM8MNGvv5G8ICKkZXXTDI7OOh_682xtsjA--ac7QEEnR5qk-T8xUYg==
GET H2	200	mediaproxy content.cdntwrk.com/	31 KB 31 KB	147ms 142ms	Image image/jpeg	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOTQ0ZGVhNjg4ZDIucG5nJnZlcnNpb249MDAwMCZzaWc9ODBkMjYwN2M2MDMxMGQzYTAxODcwMmRhYTdiYzhlMWQ%25253D&size=1&version=1620332037&sig=0a21f5fc1133aaa6c9d3447a36f0ac26&default=hubs%2Ftilebg-blogs.jpg Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software / Resource Hash b976ac86fa196f6e836aaee2d36ad059fc8d93600cb7b511f8d3840cb27d3958 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 30 May 2021 13:25:10 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Sun, 30 May 2021 13:25:00 GMT age 706669 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=1234567890 content-disposition inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOTQ0ZGVhNjg4ZDIucG5nJnZlcnNpb249MDAwMCZzaWc9ODBkMjYwN2M2MDMxMGQzYTAxODcwMmRhYTdiYzhlMWQ%253D.jpg" x-amz-cf-pop BUD50-C1 content-length 31356 x-amz-cf-id fuVl_yhd4lv0FeOtVtqx1FzZLjo9JvngAQmB36dn2R0rfv_cFmaX9w==
GET H2	200	mediaproxy content.cdntwrk.com/	46 KB 46 KB	144ms 140ms	Image image/jpeg	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOGMxMzI5NGE4YTUucG5nJnZlcnNpb249MDAwMCZzaWc9MzkxNjk2Mzg1ZTJjOTRmZjZmM2JhNjY0ZGVmMjM4ZTM%25253D&size=1&version=1619796126&sig=0d21c93385550182c119335a612c8544&default=hubs%2Ftilebg-blogs.jpg Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software / Resource Hash bf5ad942f0146bb1f5c69e096fe80715448c3f857dc9317f0b7d7caabb31568b Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 30 Apr 2021 15:24:45 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Fri, 30 Apr 2021 15:24:35 GMT age 3291494 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=1234567890 content-disposition inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwOGMxMzI5NGE4YTUucG5nJnZlcnNpb249MDAwMCZzaWc9MzkxNjk2Mzg1ZTJjOTRmZjZmM2JhNjY0ZGVmMjM4ZTM%253D.jpg" x-amz-cf-pop BUD50-C1 content-length 46767 x-amz-cf-id N7nvZX11FNn3BgNN8iZEegs2Q51z49aXiAhHV2idPnZoJn2ska9dxw==
GET H2	200	mediaproxy content.cdntwrk.com/	38 KB 38 KB	171ms 167ms	Image image/jpeg	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwODJlYTBjODgxMWYucG5nJnZlcnNpb249MDAwMCZzaWc9NzdkZWI4MzcxZjYyODk3Y2U1Nzg5ZmJlYTc0ZTMyYTI%25253D&size=1&version=1619192376&sig=1d58a07bcd5d2d1873a8843cdd110b92&default=hubs%2Ftilebg-blogs.jpg Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software / Resource Hash f073fc94623e5b384f0983aa10914f5d4cd5fd4fe08518f2948bea9e8a8410ad Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 10 May 2021 07:03:04 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Mon, 10 May 2021 07:02:55 GMT age 2457594 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=1234567890 content-disposition inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwODJlYTBjODgxMWYucG5nJnZlcnNpb249MDAwMCZzaWc9NzdkZWI4MzcxZjYyODk3Y2U1Nzg5ZmJlYTc0ZTMyYTI%253D.jpg" x-amz-cf-pop BUD50-C1 content-length 38590 x-amz-cf-id szjFAgO_lZ0uJ0K8HG8XIceAUdHNXm5IgbAfbC7963w4ytDnP2Nnng==
GET H2	200	mediaproxy content.cdntwrk.com/	43 KB 43 KB	162ms 158ms	Image image/jpeg	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNzlkYjk0MDVlOTIuUE5HJnZlcnNpb249MDAwMCZzaWc9ZWI1MjRjNWFjYTMzMDY4MDgyMmYwZmQ5NzgwMDk3YTE%25253D&size=1&version=1618598853&sig=559eb65e39a589898eb7abd6e3300866&default=hubs%2Ftilebg-blogs.jpg Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software / Resource Hash 933aaa63196ad7eecd28c93c753a1d0010a94a2cac8466ab6ec5814da3184aea Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 10 May 2021 07:03:05 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Mon, 10 May 2021 07:02:55 GMT age 2457594 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=1234567890 content-disposition inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNzlkYjk0MDVlOTIuUE5HJnZlcnNpb249MDAwMCZzaWc9ZWI1MjRjNWFjYTMzMDY4MDgyMmYwZmQ5NzgwMDk3YTE%253D.jpg" x-amz-cf-pop BUD50-C1 content-length 44005 x-amz-cf-id 062LNz_LMPxrinWBarJCiF0Hlu1dNL4YOAz18z92VZGbTJ5ei0XcEw==
GET H2	200	mediaproxy content.cdntwrk.com/	41 KB 42 KB	148ms 144ms	Image image/jpeg	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNzA4NGU2Mzg3NWIucG5nJnZlcnNpb249MDAwMCZzaWc9NGZlNzM3ODc1YjRlN2MxNzM2ZTVlN2Q1ZWIwYjkzZjE%25253D&size=1&version=1617986867&sig=c379a5530f8b422d2438a9838fcf6198&default=hubs%2Ftilebg-blogs.jpg Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software / Resource Hash 26afc3a3183b7730ecad405371a9141e19cc9d027323ac6d4e6d8173d67e5f52 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 10 May 2021 07:03:05 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Mon, 10 May 2021 07:02:55 GMT age 2457594 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=1234567890 content-disposition inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNzA4NGU2Mzg3NWIucG5nJnZlcnNpb249MDAwMCZzaWc9NGZlNzM3ODc1YjRlN2MxNzM2ZTVlN2Q1ZWIwYjkzZjE%253D.jpg" x-amz-cf-pop BUD50-C1 content-length 42396 x-amz-cf-id 7s8dXWAxoeKcIIpcSNlvr42rGWl_ltvolScxMxWTf5YBO-b7nMfhHg==
GET H2	200	mediaproxy content.cdntwrk.com/	37 KB 37 KB	172ms 168ms	Image image/jpeg	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNjczNjA5NmEzZjgucG5nJnZlcnNpb249MDAwMCZzaWc9OTE0N2VhMzZmZDVhZmViNzE3YjQ3NTRlMzZkZjNkM2M%25253D&size=1&version=1617376820&sig=12357177f65ef9bb55750050a8f53c67&default=hubs%2Ftilebg-blogs.jpg Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software / Resource Hash b322a728ade366021f79f97550eb78da570ec8ee20199c9d9cd11750cee8a441 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 23 May 2021 19:51:28 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Sun, 23 May 2021 19:51:18 GMT age 1288291 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=1234567890 content-disposition inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNjczNjA5NmEzZjgucG5nJnZlcnNpb249MDAwMCZzaWc9OTE0N2VhMzZmZDVhZmViNzE3YjQ3NTRlMzZkZjNkM2M%253D.jpg" x-amz-cf-pop BUD50-C1 content-length 37723 x-amz-cf-id ZnD5QcY8yVa0NQIqEo_TehIn3YA1ybfOYdCjr9mlqbES9gI4l4s8aA==
GET H2	200	mediaproxy content.cdntwrk.com/	29 KB 29 KB	164ms 160ms	Image image/jpeg	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNjM0ZjAzOTFjMjYucG5nJnZlcnNpb249MDAwMCZzaWc9MWY4ZWI3MTJmZjE3YjQ4MmY3ZGVjYzI2NmViNDJjOGE%25253D&size=1&version=1617121119&sig=d0c1b923c0c629a383046e189aefb394&default=hubs%2Ftilebg-blogs.jpg Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software / Resource Hash 34789f98cc72efc62fcc72db2ff546d844e4fd6513ccb64eaf99a8152d9e6df3 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 23 May 2021 19:51:29 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Sun, 23 May 2021 19:51:19 GMT age 1288290 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=1234567890 content-disposition inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNjM0ZjAzOTFjMjYucG5nJnZlcnNpb249MDAwMCZzaWc9MWY4ZWI3MTJmZjE3YjQ4MmY3ZGVjYzI2NmViNDJjOGE%253D.jpg" x-amz-cf-pop BUD50-C1 content-length 29574 x-amz-cf-id VMBRTRD8KtjAH-VhkMnWfM0Stq8tMEpjPr0Yoy0hgDxiTqiZPh_rxg==
GET H2	200	mediaproxy content.cdntwrk.com/	45 KB 46 KB	148ms 145ms	Image image/jpeg	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNWUwY2VhZWI5YzAucG5nJnZlcnNpb249MDAwMCZzaWc9ZDZhMDY3MmQ1MmVjN2IzYjQxNDA3YTZjMjUyODNiOWE%25253D&size=1&version=1616776463&sig=73e2283dace5af772a7a2622a2c90eba&default=hubs%2Ftilebg-blogs.jpg Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software / Resource Hash 9e8963fa542cea4c67f077b8c96dca2845075152898cdd46ebe3accbcdf8f970 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 26 Mar 2021 17:18:41 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Fri, 26 Mar 2021 17:18:31 GMT age 6308658 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=1234567890 content-disposition inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNWUwY2VhZWI5YzAucG5nJnZlcnNpb249MDAwMCZzaWc9ZDZhMDY3MmQ1MmVjN2IzYjQxNDA3YTZjMjUyODNiOWE%253D.jpg" x-amz-cf-pop BUD50-C1 content-length 46200 x-amz-cf-id 7UBPXB_yg5J-2ZYqPQZrJepGJvKJxjBAkRiNV3-GNMu_5Tut4Ri2pQ==
GET H2	200	mediaproxy content.cdntwrk.com/	33 KB 34 KB	155ms 151ms	Image image/jpeg	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNWE0YjZhYzNlNGIucG5nJnZlcnNpb249MDAwMCZzaWc9ODNjOTUyZmQwNjgyODQyOTE5ZWQ1NjJlMmJkYWIwM2U%25253D&size=1&version=1616530391&sig=7a25efee2663aebece5f3bf68b78f426&default=hubs%2Ftilebg-blogs.jpg Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software / Resource Hash 0747ff54c97be21f6b5976fbb1a8ae6e537dc7a6f6fbaa97e6cfe52bb11940a7 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 30 May 2021 13:25:10 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Sun, 30 May 2021 13:25:00 GMT age 706669 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=1234567890 content-disposition inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNWE0YjZhYzNlNGIucG5nJnZlcnNpb249MDAwMCZzaWc9ODNjOTUyZmQwNjgyODQyOTE5ZWQ1NjJlMmJkYWIwM2U%253D.jpg" x-amz-cf-pop BUD50-C1 content-length 34051 x-amz-cf-id etkZGSecr9KKLq-Lsg6-vrYR6wWUCxqyMI-6-ffMzikGT5cOpWOkng==
GET H2	200	mediaproxy content.cdntwrk.com/	43 KB 43 KB	170ms 166ms	Image image/jpeg	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNTRkMWVlNjNiNGYuUE5HJnZlcnNpb249MDAwMCZzaWc9NmI1NTQyYTA2OWQyNTk4OTY2MGI5MzlkNGNlMjViNjM%25253D&size=1&version=1616171546&sig=fd393772c9f78f2a105d5fed5eb68404&default=hubs%2Ftilebg-blogs.jpg Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software / Resource Hash 933aaa63196ad7eecd28c93c753a1d0010a94a2cac8466ab6ec5814da3184aea Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:09:31 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Fri, 04 Jun 2021 08:09:21 GMT age 293608 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=1234567890 content-disposition inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNTRkMWVlNjNiNGYuUE5HJnZlcnNpb249MDAwMCZzaWc9NmI1NTQyYTA2OWQyNTk4OTY2MGI5MzlkNGNlMjViNjM%253D.jpg" x-amz-cf-pop BUD50-C1 content-length 44005 x-amz-cf-id uvVsSoupRfEU3ST1MxlyeVcu5N8xnCuSDWocIPGSsYgM6vS_6YKZ1w==
GET H2	200	mediaproxy content.cdntwrk.com/	48 KB 49 KB	158ms 155ms	Image image/jpeg	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNGJiOGZlNWNiYTQucG5nJnZlcnNpb249MDAwMCZzaWc9MzhmZjlkOWY4NjE4NDE1ZGM4Y2YzZmNkYzQ5ZWE0YjY%25253D&size=1&version=1615575294&sig=f9a75ab766a03ab7015dffa10693a118&default=hubs%2Ftilebg-blogs.jpg Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software / Resource Hash f6147758447fff42053a630195696a0409d6fbb5bff518664461a672338a4551 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Apr 2021 10:04:23 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Wed, 28 Apr 2021 10:04:14 GMT age 3483515 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=1234567890 content-disposition inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNGJiOGZlNWNiYTQucG5nJnZlcnNpb249MDAwMCZzaWc9MzhmZjlkOWY4NjE4NDE1ZGM4Y2YzZmNkYzQ5ZWE0YjY%253D.jpg" x-amz-cf-pop BUD50-C1 content-length 49158 x-amz-cf-id 3BXZE-2T1j2dwPEZtRH4i7EqebbyylXGm5DKRzS1at3Us5J-1xnIWw==
GET H2	200	mediaproxy content.cdntwrk.com/	48 KB 48 KB	165ms 161ms	Image image/jpeg	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNDI1ZjEzODEwMGUuUE5HJnZlcnNpb249MDAwMCZzaWc9MWRkM2M1MDYxMWY2OWYyNDQyMWE4MTU4MjcxYzY3MGQ%25253D&size=1&version=1614962704&sig=1a62a84e91274456b5bddb8c673afa76&default=hubs%2Ftilebg-blogs.jpg Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software / Resource Hash a48bf122377ae956625be4a87785f8a6471190724d2eafb24a08fe5497c54006 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 23 May 2021 19:51:29 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Sun, 23 May 2021 19:51:19 GMT age 1288290 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=1234567890 content-disposition inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNDI1ZjEzODEwMGUuUE5HJnZlcnNpb249MDAwMCZzaWc9MWRkM2M1MDYxMWY2OWYyNDQyMWE4MTU4MjcxYzY3MGQ%253D.jpg" x-amz-cf-pop BUD50-C1 content-length 48944 x-amz-cf-id tEMlkVC9A1KQzEiRzAQO6GS2Dc0NVs_caeJSzBzvXh3i8oLK-O3Vwg==
GET H2	200	mediaproxy content.cdntwrk.com/	45 KB 46 KB	148ms 145ms	Image image/jpeg	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwMzkzMjRlMjExYzYucG5nJnZlcnNpb249MDAwMCZzaWc9MjU4NmM4MzM3MTVlYTRjZmVjMWM0ZDhkNjQzOTM0NzE%25253D&size=1&version=1614361238&sig=222fcef4b5e51450258d294a88f7b9f8&default=hubs%2Ftilebg-blogs.jpg Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software / Resource Hash fc2d5ac3e4d6a84b97ac5858c03e2456a436e44256eac539c78665921509ba15 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:09:31 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Fri, 04 Jun 2021 08:09:21 GMT age 293608 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=1234567890 content-disposition inline; filename="aHViPTY4NzA5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwMzkzMjRlMjExYzYucG5nJnZlcnNpb249MDAwMCZzaWc9MjU4NmM4MzM3MTVlYTRjZmVjMWM0ZDhkNjQzOTM0NzE%253D.jpg" x-amz-cf-pop BUD50-C1 content-length 46572 x-amz-cf-id UmtHaLCqFchufmgoBjfY9SddybqBm5xwPC2o47vEbmmmU16WJ8Lybg==
GET H2	200	hubs_app.a76c7d5ffeac5df5acba.js Show response content.cdntwrk.com/js/hubs/	1 MB 311 KB	79ms 78ms	Script application/javascript	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://content.cdntwrk.com/js/hubs/hubs_app.a76c7d5ffeac5df5acba.js Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software AmazonS3 / Resource Hash b1a42e37a1d6048a04aee2679303fcfb210e2df96abd3d753f09e767ddd245d4 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 01 Jun 2021 01:00:18 GMT content-encoding gzip last-modified Thu, 13 May 2021 20:11:21 GMT server AmazonS3 age 578562 etag W/"08b152ceba8b03c4b1808105b942a78f" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * x-cache Hit from cloudfront x-amz-cf-pop BUD50-C1 x-amz-cf-id xKwh5xojIocpN_KtW_KgFbtSkEgva_C5YoPqLv3Pbt4zeZ52uWRkSg== via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront)
GET H2	200	onbrand.bundle.js Show response cihost.uberflip.com/digitalshadows/master/build/	323 KB 100 KB	10ms 10ms	Script application/javascript	2600:9000:206f:2600:12:53a8:95c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cihost.uberflip.com/digitalshadows/master/build/onbrand.bundle.js Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:2600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7ff3eb81405e14ba4c2f89a57c4adfaac486f0b2b0e9754fd68d2ccbd82e8c09 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 07 Jun 2021 15:17:31 GMT content-encoding gzip last-modified Thu, 01 Apr 2021 13:04:23 GMT server AmazonS3 x-amz-meta-s3cmd-attrs atime:1617282260/ctime:1617282260/gid:121/gname:docker/md5:b328763220d97af53c77409a848c9e00/mode:33188/mtime:1617282260/uid:1001/uname:runner age 8729 etag W/"b328763220d97af53c77409a848c9e00" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 x-amz-cf-id ywK4vsDFxQZi97Yqb_bH5JzVTWnZEBIP6mMg3_H_DF4kZ4V5vfiaBw==
GET H2	200	bootstrap.min.css stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/	152 KB 20 KB	26ms 21ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Origin https://resources.digitalshadows.com Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 07 Jun 2021 17:42:59 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 601, 617, 617 age 3929013 cdn-cachedat 2021-04-23 08:09:03 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0a892b25cf0000d725ee933000000001 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:08 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 90533a7bac91cb591326933897315934 cf-ray 65bbae1c7b35d725-FRA cdn-requestcountrycode DE cdn-requestpullsuccess True
GET H2	200	popper.min.js Show response cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/	21 KB 7 KB	32ms 14ms	Script application/javascript	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Origin https://resources.digitalshadows.com Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 07 Jun 2021 17:42:59 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 6640279 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 6646 cf-request-id 0a892b25dd00004e2046a14000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:15:37 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fa9-520c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gQ9so8UfOb%2FueD2OdSs59NALX36EMd%2B4e5eCeQs36f0goqMyzlTWzOhjRweL2A88m2xUY76DHn%2FiVJ825LSTlvBBRME1E%2FIyPiFF5hLMEQK%2FK1DTKfEOPjeUb0NG9DMy4hHaA1wM7hRPn14Mkg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 65bbae1c9f364e20-FRA expires Sat, 28 May 2022 17:42:59 GMT
GET H2	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/	57 KB 15 KB	23ms 17ms	Script application/javascript	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Origin https://resources.digitalshadows.com Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 07 Jun 2021 17:42:59 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 601, 617, 617, 617, 617, 617, 617, 617 age 1019376 cdn-cachedat 2021-05-27 00:26:56 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0a892b25d00000d725dea23000000001 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:08 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 0b815e375b1e139070e50b52f7caac5b cf-ray 65bbae1c8b3bd725-FRA cdn-requestcountrycode DE cdn-requestpullsuccess True
GET H/1.1	200 OK	rtp.js Show response lonrtp1-cdn.marketo.com/rtp-api/v1/	151 KB 42 KB	234ms 139ms	Script application/x-javascript	104.111.216.226 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.111.216.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-216-226.deploy.static.akamaitechnologies.com Software Jetty(7.3.1.v20110307) / Resource Hash 7ffc641fd546db861d9fe2264fe5422f3cd3d7be32dd7aa8fe7e1d2d18d64505 Security Headers Name Value Strict-Transport-Security max-age=63113904 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=63113904 Content-Encoding gzip Last-Modified Fri, 14 May 2021 02:48:44 GMT Server Jetty(7.3.1.v20110307) Date Mon, 07 Jun 2021 17:42:59 GMT Vary Accept-Encoding Content-Type application/x-javascript; charset=UTF-8 Cache-Control public, max-age=220 Connection keep-alive Content-Length 42413
GET H2	200	gtm.js Show response www.googletagmanager.com/	173 KB 49 KB	59ms 56ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-PG934MV Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c52956c4501510ba5ad2ac1b11f8ae403324a9d91bd70b664ff6c1726633ad8f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 07 Jun 2021 17:42:59 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49809 x-xss-protection 0 last-modified Mon, 07 Jun 2021 17:04:56 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 07 Jun 2021 17:42:59 GMT
GET H2	200	p.css p.typekit.net/	5 B 162 B	18ms 6ms	Stylesheet text/css	2a02:26f0:6c00:2ae::19fd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p.typekit.net/p.css?s=1&k=grp0jzg&ht=tk&f=32231.32232&a=3933308&app=typekit&e=css Requested by Host: use.typekit.net URL: https://use.typekit.net/grp0jzg.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb Request headers Referer https://use.typekit.net/grp0jzg.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 07 Jun 2021 17:42:59 GMT last-modified Thu, 05 Nov 2020 13:49:42 GMT server nginx etag "5fa402f6-5" content-type text/css access-control-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes content-length 5
GET H2	200	8z7ynkcdvg2s.js Show response js.driftt.com/include/1623087900000/	214 KB 61 KB	334ms 202ms	Script application/javascript	52.85.170.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/include/1623087900000/8z7ynkcdvg2s.js Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-42.bud50.r.cloudfront.net Software nginx / Resource Hash e6c99ce8b235805f81979007460813bc645d6ad3f423ddac1dd8fbe5a7b12fff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 07 Jun 2021 17:42:59 GMT content-encoding gzip x-amz-cf-pop BUD50-C1 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Fri, 04 Jun 2021 18:28:58 GMT server nginx etag W/"b41ab560720be12cb1ac449f6e643a71" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS x-amz-version-id KdQldqP0PQ7.ScpjaF8jbnhyM4W2_od0 via 1.1 0ae086e001f426091a73b5c41a75d670.cloudfront.net (CloudFront) cache-control no-cache access-control-allow-credentials true content-type application/javascript; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 7PJXqaH0lgFpRSbJM5kzJqqlzIPTqzBN7P0wl-GzzPZMluLD60qlcQ==
GET H/1.1	200 OK	/ Show response w.soundcloud.com/player/ Frame 3A44	1 KB 1 KB	294ms 163ms	Document text/html	52.85.170.35 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1062002668&color=%23ff5500&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.85.170.35 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-35.bud50.r.cloudfront.net Software am/2 / Resource Hash 3f39269498936de2ed04dce9d3f22ea7098a3ea8c040e1189a1d153c1a2d34da Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Host w.soundcloud.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Response headers Content-Type text/html Transfer-Encoding chunked Connection keep-alive Via sssr, 1.1 4bcdb4b620ec4693e662abfb6a510094.cloudfront.net (CloudFront) p3p policyref="https://w.soundcloud.com/player/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV TAI PSAo PSDo OUR STP CNT" Cache-Control public, max-age=300 Date Mon, 07 Jun 2021 17:42:59 GMT strict-transport-security max-age=63072000 Server am/2 Content-Encoding gzip Vary Accept-Encoding X-Cache Miss from cloudfront X-Amz-Cf-Pop BUD50-C1 X-Amz-Cf-Id VmiJvYauiesod7JLfA2L_PZakLcFCEv45wEJvQvHvGxdWrY45XbndA==
GET H2	200	sprite-1x.png content.cdntwrk.com/img/hubs/	59 KB 60 KB	91ms 91ms	Image image/png	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/img/hubs/sprite-1x.png Requested by Host: content.cdntwrk.com URL: https://content.cdntwrk.com/css/hubs/hubs.a76c7d5ffeac5df5acba.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software AmazonS3 / Resource Hash a249bcffb2d8e92a3bdff919def43b14841803ad93b80ffa864db1090e007594 Request headers Referer https://content.cdntwrk.com/css/hubs/hubs.a76c7d5ffeac5df5acba.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 02 Jun 2021 00:35:18 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Thu, 13 May 2021 20:11:17 GMT server AmazonS3 age 579261 etag "9e7227669aa01cd19bcc27e802668929" access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * x-cache Hit from cloudfront x-amz-cf-pop BUD50-C1 accept-ranges bytes content-length 60511 x-amz-cf-id FsqAa77HxOJCNeWopFoq5b0I8W0HfFqDAha0mXgGKQMB9KRb8onzBQ==
GET DATA	200 OK	truncated /	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v27/	15 KB 15 KB	6ms 5ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://resources.digitalshadows.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 01 Jun 2021 08:33:34 GMT x-content-type-options nosniff last-modified Mon, 05 Apr 2021 21:10:35 GMT server sffe age 551365 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 expires Wed, 01 Jun 2022 08:33:34 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v27/	15 KB 16 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://resources.digitalshadows.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 01 Jun 2021 22:49:47 GMT x-content-type-options nosniff last-modified Mon, 05 Apr 2021 21:10:46 GMT server sffe age 499992 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 expires Wed, 01 Jun 2022 22:49:47 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v27/	15 KB 15 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://resources.digitalshadows.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 01 Jun 2021 04:57:07 GMT x-content-type-options nosniff last-modified Mon, 05 Apr 2021 21:10:39 GMT server sffe age 564352 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15732 x-xss-protection 0 expires Wed, 01 Jun 2022 04:57:07 GMT
GET H2	200	uparrow.png content.cdntwrk.com/img/hubs/	194 B 566 B	61ms 61ms	Image image/png	52.85.170.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://content.cdntwrk.com/img/hubs/uparrow.png Requested by Host: content.cdntwrk.com URL: https://content.cdntwrk.com/css/hubs/hubs.a76c7d5ffeac5df5acba.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.170.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-170-74.bud50.r.cloudfront.net Software AmazonS3 / Resource Hash 1fb7ee27fdfb34869f89aa51d9af1cf86ecc6800ab591ec3ca78f155742200b2 Request headers Referer https://content.cdntwrk.com/css/hubs/hubs.a76c7d5ffeac5df5acba.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 01 Jun 2021 20:13:51 GMT via 1.1 384ab54f8262fdb1520bb443b42f25e3.cloudfront.net (CloudFront) last-modified Thu, 13 May 2021 20:11:17 GMT server AmazonS3 age 509348 etag "e5bbd7205c8f2ff1cd6c9f777f31da64" access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * x-cache Hit from cloudfront x-amz-cf-pop BUD50-C1 accept-ranges bytes content-length 194 x-amz-cf-id b_1iaj1i3jxTDvUs1QLFsrQqjl4KU52xUjflCUQEhYPWhwqmLYqOoA==
GET H2	200	ajax_ping Show response resources.digitalshadows.com/hubsFront/	49 B 114 B	167ms 166ms	XHR application/json	52.60.165.183 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://resources.digitalshadows.com/hubsFront/ajax_ping Requested by Host: content.cdntwrk.com URL: https://content.cdntwrk.com/js/hubs/hubs_app.a76c7d5ffeac5df5acba.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.60.165.183 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-60-165-183.ca-central-1.compute.amazonaws.com Software / Resource Hash 74935268619be1f087ce67765abd72f80107125f23b346f7615cc9e6a19d4595 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-fetch-mode cors accept-encoding gzip, deflate, br accept-language en-US x-requested-with XMLHttpRequest sec-fetch-dest empty cookie _MGZ_=n6pu9s8lf02ejhtir13lg7r5m9; pdf_event=WyJbe1widXVpZFwiOjE1MDk5MDA2NzR9LDE2NTQ2MjM3NzhdIiwiY2E0YTE5ODI1OGVhZGU5NWU5N2ZlOGViMmQ4ODZmNDciXQ%3D%3D :path /hubsFront/ajax_ping pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept */* cache-control no-cache :authority resources.digitalshadows.com referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI :scheme https sec-fetch-site same-origin :method GET Accept */* Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 07 Jun 2021 17:42:59 GMT referrer-policy unsafe-url p3p CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" content-language en-US x-xss-protection 1; mode=block content-type application/json content-length 49 x-content-type-options nosniff
GET H/1.1	200 OK	tag.aspx Show response ml314.com/	28 KB 13 KB	258ms 71ms	Script application/javascript	52.49.20.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ml314.com/tag.aspx?75 Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.20.76 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-20-76.eu-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 1b05ce33469db78a252caf0e176e3cb56cd4d1d17aa3c3cda89f8088bb3eefda Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 07 Jun 2021 17:42:59 GMT Content-Encoding gzip Last-Modified Mon, 07 Jun 2021 16:29:58 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Cache-Control public, max-age=82019 Connection keep-alive Content-Length 12574 Expires Tue, 08 Jun 2021 16:29:58 GMT
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/	1 KB 1 KB	149ms 51ms	Script application/x-javascript	104.111.234.67 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/munchkin.js Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-234-67.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 026c5db877da222d2316bf1197b8947a96c7623d51a4d462c91bf927dece3429 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 07 Jun 2021 17:42:59 GMT Content-Encoding gzip Last-Modified Fri, 28 May 2021 01:40:41 GMT Server AkamaiNetStorage ETag "5379c4a40ff8ae9d2fc6484dd1c57349:1622166041.794746" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Connection keep-alive Accept-Ranges bytes Content-Type application/x-javascript Content-Length 753
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/M2GUWUTBBJFFRJ7RPYG7FT/	44 KB 15 KB	12ms 12ms	Script text/javascript	2a02:26f0:6c00::210:ba80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/M2GUWUTBBJFFRJ7RPYG7FT/roundtrip.js Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AmazonS3 / Resource Hash 3f8527016d1ead6331a015e1fbf4e932d60b992eb004ad0a85fae18a232ba802 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id 6sTciCGu6vFJmfL04tharXtf_AqyD_.h Content-Encoding gzip ETag "52b9fd6baab3612de808ee5bd541a144" x-amz-request-id 0C3HRD05D2D45B8N x-amz-server-side-encryption AES256 Connection keep-alive Vary Accept-Encoding Content-Length 14288 x-amz-id-2 +5Y4Ga7rYY+DWetrh2+2NQM0OagjRWwIXaOCZBEMRmg1gUvmzruil5GgJXrz7N1nImR9mtcX9RQ= Last-Modified Mon, 07 Jun 2021 14:05:46 GMT Server AmazonS3 Date Mon, 07 Jun 2021 17:42:59 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers *
GET H2	200	logo.svg cihost.uberflip.com/digitalshadows/master/assets/images/	3 KB 2 KB	8ms 8ms	Image image/svg+xml	2600:9000:206f:2600:12:53a8:95c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cihost.uberflip.com/digitalshadows/master/assets/images/logo.svg Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:2600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 47036c6546adb51c4a0f5c80986edcdd0dacae68b27ea6456a1f7b923ee0cff7 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 07 Jun 2021 13:57:06 GMT content-encoding gzip last-modified Thu, 10 Oct 2019 21:12:09 GMT server AmazonS3 x-amz-meta-s3cmd-attrs atime:1570735108/ctime:1570733733/gid:20/gname:staff/md5:583031fb4ffc6aa9208f1e5e135e34ee/mode:33188/mtime:1570733733/uid:502/uname:modip age 13553 etag W/"583031fb4ffc6aa9208f1e5e135e34ee" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml via 1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 x-amz-cf-id rE0SJ-m2wOJm5bf3tABA-_Q3crvlsDIhYo-yecNNKQGI9E2GcflcDg==
GET H2	200	l use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/	16 KB 16 KB	17ms 6ms	Font application/font-woff2	2a02:26f0:6c00::210:ba0a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/grp0jzg.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 97829f8a6f2a471117ed06d0b06a81d543b091a262192369c531380779148c5c Request headers Origin https://resources.digitalshadows.com Referer https://use.typekit.net/grp0jzg.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 07 Jun 2021 17:42:59 GMT server nginx etag "b9e1ecdf0fe601a7e9dfc362b400290203e7b31c" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 16456
GET H3-29	200	mem8YaGs126MiZpBA-UFVZ0b.woff2 fonts.gstatic.com/s/opensans/v20/	14 KB 14 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://resources.digitalshadows.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 01 Jun 2021 08:33:12 GMT x-content-type-options nosniff last-modified Tue, 18 May 2021 21:21:19 GMT server sffe age 551387 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14440 x-xss-protection 0 expires Wed, 01 Jun 2022 08:33:12 GMT
GET H2	200	ionicons.woff2 unpkg.com/ionicons@4.5.10-0/dist/fonts/ Redirect Chain https://unpkg.com/ionicons@4.5.10-0/dist/fonts/ionicons.woff2?v=4.5.9-1 https://unpkg.com/ionicons@4.5.10-0/dist/fonts/ionicons.woff2	49 KB 50 KB	30ms 30ms	Font font/woff2	2606:4700::6810:7baf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/ionicons@4.5.10-0/dist/fonts/ionicons.woff2 Requested by Host: unpkg.com URL: https://unpkg.com/ionicons@4.5.10-0/dist/css/ionicons.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d02d165cb720aec2fde78a93113a459729e0503951353f719076bc5b4a7a845 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://unpkg.com/ionicons@4.5.10-0/dist/css/ionicons.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 07 Jun 2021 17:42:59 GMT x-content-type-options nosniff cf-cache-status HIT age 5505334 vary Accept-Encoding content-length 50556 cf-request-id 0a892b27460000c2f977164000000001 last-modified Sat, 26 Oct 1985 08:15:00 GMT server cloudflare etag "c57c-YMnhCnCYFRSL9KmzM6OWaSc5zVw" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type font/woff2 access-control-allow-origin * x-cloud-trace-context 5cb61f2a2810c2ac2d5fe64fb1f7be70 cache-control public, max-age=31536000 accept-ranges bytes cf-ray 65bbae1eddc4c2f9-FRA Redirect headers date Mon, 07 Jun 2021 17:42:59 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT fly-request-id 01F7KR16GC54V3KQF1HFFAC4TH server cloudflare age 1137 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 location /ionicons@4.5.10-0/dist/fonts/ionicons.woff2 strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 65bbae1e0c13c2f9-FRA access-control-allow-origin * cf-request-id 0a892b26c50000c2f941abc000000001
GET H2	403	DINOffc-Light.woff2 cihost.uberflip.com/digitalshadows/master/build/fonts/	0 0	403ms 386ms	Font application/xml	2600:9000:206f:2600:12:53a8:95c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cihost.uberflip.com/digitalshadows/master/build/fonts/DINOffc-Light.woff2 Requested by Host: cihost.uberflip.com URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:2600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers Origin https://resources.digitalshadows.com Referer https://cihost.uberflip.com/digitalshadows/master/build/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 07 Jun 2021 17:42:59 GMT via 1.1 df7c0ba7857d5300ae11e7566c926f17.cloudfront.net (CloudFront) server AmazonS3 x-amz-cf-pop FRA56-C1 vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-cache Error from cloudfront content-type application/xml access-control-allow-origin * access-control-allow-methods GET, HEAD x-amz-cf-id k1wux-f-LlDr9ZqsrHJKYDeBvtpzdb8PGiwXk53gsWbIOvuvqI9x1Q==
GET H/1.1	200 OK	flipbot-v2.min.js Show response flipbot.uberflip.com/js/	23 KB 23 KB	382ms 123ms	Script application/javascript	52.21.227.162 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://flipbot.uberflip.com/js/flipbot-v2.min.js?_=1623087779386 Requested by Host: content.cdntwrk.com URL: https://content.cdntwrk.com/js/hubs/hubs_app.a76c7d5ffeac5df5acba.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.21.227.162 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-21-227-162.compute-1.amazonaws.com Software Apache / Resource Hash 373fafb398efb8e80d1e722c7c1aab823c1525490eb4b7c476bd0f99c6457b2f Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 07 Jun 2021 17:42:59 GMT Via 1.1 vegur Last-Modified Mon, 03 May 2021 18:23:51 GMT Server Apache Etag "5be9-5c17110361bc0" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 23529
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/exp/ Redirect Chain https://s.adroll.com/j/exp/M2GUWUTBBJFFRJ7RPYG7FT/index.js https://s.adroll.com/j/exp/index.js	28 B 747 B	9ms 6ms	Script application/javascript	2a02:26f0:6c00::210:ba80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/exp/index.js Requested by Host: resources.digitalshadows.com URL: https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AmazonS3 / Resource Hash f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52 Request headers Referer https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk/weekly-nobelium-attacks-vmware-exploits-and-the-biden-administration-s-letter-on-ransomware?mkt_tok=NDU3LVhFWS02NzEAAAF9hkxmowDnu64QTdA3bBJjujfpO8MODw20tbGVjehwx_FBxtEMdg9arxj5a9zXIbtBG0AuGdb6vfryvhzGfooW_4VlZueR4Ed9CbNtAoA9PoI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id E6Gl9B7gPbHVX38jHWUJV0Im5cXEZg8. Content-Encoding gzip ETag "5816cced8568d223aa09d889f300692b" x-amz-request-id 6J6WV6RWN730WHRP x-amz-server-side-encryption AES256 Connection keep-alive Vary Accept-Encoding Content-Length 48 x-amz-id-2 5fY3mOf86PHfXzznpqyZ93VnsPjHl6TGgYcWIYb8oAwsAUfC3CR9Q6oHbvANb3at/wFXTkgrlzE= Last-Modified Thu, 20 May 2021 19:48:38 GMT Server AmazonS3 Date Mon, 07 Jun 2021 17:42:59 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * Redirect headers Date Mon, 07 Jun 2021 17:42:59 GMT Server AkamaiGHost Location https://s.adroll.com/j/exp/index.js Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Access-Control-Allow-Credentials false Connection keep-alive Access-Control-Allow-Headers * Content-Length 0
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	6ms 5ms	Script text/javascript