www.bankinfosecurity.com Open in urlscan Pro
50.56.167.254 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Submission: On February 05 via api (February 5th 2021, 6:54:55 pm UTC) from US

Summary HTTP 222 Redirects Links 78 Behaviour Indicators

Summary

This website contacted 39 IPs in 8 countries across 34 domains to perform 222 HTTP transactions. The main IP is 50.56.167.254, located in San Antonio, United States and belongs to RMH-14, US. The main domain is www.bankinfosecurity.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 16th 2020. Valid for: a year.

This is the only time www.bankinfosecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	50.56.167.254 50.56.167.254	33070 (RMH-14) (RMH-14)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
4	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
3	18.197.253.20 18.197.253.20	16509 (AMAZON-02) (AMAZON-02)
82	104.108.144.152 104.108.144.152	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.130.251.6 104.130.251.6	33070 (RMH-14) (RMH-14)
5	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	104.111.236.192 104.111.236.192	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	23.210.250.213 23.210.250.213	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
3 8	52.48.170.220 52.48.170.220	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:12d... 2a02:26f0:12d:58a::3adf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.20.5.43 104.20.5.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.195.149 13.224.195.149	16509 (AMAZON-02) (AMAZON-02)
3	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
1	2606:2800:233... 2606:2800:233:8173:898f:63b3:95c3:79d2	15133 (EDGECAST) (EDGECAST)
14	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	35.168.139.27 35.168.139.27	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:a913	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.128.134 151.101.128.134	54113 (FASTLY) (FASTLY)
2	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.249.66.13 34.249.66.13	16509 (AMAZON-02) (AMAZON-02)
2 2	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
2 2	18.203.78.129 18.203.78.129	16509 (AMAZON-02) (AMAZON-02)
2 2	34.253.109.165 34.253.109.165	16509 (AMAZON-02) (AMAZON-02)
2 3	52.57.150.20 52.57.150.20	16509 (AMAZON-02) (AMAZON-02)
20	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	178.79.227.167 178.79.227.167	22822 (LLNW) (LLNW)
4 7	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
222	39

28 50.56.167.254 (San Antonio, United States)

ASN33070 (RMH-14, US)

www.bankinfosecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

82 104.108.144.152 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-152.deploy.static.akamaitechnologies.com

130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.130.251.6 (San Antonio, United States)

ASN33070 (RMH-14, US)

worker.ismgcorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.236.192 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-236-192.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.250.213 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-213.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

bankinfosecurity.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.48.170.220 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-170-220.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:12d:58a::3adf (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

sjs.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.5.43 (United States)

ASN13335 (CLOUDFLARENET, US)

chatserver.comm100.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vue.comm100.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.195.149 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-149.fra2.r.cloudfront.net

dnn506yrbagrg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.168.139.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-139-27.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:a913 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

051-zxi-237.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c19b6f9a0e04f21e0939d2c5a013d0aa.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.66.13 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-66-13.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.207.148 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.78.129 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-78-129.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.109.165 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.150.20 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.227.167 (Italy)

ASN22822 (LLNW, US)
PTR: https-178-79-227-167.vie.llnw.net

cdn01.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 66.155.71.149 (Southampton, United Kingdom) 4 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-a.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
82	rackcdn.com 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com 0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com 4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com 75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com 6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com 21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com 752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com	9 MB
28	bankinfosecurity.com www.bankinfosecurity.com	444 KB
27	googlesyndication.com c19b6f9a0e04f21e0939d2c5a013d0aa.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	363 KB
15	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	122 KB
9	ml314.com 3 redirects ml314.com in.ml314.com	16 KB
8	googletagservices.com www.googletagservices.com	243 KB
6	sitescout.com 3 redirects pixel.sitescout.com	2 KB
5	google.com adservice.google.com www.google.com	169 B
5	gstatic.com fonts.gstatic.com	46 KB
4	twimg.com pbs.twimg.com abs.twimg.com	7 KB
4	google-analytics.com www.google-analytics.com	19 KB
3	eyeota.net 2 redirects ps.eyeota.net	2 KB
3	disquscdn.com c.disquscdn.com	230 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	1 KB
3	disqus.com bankinfosecurity.disqus.com disqus.com	35 KB
3	ensighten.com nexus.ensighten.com	10 KB
3	addthis.com s7.addthis.com m.addthis.com	114 KB
2	basis.net 1 redirects cdn01.basis.net pixel-a.basis.net	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1004 B
2	adsrvr.org 2 redirects match.adsrvr.org	930 B
2	rlcdn.com 2 redirects idsync.rlcdn.com	681 B
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	mktoresp.com 051-zxi-237.mktoresp.com	622 B
2	crazyegg.com script.crazyegg.com	2 KB
2	comm100.com chatserver.comm100.com vue.comm100.com chatserver3.comm100.com Failed	330 KB
2	googletagmanager.com www.googletagmanager.com	73 KB
2	marketo.net munchkin.marketo.net	7 KB
1	google.de adservice.google.de	169 B
1	cloudfront.net dnn506yrbagrg.cloudfront.net	819 B
1	addthisedge.com v1.addthisedge.com	325 B
1	bizographics.com sjs.bizographics.com	2 KB
1	moatads.com z.moatads.com	1 KB
1	ismgcorp.com worker.ismgcorp.com	199 B
1	googleapis.com fonts.googleapis.com	1 KB
222	34

	Domain	Requested by
28	www.bankinfosecurity.com	www.bankinfosecurity.com
21	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
17	dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
17	130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
14	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.bankinfosecurity.com
14	75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
9	0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
8	ml314.com	3 redirects www.bankinfosecurity.com ml314.com
8	www.googletagservices.com	www.bankinfosecurity.com securepubads.g.doubleclick.net
6	pixel.sitescout.com	3 redirects www.bankinfosecurity.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com
5	fonts.gstatic.com	fonts.googleapis.com
5	6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
5	4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
4	www.google.com	securepubads.g.doubleclick.net
4	www.google-analytics.com	www.bankinfosecurity.com www.google-analytics.com
4	752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
4	21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
4	fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
3	ps.eyeota.net	2 redirects www.bankinfosecurity.com
3	c.disquscdn.com	bankinfosecurity.disqus.com
3	pbs.twimg.com	www.bankinfosecurity.com
3	dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com	www.bankinfosecurity.com
3	nexus.ensighten.com	www.bankinfosecurity.com nexus.ensighten.com
2	sync.crwdcntrl.net	2 redirects
2	match.adsrvr.org	2 redirects
2	idsync.rlcdn.com	2 redirects
2	dpm.demdex.net	1 redirects www.bankinfosecurity.com
2	051-zxi-237.mktoresp.com	munchkin.marketo.net
2	disqus.com	bankinfosecurity.disqus.com
2	script.crazyegg.com	dnn506yrbagrg.cloudfront.net script.crazyegg.com
2	px.ads.linkedin.com	1 redirects www.bankinfosecurity.com
2	www.googletagmanager.com	www.bankinfosecurity.com
2	munchkin.marketo.net	www.bankinfosecurity.com munchkin.marketo.net
2	s7.addthis.com	www.bankinfosecurity.com s7.addthis.com
1	pixel-a.basis.net	1 redirects
1	cdn01.basis.net	www.googletagmanager.com
1	vue.comm100.com	chatserver.comm100.com
1	c19b6f9a0e04f21e0939d2c5a013d0aa.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	in.ml314.com	ml314.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.linkedin.com	1 redirects
1	abs.twimg.com	www.bankinfosecurity.com
1	dnn506yrbagrg.cloudfront.net	www.bankinfosecurity.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	chatserver.comm100.com	www.bankinfosecurity.com
1	sjs.bizographics.com	www.bankinfosecurity.com
1	bankinfosecurity.disqus.com	www.bankinfosecurity.com
1	z.moatads.com	s7.addthis.com
1	worker.ismgcorp.com	www.bankinfosecurity.com
1	fonts.googleapis.com	www.bankinfosecurity.com
0	chatserver3.comm100.com Failed	vue.comm100.com
222	55

This site contains links to these domains. Also see Links.

Domain
www.cuinfosecurity.com
www.govinfosecurity.com
www.healthcareinfosecurity.com
www.inforisktoday.com
www.careersinfosecurity.com
www.databreachtoday.com
www.devicesecurity.io
www.fraudtoday.io
www.paymentsecurity.io
www.bankinfosecurity.co.uk
www.bankinfosecurity.eu
www.bankinfosecurity.in
www.bankinfosecurity.asia
ffiec.bankinfosecurity.com
omnibus.healthcareinfosecurity.com
ddos.inforisktoday.com
ransomware.databreachtoday.com
gdpr.inforisktoday.com
covid19.inforisktoday.com
events.ismg.io
www.facebook.com
twitter.com
www.linkedin.com
www.twitter.com
ke-la.com
www.bleepingcomputer.com
dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com
t.co
securityintelligence.inforisktoday.com
ismg.io

Subject Issuer	Validity	Valid
ismg.io Go Daddy Secure Certificate Authority - G2	`2020-04-16` - `2021-07-26`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2021-04-07`	3 months	crt.sh
nexus.ensighten.com DigiCert SHA2 Secure Server CA	`2020-09-09` - `2021-10-11`	a year	crt.sh
*.ssl.cf1.rackcdn.com DigiCert SHA2 Secure Server CA	`2020-04-19` - `2021-07-19`	a year	crt.sh
worker.ismgcorp.com Go Daddy Secure Certificate Authority - G2	`2020-02-13` - `2021-04-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
js.bizographics.com DigiCert SHA2 Secure Server CA	`2020-03-23` - `2022-03-28`	2 years	crt.sh
*.comm100.com DigiCert SHA2 Secure Server CA	`2020-02-12` - `2022-04-15`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-09` - `2021-06-09`	a year	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
*.google.de GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.eyeota.net R3	`2020-12-29` - `2021-03-29`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
cdn01.basis.net Sectigo RSA Domain Validation Secure Server CA	`2019-06-13` - `2021-06-12`	2 years	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh

This page contains 13 frames:

Primary Page: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Frame ID: 5D98A80175FB4E0F01657E9F050987C2
Requests: 172 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: E06AE57720EF6313002CE30A8474D7AF
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 567E965AB5E7FE3FEC8EE7A7C1801BA4
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fblogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968&t_d=Darkside%20Ransomware%20Gang%20Launches%20Affiliate%20Program&t_t=Darkside%20Ransomware%20Gang%20Launches%20Affiliate%20Program&s_o=default
Frame ID: EBE3EA65B6E638BA23AED70D109A5583
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssiXFwfXWA2SP0v6Xct9mRI7s6cYUWQGxUn31cflaVVkrLrrlHA5iqASEskcwizgPP_-0pR00F7wrHG4QP0tw4L33bteDKEpMH2uG81KeuobX41NBfwcE9DWmx4jJWZiyEfU5TGtpKD8xuEg4Xs410xqldmqPGM3dwv2ibjWccZhyf1re5xL8wc_pGhrj-UGlY-Wz8GRJOOlzLNveyfjywhm951GPlKKfriewNKCZuaVPRUsmQ0H-bGEQLfeeTBHLWXop8P5UKc4MGalMKGYSX63ZIxW0jJ6gKAZOefulAUSyydJb0UOPPUl5o&sai=AMfl-YSppVtTtHkw84QgWjdUSnu-vWBFtbtE-MmxirDtjI8WcbCnjvKoYkrlFi8ZiduDI3EBf9SgPPZvp9cL_cRYo2yuYVM-5ZtYUh3Wil4qZMq55At_OZebqBJqMZDEV_g&sig=Cg0ArKJSzAOhjkysD4SEEAE&adurl=
Frame ID: 0ECAC3DD18CD05C6A7F46BC0B38FF2E5
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHlFNgwhd2UYJVeQky39jrlMZBXrSe1VgPufYOsXjtnirC334YkZQrHfDg7gTBZgMqyTrRc0moprqCAY1K33zlxsjXQYiR3k74R6dxkX7zlQNVoAVxxvj6N-J0V1eRhEgvq7-PzNA76GiMvmxwdDzY3S3fQ_S34QkeqbDfkeKgtN1QPWE9zJAPusFE4A_EtbBavEt7VwJCYgay9UGQYkCtj0eNaWFEN9jU9COuj5Ey8JQw8gG7juuiM7ZALYMMqGJlj8pGKppcpJSG88MnKCE12k-RLMf721FX11HnzyR86wTV-6RHYtxmL0emBGmb&sai=AMfl-YT20SASrHx74HH6Rp26Jx6GnCQW4v9VZo5PCD7y5oZYWNt0yDzes5qBTnlcWeqMiiQuGYbxMu3y4RNBLUanTyAcsapqh-0UPa7qw6Euu5WMTDK3xq6zB5DE-DBhRek&sig=Cg0ArKJSzPwbB76UQBMIEAE&adurl=
Frame ID: 82FDA2AE356A9B6E14B8A899E5E48532
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstO-EPLe-9gLcTUgW3mZn7dcgUEMReqzUnBUfSZSp4tfWmvJKn-fJV5DMvb0Ravhtgrt3gFQ_qePrt3IYTZIkwcjgVvJZOqNc0ASEVqGezQE4qBPvjWj-73c3bPTdY3WDAkYwdH26Zn_SbEr0k37S333GEoSykW4doYlgO6VrEXxaFEbQOdgR1mkl6bBO1tDHBm7xOQG-KqK8R5489GuU0npR4COFSsHq_31NP06mQ_Xym7O2Yi5qFqNwDUAGWnSWPfCq9ANUPC-tCmCpj85wfpcbdJjxrQThszKiVnVnMvF1jHjM69nRLyjlzzdItqJwY&sai=AMfl-YSPobMl4t_jN6TQRn58HN0KHjuJHGgBXKVWd-4EPciL8DU3sUBAUXqtpvO2XLfG6Tj-1emzU5UQWfpGBhfag3XW080Hnk0ULhSyUqOsHKyAXBCiPzKhWFrUuUF0WKA&sig=Cg0ArKJSzHB_tcZwt7EHEAE&adurl=
Frame ID: 105561DCF93DF1C38C410617EA060F5B
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXXFWBxEFAdztHHv5ei-9CtbGwqYaoPLGVqqtztVF9dz6QzyqtnatIt_AJ0CFJPKHb0X-zr5NTIuwbY059mGUNu7IjFKZNlxfdG0G8MFijf0N0dKE85SHxITAhygMnEiEaSgNG9qjU9OdcsVxStPeVI9PdU0NhsXwkjdvJlzmV_BFPdXTNNQXtQp1q3Ptvyn2OM2GYX6eNWouJe4JpEj_qqhAHTcRswgnB5kUXkdJubpXIYuDSMXrxC6czE34s1h_0MN0yEuLMoqHoRuAzF_q8HLXT9mvSUlS0kg_HN_1cYlVet0MA5rHgBKIZbnYf&sai=AMfl-YSFQuns_CFfjenFyFfUalkUIExAcpYd5e6qM8_JIKReUhD5kgmj0MObB4nDv5ltqqjtkFwVwJBVwUMeZvfx2J-SO16GTiXoOHfxB4LFytwWWoZejk2t6gCFa63KZt0&sig=Cg0ArKJSzItp9rR_oS8iEAE&adurl=
Frame ID: ED02E07E9132A77E871AC984E5AD0B75
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBsCqSj1uPpHCwNRxMBwDSLHW83qssK1RmuwmY3nvXE5Q8SZOWAC9pO1jkGiuuoPn19JMcuDsyfaS6Wp7z9kNU54AMz09bcqMOMMiZPEqEBDIG18PwcWDx3NCY0Zrs0C_kaTShm9sr9zD8hVMnThP3Ep3w9w4OgMQrAT6-trOwH1gh45GTl0rKJmOU32ubmdADBBjMMXnsdLNC2YWW3WsvkeQmG66x7wopbY-00lhTDIrElmhc9sYe5RbhJUKhBM6bYP1_IjN41lFWZjxzfNVi15m3qjOCziVK05wMmYE_PqqK43TV0eTx6pKn8Z8&sai=AMfl-YSCaYIl-73Xl2yYxFjG4m_Jh8WWyNSgnGvPsDM87X9P_rlbapizFhdTsBXlAUGTaBKLkMoJhQFFZo1EqWat_alVDGZ9jpkrVC2gChJwQsm821aenP3bq1Hw6NyuJs4&sig=Cg0ArKJSzNgQVaKfFVpGEAE&adurl=
Frame ID: 100B650BB13CBB7C152BF19BFAF7652E
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssT8GaC9FLmbCUnvkMPfeH2_ezbcun9Bbvp2D1TdTr1OQHJ8kLJnEkwsRxNv4dVdiKqvniJAvqIuAPIXcJBINyE-lLPZNqKzt1WUJWqUitgX_FZ504mVy57-jR7BUp1y4k0Ym8a8iYaD-rPAWt6uV8RlYB_1ELwmmb4dFKNNYoeDIpZ-y6wYwYZJLIWmTh-bygymQaU9I_Rcp106qMA4r6XO-81NvmGjVAHPhol74UoOgKjWOSnYCIkr62a6xxlgs-DTqgusAQOz2k0m190mYEkAs5aiV9XhkxgaX_XE0JwJDbI2UT33Ylj1bkLcQ&sai=AMfl-YTRc4CKMkB0qMtm99bb9I6yn3bU5gxpL32K2lyx-BNuYsTr55ZrOXzgetfhHEFbJRkJ72aNY-I0xDLl0gNa3TxJ1NFODesQmIOkdTrfCxzbZ6vWcCS4NdvfBQsW8E8&sig=Cg0ArKJSzKWV_4VYBvVVEAE&adurl=
Frame ID: B5B5359358CE5A1EB02CD6B24B0FC82F
Requests: 9 HTTP requests in this frame

Frame: https://vue.comm100.com/js/bundle.26c1f20ce5c9599f70287bb1f2bc9806.js
Frame ID: 85C2F627683626549E707841D2DDC638
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 0E0C7838C77A86C234AFF9BF55CC6AAA
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Frame ID: DB857985274A4C7443E06ED36BD58AD7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

TinyMCE (Rich Text Editors) Expand

Overall confidence: 100%
Detected patterns

script /\/tiny_?mce(?:\.min)?\.js/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

AddThis (Widgets) Expand

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

script /\/\/nexus\.ensighten\.com\//i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

ShareThis (Widgets) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui.*\.js/i
html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

prettyPhoto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i

Page Statistics

222
Requests

99 %
HTTPS

48 %
IPv6

34
Domains

55
Subdomains

39
IPs

8
Countries

10885 kB
Transfer

14367 kB
Size

13
Cookies

78 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cuinfosecurity.com/
Title: CUInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.govinfosecurity.com/
Title: GovInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.healthcareinfosecurity.com/
Title: HealthcareInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.inforisktoday.com/
Title: InfoRiskToday

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/
Title: CareersInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.com/
Title: DataBreachToday

Search URL Search Domain Scan URL

URL: https://www.devicesecurity.io/
Title: DeviceSecurity

Search URL Search Domain Scan URL

URL: https://www.fraudtoday.io/
Title: FraudToday

Search URL Search Domain Scan URL

URL: https://www.paymentsecurity.io/
Title: PaymentSecurity

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.co.uk/
Title: UK

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.eu/
Title: Europe

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.in/
Title: India

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/
Title: Asia

Search URL Search Domain Scan URL

URL: https://ffiec.bankinfosecurity.com/
Title: FFIEC

Search URL Search Domain Scan URL

URL: https://omnibus.healthcareinfosecurity.com/
Title: HIPAA Omnibus

Search URL Search Domain Scan URL

URL: https://ddos.inforisktoday.com/
Title: DDoS

Search URL Search Domain Scan URL

URL: https://ransomware.databreachtoday.com/
Title: Ransomware

Search URL Search Domain Scan URL

URL: https://gdpr.inforisktoday.com/
Title: GDPR

Search URL Search Domain Scan URL

URL: https://covid19.inforisktoday.com/
Title: COVID-19

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/virtual-summit-iam-2021/

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/virtual-cybersecurity-summit-south-east-asia-2021/

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/virtual-summit-emea-2021/

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/virtual-summit-healthcare-2021/

Search URL Search Domain Scan URL

URL: https://www.healthcareinfosecurity.com/webinars/redefining-mobile-security-and-works-w-2273

Search URL Search Domain Scan URL

URL: https://www.healthcareinfosecurity.com/webinars/ethics-ml-ai-w-2274

Search URL Search Domain Scan URL

URL: https://www.healthcareinfosecurity.com/webinars/developing-cyber-resilient-systems-national-imperative-for-critical-w-2260

Search URL Search Domain Scan URL

URL: https://www.healthcareinfosecurity.com/webinars/ai-disruption-cybersecurity-w-2261

Search URL Search Domain Scan URL

URL: https://www.healthcareinfosecurity.com/webinars/best-practices-for-implementing-comprehensive-identity-governance-w-2126

Search URL Search Domain Scan URL

URL: https://www.healthcareinfosecurity.com/webinars/zero-trust-approach-for-healthcare-w-2071

Search URL Search Domain Scan URL

URL: https://www.healthcareinfosecurity.com/webinars/reducing-risk-now-w-2052

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/employer-center
Title: Post a Job

Search URL Search Domain Scan URL

URL: http://www.facebook.com/bankinfosec

Search URL Search Domain Scan URL

URL: http://twitter.com/BnkInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/information-security-media-group-corp-ismg/?viewAsMember=true

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/virtual-summit-iam-2021/?rf=trending
Title: IAM Virtual Cybersecurity Summit - Register Now

Search URL Search Domain Scan URL

URL: https://www.twitter.com/euroinfosec
Title: euroinfosec

Search URL Search Domain Scan URL

URL: https://ke-la.com/
Title: Kela

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/darkside-new-targeted-ransomware-demands-million-dollar-ransoms/
Title: Bleeping Computer

Search URL Search Domain Scan URL

URL: https://dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/files/images_articles/darkside-kela-affiliate-cut-w1198.jpg

Search URL Search Domain Scan URL

URL: https://ke-la.com/torum-is-dead-long-live-cryptbb/
Title: Victoria Kivilevich

Search URL Search Domain Scan URL

URL: https://twitter.com/malwrhunterteam/
Title: MalwareHunterTeam

Search URL Search Domain Scan URL

URL: https://dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/files/images_articles/darkside-kela-looking-for-w1614.jpg

Search URL Search Domain Scan URL

URL: https://twitter.com/euroinfosec

Search URL Search Domain Scan URL

URL: http://twitter.com/IronNet
Title: @IronNet

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23nationstate
Title: #nationstate

Search URL Search Domain Scan URL

URL: https://t.co/NrBzew54D0
Title: https://t.co/NrBzew54D0

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1357762162563813377
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/mobilesmsio
Title: mobilesmsio

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23onlineprivacy
Title: #onlineprivacy

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23cybersafety
Title: #cybersafety

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23privacy
Title: #privacy

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23personaldata
Title: #personaldata

Search URL Search Domain Scan URL

URL: https://t.co/Twza7JDD4w
Title: https://t.co/Twza7JDD4w

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1357761660883238917
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/ptrckchvlr
Title: ptrckchvlr

Search URL Search Domain Scan URL

URL: http://twitter.com/vumetric
Title: @vumetric

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23android
Title: #android

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23botnet
Title: #botnet

Search URL Search Domain Scan URL

URL: https://t.co/ixkhxLxqyx
Title: https://t.co/ixkhxLxqyx

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1357760285663055873
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1357760162908393472
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/search/realtime?q=bankinfosecurity%20OR%20inforisktoday%20OR%20healthcareinfosecurity%20OR%20govinfosecurity%20OR%20careersinfosecurity%20OR%20databreachtoday%20OR%20cuinfosecurity%20OR%20from:euroinfosec%20OR%20from:ISMG_asia%20OR%20from:bnkinfosecurity%20OR%20from:cuinfosecurity%20OR%20from:fraudblogger%20OR%20from:govinfosecurity%20OR%20from:mariannemcgee%20OR%20from:gen_sec%20OR%20from:securityeditor%20OR%20from:healthinfosec%20OR%20from:careersinfosec%20OR%20from:databreachtoday%20OR%20from:inforisktoday%20OR%20from:ISMG_news%20OR%20from:ismg_press&src=hash
Title: Follow us on Twitter

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/information-security-risk-management-analyst-federal-reserve-bank-chicago-i-2004904
Title: Information Security Risk Management Analyst - Federal Reserve Bank of Chicago - Chicago, IL

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/information-security-risk-management-consultant-secure-development-i-2004915
Title: Information Security Risk Management Consultant - Secure Development Practices - Unum - Chattanooga, TN

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/manager-cyber-security-third-party-risk-management-kpmg-san-francisco-ca-i-2004910
Title: Manager, Cyber Security - Third Party Risk Management - KPMG - San Francisco, CA

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/analysis-how-will-biden-address-cybersecurity-challenges-i-4829
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/web-i-4831
Title:

Search URL Search Domain Scan URL

URL: https://www.healthcareinfosecurity.com/interviews/putting-new-pacs-guidance-to-use-i-4828
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/latest-status-web-application-protection-bot-defense-japanese-i-4820
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/analysis-emotet-netwalker-takedowns-i-4832
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/evolution-application-ddos-defenses-i-4833
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/tips-on-securing-endpoints-ensuring-compliance-i-4826
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.eu/interviews/behavior-profiling-fraud-i-4830
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/analysis-persistent-ransomware-threat-i-4834
Title:

Search URL Search Domain Scan URL

URL: https://securityintelligence.inforisktoday.com/
Title: Security Intelligence

Search URL Search Domain Scan URL

URL: https://ismg.io/
Title: Information Security Media Group, Corp.

Search URL Search Domain Scan URL

URL: https://ismg.io/about-us
Title: About ISMG

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 143

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1612551276648&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fblogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D749%26time%3D1612551276648%26url%3Dhttps%253A%252F%252Fwww.bankinfosecurity.com%252Fblogs%252Fdarkside-ransomware-gang-launches-affiliate-program-p-2968%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1612551276648&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fblogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968&liSync=true

Request Chain 160

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3616465777598136451&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3616465777598136451&redir=

Request Chain 161

https://idsync.rlcdn.com/395886.gif?partner_uid=3616465777598136451 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxNjQ2NTc3NzU5ODEzNjQ1MRAAGg0I7Kj2gAYSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=b5f4e27e9b0b2ee5c0893e85d97923a8d524039222f1a93ffb9c086fa6c38044f4cb09cee1a4f8eb&person_id=3616465777598136451&eid=50082

Request Chain 162

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=21dc4cd6-36f3-4a80-af95-1fe4269c29b0 HTTP 302
https://ml314.com/csync.ashx?fp=21dc4cd6-36f3-4a80-af95-1fe4269c29b0&person_id=3616465777598136451&eid=53819

Request Chain 163

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3616465777598136451 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3616465777598136451 HTTP 302
https://ml314.com/csync.ashx?fp=94ee6e90ff195b5dd004f3ea9eaeb0b8&eid=50146&person_id=3616465777598136451

Request Chain 164

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2XUKXiJbrJ28IwCuNai5hbzIBnvwkxlQTG-R4zN-5mhA&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
https://ml314.com/csync.ashx?fp=2XUKXiJbrJ28IwCuNai5hbzIBnvwkxlQTG-R4zN-5mhA&person_id=3616465777598136451&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referrer_pid%3dr8hrb20 HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

Request Chain 218

https://pixel-a.basis.net/iap/64ead273d1f41aa7 HTTP 301
https://pixel.sitescout.com/iap/64ead273d1f41aa7 HTTP 302
https://pixel.sitescout.com/iap/64ead273d1f41aa7?cookieQ=1

Request Chain 223

https://pixel.sitescout.com/dmp/asyncPixelSync HTTP 302
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1

Request Chain 224

https://pixel.sitescout.com/up/dabbb58b17f5118e?cntr_url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fblogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968 HTTP 302
https://pixel.sitescout.com/up/dabbb58b17f5118e?cookieQ=1&cntr_url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fblogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968

222 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set darkside-ransomware-gang-launches-affiliate-program-p-2968 Show response
www.bankinfosecurity.com/blogs/ 364 KB
50 KB 632ms
256ms Document
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

2e93e2fec2d7e0aab62180e19be2b2598e0929bd8d3bf4163c84afa9d58c328b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Host: www.bankinfosecurity.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:34 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=61l5avqphgktr5prh79p2s9rcu; expires=Fri, 05-Feb-2021 22:54:34 GMT; Max-Age=14400; path=/; SameSite=None; Secure _advert=false; expires=Sat, 06-Feb-2021 18:54:34 GMT; Max-Age=86400; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jquery-ui.min.css
www.bankinfosecurity.com/css-responsive/vendor/ 25 KB
5 KB 290ms
148ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/vendor/jquery-ui.min.css?s=1612551274.171

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

fc54c09a7a71615ec35a22ed20afa4034588986ed88c3fc184b2c0bc637c33fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4896

GET
H/1.1 200
OK mediaelementplayer-updated.css
www.bankinfosecurity.com/css-responsive/vendor/ 11 KB
3 KB 439ms
148ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/vendor/mediaelementplayer-updated.css?s=1612551274.171

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

1a0bbdba57f90a60fef89419fc940d8eae55c5b0d12ecbadde2beaef32ab2d90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2622

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 21ms
14ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 17:46:18 GMT
server: ESF
date: Fri, 05 Feb 2021 18:54:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Feb 2021 18:54:34 GMT

GET
H/1.1 200
OK main.css
www.bankinfosecurity.com/css-responsive/ 231 KB
42 KB 453ms
156ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/main.css?s=1612551274.171

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

ba45c4b9710b1386b82a4354f829ee2f201e70742a2e646ffbedfa889e43d41f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 43006

GET
H/1.1 200
OK prettyPhoto.css
www.bankinfosecurity.com/css-responsive/ 21 KB
3 KB 450ms
148ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/prettyPhoto.css?s=1612551274.171

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

7d0bada0d9b66aa1ca8eb906bb9736ca96e3859e9c05287a8f0cf5ffa9ff8760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2840

GET
H/1.1 200
OK bis-hdr.desktop.r2.css
www.bankinfosecurity.com/css-responsive/vendor/ 8 KB
2 KB 451ms
149ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/vendor/bis-hdr.desktop.r2.css?s=1612551274.171

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

eefc2533a82b69fab9b19b9e316bb606e70d17d61b57f9ea841b26c59624bc20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1956

GET
H/1.1 200
OK bis-hdr.mobile.r2.css
www.bankinfosecurity.com/css-responsive/vendor/ 9 KB
2 KB 452ms
150ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/vendor/bis-hdr.mobile.r2.css?s=1612551274.171

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

77c36fad51d04a56e55d1d454094c4312c3b11443f42b456c3f5082d66696be1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2133

GET
H/1.1 200
OK font-awesome.min.css
www.bankinfosecurity.com/css-responsive/vendor/ 22 KB
5 KB 460ms
153ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/vendor/font-awesome.min.css?s=1612551274.171

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

93f466f6b1a81c848140e51c839a5372034ab22182601e86dd86947ad3a7fe94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5049

GET
H/1.1 200
OK jquery.min.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 91 KB
33 KB 590ms
152ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.min.js?s=1612551274.171

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

eccabf5cc7613433c3ddc71ff34391ae850d304d3aceb5666868c4947134f3b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 33094

GET
H/1.1 404
Not Found modernizr.js
www.bankinfosecurity.com/javascripts-responsive/vendor/ 0
0 639ms
189ms Script
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/modernizr.js?s=1612551274.171

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Feb 2021 18:54:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 35 KB
9 KB 602ms
150ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/bootstrap.min.js?s=1612551274.171

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

3fede2d0c0a8c93b0c5d0ab0c38289a5743bb88720255b8298c520d2e3d90939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9328

GET
H/1.1 200
OK jquery.validate.min.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 21 KB
7 KB 601ms
150ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.validate.min.js?s=1612551274.171

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

e51831d751ef667b1f703a47bb05802b681e6a30816f5cce0d56c3552a4eaa31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6689

GET
H/1.1 200
OK mediaelement-and-player-updated.min.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 154 KB
38 KB 619ms
158ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/mediaelement-and-player-updated.min.js?s=1612551274.171

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

4e7304371ef9bcaea396e8928a9647f8306c296b9195c8763848d70c7f6f1390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 38476

GET
H/1.1 200
OK tinymce.min.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 295 KB
101 KB 745ms
157ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/tinymce.min.js?s=1612551274.171

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

247d04c4d14c60a79c16245a74a792a662f9e7adf784d68edd4520a35ec90251

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK jquery.validate.bootstrap.popover.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 2 KB
1 KB 747ms
149ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.validate.bootstrap.popover.js?s=1612551274.171

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

04d304d7ee49ac157f146382a46f02a666279bd7f29074f50e863b88f2affae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 926

GET
H/1.1 200
OK jquery.placeholder.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 2 KB
1 KB 752ms
149ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.placeholder.js?s=1612551274.171

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

256a489beea4a14eca458f6e5436758f1fcb8dd34034d3c36dd21b22a5841f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 922

GET
H/1.1 200
OK jquery-ui.min.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 222 KB
60 KB 764ms
160ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery-ui.min.js?s=1612551274.171

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

78cf63898c91ce3b95e37bc53e07adba5c2ee705ff28c2dd1dd784173c264ad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 61345

GET
H/1.1 200
OK crypt_des.js Show response
www.bankinfosecurity.com/javascripts-responsive/vendor/ 9 KB
3 KB 895ms
147ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/vendor/crypt_des.js?s=1612551274.171

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

aed1d71b7280c09f06dc1f8e87795f9d89f7a1a8ab1af32ff8c92037ddeed6ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2857

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/250/ 353 KB
114 KB 106ms
38ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/250/addthis_widget.js

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Fri, 05 Feb 2021 18:54:35 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/choozle/12567/ 28 KB
9 KB 79ms
28ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/12567/Bootstrap.js
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 22fe53fc6026a4616081a694d918fc783d6b6d26ab1e28a97f468435f7a87f02

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:34 GMT
content-encoding: gzip
last-modified: Sat, 31 Oct 2020 04:34:31 GMT
server: nginx
etag: W/"5f9ce957-7076"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300

GET
H/1.1 200
OK headerlogo-bis.png
www.bankinfosecurity.com/images-responsive/logos/ 2 KB
2 KB 150ms
150ms Image
image/png 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankinfosecurity.com/images-responsive/logos/headerlogo-bis.png

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

ea3325c2094d82033ce9583d4180194fb82729dfae65b62925831a88a6838d7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1682

GET
H/1.1 200
OK recently-uncovered-botnet-targets-android-devices-showcase_image-6-a-15934.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 100 KB
101 KB 243ms
57ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/recently-uncovered-botnet-targets-android-devices-showcase_image-6-a-15934.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fdde266ca5ee6280d872fb7477fa41e6042223028cc87abee0fd913cde07ad35

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Fri, 05 Feb 2021 17:35:25 GMT
X-Trans-Id: txe50de71ce03e4654a587c-00601d8db5dfw1
ETag: 253e34b754c1f0890ab87304c76b2c11
Content-Type: image/jpeg
X-Timestamp: 1612546524.39334
Cache-Control: public, max-age=84719
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102854
Expires: Sat, 06 Feb 2021 18:26:34 GMT

GET
H/1.1 200
OK 2020-breach-statistics-analysis-showcase_image-3-a-15933.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 60 KB
60 KB 248ms
62ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/2020-breach-statistics-analysis-showcase_image-3-a-15933.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b64480f9f5331f95aa789febc0175894beedfc35a432723ba659db1abf3cd085

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Fri, 05 Feb 2021 15:56:24 GMT
X-Trans-Id: txecdc51735a8243e595b15-00601d8dafdfw1
ETag: cdc6ef99217ca78ef9620d332289fc4e
Content-Type: image/jpeg
X-Timestamp: 1612540583.43206
Cache-Control: public, max-age=84667
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61249
Expires: Sat, 06 Feb 2021 18:25:42 GMT

GET
H/1.1 200
OK analysis-latest-ransomware-trends-showcase_image-10-i-4834.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 69 KB
69 KB 175ms
58ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/analysis-latest-ransomware-trends-showcase_image-10-i-4834.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d6e6f2d68bd8702be78ec1b547f9cb623113a667ab601db56939881467b6be7c

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Thu, 04 Feb 2021 19:36:44 GMT
X-Trans-Id: tx008ab28ee5da47cba8259-00601d148ddfw1
ETag: aa628d25be19a750e2c856e3f5c3bb63
Content-Type: image/jpeg
X-Timestamp: 1612467403.58227
Cache-Control: public, max-age=53623
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70663
Expires: Sat, 06 Feb 2021 09:48:18 GMT

GET
H/1.1 200
OK led-by-hydra-darknet-markets-logged-their-best-year-ever-showcase_image-9-p-2990.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 69 KB
69 KB 173ms
58ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/led-by-hydra-darknet-markets-logged-their-best-year-ever-showcase_image-9-p-2990.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2c2d95b571cd748165805cc8f58879ec18f9d73fab946568a64fd4a5054d479a

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Fri, 05 Feb 2021 16:19:09 GMT
X-Trans-Id: tx0f48c7c536a746d9a1093-00601d7c57dfw1
ETag: d765f065517df6b4dc73b50a8c8e7e28
Content-Type: image/jpeg
X-Timestamp: 1612541948.86110
Cache-Control: public, max-age=80263
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70228
Expires: Sat, 06 Feb 2021 17:12:18 GMT

GET
H/1.1 200
OK do-ransomware-operators-have-russian-government-nexus-showcase_image-4-a-15925.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 61 KB
61 KB 247ms
59ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/do-ransomware-operators-have-russian-government-nexus-showcase_image-4-a-15925.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9419a6c5fc19230d3f6fc2ca0e98a65595c814c4ed6d7177cb0641b6d33d3ad5

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Thu, 04 Feb 2021 13:54:22 GMT
X-Trans-Id: tx4f5e1410edd849dd8236d-00601c1dcddfw1
ETag: 0f241a38c4f906aeaa1f7bc9c875549f
Content-Type: image/jpeg
X-Timestamp: 1612446861.46377
Cache-Control: public, max-age=71971
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61979
Expires: Sat, 06 Feb 2021 14:54:06 GMT

GET
H/1.1 200
OK updated-trickbot-deploys-fresh-reconnaissance-tool-showcase_image-10-a-15926.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 270 KB
270 KB 251ms
61ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/updated-trickbot-deploys-fresh-reconnaissance-tool-showcase_image-10-a-15926.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 08664c784e2e547153e112c0b49fb0ba054958f44540ad55f237aa53ee09a0c2

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Thu, 04 Feb 2021 14:57:42 GMT
X-Trans-Id: tx7f789c16f9a44f828cadb-00601c1daddfw1
ETag: b48d8b0dcfdb6e269c769dff826eece1
Content-Type: image/jpeg
X-Timestamp: 1612450661.42198
Cache-Control: public, max-age=71865
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 276346
Expires: Sat, 06 Feb 2021 14:52:20 GMT

GET
H/1.1 200
OK analysis-emotet-netwalker-takedowns-showcase_image-5-i-4832.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 78 KB
79 KB 178ms
59ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/analysis-emotet-netwalker-takedowns-showcase_image-5-i-4832.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1421b94cdacee49c421b0b0bfb87c4acedfb9e6ef60d7e6d08a348281d8a1078

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Thu, 28 Jan 2021 18:59:29 GMT
X-Trans-Id: txa051d037c2384141afae1-006013d191dfw1
ETag: 93943a103fb05a9a874d35511ac28f72
Content-Type: image/jpeg
X-Timestamp: 1611860368.16106
Cache-Control: public, max-age=37611
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 80223
Expires: Sat, 06 Feb 2021 05:21:26 GMT

GET
H/1.1 200
OK tips-on-securing-endpoints-ensuring-compliance-showcase_image-6-i-4826.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 127 KB
127 KB 178ms
59ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/tips-on-securing-endpoints-ensuring-compliance-showcase_image-6-i-4826.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a12e6d1fe257ce02e3892a144eb1e4a4f872a2a0d2cef9df165d5d1af4ad146b

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Tue, 19 Jan 2021 19:36:44 GMT
X-Trans-Id: txa719f4279f2643299d372-0060117e62dfw1
ETag: 65ca242034ae338a09e840cc376c10ac
Content-Type: image/jpeg
X-Timestamp: 1611085003.51732
Cache-Control: public, max-age=37514
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 129560
Expires: Sat, 06 Feb 2021 05:19:49 GMT

GET
H/1.1 200
OK behavior-profiling-fraud-showcase_image-4-i-4830.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 46 KB
47 KB 52ms
52ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/behavior-profiling-fraud-showcase_image-4-i-4830.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: acc344916fb77ad737461e034bd0563ff787c5f0ea4894fd9dbcba7711831660

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Mon, 25 Jan 2021 13:31:23 GMT
X-Trans-Id: tx0caae6cbca384599bfab0-006011817cdfw1
ETag: 8086aff30ecba60c0d65b29c1c52b5cf
Content-Type: image/jpeg
X-Timestamp: 1611581482.40510
Cache-Control: public, max-age=37538
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47524
Expires: Sat, 06 Feb 2021 05:20:13 GMT

GET
H/1.1 200
OK accellion-mess-what-went-wrong-showcase_image-2-p-2989.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 186 KB
186 KB 123ms
59ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/accellion-mess-what-went-wrong-showcase_image-2-p-2989.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 049ff070c122e652cf3cd6234bcbc9d8c2cc16b1fafa81c2b8c5a2d502817203

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Wed, 03 Feb 2021 05:21:37 GMT
X-Trans-Id: txd9b91aac549b4980baa3c-00601ae3f0dfw1
ETag: 495d12c0d2a1e9485cd5b4a779aa7eb6
Content-Type: image/jpeg
X-Timestamp: 1612329696.85550
Cache-Control: public, max-age=72156
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 190314
Expires: Sat, 06 Feb 2021 14:57:11 GMT

GET
H/1.1 200
OK ransomwares-little-helper-initial-access-brokers-flourish-showcase_image-10-p-2987.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 79 KB
79 KB 139ms
77ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ransomwares-little-helper-initial-access-brokers-flourish-showcase_image-10-p-2987.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7fc01ea5e4710b7119408c46f7393ea3019649a6f3686bd34a35394c1602484e

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Mon, 01 Feb 2021 15:26:44 GMT
X-Trans-Id: tx3785c0cdf9034aa894488-0060196676dfw1
ETag: f62ef2de3737202d55dc771422f27beb
Content-Type: image/jpeg
X-Timestamp: 1612193203.73254
Cache-Control: public, max-age=53641
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 80413
Expires: Sat, 06 Feb 2021 09:48:36 GMT

GET
H/1.1 200
OK ransomware-average-ransom-payments-decline-to-154108-showcase_image-4-p-2986.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 53 KB
53 KB 136ms
58ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ransomware-average-ransom-payments-decline-to-154108-showcase_image-4-p-2986.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a543fd873f8588b08c0bc43a4802e1b303cd19c19eae4c5f21cad27d237efa91

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Mon, 01 Feb 2021 10:48:55 GMT
X-Trans-Id: txeab8b4506e2144ea91508-006017e8eedfw1
ETag: 524ebd0e637fee9f9dd56079cb17fb97
Content-Type: image/jpeg
X-Timestamp: 1612176534.17321
Cache-Control: public, max-age=37470
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53953
Expires: Sat, 06 Feb 2021 05:19:05 GMT

GET
H/1.1 200
OK leveraging-technology-to-fight-money-laundering-showcase_image-2-a-15923.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 73 KB
74 KB 58ms
47ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/leveraging-technology-to-fight-money-laundering-showcase_image-2-a-15923.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe23684b1edefea3baae0735920493a2d54b111b27b614fc72514352eaf360cc

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Thu, 04 Feb 2021 06:12:30 GMT
X-Trans-Id: tx2d247e4de46549eb8772a-00601c0fe3dfw1
ETag: b135b125dc458f15eb77745209e008cc
Content-Type: image/jpeg
X-Timestamp: 1612419149.98023
Cache-Control: public, max-age=66053
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75189
Expires: Sat, 06 Feb 2021 13:15:28 GMT

GET
H/1.1 200
OK mastercard-brings-cyber-education-to-small-businesses-showcase_image-2-a-15918.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 62 KB
63 KB 50ms
46ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/mastercard-brings-cyber-education-to-small-businesses-showcase_image-2-a-15918.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f467b12ae8fdee3731a7421d0f9857dbd836f8a2db661162259f76978ef43dd2

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Wed, 03 Feb 2021 18:43:52 GMT
X-Trans-Id: tx513099ceb81d43128dac7-00601b0083dfw1
ETag: c0ce9a88c82c3328bc6657622a9220db
Content-Type: image/jpeg
X-Timestamp: 1612377831.34968
Cache-Control: public, max-age=77362
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63749
Expires: Sat, 06 Feb 2021 16:23:57 GMT

GET
H/1.1 200
OK profiles-in-leadership-martin-mazor-svp-ciso-entertainment-partners-showcase_image-4-a-15597.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 45 KB
46 KB 49ms
42ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/profiles-in-leadership-martin-mazor-svp-ciso-entertainment-partners-showcase_image-4-a-15597.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3f46c49fc4d5745cef9084ac8e05d4fb9dc175f39e5c2cc81fecfdd940ed43f0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Tue, 15 Dec 2020 12:55:02 GMT
X-Trans-Id: txc32ae1e699304cb6ab02a-0060196c42dfw1
ETag: d604d3c7e422f2ebd417bea77709b29a
Content-Type: image/jpeg
X-Timestamp: 1608036901.35653
Cache-Control: public, max-age=53942
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46469
Expires: Sat, 06 Feb 2021 09:53:37 GMT

GET
H/1.1 200
OK live-webinar-solarwinds-breach-if-cyber-companies-get-hit-do-you-stand-chance-showcase_image-6-w-2946.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 94 KB
94 KB 140ms
59ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-solarwinds-breach-if-cyber-companies-get-hit-do-you-stand-chance-showcase_image-6-w-2946.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4965b9931e46284138e417b37f31da96db8289b8fcf7bd2e00e11e4ac73d1324

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Thu, 04 Feb 2021 22:15:51 GMT
X-Trans-Id: tx97c3b44bfcb1449b9fc12-00601c7d2adfw1
ETag: 19b1a5d43c4e6876f959a3244bcbc277
Content-Type: image/jpeg
X-Timestamp: 1612476950.78037
Cache-Control: public, max-age=14907
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96099
Expires: Fri, 05 Feb 2021 23:03:02 GMT

GET
H/1.1 200
OK live-webinar-how-automation-reduce-third-party-cyber-risk-showcase_image-10-w-2909.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 102 KB
103 KB 145ms
61ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-how-automation-reduce-third-party-cyber-risk-showcase_image-10-w-2909.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a1f7a074305cdfd701357d73dfc2880866b6b4625783ed423c91c723e7a83007

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Thu, 21 Jan 2021 15:04:57 GMT
X-Trans-Id: tx929db40693c5432592177-006011c977dfw1
ETag: 8b7fd7cb47c61dde476c35cd56df47e4
Content-Type: image/jpeg
X-Timestamp: 1611241496.14321
Cache-Control: public, max-age=41383
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104577
Expires: Sat, 06 Feb 2021 06:24:18 GMT

GET
H/1.1 200
OK live-webinar-state-security-validation-testing-financial-sector-2021-showcase_image-1-w-2942.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 71 KB
72 KB 139ms
60ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-state-security-validation-testing-financial-sector-2021-showcase_image-1-w-2942.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0b98ef151918b353392ace0755adb2caea99148cbcf33bc5c67fdb35689eb399

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Fri, 29 Jan 2021 14:19:04 GMT
X-Trans-Id: txd3b5c776c6444c21a1dbe-0060142a80dfw1
ETag: ad06b8b7e4aa0a95617900d83cc03d4f
Content-Type: image/jpeg
X-Timestamp: 1611929943.52156
Cache-Control: public, max-age=37530
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 73057
Expires: Sat, 06 Feb 2021 05:20:05 GMT

GET
H/1.1 200
OK live-webinar-breaking-phishing-attack-kill-chain-showcase_image-2-w-2922.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 51 KB
52 KB 143ms
59ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-breaking-phishing-attack-kill-chain-showcase_image-2-w-2922.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 981b1d62df16dbd36899e6ad414d49087e7d6e15b5ca9ffa4b317559bd77a9c2

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Wed, 27 Jan 2021 17:42:53 GMT
X-Trans-Id: tx99c4f1abe78b4a15a27fc-006012f781dfw1
ETag: a78eb401583b826eb96cb99fd46c08ab
Content-Type: image/jpeg
X-Timestamp: 1611769372.77491
Cache-Control: public, max-age=37430
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52700
Expires: Sat, 06 Feb 2021 05:18:25 GMT

GET
H/1.1 200
OK live-webinar-important-steps-to-implementing-sase-security-showcase_image-9-w-2864.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 107 KB
107 KB 151ms
68ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-important-steps-to-implementing-sase-security-showcase_image-9-w-2864.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 520b98e2bcf447dc842317f727c055cd39a64d94b1ceed726a0fd0c0c0d88d8a

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Tue, 22 Dec 2020 18:51:07 GMT
X-Trans-Id: tx1abdd8adb65747ba9752b-0060150144dfw1
ETag: 428907722b397b21a91d68cd09952e4b
Content-Type: image/jpeg
X-Timestamp: 1608663066.52007
Cache-Control: public, max-age=37510
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109371
Expires: Sat, 06 Feb 2021 05:19:45 GMT

GET
H/1.1 200
OK live-webinar-pesky-password-problem-policies-that-help-you-gain-upper-hand-on-bad-guys-showcase_image-7-w-2911.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 195 KB
195 KB 170ms
58ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-pesky-password-problem-policies-that-help-you-gain-upper-hand-on-bad-guys-showcase_image-7-w-2911.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b9ab49d96dc0be76272cb51d1c4a46742121da070c4714a7064445bded354570

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Thu, 21 Jan 2021 22:47:09 GMT
X-Trans-Id: txbeb111f61fc64df3ba17c-00600eeba8dfw1
ETag: fb4b0df39ea9609d2a4a897cdbe7e4ef
Content-Type: image/jpeg
X-Timestamp: 1611269228.24902
Cache-Control: public, max-age=50330
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 199454
Expires: Sat, 06 Feb 2021 08:53:25 GMT

GET
H/1.1 200
OK live-webinar-mobile-application-security-protecting-extended-perimeter-showcase_image-3-w-2920.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 65 KB
66 KB 51ms
51ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-mobile-application-security-protecting-extended-perimeter-showcase_image-3-w-2920.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2d97474d3ed05307916451b561c284f8276fec9cc42cda8ed25e047287b4a8db

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Tue, 26 Jan 2021 19:18:32 GMT
X-Trans-Id: txd8f9f26740744284b3205-00601081dbdfw1
ETag: 0fdd9d3bb30d2353d6f7ab0bbc0fe858
Content-Type: image/jpeg
X-Timestamp: 1611688711.24842
Cache-Control: public, max-age=41363
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66877
Expires: Sat, 06 Feb 2021 06:23:58 GMT

GET
H/1.1 200
OK thom-langford-largeImage-10-a-2041.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 49 KB
49 KB 120ms
57ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/thom-langford-largeImage-10-a-2041.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ec1ddaa969a60e88a7ce9fca51b4db8665341d90276dc7c1c45732cd2b7c0b97

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Fri, 13 Oct 2017 13:27:53 GMT
X-Trans-Id: txd52534d48b4b4e0ab9b86-006001563fdfw1
ETag: 9794ad7d53e63d440528f6269b61eb43
Content-Type: image/jpeg
X-Timestamp: 1507901272.35761
Cache-Control: public, max-age=13754
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50070
Expires: Fri, 05 Feb 2021 22:43:49 GMT

GET
H/1.1 200
OK john-walp-largeImage-a-780.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 120 KB
120 KB 160ms
80ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/john-walp-largeImage-a-780.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 95a98f7584b41c7846eca27c8c01226384b9b8cf1dd80451e05e39ed0ea23e95

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Tue, 29 Oct 2013 16:32:19 GMT
X-Trans-Id: txe6dc52630846466c9436d-00600fc1a5dfw1
ETag: de06c946654fe053abf9a32c7c5403ae
Content-Type: image/jpeg
X-Timestamp: 1383064338.62358
Cache-Control: public, max-age=85496
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 122431
Expires: Sat, 06 Feb 2021 18:39:31 GMT

GET
H/1.1 200
OK naasief-edross-senior-technical-leader-in-ciscos-security-business-group-largeImage-4-a-3511.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 15 KB
15 KB 106ms
78ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/naasief-edross-senior-technical-leader-in-ciscos-security-business-group-largeImage-4-a-3511.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 06de7c9fe72bb7c64bcdf8c5399d644473a36541d26caca1c23efe20aa1d656b

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Mon, 20 Jul 2020 20:53:46 GMT
X-Trans-Id: txaf0d73fbf29441ccad612-006019ae80dfw1
ETag: f8c1aec62e3d5f09c48e09a68865ecd9
Content-Type: image/jpeg
X-Timestamp: 1595278425.64514
Cache-Control: public, max-age=11127
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14909
Expires: Fri, 05 Feb 2021 22:00:02 GMT

GET
H/1.1 200
OK art-coviello-largeImage-4-a-1677.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 43 KB
44 KB 121ms
53ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/art-coviello-largeImage-4-a-1677.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7d0f9b0b591c5265ae7b8b1f8d84983cdac7dd6aef1bd64c9f60747cf93c49c4

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Wed, 13 Jul 2016 20:41:34 GMT
X-Trans-Id: tx3e2c33af744249f39f4f8-00601ab2b0dfw1
ETag: dd8304a0159c1f29e5e068f1cde660ac
Content-Type: image/jpeg
X-Timestamp: 1468442493.89883
Cache-Control: public, max-age=7464
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44351
Expires: Fri, 05 Feb 2021 20:58:59 GMT

GET
H/1.1 200
OK data-protection-for-kubernetes-workloads-logo-4-w-7515.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 25 KB
26 KB 45ms
44ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/data-protection-for-kubernetes-workloads-logo-4-w-7515.JPG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: aed6b24dec61af8b6701926d0fe2a8f3a73b86d3ae106959f3efcbe6c0d6e63b

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Thu, 04 Feb 2021 09:52:44 GMT
X-Trans-Id: txaeb5db42c71245529a395-00601c0976dfw1
ETag: bc36cdefa6c9012e331b47c292786f9e
Content-Type: image/jpeg
X-Timestamp: 1612432363.18386
Cache-Control: public, max-age=66156
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25893
Expires: Sat, 06 Feb 2021 13:17:11 GMT

GET
H/1.1 200
OK multi-cloud-data-protection-solutions-logo-8-w-7510.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 45 KB
45 KB 44ms
44ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/multi-cloud-data-protection-solutions-logo-8-w-7510.JPG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 34b0e89ab45c3699dffc71241329484503e8fb300b5ef93d964337f5d47ff040

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Thu, 04 Feb 2021 09:10:01 GMT
X-Trans-Id: txf1ad09dfd75c4613a4b76-00601c020ddfw1
ETag: 49af27e6488c7aae6160bd6d55e0c2d6
Content-Type: image/jpeg
X-Timestamp: 1612429800.97838
Cache-Control: public, max-age=66178
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46034
Expires: Sat, 06 Feb 2021 13:17:33 GMT

GET
H/1.1 200
OK dell-emc-data-protection-solutions-logo-10-w-7511.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 42 KB
43 KB 44ms
43ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/dell-emc-data-protection-solutions-logo-10-w-7511.JPG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ff156a5b6de57332f7733fabec0ed5f0696038c04106c0a623951b8f34514bd2

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Thu, 04 Feb 2021 09:22:50 GMT
X-Trans-Id: txad628679d4344533bdce1-00601c020ddfw1
ETag: 83ae1b3e94dac03b11c001a7289f4e6c
Content-Type: image/jpeg
X-Timestamp: 1612430569.84376
Cache-Control: public, max-age=61479
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43436
Expires: Sat, 06 Feb 2021 11:59:14 GMT

GET
H/1.1 200
OK periodic-table-data-protection-logo-3-w-7512.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 33 KB
34 KB 42ms
41ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/periodic-table-data-protection-logo-3-w-7512.JPG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ab0f6e4ad930c51195137c219a36d6b5574afff4729a195bca67739c14809124

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Thu, 04 Feb 2021 09:28:06 GMT
X-Trans-Id: tx62cff02b85d6491c8293c-00601c020ddfw1
ETag: 41774947d8015b042e9267abef17297d
Content-Type: image/jpeg
X-Timestamp: 1612430885.04250
Cache-Control: public, max-age=61417
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34254
Expires: Sat, 06 Feb 2021 11:58:12 GMT

GET
H/1.1 200
OK combatting-cybercrime-pdf-9-h-103.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 358 KB
358 KB 185ms
58ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/combatting-cybercrime-pdf-9-h-103.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7ff5b98c09ec9d2af43d4108160ea0455f91f415f83031cc79fbe24a3a765bb8

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Tue, 26 Nov 2019 19:37:47 GMT
X-Trans-Id: tx552ba08b288841ddbad65-005f3e6c75dfw1
ETag: 11a3adb400c0ff282a505428b1d7be73
Content-Type: image/jpeg
X-Timestamp: 1574797066.57975
Cache-Control: public, max-age=73119
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 366322
Expires: Sat, 06 Feb 2021 15:13:14 GMT

GET
H/1.1 200
OK top-canadian-cyber-threats-expected-in-2020-logo-9-h-102.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 76 KB
77 KB 188ms
59ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/top-canadian-cyber-threats-expected-in-2020-logo-9-h-102.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eb9ec684a7198fded61e248eaff2d28d0c9f8a15dfee8d9afff66aa6ff200461

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Mon, 28 Oct 2019 13:57:45 GMT
X-Trans-Id: tx5880a9bfcf3040708dd92-005f3e79fbdfw1
ETag: 69913c61181f1fc9d730d6c8298e55c4
Content-Type: image/jpeg
X-Timestamp: 1572271064.63410
Cache-Control: public, max-age=55690
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78320
Expires: Sat, 06 Feb 2021 10:22:45 GMT

GET
H/1.1 200
OK leveraging-new-technologies-in-fraud-investigations-logo-7-h-101.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 197 KB
198 KB 268ms
45ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/leveraging-new-technologies-in-fraud-investigations-logo-7-h-101.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c70242480ad0a0ecc7c305d659f1fdb3a9cb1eb480927b46f8bd62d33ed0f8b2

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Tue, 15 Oct 2019 14:06:53 GMT
X-Trans-Id: tx66936de02541499e94a04-0060150139dfw1
ETag: e3e068e355cdbfaa15e88b627d7ebc55
Content-Type: image/jpeg
X-Timestamp: 1571148412.42493
Cache-Control: public, max-age=37506
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 202154
Expires: Sat, 06 Feb 2021 05:19:42 GMT

GET
H/1.1 200
OK collaboration-avoiding-operational-conflicts-taking-on-new-roles-logo-10-h-100.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 87 KB
88 KB 303ms
41ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/collaboration-avoiding-operational-conflicts-taking-on-new-roles-logo-10-h-100.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4c57a77761f2639985b760e69c5bbaffceb6100559dcf3296d3cc96ea6a0d305

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Wed, 02 Oct 2019 13:41:41 GMT
X-Trans-Id: tx319872fb47614d33badca-005f3ed76cdfw1
ETag: 36c70127fa172aa8ce8cd235fddf4c97
Content-Type: image/jpeg
X-Timestamp: 1570023700.81183
Cache-Control: public, max-age=6066
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89481
Expires: Fri, 05 Feb 2021 20:35:42 GMT

GET
H/1.1 200
OK securing-distributed-workforce-survey-showcase_image-1-s-84.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 83 KB
84 KB 164ms
57ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/securing-distributed-workforce-survey-showcase_image-1-s-84.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ec5b161252a2e2b526491ccae0f9bc98461f13ac082579421043e9d556ea2f3d

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Wed, 16 Sep 2020 20:37:30 GMT
X-Trans-Id: tx9d42dc79eb664b249ab3f-005fd1b062dfw1
ETag: 5694412cdb081e33be6760fae149e796
Content-Type: image/jpeg
X-Timestamp: 1600288649.09953
Cache-Control: public, max-age=18524
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 85143
Expires: Sat, 06 Feb 2021 00:03:19 GMT

GET
H/1.1 200
OK securing-telemedicine-future-remote-healthcare-showcase_image-4-s-82.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 78 KB
78 KB 156ms
57ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/securing-telemedicine-future-remote-healthcare-showcase_image-4-s-82.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 88c5a42e7fbc0839487147414a88531996b455a15cfc7d43dbc0102e55490f89

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Fri, 19 Jun 2020 20:27:30 GMT
X-Trans-Id: txe4fb3db76453404a90190-005fd1c408dfw1
ETag: 277c051b9980d6d67e9279ed59b4b968
Content-Type: image/jpeg
X-Timestamp: 1592598449.94175
Cache-Control: public, max-age=81822
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79854
Expires: Sat, 06 Feb 2021 17:38:17 GMT

GET
H/1.1 200
OK managing-identity-governance-data-breach-risks-todays-remote-workforce-showcase_image-7-s-80.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 87 KB
87 KB 159ms
59ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/managing-identity-governance-data-breach-risks-todays-remote-workforce-showcase_image-7-s-80.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dc13abd25a627a2481bced8a69e5daace0cac7eeb2ee19e7bc5b16852adc4279

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Fri, 24 Apr 2020 20:49:35 GMT
X-Trans-Id: txed7f97c1826745169363f-005f95a15bdfw1
ETag: 798bc33a31e70aade019309a9fa16e27
Content-Type: image/jpeg
X-Timestamp: 1587761374.72132
Cache-Control: public, max-age=26434
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88866
Expires: Sat, 06 Feb 2021 02:15:09 GMT

GET
H/1.1 200
OK taking-pulse-government-cybersecurity-2020-showcase_image-4-s-77.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 95 KB
95 KB 150ms
63ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/taking-pulse-government-cybersecurity-2020-showcase_image-4-s-77.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f12bfcfe32a118f715dbfbd7c13833f73ed857e42dae19f8ef24fc8b473840af

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Mon, 23 Mar 2020 21:52:35 GMT
X-Trans-Id: tx5dcd30b47d004896910f3-005fd1b07bdfw1
ETag: 4af1e925902f765709fbac19d76f9149
Content-Type: image/jpeg
X-Timestamp: 1585000354.21724
Cache-Control: public, max-age=76951
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 97383
Expires: Sat, 06 Feb 2021 16:17:06 GMT

GET
H/1.1 200
OK understanding-economics-in-cloud-data-protection-designed-for-today-tomorrow-in-mind-logo-8-w-7513.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 30 KB
30 KB 44ms
43ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/understanding-economics-in-cloud-data-protection-designed-for-today-tomorrow-in-mind-logo-8-w-7513.JPG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8c358fba985e34fde571294a8d7e5be05aa97c1d7788651185d9b52d68131ad2

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Thu, 04 Feb 2021 09:35:48 GMT
X-Trans-Id: txe661b6becaf44768b8f4d-00601c020ddfw1
ETag: 5bc207805413e41fb9ad5f8d93299882
Content-Type: image/jpeg
X-Timestamp: 1612431347.55323
Cache-Control: public, max-age=66219
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30417
Expires: Sat, 06 Feb 2021 13:18:14 GMT

GET
H/1.1 200
OK virtual-cybersecurity-summit-identity-access-management-showcase_image-5-e-331.jpg
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/ 72 KB
73 KB 184ms
61ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/virtual-cybersecurity-summit-identity-access-management-showcase_image-5-e-331.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3633addd8e4ba32729c9740bb8ca92b8407b088533fb710184f7e4ca383606dc

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Mon, 11 Jan 2021 15:14:43 GMT
X-Trans-Id: tx04b3ed261ef74f9aa647f-00600e4d6ddfw1
ETag: d06ce742d2bc9748e8173e98f6d17a1b
Content-Type: image/jpeg
X-Timestamp: 1610378082.46415
Cache-Control: public, max-age=41438
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 73890
Expires: Sat, 06 Feb 2021 06:25:13 GMT

GET
H/1.1 200
OK virtual-cybersecurity-summit-sea-showcase_image-3-e-329.jpg
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/ 96 KB
97 KB 229ms
45ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/virtual-cybersecurity-summit-sea-showcase_image-3-e-329.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2f7e96cd56d353d7b58766474e692a0675d2df71c3b7eb6839a21ca176080633

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Thu, 03 Dec 2020 16:26:39 GMT
X-Trans-Id: txf9b619598a534b7682df5-006015013bdfw1
ETag: 681ebc89263acbbb3c1cfcdce90a0d3f
Content-Type: image/jpeg
X-Timestamp: 1607012798.24235
Cache-Control: public, max-age=27540
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 98425
Expires: Sat, 06 Feb 2021 02:33:36 GMT

GET
H/1.1 200
OK virtual-cybersecurity-summit-emea-showcase_image-7-e-332.jpg
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/ 61 KB
62 KB 144ms
60ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/virtual-cybersecurity-summit-emea-showcase_image-7-e-332.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cd9cd7798ee12da699ea200f4f323b45ccafad4749e557fe7023ee7583c8b556

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Mon, 11 Jan 2021 15:28:16 GMT
X-Trans-Id: txf01b58f819a34cd1bdf63-006015013edfw1
ETag: 6815ba4d5b0e94840eed4c16477dc3e8
Content-Type: image/jpeg
X-Timestamp: 1610378895.12479
Cache-Control: public, max-age=27584
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62852
Expires: Sat, 06 Feb 2021 02:34:20 GMT

GET
H/1.1 200
OK virtual-cybersecurity-summit-healthcare-showcase_image-3-e-333.jpg
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/ 56 KB
57 KB 179ms
45ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/virtual-cybersecurity-summit-healthcare-showcase_image-3-e-333.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c6fafa1c41875d3dd1720c87f143f5220d0dac3cb85bb3cb682de0f0a0f6a149

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Mon, 11 Jan 2021 15:30:04 GMT
X-Trans-Id: tx8d15330a65d7494ca9d1d-00600bc6eadfw1
ETag: 7510d8987606c91c076db553ad6f8349
Content-Type: image/jpeg
X-Timestamp: 1610379003.60441
Cache-Control: public, max-age=48018
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57730
Expires: Sat, 06 Feb 2021 08:14:54 GMT

GET
H/1.1 200
OK redefining-mobile-security-and-works-showcase_image-7-w-2273.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 187 KB
187 KB 46ms
45ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/redefining-mobile-security-and-works-showcase_image-7-w-2273.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f5f24ffc5d931243a6e2818cac716ed061b7cf0065aead0b1ab77e8c2af890cb

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Mon, 16 Dec 2019 14:31:16 GMT
X-Trans-Id: tx6f1b68ef523640ee8fce2-005f95c545dfw1
ETag: 0361dfeccb1a59b88690bb5349e1ca4a
Content-Type: image/jpeg
X-Timestamp: 1576506675.18748
Cache-Control: public, max-age=37445
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 191395
Expires: Sat, 06 Feb 2021 05:18:40 GMT

GET
H/1.1 200
OK ethics-ml-ai-showcase_image-5-w-2274.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 172 KB
172 KB 42ms
42ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ethics-ml-ai-showcase_image-5-w-2274.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7bcd31cd48941d1287630c9f1f852616cf59a1d86e3456ebee40bb2ea9519e78

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Mon, 16 Dec 2019 14:40:21 GMT
X-Trans-Id: txb725aeaa966c4921b7949-006003c166dfw1
ETag: 3f868326180ec04482c8f7f7026be9ca
Content-Type: image/jpeg
X-Timestamp: 1576507220.38776
Cache-Control: public, max-age=72072
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 175715
Expires: Sat, 06 Feb 2021 14:55:48 GMT

GET
H/1.1 200
OK developing-cyber-resilient-systems-national-imperative-for-critical-systems-operating-in-hostile-cyber-space-showcase_image-3-w-2260.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 179 KB
180 KB 72ms
71ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/developing-cyber-resilient-systems-national-imperative-for-critical-systems-operating-in-hostile-cyber-space-showcase_image-3-w-2260.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5e2499d3798db90822314fc9ac000ec6fc02669dd40ccafd5a7a4c0a5429153e

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Wed, 04 Dec 2019 20:03:21 GMT
X-Trans-Id: tx4c97ab7960074e0d8f8c2-005fd1c407dfw1
ETag: f79259091bb7d189682a5344dcd7358d
Content-Type: image/jpeg
X-Timestamp: 1575489800.87694
Cache-Control: public, max-age=66140
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 183523
Expires: Sat, 06 Feb 2021 13:16:56 GMT

GET
H/1.1 200
OK ai-disruption-cybersecurity-showcase_image-9-w-2261.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 163 KB
164 KB 48ms
47ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ai-disruption-cybersecurity-showcase_image-9-w-2261.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 652663d1ec2a8aed95a736ce7166461c7ab50b432012166b69af6c042eb88668

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Wed, 04 Dec 2019 21:13:21 GMT
X-Trans-Id: txb8339fdc90214faeb904a-005fed4887dfw1
ETag: 045e870b53fcee3be51a01108b1d0ac2
Content-Type: image/jpeg
X-Timestamp: 1575494000.53666
Cache-Control: public, max-age=56968
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 167114
Expires: Sat, 06 Feb 2021 10:44:04 GMT

GET
H/1.1 200
OK best-practices-for-implementing-comprehensive-identity-governance-solution-showcase_image-7-w-2126.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 158 KB
158 KB 53ms
53ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/best-practices-for-implementing-comprehensive-identity-governance-solution-showcase_image-7-w-2126.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9cfda57bf5032c33579ba5213ea3f6f04ae76eddf8169ccc03b65dad46387700

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Wed, 21 Aug 2019 16:07:31 GMT
X-Trans-Id: txb7323cf12ca043949b393-005fd1c408dfw1
ETag: ac5ec7485b98a4e425694526cac66c60
Content-Type: image/jpeg
X-Timestamp: 1566403650.23177
Cache-Control: public, max-age=37439
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 161648
Expires: Sat, 06 Feb 2021 05:18:35 GMT

GET
H/1.1 200
OK zero-trust-approach-for-healthcare-showcase_image-4-w-2071.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 135 KB
136 KB 50ms
50ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/zero-trust-approach-for-healthcare-showcase_image-4-w-2071.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3c766722210633878a01a1266168f93abd804eb1d5b90539146ed55870822f1d

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Fri, 28 Jun 2019 20:21:33 GMT
X-Trans-Id: txd3d0b109c8de4c409570e-005fd1c407dfw1
ETag: dd5032aff4d05ed19b21dbe830b01316
Content-Type: image/jpeg
X-Timestamp: 1561753292.90767
Cache-Control: public, max-age=37597
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 138422
Expires: Sat, 06 Feb 2021 05:21:13 GMT

GET
H/1.1 200
OK reducing-risk-now-showcase_image-7-w-2052.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 134 KB
134 KB 43ms
43ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/reducing-risk-now-showcase_image-7-w-2052.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 971f0c03a1e63271a19b7de81d084c6acf81e7506dae8b31a0c6587c6ddf6a34

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Fri, 28 Jun 2019 20:15:01 GMT
X-Trans-Id: txe26889a249634e61a016c-006003c168dfw1
ETag: 79f8120d6bfab756d31e5f38dbdd523c
Content-Type: image/jpeg
X-Timestamp: 1561752900.06505
Cache-Control: public, max-age=37538
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 136753
Expires: Sat, 06 Feb 2021 05:20:14 GMT

GET
H/1.1 200
OK todays-trends-in-e-commerce-fraud-showcase_image-4-a-13927.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 69 KB
70 KB 46ms
45ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/todays-trends-in-e-commerce-fraud-showcase_image-4-a-13927.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 073ce3168634ada329dac67b06abf8e481474d636b512e6b558cc779d00e8fab

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Wed, 11 Mar 2020 18:40:32 GMT
X-Trans-Id: tx5cc0850ecc9e483c9d511-0060028172dfw1
ETag: b710debdf96f2b48a22aa4a8f63dc7d4
Content-Type: image/jpeg
X-Timestamp: 1583952031.64606
Cache-Control: public, max-age=77330
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70886
Expires: Sat, 06 Feb 2021 16:23:26 GMT

GET
H/1.1 200
OK achieving-true-predictive-security-analytics-showcase_image-2-a-13878.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 54 KB
55 KB 45ms
45ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/achieving-true-predictive-security-analytics-showcase_image-2-a-13878.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 199cd24e6b0d526eb0c06060d87dee6425d302456b0a2cb3015778f6401c476d

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Wed, 04 Mar 2020 21:51:00 GMT
X-Trans-Id: txfd0aa16e28cf4127866b3-0060150149dfw1
ETag: 3cd4bf863b88b9c29a24cef0ad690ce1
Content-Type: image/jpeg
X-Timestamp: 1583358659.31089
Cache-Control: public, max-age=36951
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 55733
Expires: Sat, 06 Feb 2021 05:10:27 GMT

GET
H/1.1 200
OK tackling-challenges-around-dwell-times-visibility-showcase_image-8-a-13884.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 59 KB
59 KB 80ms
80ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/tackling-challenges-around-dwell-times-visibility-showcase_image-8-a-13884.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3e7547a62e6d182a13a336293cc60a80152ad60e7cc2ae1d2aa6c1539eeeb2d3

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Thu, 05 Mar 2020 16:04:36 GMT
X-Trans-Id: txd26d7763d2ae410596316-005f3e5989dfw1
ETag: f159c9867556eec8a5360d3493db29ad
Content-Type: image/jpeg
X-Timestamp: 1583424275.63523
Cache-Control: public, max-age=71867
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60191
Expires: Sat, 06 Feb 2021 14:52:23 GMT

GET
H/1.1 200
OK best-rsa-conference-2020-showcase_image-1-a-14011.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 100 KB
101 KB 50ms
50ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/best-rsa-conference-2020-showcase_image-1-a-14011.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8d24db7742c1a5864fcef9b95b39da9f4bdce218cd525cbd2a6c1233a9cb020e

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Wed, 25 Mar 2020 19:33:42 GMT
X-Trans-Id: tx7732516ead764d2bbf872-005ff39b3edfw1
ETag: 5509cbbd99ddd348f3533b4b8f6a0da9
Content-Type: image/jpeg
X-Timestamp: 1585164821.83821
Cache-Control: public, max-age=71899
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102596
Expires: Sat, 06 Feb 2021 14:52:55 GMT

GET
H/1.1 200
OK infosec-europe-2019-compendium-imageFile-2-a-12739.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 89 KB
89 KB 66ms
65ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/infosec-europe-2019-compendium-imageFile-2-a-12739.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4546d13ea9bae9935dcd23f61d215a528120a53479bf51e372de3420029ed535

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Fri, 05 Jul 2019 20:13:34 GMT
X-Trans-Id: txba3299ac511241d3a1f31-006015014cdfw1
ETag: f9dab7917669551bb50361c2dcd43aa7
Content-Type: image/jpeg
X-Timestamp: 1562357613.59432
Cache-Control: public, max-age=82272
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91187
Expires: Sat, 06 Feb 2021 17:45:48 GMT

GET
H/1.1 200
OK improving-iot-risk-management-showcase_image-10-a-12689.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 60 KB
61 KB 61ms
61ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/improving-iot-risk-management-showcase_image-10-a-12689.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6ec9288103b5919c36e28909faf04364cdf19cf7687e234663d0d9daab65a3c0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Fri, 28 Jun 2019 14:04:32 GMT
X-Trans-Id: txc98e0919cc394a8b9972f-005ff39538dfw1
ETag: 7f5fdd9cf37f980ea13c12c231815e13
Content-Type: image/jpeg
X-Timestamp: 1561730671.53151
Cache-Control: public, max-age=81749
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61807
Expires: Sat, 06 Feb 2021 17:37:05 GMT

GET
H/1.1 200
OK gdpr-where-do-we-go-from-here-showcase_image-1-a-12681.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 62 KB
62 KB 47ms
47ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/gdpr-where-do-we-go-from-here-showcase_image-1-a-12681.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8bc7f122cae9e9efd75cd58076d06fb057d8f50abf07ffc1716e17d87682b9cf

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Tue, 25 Jun 2019 19:30:48 GMT
X-Trans-Id: tx793fb3e26246486cb5469-00600e4d6fdfw1
ETag: bba47bed092092a1c82b09a86a3a0e40
Content-Type: image/jpeg
X-Timestamp: 1561491047.60933
Cache-Control: public, max-age=48775
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63007
Expires: Sat, 06 Feb 2021 08:27:31 GMT

GET
H/1.1 200
OK reinventing-application-security-showcase_image-10-a-12671.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 53 KB
53 KB 56ms
56ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/reinventing-application-security-showcase_image-10-a-12671.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4179815331b1b050e45da1ccf1d1a8cb50904e1cbb92228b32d55d545d4aaf7c

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Tue, 25 Jun 2019 19:54:35 GMT
X-Trans-Id: txdb7a1058ccc14762bc331-005f3efc16dfw1
ETag: 89521d60b07d7e85acabbf0301821f45
Content-Type: image/jpeg
X-Timestamp: 1561492474.52472
Cache-Control: public, max-age=77424
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54026
Expires: Sat, 06 Feb 2021 16:25:00 GMT

GET
H/1.1 200
OK mathew-j-schwartz-largeImage-4-a-892.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 63 KB
63 KB 177ms
74ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/mathew-j-schwartz-largeImage-4-a-892.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 23da1dd7c3c9ea31b5cba0b16ddc8bd521f11ba2b622692f4ec5703fc7555221

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Mon, 11 Mar 2019 20:31:08 GMT
X-Trans-Id: tx7331da471f0a4bcaa332b-005ff83f15dfw1
ETag: 0a4204e2649185daf7ea39a3c953e722
Content-Type: image/jpeg
X-Timestamp: 1552336267.88871
Cache-Control: public, max-age=1609
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64095
Expires: Fri, 05 Feb 2021 19:21:24 GMT

GET
H/1.1 200
OK darkside-ransomware-gang-launches-affiliate-program-showcase_image-1-p-2968.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 76 KB
76 KB 495ms
488ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/darkside-ransomware-gang-launches-affiliate-program-showcase_image-1-p-2968.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5c58138f3203be4168c8b07177fb1cef74af0288d7d728f8ff76b7558393814c

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Thu, 12 Nov 2020 10:40:44 GMT
X-Trans-Id: txcf0339234c2447b0b8616-00601d946bdfw1
ETag: 936df6f81045b0b857956d2f2512a533
Content-Type: image/jpeg
X-Timestamp: 1605177643.58519
Cache-Control: public, max-age=86345
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77551
Expires: Sat, 06 Feb 2021 18:53:40 GMT

GET
H/1.1 200
OK darkside-ransom-note-bleeeping.jpg
dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/files/images_articles/ 226 KB
226 KB 939ms
833ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/files/images_articles/darkside-ransom-note-bleeeping.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 97cee131e5d1b5a56dd4a7e5ef5928da3e034863c8da5af632464e73d181430a

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:37 GMT
Last-Modified: Mon, 24 Aug 2020 12:38:09 GMT
X-Trans-Id: txa92602b115bd45659daf9-00601d946cdfw1
ETag: 53b12aa44ff50c06ec18a0219ebeeb4a
Content-Type: image/jpeg
X-Timestamp: 1598272688.23780
Cache-Control: public, max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 231397
Expires: Mon, 08 Feb 2021 18:54:37 GMT

GET
H/1.1 200
OK darkside-kela-affiliate-cut-w1198.jpg
dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/files/images_articles/ 146 KB
146 KB 661ms
328ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/files/images_articles/darkside-kela-affiliate-cut-w1198.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3c22bab3939dedf4827a886032ce8c275047ea3a86c206157aa4aee67f3de8e1

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Wed, 11 Nov 2020 17:14:28 GMT
X-Trans-Id: txf21d553645e14a648f63f-00601d946cdfw1
ETag: ed372699aefcdc1d5e200f6b1913c32a
Content-Type: image/jpeg
X-Timestamp: 1605114867.80384
Cache-Control: public, max-age=259167
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 149385
Expires: Mon, 08 Feb 2021 18:54:03 GMT

GET
H/1.1 200
OK ransomware-darkside-debuts-script-kiddies-tap-dharma-showcase_image-4-a-14874.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 101 KB
101 KB 270ms
270ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ransomware-darkside-debuts-script-kiddies-tap-dharma-showcase_image-4-a-14874.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0d718283d1d3eee75ad04351313b0e4fddfb59b2768d94b94e09c1c789ab8c80

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Mon, 24 Aug 2020 12:57:59 GMT
X-Trans-Id: tx7beccc2c1e744355ad0f9-00601d946cdfw1
ETag: 4819c76c67552dd1d668510774527a56
Content-Type: image/jpeg
X-Timestamp: 1598273878.15651
Cache-Control: public, max-age=86359
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103338
Expires: Sat, 06 Feb 2021 18:53:55 GMT

GET
H/1.1 200
OK darkside-kela-looking-for-w1614.jpg
dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/files/images_articles/ 315 KB
316 KB 1103ms
404ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/files/images_articles/darkside-kela-looking-for-w1614.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f74e2d00963a2a0a8b523d320bfb68aa86874bdf0997c56c1c5364a52c39e114

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:37 GMT
Last-Modified: Wed, 11 Nov 2020 17:15:47 GMT
X-Trans-Id: tx0f0d40df0e444fa4993e3-00601d946cdfw1
ETag: b1da126e3e0b84659e392803a940ea77
Content-Type: image/jpeg
X-Timestamp: 1605114946.54137
Cache-Control: public, max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 322994
Expires: Mon, 08 Feb 2021 18:54:37 GMT

GET
H/1.1 200
OK face-devops-challenges-head-on-redefined-approach-to-application-monitoring-pdf-10-w-6572.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 362 KB
363 KB 482ms
481ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/face-devops-challenges-head-on-redefined-approach-to-application-monitoring-pdf-10-w-6572.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2d24591129b05f46613a8205ac60f194126e4d195ec4869c279995b082e44d34

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Tue, 11 Aug 2020 01:37:25 GMT
X-Trans-Id: txcbe5879640244b05aaab4-00601d946cdfw1
ETag: 39cbe662a0cca04fdc9c0caafe00d82f
Content-Type: image/jpeg
X-Timestamp: 1597109844.69029
Cache-Control: public, max-age=86371
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 370923
Expires: Sat, 06 Feb 2021 18:54:07 GMT

GET
H/1.1 200
OK splunk-predictions-2021-executive-report-pdf-2-w-7264.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 137 KB
137 KB 41ms
41ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/splunk-predictions-2021-executive-report-pdf-2-w-7264.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 77f76d1732075ad840bef40edca2f007e10ae98bf0ee054c569cae5147702804

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Fri, 11 Dec 2020 15:32:37 GMT
X-Trans-Id: txaf63836effb344c693511-0060190c3edfw1
ETag: 08c613b11f0348da696d3202069ba8e6
Content-Type: image/jpeg
X-Timestamp: 1607700756.09222
Cache-Control: public, max-age=50337
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 139990
Expires: Sat, 06 Feb 2021 08:53:33 GMT

GET
H/1.1 200
OK top-50-security-threats-pdf-3-w-7197.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 133 KB
133 KB 43ms
43ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/top-50-security-threats-pdf-3-w-7197.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9b17ef8136ff4490261985a5fa3797823003fa9b6215927406320ffc6dd0454f

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Thu, 26 Nov 2020 03:25:12 GMT
X-Trans-Id: txe2d03e67671d4a938021c-006005a741dfw1
ETag: 3ab548d81e0bea84e6676e4b83ebf800
Content-Type: image/jpeg
X-Timestamp: 1606361111.12978
Cache-Control: public, max-age=41624
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 135741
Expires: Sat, 06 Feb 2021 06:28:20 GMT

GET
H/1.1 200
OK what-next-generation-aml-logo-4-w-7105.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 45 KB
45 KB 206ms
206ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/what-next-generation-aml-logo-4-w-7105.JPG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c01655285f92ca94e19688e8fd484c2e489b62d2fb8084d187830328121165e7

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Fri, 06 Nov 2020 13:21:01 GMT
X-Trans-Id: txa2a25b11387940f79655e-00601d946cdfw1
ETag: 6a158d1490bc83445ec2125223c3ca7e
Content-Type: image/jpeg
X-Timestamp: 1604668860.43635
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45783
Expires: Sat, 06 Feb 2021 18:54:36 GMT

GET
H/1.1 200
OK defining-refining-next-gen-aml-showcase_image-4-a-15736.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 54 KB
54 KB 53ms
53ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/defining-refining-next-gen-aml-showcase_image-4-a-15736.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 35e787a2043b2e95c58f997a71288074c3213de82c2bca137efd3d34ed62240e

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Tue, 12 Jan 2021 18:28:02 GMT
X-Trans-Id: txab8354d9913e40c39ca83-00601146d1dfw1
ETag: 084e1ad4d5fc5ae0e036159c62ccaa59
Content-Type: image/jpeg
X-Timestamp: 1610476081.54430
Cache-Control: public, max-age=5973
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 55290
Expires: Fri, 05 Feb 2021 20:34:09 GMT

GET
H/1.1 404
Not Found youve-got-bec-logo-10-w-6660.PNG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 0
0 226ms
210ms Image
text/html 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/youve-got-bec-logo-10-w-6660.PNG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 404
Not Found stopping-bec-eac-logo-2-w-6710.PNG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 0
0 292ms
262ms Image
text/html 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/stopping-bec-eac-logo-2-w-6710.PNG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK darktrace-cyber-ai-immune-system-for-cloud-security-logo-9-w-7353.PNG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 32 KB
33 KB 104ms
65ms Image
image/png 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/darktrace-cyber-ai-immune-system-for-cloud-security-logo-9-w-7353.PNG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: da1650fa70ceadad47bc6ebde8f84fa2372fdb96bd7a15014e6bb58407813f10

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Tue, 05 Jan 2021 00:27:19 GMT
X-Trans-Id: tx93cc9b5bfb304d129331d-00601ad6fddfw1
ETag: 659b2c9d4c98deff27ca3c9d960b241e
Content-Type: image/png
X-Timestamp: 1609806438.47189
Cache-Control: public, max-age=3029
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33003
Expires: Fri, 05 Feb 2021 19:45:05 GMT

GET
H/1.1 200
OK autonomous-response-threats-darktrace-antigena-finds-logo-9-w-7351.PNG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 442 KB
442 KB 151ms
48ms Image
image/png 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/autonomous-response-threats-darktrace-antigena-finds-logo-9-w-7351.PNG
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d3d25e2880e7571f103144efb96b58b4909cc40cb5da975f2afd36f2566b7e66

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Mon, 04 Jan 2021 23:41:08 GMT
X-Trans-Id: tx6599278c4a17429ebc116-00601bd116dfw1
ETag: c266c39531fc845f88d9529547d36d45
Content-Type: image/png
X-Timestamp: 1609803667.29187
Cache-Control: public, max-age=54127
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 452281
Expires: Sat, 06 Feb 2021 09:56:43 GMT

GET
H/1.1 200
OK threat-intelligence-solutions-sans-review-anomali-threatstream-pdf-10-w-7385.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 233 KB
234 KB 162ms
57ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/threat-intelligence-solutions-sans-review-anomali-threatstream-pdf-10-w-7385.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 649a363568f14d159a2e31d05081c63ee31a1fd60c4bbd8469c3b0e1b9b86107

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Thu, 07 Jan 2021 20:45:16 GMT
X-Trans-Id: tx9a58e513f88b464f84c92-00601ce60fdfw1
ETag: 0341fea1dc5b11ec63e847235f6df66d
Content-Type: image/jpeg
X-Timestamp: 1610052315.50017
Cache-Control: public, max-age=41765
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 238908
Expires: Sat, 06 Feb 2021 06:30:40 GMT

GET
H/1.1 200
OK sans-measuring-improving-cyber-defense-using-mitre-attck-framework-pdf-5-w-7383.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 259 KB
260 KB 162ms
57ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/sans-measuring-improving-cyber-defense-using-mitre-attck-framework-pdf-5-w-7383.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 13892975e33fb5853617147076b1874a6c3ff9b63825ebc784db3259776e0b60

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Thu, 07 Jan 2021 20:42:41 GMT
X-Trans-Id: tx93598c1e03474164a27b3-00601ce656dfw1
ETag: da9856c9267be1b03b155bbb8c15988b
Content-Type: image/jpeg
X-Timestamp: 1610052160.20147
Cache-Control: public, max-age=41763
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 265624
Expires: Sat, 06 Feb 2021 06:30:38 GMT

GET
H/1.1 200
OK roi-study-economic-validation-report-anomali-threat-intelligence-platform-pdf-1-w-7382.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 191 KB
191 KB 187ms
80ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/roi-study-economic-validation-report-anomali-threat-intelligence-platform-pdf-1-w-7382.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3cc579371308375f205bf88027aa245e12aec11c335030eda4b9187ff6cca66c

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Thu, 07 Jan 2021 20:40:12 GMT
X-Trans-Id: tx4310a2ee1cc1424a8a66a-00601b58ebdfw1
ETag: 3dc170428f1d6fa102e859a84ddfdec6
Content-Type: image/jpeg
X-Timestamp: 1610052011.68010
Cache-Control: public, max-age=41430
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 195570
Expires: Sat, 06 Feb 2021 06:25:05 GMT

GET
H/1.1 200
OK managing-threat-intelligence-ebook-pdf-7-w-7387.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 100 KB
101 KB 165ms
59ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/managing-threat-intelligence-ebook-pdf-7-w-7387.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 009c50127f611914331c33d1d49dbccb29f74a45de2b95a5904e0f2dffe373e8

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Thu, 07 Jan 2021 20:51:42 GMT
X-Trans-Id: txd7b4d1c672b640728aa81-00601ce4dedfw1
ETag: 056d5e3ce83015ea75c17d4320741324
Content-Type: image/jpeg
X-Timestamp: 1610052701.69028
Cache-Control: public, max-age=41457
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102902
Expires: Sat, 06 Feb 2021 06:25:32 GMT

GET
H/1.1 200
OK analysis-how-will-biden-address-cybersecurity-challenges-showcase_image-1-i-4829.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 71 KB
72 KB 45ms
45ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/analysis-how-will-biden-address-cybersecurity-challenges-showcase_image-1-i-4829.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f88b2b5e4a8f947a04577f81fd55971dc1670ce372f12980ed0069ceb1006b05

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Thu, 21 Jan 2021 19:35:58 GMT
X-Trans-Id: tx3b43e1bcf1e54629ae665-006015013bdfw1
ETag: 1a4d6b9010cd5a2770e98d450a165dbd
Content-Type: image/jpeg
X-Timestamp: 1611257757.06426
Cache-Control: public, max-age=72938
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 73057
Expires: Sat, 06 Feb 2021 15:10:14 GMT

GET
H/1.1 200
OK cross-vertical-data-security-strategies-japanese-language-showcase_image-7-i-4820.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 96 KB
97 KB 45ms
44ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/cross-vertical-data-security-strategies-japanese-language-showcase_image-7-i-4820.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 61ad563bdca64382404f02d2126abbde3f6017dc15c73f0149df822769c2fb78

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Wed, 06 Jan 2021 15:20:17 GMT
X-Trans-Id: tx8ea0f2db7144467480b85-0060113beddfw1
ETag: 8559dad33d09292138c2e4b7e42c4d77
Content-Type: image/jpeg
X-Timestamp: 1609946416.35116
Cache-Control: public, max-age=37533
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 98799
Expires: Sat, 06 Feb 2021 05:20:09 GMT

GET
H/1.1 200
OK putting-new-pacs-guidance-to-use-showcase_image-4-i-4828.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 103 KB
103 KB 43ms
42ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/putting-new-pacs-guidance-to-use-showcase_image-4-i-4828.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f7ca099949ccf915ad2c4fc296618c589c5d4a07010af23406e7965664577e45

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Tue, 19 Jan 2021 20:49:56 GMT
X-Trans-Id: tx452f85c52c9246cb84dc6-0060190059dfw1
ETag: f7396ba5a80ce5d3a8aaa819bc790fa3
Content-Type: image/jpeg
X-Timestamp: 1611089395.70064
Cache-Control: public, max-age=37484
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 105552
Expires: Sat, 06 Feb 2021 05:19:20 GMT

GET
H/1.1 200
OK a-us-national-privacy-law-on-horizon-showcase_image-10-i-4824.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 50 KB
50 KB 62ms
62ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/a-us-national-privacy-law-on-horizon-showcase_image-10-i-4824.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c78d434a0e90b6578ba0f4a69754ee0ef2a6d5ccfe3438b52a36c86334823d6d

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Mon, 18 Jan 2021 19:33:28 GMT
X-Trans-Id: tx98056a5ac7304e16931a0-0060150145dfw1
ETag: 5a5f9df86529b77c0fc56eae5fc6ba11
Content-Type: image/jpeg
X-Timestamp: 1610998407.40363
Cache-Control: public, max-age=37502
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51001
Expires: Sat, 06 Feb 2021 05:19:38 GMT

GET
H/1.1 200
OK evolution-application-ddos-defenses-showcase_image-2-i-4833.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 61 KB
62 KB 57ms
45ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/evolution-application-ddos-defenses-showcase_image-2-i-4833.jpg
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 16adfeba2e6bc0d26685f7a21642a4dcc6be70defc83052676fea7476242ccbc

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Last-Modified: Mon, 01 Feb 2021 21:55:33 GMT
X-Trans-Id: txd56d006662d540daa5d00-006018f091dfw1
ETag: 4d3eaf9a55bf218eb764ca2f79ed3184
Content-Type: image/jpeg
X-Timestamp: 1612216532.07261
Cache-Control: public, max-age=37463
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62789
Expires: Sat, 06 Feb 2021 05:18:59 GMT

GET
H/1.1 200
OK logo-ismg-with-text.png
www.bankinfosecurity.com/images-responsive/ 4 KB
4 KB 151ms
151ms Image
image/png 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankinfosecurity.com/images-responsive/logo-ismg-with-text.png

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

4e2db1bef009e01901b4083a153f1607301428277a76f508e659dc2849cefa04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 4175

GET
H/1.1 200
OK logo-ismg-print.png
www.bankinfosecurity.com/images-responsive/ 5 KB
6 KB 154ms
152ms Image
image/png 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankinfosecurity.com/images-responsive/logo-ismg-print.png

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

5133e2e1a213ca44a8adb1f42f103a2d2e495849dfa4d42bf67c04fcc962e577

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5598

POST
H2 200 ismg-user-ip Show response
worker.ismgcorp.com/ 15 B
199 B 647ms
162ms XHR
text/html 104.130.251.6
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://worker.ismgcorp.com/ismg-user-ip
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.min.js?s=1612551274.171
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.130.251.6 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 4a3f346ea5e34560b02f7ea3e1d25dc99ab15c8e6319ed99d7a93c5434623478

Request headers

Accept: */*
Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:35 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
content-length: 33

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 56 KB
19 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31184dd2e52ea96dd942ade7ee1f4f59ea6191c0a055a229085c5fdabc2391a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "774 / 182 of 1000 / last-modified: 1612543481"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 19154
x-xss-protection: 0
expires: Fri, 05 Feb 2021 18:54:36 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 98ms
38ms Script
application/x-javascript 104.111.236.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.min.js?s=1612551274.171
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.192 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-192.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 548 KB
46 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T6KM3T

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a8d9b15e2f862a586c2ad38669d5afd3e96364c74144c91a2da2b7d193a822a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46527
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Feb 2021 18:54:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 69 KB
27 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T8C2JFW

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e90b5929c3bc81d52b5bfc368ed07620f6ae4f157dea9a0c9691adb76a8f76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28003
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Feb 2021 18:54:36 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bankinfosecurity.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 16:25:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 354574
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 01 Feb 2022 16:25:01 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/choozle/12567/ 274 B
416 B 39ms
39ms Script
text/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/12567/serverComponent.php?r=92548.1845167964&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/12567/code/&publishedOn=Sat%20Oct%2031%2004:27:40%20GMT%202020&ClientID=923&PageID=https%3A%2F%2Fwww.bankinfosecurity.com%2Fblogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/12567/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: efdaf82793fe181996634bf9829a3d31f7e59914e618331bb535bcbb0c1ba42e

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:35 GMT
cache-control: no-cache, no-store
server: nginx
content-type: text/javascript
content-length: 274
expires: Fri, 05 Feb 2021 18:54:34 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 34ms
20ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bankinfosecurity.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:16 GMT
server: sffe
age: 52137
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Sat, 05 Feb 2022 04:25:38 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
www.bankinfosecurity.com/css-responsive/fonts/ 43 KB
44 KB 150ms
149ms Font
application/font-woff 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/css-responsive/fonts/fontawesome-webfont.woff?v=4.2.0

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/css-responsive/vendor/font-awesome.min.css?s=1612551274.171

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://www.bankinfosecurity.com
Referer: https://www.bankinfosecurity.com/css-responsive/vendor/font-awesome.min.css?s=1612551274.171
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Last-Modified: Wed, 03 Feb 2021 18:01:53 GMT
Server: Apache
ETag: "ad90-5ba7261ca2d33"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 44432

GET
H/1.1 200
OK main.js Show response
www.bankinfosecurity.com/javascripts-responsive/ 41 KB
10 KB 149ms
148ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/main.js?s=1612551274.171

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

58451748ee362acf3449ef2a1a7b8183bbea3eb2351df91da2cff8ca7f9c119d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 9721

GET
H/1.1 200
OK media-transcript-navigation.js Show response
www.bankinfosecurity.com/javascripts-responsive/ 26 KB
7 KB 153ms
152ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/media-transcript-navigation.js?s=1612551274.171

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

ae3c472ff47a96820c1acdf9574b231a88f62a006b84d320eb313af40f32f2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 6519

GET
H/1.1 200
OK bis-hdr.r1.js Show response
www.bankinfosecurity.com/javascripts-responsive/ 1 KB
839 B 149ms
149ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/bis-hdr.r1.js?s=1612551274.171

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

4c92262ff23b2116bad93fc1e36f1a597dc713ad8b3cd03d56f8e49bec4cb186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 455

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bankinfosecurity.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 04:25:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 52140
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Sat, 05 Feb 2022 04:25:35 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bankinfosecurity.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 12:56:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 107870
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Fri, 04 Feb 2022 12:56:45 GMT

GET
H3-Q050 200 memnYaGs126MiZpBA-UFUKWyV9hrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v18/ 10 KB
10 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/memnYaGs126MiZpBA-UFUKWyV9hrIqOxjaPX.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41c93545a4e2a1a46bca581d80fec8c8da014e13b310c65d694e4af30c7da9bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bankinfosecurity.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 04:25:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 52141
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9744
x-xss-protection: 0
expires: Sat, 05 Feb 2022 04:25:34 GMT

GET
H2 200 b91deb381a983463890df766160d0db7.js Show response
nexus.ensighten.com/choozle/12567/code/ 2 KB
545 B 24ms
23ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/12567/code/b91deb381a983463890df766160d0db7.js?conditionId0=421905
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/12567/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d9b18edccc6d6cdd3eb64d1835d42046cc84cdd8681ec26da7b6b3e7e3ab8875

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:35 GMT
content-encoding: gzip
last-modified: Fri, 23 Oct 2020 21:29:23 GMT
server: nginx
etag: W/"5f934b33-63c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 90ms
30ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:36 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: FBAF69B7861DE212
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=28476
accept-ranges: bytes
content-length: 948
x-amz-id-2: mINJDBnKUfP83RzDJ6hQaYSGPvMPOM770jd+gXVSD8LFScfPdVPaVzI4W2IwmrtEKhDna93Nv9A=

GET
H/1.1 200
OK embed.js Show response
bankinfosecurity.disqus.com/ 72 KB
24 KB 224ms
174ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bankinfosecurity.disqus.com/embed.js

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

497027f65c5c003521ee574cfc1860ec3678e4d39314705fd5f334a7bf895b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24005

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 5369
date: Fri, 05 Feb 2021 17:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 05 Feb 2021 19:25:07 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 26 KB
12 KB 182ms
49ms Script
application/javascript 52.48.170.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?512021
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.170.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-170-220.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7d655e8cd62ba58d86b3bc9c8e1e04a76506a4dfc852c3b3813deb0aef284548

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Feb 2021 06:46:41 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=42724
Connection: keep-alive
Content-Length: 11933
Expires: Sat, 06 Feb 2021 06:46:41 GMT

GET
H/1.1 200
OK insight.min.js Show response
sjs.bizographics.com/ 4 KB
2 KB 48ms
13ms Script
application/x-javascript 2a02:26f0:12d:58a::3adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sjs.bizographics.com/insight.min.js
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:58a::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=57827
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 livechat.ashx Show response
chatserver.comm100.com/ 990 B
934 B 1222ms
159ms Script
application/x-javascript 104.20.5.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chatserver.comm100.com/livechat.ashx?siteId=92035
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.5.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e9d7245d70231bd8a1e1fa0f24d3a41a82759fd08b9f1b2c43f0b95350062b30

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
cf-ray: 61ced74d7b6e2373-ZRH
content-length: 516
cf-request-id: 081524e46f00002373e99df000000001

GET
H/1.1 200
OK ajax.php Show response
www.bankinfosecurity.com/ 5 KB
1 KB 173ms
173ms XHR
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.com/ajax.php?json=twitterWidget
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.min.js?s=1612551274.171
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 0350d3d1552afa73ec18428707927347a6f43b80daf233907b1a8c3b72706163

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Feb 2021 18:54:35 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-4fd21f2b39b17192/ 166 B
325 B 247ms
246ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-4fd21f2b39b17192/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:36 GMT
content-encoding: gzip
etag: 659743217
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 154

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 200ms
197ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=601d946b82d9da26&bkl=0&bl=1&pdt=643&sid=601d946b82d9da26&pub=ra-4fd21f2b39b17192&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.bankinfosecurity.com&fp=blogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=ransomware%2CKela%2Ccybersecurity%2Cinformation%20security%2CDarkside%2Caffiliate%2Ccybercrime&colc=1612551275633&jsl=1&uvs=601d946bc7b11e81000&skipb=1&callback=addthis.cbs.jsonp__88614859934757170
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 88bc65a6dd75b2b68c8a17b97105dd77a64a48b06100858f7a266ff5100f15a4

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 18:54:36 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame E06A 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 567E 0
0 43ms
42ms Document
text/html 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
etag: W/"5ed917ff-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Fri, 05 Feb 2021 18:54:35 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H/1.1 200
OK 2682.js Show response
dnn506yrbagrg.cloudfront.net/pages/scripts/0021/ 309 B
819 B 113ms
49ms Script
application/x-javascript 13.224.195.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0021/2682.js?447930
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.149 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-149.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6caf904d3dfc096ae3b4e40aed43181686bdf1bac4722b3dd2a775ab6d2a9992

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 12:41:50 GMT
Via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 03 Mar 2020 19:14:28 GMT
Server: AmazonS3
Age: 195167
ETag: "53b0291ca3900aca920ad48e9790c1b7"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 309
X-Amz-Cf-Id: NRMVxed9h5ubcMChvN3YzxVNDpbYPwXhpAiluynkUqc4T_5PQ4JnpQ==

GET
H2 200 Z_fy9SR6_normal.jpg
pbs.twimg.com/profile_images/778297510955585536/ 2 KB
2 KB 58ms
14ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/778297510955585536/Z_fy9SR6_normal.jpg

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B75) /

Resource Hash

ba7c566019a3e98a05d0396bfa8ed502df327a3fd776d718af69b7bb69f76fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:36 GMT
x-content-type-options: nosniff
age: 383964
x-cache: HIT
content-length: 1959
x-response-time: 119
surrogate-key: profile_images profile_images/bucket/7 profile_images/778297510955585536
last-modified: Tue, 20 Sep 2016 18:17:21 GMT
server: ECS (amb/6B75)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3181c739e2465d373cef63e006258fe4
accept-ranges: bytes

GET
H2 200 buEtWCIG_normal.png
pbs.twimg.com/profile_images/1149074227317878784/ 2 KB
2 KB 15ms
15ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1149074227317878784/buEtWCIG_normal.png

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BC7) /

Resource Hash

0bab76e25c4a68094ac27dbf12f82f00f85e86134a6208e822e54197916170c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:36 GMT
x-content-type-options: nosniff
age: 100811
x-cache: HIT
content-length: 1883
x-response-time: 169
surrogate-key: profile_images profile_images/bucket/0 profile_images/1149074227317878784
last-modified: Wed, 10 Jul 2019 21:51:39 GMT
server: ECS (amb/6BC7)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 17e408a92d39e9bc43ce3d399f2c9b99
accept-ranges: bytes

GET
H2 200 default_profile_normal.png
abs.twimg.com/sticky/default_profile_images/ 504 B
819 B 26ms
6ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/sticky/default_profile_images/default_profile_normal.png

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FB6) /

Resource Hash

e34a680ea26c1aeeb0163f836240d84892c4a889cd3fd92bd6b322eb575e3b45

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:36 GMT
x-content-type-options: nosniff
age: 7479334
x-ton-expected-size: 504
x-cache: HIT
content-length: 504
x-response-time: 20
surrogate-key: twitter-assets
last-modified: Tue, 04 Aug 2020 23:38:30 GMT
server: ECAcc (frc/8FB6)
etag: "QcuRPIhOAYpzfGh0vMtQAQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 325bac4ab0573180d7c5f3993d3354e3
accept-ranges: bytes
expires: Sat, 05 Feb 2022 18:54:36 GMT

GET
H2 200 q5ka92B-_normal.jpg
pbs.twimg.com/profile_images/1214189087772426240/ 2 KB
2 KB 16ms
15ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1214189087772426240/q5ka92B-_normal.jpg

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B90) /

Resource Hash

a2a277da2569a6a02eb090a14c5dd00b7eed026d44765b962064ff7770b3f199

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:36 GMT
x-content-type-options: nosniff
age: 365383
x-cache: HIT
content-length: 1807
x-response-time: 122
surrogate-key: profile_images profile_images/bucket/1 profile_images/1214189087772426240
last-modified: Mon, 06 Jan 2020 14:14:51 GMT
server: ECS (amb/6B90)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bf4ccde194a38da1d3c56a8c79ac962c
accept-ranges: bytes

POST
H/1.1 200
OK ajax.php Show response
www.bankinfosecurity.com/ 5 B
388 B 173ms
173ms XHR
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.com/ajax.php?json=notificationCookies&action=getNotifications
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/javascripts-responsive/vendor/jquery.min.js?s=1612551274.171
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Accept: */*
Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Feb 2021 18:54:35 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 pubads_impl_2021020201.js Show response
securepubads.g.doubleclick.net/gpt/ 288 KB
101 KB 32ms
31ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

1b1668ce69dfbad0061c6a679474c5e5f60b76aa219d51efc7d6d28097094c4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 09:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103509
x-xss-protection: 0
expires: Fri, 05 Feb 2021 18:54:36 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
133 B 47ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=139739502&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bankinfosecurity.com%2Fblogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968&ul=en-us&de=UTF-8&dt=Darkside%20Ransomware%20Gang%20Launches%20Affiliate%20Program&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=219594994&gjid=2083708658&cid=1301608742.1612551277&tid=UA-212197-2&_gid=1926437538.1612551277&_r=1&_slc=1&z=757675602

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 18:54:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bankinfosecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
29 B 42ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=139739502&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bankinfosecurity.com%2Fblogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968&ul=en-us&de=UTF-8&dt=Darkside%20Ransomware%20Gang%20Launches%20Affiliate%20Program&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=1825145906&gjid=293075742&cid=1301608742.1612551277&tid=UA-212197-36&_gid=1926437538.1612551277&_r=1&_slc=1&z=1373387008

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 18:54:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bankinfosecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
384 B 28ms
20ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=139739502&t=event&_s=2&dl=https%3A%2F%2Fwww.bankinfosecurity.com%2Fblogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968&ul=en-us&de=UTF-8&dt=Darkside%20Ransomware%20Gang%20Launches%20Affiliate%20Program&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=dailyemailupdates&ea=impression&el=&_u=IEDAAEABAAAAAC~&jid=&gjid=&cid=1301608742.1612551277&tid=UA-212197-2&_gid=1926437538.1612551277&z=1424697390

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 14:23:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16245
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
5 KB 43ms
42ms Script
application/x-javascript 104.111.236.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.192 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-192.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Sun, 16 May 2021 18:54:36 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1612551276648&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fblogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D749%26time%3D1612551276648%26url%3Dhttps%253A%252F%252Fwww.bankinfosecurity.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1612551276648&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fblogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968&liSync=true

0
64 B

184ms
183ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1612551276648&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fblogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968&liSync=true
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:37 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: qB+7zdfuYBaAlSlKzSoAAA==

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: lupNw9fuYBbA/AxGCCsAAA==
pragma: no-cache
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: 89055300171B4A29AA69286AB119374B Ref B: FRAEDGE1506 Ref C: 2021-02-05T18:54:36Z
date: Fri, 05 Feb 2021 18:54:37 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1612551276648&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fblogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
92 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-212197-36&cid=1301608742.1612551277&jid=1825145906&gjid=293075742&_gid=1926437538.1612551277&_u=IEDAAEABAAAAAC~&z=1291901281

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Feb 2021 18:54:36 GMT
content-type: text/plain
access-control-allow-origin: https://www.bankinfosecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 644 B
1 KB 46ms
46ms Script
application/javascript 52.48.170.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=57819&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.bankinfosecurity.com%2Fblogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968&pv=1612551276760_qpzc5ehsh&bl=en-us&cb=1845499&return=&ht=&d=&dc=&si=1612551276760_qpzc5ehsh&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?512021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.170.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-170-220.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7fecb0770de49fb3088c6c5b5fc749481f40764f8bd9b543a76069560b82ae7e

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Feb 2021 18:54:35 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 468
Expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 20 B
482 B 596ms
201ms Script
application/javascript 35.168.139.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=512021
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?512021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.139.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-139-27.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Sat, 06 Feb 2021 18:54:37 GMT

GET
H2 200 2682.js Show response
script.crazyegg.com/pages/scripts/0021/ 4 KB
2 KB 19ms
18ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0021/2682.js
Requested by: Host: dnn506yrbagrg.cloudfront.net
URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0021/2682.js?447930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b3ea3fed16289ca877eff01972f291afdf9ee8c3dd6e5512939c144612c62be

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:36 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 83779
cf-polished: origSize=3981
ce-version: 11.1.218
cf-request-id: 081524e10600002c265eabe000000001
timing-allow-origin: *
last-modified: Thu, 04 Feb 2021 19:38:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
cf-ray: 61ced748096f2c26-FRA
cf-bgj: minify

GET
H2 200 lounge.0f8247d0689845c86c5bfcd8efd31a28.css
c.disquscdn.com/next/embed/styles/ 0
23 KB 41ms
21ms Other
text/css 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.0f8247d0689845c86c5bfcd8efd31a28.css

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 779297
strict-transport-security: max-age=300; includeSubdomains
content-length: 22676
cf-request-id: 081524e12d000064853a96f000000001
timing-allow-origin: *
last-modified: Wed, 27 Jan 2021 17:23:07 GMT
server: cloudflare
etag: "6011a17b-5894"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C3
accept-ranges: bytes
cf-ray: 61ced74848ba6485-FRA
x-amz-cf-id: f6mM38CkrsijYUDFcHdsytKpfF4K805wRnKtXL8aCZvMg4vuaF1Ejw==
expires: Thu, 27 Jan 2022 18:26:15 GMT

GET
H2 200 common.bundle.38ea27189bdb723eae3dabf5bc7b8c0b.js
c.disquscdn.com/next/embed/ 0
93 KB 45ms
29ms Other
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.38ea27189bdb723eae3dabf5bc7b8c0b.js

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2144491
strict-transport-security: max-age=300; includeSubdomains
content-length: 94778
cf-request-id: 081524e12e000064853a970000000001
timing-allow-origin: *
last-modified: Mon, 11 Jan 2021 21:10:38 GMT
server: cloudflare
etag: "5ffcbece-1723a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C3
accept-ranges: bytes
cf-ray: 61ced74848bb6485-FRA
x-amz-cf-id: IPH2Ychi9ylfThDq4vOs9o2Rc8M0Ypdu-s2Q_SL2aA1yH56ait05kA==
expires: Tue, 11 Jan 2022 23:13:03 GMT

GET
H2 200 lounge.bundle.ec325e7c33ae32f082a2c57fe0c859bd.js
c.disquscdn.com/next/embed/ 0
114 KB 50ms
35ms Other
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.ec325e7c33ae32f082a2c57fe0c859bd.js

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 779297
strict-transport-security: max-age=300; includeSubdomains
content-length: 116764
cf-request-id: 081524e12d0000648527aca000000001
timing-allow-origin: *
last-modified: Wed, 27 Jan 2021 17:23:06 GMT
server: cloudflare
etag: "6011a17a-1c81c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C3
accept-ranges: bytes
cf-ray: 61ced74848bc6485-FRA
x-amz-cf-id: SJ4AyX27FKmx9sJpb_yiDYwVbN0xrGXEY4ErdtOwtRjpYeyScQjlXQ==
expires: Thu, 27 Jan 2022 18:26:15 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
11 KB 1139ms
25ms Other
application/javascript 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:37 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 39
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 10760
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK visitWebPage Show response
051-zxi-237.mktoresp.com/webevents/ 2 B
311 B 952ms
179ms XHR
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://051-zxi-237.mktoresp.com/webevents/visitWebPage?_mchNc=1612551276806&_mchCn=&_mchId=051-ZXI-237&_mchTk=_mch-bankinfosecurity.com-1612551276805-75073&_mchHo=www.bankinfosecurity.com&_mchPo=&_mchRu=%2Fblogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:37 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 87197ecd-598c-44c3-a96b-9a938a05e919

GET
H/1.1 200
OK visitWebPage Show response
051-zxi-237.mktoresp.com/webevents/ 2 B
311 B 1130ms
178ms XHR
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://051-zxi-237.mktoresp.com/webevents/visitWebPage?_mchNc=1612551276807&_mchRu=%2Fblogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968&_mchQp=cat%3D416%26cat%3D417%26cat%3D506%26cat%3D409%26cat%3D421%26cat%3D399%26assetID%3D2968%26assetType%3Dblog%26key%3Dransomware%26key%3Dkela%26key%3Dcybersecurity%26key%3Dinformation%20security%26key%3Ddarkside%26key%3Daffiliate%26key%3Dcybercrime%26key%3D&_mchId=051-ZXI-237&_mchTk=_mch-bankinfosecurity.com-1612551276805-75073&_mchHo=www.bankinfosecurity.com&_mchPo=&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchRe=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:37 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 57d4e215-29f4-407a-a821-b777f10df8f0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
169 B 30ms
30ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bankinfosecurity.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Feb 2021 18:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 28ms
27ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bankinfosecurity.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Feb 2021 18:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 178 KB
21 KB 165ms
133ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3602337522462586&correlator=744055000631006&output=ldjh&impl=fifs&eid=21068773%2C21068891%2C21069112%2C21069918&vrg=2021020201&ptt=17&sc=1&sfv=1-0-37&ecs=20210205&iu_parts=4444691%2CBIS_TOP_728x90%2CBIS_MID_RB_300x250%2CBIS_MID_RB_2_300x250%2CBIS_MID_RB_3_300x250%2CBIS_MID_RB_300x600%2CBIS_MID_L_180x150%2CBIS_MID_R_180x150%2CBIS_MID2_L_180x150%2CBIS_MID2_R_180x150%2CBIS_TEXT_1%2CBIS_TEXT_2%2CBIS_BOTTOM_728x90%2CBIS_MID_728x90%2CBIS_Interstitial%2CBIS_TOP_320x50%2CBIS_BOTTOM_320x50%2CBIS_MID_320x50%2CBIS_CAT_LOGO&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F18&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C300x600%2C180x150%2C180x150%2C180x150%2C180x150%2C280x70%2C280x70%2C728x90%2C728x90%2C640x480%2C320x50%2C320x50%2C320x50%2C216x54&cust_params=category%3D%255B416%252C417%252C506%252C409%252C421%252C399%255D%26gated%3Dn&cookie_enabled=1&bc=31&abxe=1&lmt=1612551276&dt=1612551276844&dlt=1612551274330&idt=2485&frm=20&biw=1600&bih=1200&oid=3&adxs=615%2C1025%2C1025%2C-9%2C1010%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C15%2C-9%2C-12245933%2C-12245933%2C-12245933%2C-9%2C-12245933&adys=71%2C587%2C4028%2C-9%2C2233%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C5969%2C-9%2C-12245933%2C-12245933%2C-12245933%2C-9%2C-12245933&adks=606436291%2C592806581%2C4037182823%2C700692632%2C585369811%2C2214922354%2C1142555781%2C3687202745%2C1536889060%2C1397140349%2C824892936%2C1158310571%2C1554130010%2C3082656849%2C1657167512%2C3519266287%2C3120678580%2C3463778582&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fblogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968&vis=1&dmc=8&scr_x=0&scr_y=0&psz=800x90%7C360x0%7C360x0%7C0x-1%7C390x595%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x90%7C0x-1%7C0x-1%7C0x0%7C0x0%7C0x-1%7C780x5606&msz=770x90%7C360x250%7C360x250%7C0x-1%7C390x600%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1570x90%7C0x-1%7C0x-1%7C0x0%7C0x0%7C0x-1%7C236x64&ga_vid=1301608742.1612551277&ga_sid=1612551277&ga_hid=139739502&fws=0%2C0%2C0%2C2%2C0%2C2%2C2%2C2%2C2%2C2%2C2%2C0%2C2%2C644%2C128%2C128%2C2%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1600%2C0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

6f158dc2730efef7cbdc11cd67c3079379405c7634b349d622722d8738902c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20482
x-xss-protection: 0
google-lineitem-id: 5582609170,5582609170,5582609170,-2,5582609170,-2,-2,-2,-2,-2,-2,5582609170,5582609170,5560782204,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138336584335,138336133175,138336133022,-2,138336584326,-2,-2,-2,-2,-2,-2,138336132959,138336175800,138333863514,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bankinfosecurity.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c19b6f9a0e04f21e0939d2c5a013d0aa.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 56ms
41ms Other
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c19b6f9a0e04f21e0939d2c5a013d0aa.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 2682.json Show response
script.crazyegg.com/pages/data-scripts/0021/ 558 B
366 B 23ms
22ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0021/2682.json?t=5375170
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0021/2682.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afc30912f49409d63fc828c98ca6e442d633f258c00086139e16caaac08834b7

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:36 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 85444
ce-version: 11.1.218
content-length: 225
cf-request-id: 081524e14f00002b16bba9f000000001
timing-allow-origin: *
last-modified: Thu, 04 Feb 2021 19:10:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 61ced7487d002b16-FRA

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3616465777598136451&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3616465777598136451&redir=

42 B
915 B

48ms
47ms

Image
image/gif

34.249.66.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3616465777598136451&redir=

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.66.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-66-13.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v088-092f5312d.edge-irl1.demdex.com 5.80.5.20210120122710 1ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: zB2aSj6EQX0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: TNTEF9aXRys=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3616465777598136451&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=3616465777598136451
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxNjQ2NTc3NzU5ODEzNjQ1MRAAGg0I7Kj2gAYSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=b5f4e27e9b0b2ee5c0893e85d97923a8d524039222f1a93ffb9c086fa6c38044f4cb09cee1a4f8eb&person_id=3616465777598136451&eid=50082

43 B
312 B

46ms
45ms

Image
image/gif

52.48.170.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=b5f4e27e9b0b2ee5c0893e85d97923a8d524039222f1a93ffb9c086fa6c38044f4cb09cee1a4f8eb&person_id=3616465777598136451&eid=50082
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.170.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-170-220.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:36 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Sat, 06 Feb 2021 13:54:36 GMT

Redirect headers

date: Fri, 05 Feb 2021 18:54:36 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=b5f4e27e9b0b2ee5c0893e85d97923a8d524039222f1a93ffb9c086fa6c38044f4cb09cee1a4f8eb&person_id=3616465777598136451&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=21dc4cd6-36f3-4a80-af95-1fe4269c29b0
https://ml314.com/csync.ashx?fp=21dc4cd6-36f3-4a80-af95-1fe4269c29b0&person_id=3616465777598136451&eid=53819

43 B
312 B

45ms
45ms

Image
image/gif

52.48.170.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=21dc4cd6-36f3-4a80-af95-1fe4269c29b0&person_id=3616465777598136451&eid=53819
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.170.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-170-220.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:37 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Sat, 06 Feb 2021 13:54:38 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 05 Feb 2021 18:54:37 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Location: https://ml314.com/csync.ashx?fp=21dc4cd6-36f3-4a80-af95-1fe4269c29b0&person_id=3616465777598136451&eid=53819
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Sat, 06 Feb 2021 13:54:38 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3616465777598136451
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3616465777598136451
https://ml314.com/csync.ashx?fp=94ee6e90ff195b5dd004f3ea9eaeb0b8&eid=50146&person_id=3616465777598136451

43 B
312 B

45ms
44ms

Image
image/gif

52.48.170.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=94ee6e90ff195b5dd004f3ea9eaeb0b8&eid=50146&person_id=3616465777598136451
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.170.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-170-220.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:37 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Sat, 06 Feb 2021 13:54:37 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Feb 2021 18:54:37 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ml314.com/csync.ashx?fp=94ee6e90ff195b5dd004f3ea9eaeb0b8&eid=50146&person_id=3616465777598136451
cache-control: no-cache
x-server: 10.45.2.63
content-length: 0
expires: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2XUKXiJbrJ28IwCuNai5hbzIBnvwkxlQTG-R4zN-5mhA&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
https://ml314.com/csync.ashx?fp=2XUKXiJbrJ28IwCuNai5hbzIBnvwkxlQTG-R4zN-5mhA&person_id=3616465777598136451&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referre...
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

70 B
440 B

25ms
24ms

Image
image/gif

52.57.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:37 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Fri, 05 Feb 2021 18:54:37 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Cache-Control: private
Connection: keep-alive
Content-Length: 193
Expires: Sat, 06 Feb 2021 13:54:37 GMT

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame EBE3 0
0 1154ms
156ms Document
text/html 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fblogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968&t_d=Darkside%20Ransomware%20Gang%20Launches%20Affiliate%20Program&t_t=Darkside%20Ransomware%20Gang%20Launches%20Affiliate%20Program&s_o=default

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Response headers

Connection: keep-alive
Content-Length: 2726
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Sat, 30 Jan 2021 17:37:38 GMT
ETag: W/"lounge:view:8274104831.8c24746489771c15ab6502eeb8a7c75f.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Fri, 05 Feb 2021 18:54:38 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0ECA 0
0 61ms
60ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssiXFwfXWA2SP0v6Xct9mRI7s6cYUWQGxUn31cflaVVkrLrrlHA5iqASEskcwizgPP_-0pR00F7wrHG4QP0tw4L33bteDKEpMH2uG81KeuobX41NBfwcE9DWmx4jJWZiyEfU5TGtpKD8xuEg4Xs410xqldmqPGM3dwv2ibjWccZhyf1re5xL8wc_pGhrj-UGlY-Wz8GRJOOlzLNveyfjywhm951GPlKKfriewNKCZuaVPRUsmQ0H-bGEQLfeeTBHLWXop8P5UKc4MGalMKGYSX63ZIxW0jJ6gKAZOefulAUSyydJb0UOPPUl5o&sai=AMfl-YSppVtTtHkw84QgWjdUSnu-vWBFtbtE-MmxirDtjI8WcbCnjvKoYkrlFi8ZiduDI3EBf9SgPPZvp9cL_cRYo2yuYVM-5ZtYUh3Wil4qZMq55At_OZebqBJqMZDEV_g&sig=Cg0ArKJSzAOhjkysD4SEEAE&adurl=

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Feb 2021 18:54:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 05 Feb 2021 18:54:37 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210202/r20110914/ Frame 0ECA 18 KB
7 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210202/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f1eba35c5c38e67956012861717efdbc6d13c8de0d624213f66de83b8262ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 9429885086326325396
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Feb 2021 18:26:28 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210202/r20110914/client/ Frame 0ECA 3 KB
2 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210202/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5593d7d222d4086d4427b7c81fb081bf45884d8e1499e1ac1adafb017dc102f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1533
x-xss-protection: 0
server: cafe
etag: 10039694515999607746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Feb 2021 18:26:28 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0ECA 106 KB
33 KB 67ms
53ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3519430791a556992afa80bec581af583cbd3c6bbbb8ea95c648d9955238f07d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612389193836960"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33332
x-xss-protection: 0
expires: Fri, 05 Feb 2021 18:54:37 GMT

GET
H3-Q050 200 17116797282342137567
tpc.googlesyndication.com/simgad/ Frame 0ECA 45 KB
45 KB 37ms
22ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17116797282342137567

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

078694fa607a4862c870e5d1ce115df7682c6a8c7827eef2d63041f828c2b2b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 13:23:41 GMT
x-content-type-options: nosniff
age: 106256
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45716
x-xss-protection: 0
last-modified: Wed, 06 Jan 2021 21:42:03 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Feb 2022 13:23:41 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 82FD 0
0 59ms
58ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHlFNgwhd2UYJVeQky39jrlMZBXrSe1VgPufYOsXjtnirC334YkZQrHfDg7gTBZgMqyTrRc0moprqCAY1K33zlxsjXQYiR3k74R6dxkX7zlQNVoAVxxvj6N-J0V1eRhEgvq7-PzNA76GiMvmxwdDzY3S3fQ_S34QkeqbDfkeKgtN1QPWE9zJAPusFE4A_EtbBavEt7VwJCYgay9UGQYkCtj0eNaWFEN9jU9COuj5Ey8JQw8gG7juuiM7ZALYMMqGJlj8pGKppcpJSG88MnKCE12k-RLMf721FX11HnzyR86wTV-6RHYtxmL0emBGmb&sai=AMfl-YT20SASrHx74HH6Rp26Jx6GnCQW4v9VZo5PCD7y5oZYWNt0yDzes5qBTnlcWeqMiiQuGYbxMu3y4RNBLUanTyAcsapqh-0UPa7qw6Euu5WMTDK3xq6zB5DE-DBhRek&sig=Cg0ArKJSzPwbB76UQBMIEAE&adurl=

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Feb 2021 18:54:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 05 Feb 2021 18:54:37 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210202/r20110914/ Frame 82FD 18 KB
7 KB 30ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210202/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f1eba35c5c38e67956012861717efdbc6d13c8de0d624213f66de83b8262ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 9429885086326325396
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Feb 2021 18:26:28 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210202/r20110914/client/ Frame 82FD 3 KB
2 KB 29ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210202/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5593d7d222d4086d4427b7c81fb081bf45884d8e1499e1ac1adafb017dc102f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1533
x-xss-protection: 0
server: cafe
etag: 10039694515999607746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Feb 2021 18:26:28 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82FD 106 KB
33 KB 63ms
54ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3519430791a556992afa80bec581af583cbd3c6bbbb8ea95c648d9955238f07d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612389193836960"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33332
x-xss-protection: 0
expires: Fri, 05 Feb 2021 18:54:37 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 82FD 0
0 14ms
13ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTMuxBqqqXQ2gB0jaHfjc5GkBL-julXiEDqZu5Pkl3QxrwkznnZD9JAuaoUfyJ1P6CI7KKc
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 10219431741653025669
tpc.googlesyndication.com/simgad/ Frame 82FD 41 KB
41 KB 35ms
26ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10219431741653025669

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99485588d8ab19291dabc3f8832197ab27c44207de484dd879dcd5d22db6d9ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 16:26:44 GMT
x-content-type-options: nosniff
age: 181673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42200
x-xss-protection: 0
last-modified: Wed, 06 Jan 2021 21:43:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Feb 2022 16:26:44 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 62ms
57ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7745c31d889bee13c0417bc929a1ccc247651891f86dbac0ca823855495d16a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612389176576780"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28346
x-xss-protection: 0
expires: Fri, 05 Feb 2021 18:54:37 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1055 0
0 72ms
71ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstO-EPLe-9gLcTUgW3mZn7dcgUEMReqzUnBUfSZSp4tfWmvJKn-fJV5DMvb0Ravhtgrt3gFQ_qePrt3IYTZIkwcjgVvJZOqNc0ASEVqGezQE4qBPvjWj-73c3bPTdY3WDAkYwdH26Zn_SbEr0k37S333GEoSykW4doYlgO6VrEXxaFEbQOdgR1mkl6bBO1tDHBm7xOQG-KqK8R5489GuU0npR4COFSsHq_31NP06mQ_Xym7O2Yi5qFqNwDUAGWnSWPfCq9ANUPC-tCmCpj85wfpcbdJjxrQThszKiVnVnMvF1jHjM69nRLyjlzzdItqJwY&sai=AMfl-YSPobMl4t_jN6TQRn58HN0KHjuJHGgBXKVWd-4EPciL8DU3sUBAUXqtpvO2XLfG6Tj-1emzU5UQWfpGBhfag3XW080Hnk0ULhSyUqOsHKyAXBCiPzKhWFrUuUF0WKA&sig=Cg0ArKJSzHB_tcZwt7EHEAE&adurl=

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Feb 2021 18:54:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 05 Feb 2021 18:54:37 GMT

GET
H3-Q050 200 10219431741653025669
tpc.googlesyndication.com/simgad/ Frame 1055 41 KB
41 KB 7ms
7ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10219431741653025669

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99485588d8ab19291dabc3f8832197ab27c44207de484dd879dcd5d22db6d9ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 16:26:44 GMT
x-content-type-options: nosniff
age: 181673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42200
x-xss-protection: 0
last-modified: Wed, 06 Jan 2021 21:43:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Feb 2022 16:26:44 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210202/r20110914/ Frame 1055 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210202/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f1eba35c5c38e67956012861717efdbc6d13c8de0d624213f66de83b8262ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 9429885086326325396
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Feb 2021 18:26:28 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210202/r20110914/client/ Frame 1055 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210202/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5593d7d222d4086d4427b7c81fb081bf45884d8e1499e1ac1adafb017dc102f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1533
x-xss-protection: 0
server: cafe
etag: 10039694515999607746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Feb 2021 18:26:28 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1055 106 KB
33 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3519430791a556992afa80bec581af583cbd3c6bbbb8ea95c648d9955238f07d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612389193836960"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33332
x-xss-protection: 0
expires: Fri, 05 Feb 2021 18:54:37 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame ED02 0
0 68ms
67ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXXFWBxEFAdztHHv5ei-9CtbGwqYaoPLGVqqtztVF9dz6QzyqtnatIt_AJ0CFJPKHb0X-zr5NTIuwbY059mGUNu7IjFKZNlxfdG0G8MFijf0N0dKE85SHxITAhygMnEiEaSgNG9qjU9OdcsVxStPeVI9PdU0NhsXwkjdvJlzmV_BFPdXTNNQXtQp1q3Ptvyn2OM2GYX6eNWouJe4JpEj_qqhAHTcRswgnB5kUXkdJubpXIYuDSMXrxC6czE34s1h_0MN0yEuLMoqHoRuAzF_q8HLXT9mvSUlS0kg_HN_1cYlVet0MA5rHgBKIZbnYf&sai=AMfl-YSFQuns_CFfjenFyFfUalkUIExAcpYd5e6qM8_JIKReUhD5kgmj0MObB4nDv5ltqqjtkFwVwJBVwUMeZvfx2J-SO16GTiXoOHfxB4LFytwWWoZejk2t6gCFa63KZt0&sig=Cg0ArKJSzItp9rR_oS8iEAE&adurl=

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Feb 2021 18:54:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 05 Feb 2021 18:54:37 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210202/r20110914/ Frame ED02 18 KB
7 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210202/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f1eba35c5c38e67956012861717efdbc6d13c8de0d624213f66de83b8262ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 9429885086326325396
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Feb 2021 18:26:28 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210202/r20110914/client/ Frame ED02 3 KB
2 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210202/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5593d7d222d4086d4427b7c81fb081bf45884d8e1499e1ac1adafb017dc102f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1533
x-xss-protection: 0
server: cafe
etag: 10039694515999607746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Feb 2021 18:26:28 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ED02 106 KB
33 KB 45ms
42ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3519430791a556992afa80bec581af583cbd3c6bbbb8ea95c648d9955238f07d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612389193836960"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33332
x-xss-protection: 0
expires: Fri, 05 Feb 2021 18:54:37 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame ED02 0
0 43ms
29ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXkZWQjW-pMeiXGfoWqMu9l-SsorHov0-HNY8_a2J723Z2apsDZWTvLmyNqgMx0KSmZeLF
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 9717809695760594284
tpc.googlesyndication.com/simgad/ Frame ED02 58 KB
58 KB 11ms
8ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9717809695760594284

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d70a3028255d1a036060fc12f9f6f44833151cf9ced2cad0f0a6a48a46a0c005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 18:00:26 GMT
x-content-type-options: nosniff
age: 348851
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59499
x-xss-protection: 0
last-modified: Wed, 06 Jan 2021 21:44:42 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Feb 2022 18:00:26 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 100B 0
0 63ms
63ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBsCqSj1uPpHCwNRxMBwDSLHW83qssK1RmuwmY3nvXE5Q8SZOWAC9pO1jkGiuuoPn19JMcuDsyfaS6Wp7z9kNU54AMz09bcqMOMMiZPEqEBDIG18PwcWDx3NCY0Zrs0C_kaTShm9sr9zD8hVMnThP3Ep3w9w4OgMQrAT6-trOwH1gh45GTl0rKJmOU32ubmdADBBjMMXnsdLNC2YWW3WsvkeQmG66x7wopbY-00lhTDIrElmhc9sYe5RbhJUKhBM6bYP1_IjN41lFWZjxzfNVi15m3qjOCziVK05wMmYE_PqqK43TV0eTx6pKn8Z8&sai=AMfl-YSCaYIl-73Xl2yYxFjG4m_Jh8WWyNSgnGvPsDM87X9P_rlbapizFhdTsBXlAUGTaBKLkMoJhQFFZo1EqWat_alVDGZ9jpkrVC2gChJwQsm821aenP3bq1Hw6NyuJs4&sig=Cg0ArKJSzNgQVaKfFVpGEAE&adurl=

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Feb 2021 18:54:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 05 Feb 2021 18:54:37 GMT

GET
H3-Q050 200 17116797282342137567
tpc.googlesyndication.com/simgad/ Frame 100B 45 KB
45 KB 8ms
7ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17116797282342137567

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

078694fa607a4862c870e5d1ce115df7682c6a8c7827eef2d63041f828c2b2b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 13:23:41 GMT
x-content-type-options: nosniff
age: 106256
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45716
x-xss-protection: 0
last-modified: Wed, 06 Jan 2021 21:42:03 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Feb 2022 13:23:41 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210202/r20110914/ Frame 100B 18 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210202/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f1eba35c5c38e67956012861717efdbc6d13c8de0d624213f66de83b8262ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 9429885086326325396
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Feb 2021 18:26:28 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210202/r20110914/client/ Frame 100B 3 KB
2 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210202/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5593d7d222d4086d4427b7c81fb081bf45884d8e1499e1ac1adafb017dc102f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1533
x-xss-protection: 0
server: cafe
etag: 10039694515999607746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Feb 2021 18:26:28 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 100B 106 KB
33 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3519430791a556992afa80bec581af583cbd3c6bbbb8ea95c648d9955238f07d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612389193836960"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33332
x-xss-protection: 0
expires: Fri, 05 Feb 2021 18:54:37 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 100B 0
0 44ms
30ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJODw4TZ9FGY0TRXWgjJiRrhPIrx2Y9mNkAKTTo_qjtczou4nAga8N7Xs0d6TY85vnOY-b
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B5B5 0
0 63ms
57ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssT8GaC9FLmbCUnvkMPfeH2_ezbcun9Bbvp2D1TdTr1OQHJ8kLJnEkwsRxNv4dVdiKqvniJAvqIuAPIXcJBINyE-lLPZNqKzt1WUJWqUitgX_FZ504mVy57-jR7BUp1y4k0Ym8a8iYaD-rPAWt6uV8RlYB_1ELwmmb4dFKNNYoeDIpZ-y6wYwYZJLIWmTh-bygymQaU9I_Rcp106qMA4r6XO-81NvmGjVAHPhol74UoOgKjWOSnYCIkr62a6xxlgs-DTqgusAQOz2k0m190mYEkAs5aiV9XhkxgaX_XE0JwJDbI2UT33Ylj1bkLcQ&sai=AMfl-YTRc4CKMkB0qMtm99bb9I6yn3bU5gxpL32K2lyx-BNuYsTr55ZrOXzgetfhHEFbJRkJ72aNY-I0xDLl0gNa3TxJ1NFODesQmIOkdTrfCxzbZ6vWcCS4NdvfBQsW8E8&sig=Cg0ArKJSzKWV_4VYBvVVEAE&adurl=

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Feb 2021 18:54:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210202/r20110914/ Frame B5B5 18 KB
7 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210202/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f1eba35c5c38e67956012861717efdbc6d13c8de0d624213f66de83b8262ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 9429885086326325396
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Feb 2021 18:26:28 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210202/r20110914/client/ Frame B5B5 3 KB
2 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210202/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5593d7d222d4086d4427b7c81fb081bf45884d8e1499e1ac1adafb017dc102f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1533
x-xss-protection: 0
server: cafe
etag: 10039694515999607746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Feb 2021 18:26:28 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B5B5 106 KB
33 KB 55ms
52ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3519430791a556992afa80bec581af583cbd3c6bbbb8ea95c648d9955238f07d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612389193836960"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33332
x-xss-protection: 0
expires: Fri, 05 Feb 2021 18:54:37 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame B5B5 0
0 42ms
28ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTjjQYzn367LzCb8hTZ4RtXQtafGZCRp8FNAbHOU6WabZId96OeNd0Dx6bOMAsUoFdRA5nM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 1536604748338208432
tpc.googlesyndication.com/simgad/ Frame B5B5 66 KB
66 KB 12ms
7ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1536604748338208432

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e404e3d8010247484e7051ecb5b73bcbf0c6cdb4642da1c4c2bf7fa0637680a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 13:34:03 GMT
x-content-type-options: nosniff
age: 105634
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67397
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 13:49:39 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Feb 2022 13:34:03 GMT

GET
DATA 200
OK truncated
/ Frame 82FD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc43cf8f9176eaae7f0c467491d9d58f228cd17847b92ccd82678e83d728ce74

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0ECA 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7904e7a7045de60ae17b20fc806a2b699288742ff47f3dab0451eecdd236bac2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 82FD 0
0 105ms
73ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv88wgU-QOTEMKXroMpnlRNuZiY1xEBK_8CEqEBKgh0OAx3bxpm26pWffvhDFgTyC9imgVGqlhn1ry_4gkJTYNmsaZAYrgjJNSeLsFfl1v1NOBM5YJC6jO2woOsdPb77DFlUK1vszMrUYoQErWrKYU8jD53eK4S--lGWSK4Tt9f7hxhvUI7z-MI5AVSMvX9UXkX0FgIHFurp14slkC4jwxGPwRYfzacoR1-obtC8U7i_aexg0eJv26eY6zgHFPA3JclxEYl4h0cHnz0nUY2KwdeL4BQ7oPKA4UwdM_3-C4uah0t1BoSiOC7rfow_g7vxxg&sai=AMfl-YQ-sLkPaDcVi0DRg4ZqlVQHogOse3nYj08xh53wwXOddjfX4W754Bgfvg1_wm_5Wm7GanrY6V72eUxYJc81JOyHtPSN36CoDO25tPPa5H2KGhD2L_sfvzXo9zKfS5E&sig=Cg0ArKJSzFQgG-74PN9rEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Feb 2021 18:54:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 05 Feb 2021 18:54:37 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0ECA 0
0 103ms
73ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNQ3GhOn_y_HMeRd5lG-VF5V8MHiEPdYo_jqRuBKk3p8LTte21hLy6J9ax60osBjvjokXZUfoTZmkHfYCTduhwo-1ls71JiUz_P1JAwhrEmm5KD7kzLYCD5DWzaYEX-1hlkGLckJxPK8l0FCp_6MDkJRKP9d2klsL5uFIUxidmkF9--Nd_xUBvJDP0JIzVfNyi2GZsC52yDVuB6SigVr3z0poglOarv4vx_BSvqoDSBWJ-T1vIBbLFgiZyV120c5u64er4tv__CRrqlqIgj_s2DCQn4V9AWKOiEYNKxMWPqpQpDuRvEHAE-OMTLg&sai=AMfl-YQVpUvuN94LUxqHS-h24j9WAHSCwRoX1FxRmynozp4CbXRIOF6oHSY6MNvoeCE35UaONp0OdD4CQE6BgReHfMlbn6SsMa19RV37hnMv__ZW-7dx18HlyORWq8iqoAE&sig=Cg0ArKJSzBP0Tu2zewi0EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Feb 2021 18:54:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 05 Feb 2021 18:54:37 GMT

GET
DATA 200
OK truncated
/ Frame 1055 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd89877b4757664d4b91662aff6e743c81ab0165dd33e1e4c9f1dd6a95408857

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame ED02 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7eebe4b4d1771ae8e0d2b85c4e997e86db5a95a164e4e75928e3f64b4d6a62f0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 100B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1af8841dc633429e9843a8ef6d6ec2029364ef65bd2fedde3fded2db118ecf96

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1055 0
0 59ms
59ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucQ2UGDjCPPlUnBtI6bkSmFG7j3-xE5hMOXcXXNeB46RsBS4BKESpqPKzABbttUBDKNQetY228NKp_g6-3PCDisdhq5tuDPOmE7_XHRgzhVgqxnc5aC1ijyybW6Y5SbHWamibfDKlrwo8LbbUNZKzCVwY_enjS10xQxwQiqnsMcY7J9K8J1yi3FqPl0I90a9kFHXz47Q5NiI0HjQCx2d2XYrsYGfugxS6_iFTSq1gq3DqEeARb9JtRHdLGwmdLSpHxWB4ILUdOt9XwW_HsB8Zxq1g5Ry8m2sXjMG9cC8FjyBvOkijePa_COuz8_PIG-98N6Q&sai=AMfl-YRRIEUKdAGhXOZWooGK7ep6T3EIIhVxCTgNyM1nO3MOjfn19Uf7tLFioVVMbBSXBxrG5PJCBl5O43xQskgapMg-2O7zEAz8hXfqMxFjCNy7GN-eKhsmbh9oOkBXHac&sig=Cg0ArKJSzFSbWw2KYeKlEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Feb 2021 18:54:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 05 Feb 2021 18:54:37 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame ED02 0
0 58ms
58ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMXURwhv-lY2igMn6_fbL9FLYgFT0Q87dCDPiEjqIceiSixnkrDtuvYacTwoFaArUVJCiJ3z_u4sO2Ul94AF1OElaUwFLW9iY9hmr6vAyMTkHrQ22o5ufgq5_3dKXr2OxQyUwL1q32CUtZKAM2nt-Lri0j__2uOqU865rVhEfpgc7bd2pXVcyuk7NA44Zyj3RNzN_uTDNGIqiktG1GIadWmHncRotW_vaSChamo0Dr4NcewMWWBDxYtuGX2-BXCOn2-u6q9WYHUvXow7hJo42iORastsT8c0CcD0nnFR1U2n_pox61HuU9PYGRfiSNA30&sai=AMfl-YT1dZLdcyOCQXeAs-LW59ojJqoAqmK30t2NgPmdgsPgr4zbcs0bstPq7pjyAD8EVmtBshgl_5-IY_fl7UE_j_MQ_U6jF837ZgqrXY75n-pzTQCAQQQ2bpRr8UZoMDk&sig=Cg0ArKJSzFVHZPkxLJ9QEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Feb 2021 18:54:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 05 Feb 2021 18:54:37 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 100B 0
0 60ms
60ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYT8RaoQFrRckIYQfa--rOkhcyrsXGaB1vVQKV-9ovFW-dptC6rX-stAm2f0FqLh3JIirF61nx35XEiRzoBV72CRwbq_HVn20kuZSEKgweHWq6i_JYGMoky7I-i5xYmBzk_-zVPYHjvAMCB9lSSO_S7-1R6vLTStWbPLO_nGfIE77-Eanloh3u1uwMFJgcuGAkvwyrjRIhDT5obVJv5gQMYKROenoBXSrFe8pnYHTPsv1ZJ6v2-KOJz4TWMjxvJpFPh-2UKrtiET37WtVT5Thti5oGEsEF2iq9MtLsT3kqRTcVDs3vZJQvc1WU1KBaNw&sai=AMfl-YQ1VeDSNAgcAShywPKMTNMh3zgElOth7i1uPovT-AM4_iP_z6I3CiYiKn8gFjUpgUeAEjP1mTPKJ3yuDIGerUzeHXRWCJv-YbdNFr2cGj_mfpLiqErEjJUjvi60i1I&sig=Cg0ArKJSzHifgBvEFqP1EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Feb 2021 18:54:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 05 Feb 2021 18:54:37 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B5B5 0
0 58ms
58ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstb9oiPkdlt6jdQv_F2trd5jsWf4rqSXjAIkbqYJ3BnvK7xMNZ7KHWVTGVyX9_OmDXUucGMlmCJTR0aBSPEfaCMxc4Jjjl_1511dKIh-8cAVscvpkKIMPdypDO5eRUfS9RSJ_-qFpPnGgLfvgMQ96J6HlXMAI2R0jxsQJdqi5u_b7Go8BF8NV_Q1AKj7IDYV4CpDy6wf5w9ArdShhpp4dp5ts-rLFnVbSid6vld0KUKKj7Uv_oIkScNCNseal9EcrHpf7KQJivwi0Nq8SnJ7PZPKTtPT8YhXjmBrvVgt0SCan90uvLoVGjH_ZIk6MDd&sai=AMfl-YRfxiEn8DjzE50g-e5Ls141VgW2d91EXEXYgr8q_VWYb-NYZDSgO8WLkdayr8koLUdSweV40XeJuTMZa06TJxCj4GTqxYugFbfrO2V5VPugkFris9PQds_oEgpOb8A&sig=Cg0ArKJSzGWK4RbBHf9UEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Feb 2021 18:54:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 05 Feb 2021 18:54:37 GMT

GET
H2 200 bundle.26c1f20ce5c9599f70287bb1f2bc9806.js Show response
vue.comm100.com/js/ Frame 85C2 1003 KB
329 KB 84ms
83ms Script
application/javascript 104.20.5.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vue.comm100.com/js/bundle.26c1f20ce5c9599f70287bb1f2bc9806.js
Requested by: Host: chatserver.comm100.com
URL: https://chatserver.comm100.com/livechat.ashx?siteId=92035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.5.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 45b654564ab0214c2351630c705368c109f02f9db918272bf448a8d9e0239a9b

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:37 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3559903
x-powered-by: ASP.NET
cf-request-id: 081524e5160000237332196000000001
last-modified: Thu, 22 Oct 2020 07:00:02 GMT
server: cloudflare
etag: "4f27aff640a8d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 61ced74e8e122373-ZRH
expires: Sat, 05 Feb 2022 18:54:37 GMT

POST visitor.ashx
chatserver3.comm100.com/ Frame 85C2 0
0

GET
H/1.1 200
OK bis-hdr.desktop.r2.js Show response
www.bankinfosecurity.com/javascripts-responsive/ 2 KB
979 B 157ms
157ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankinfosecurity.com/javascripts-responsive/bis-hdr.desktop.r2.js

Requested by

Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

a952a44375a3d8c869e96f85505fcbae076f4226021f08676a1b4627152252d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 18:54:38 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 595

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 32ms
32ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021020201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92a341abc5f2d9dc6eb72091ac3f092c53510a03af5359dfba5264c399a1a045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Feb 2021 18:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6834
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B5B5 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11878f47a872e2c6a961ffb3cc9114e3631993896fc8d75aee4e18efb4177d7f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 up.js Show response
cdn01.basis.net/assets/ 2 KB
1 KB 102ms
33ms Script
application/javascript 178.79.227.167
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.basis.net/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6KM3T
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.167 , Italy, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-167.vie.llnw.net
Software: AC1.1 /
Resource Hash: 5bdf1120c4df8c868092d0bcb7f2540a85456fd94cd1e1a5570c9b63906b1a5b

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:38 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 15:06:26 GMT
server: AC1.1
age: 294731
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1044
x-llid: 92c87461340121219b50e775a295c430

GET
H2

204

64ead273d1f41aa7
pixel.sitescout.com/iap/
Redirect Chain

https://pixel-a.basis.net/iap/64ead273d1f41aa7
https://pixel.sitescout.com/iap/64ead273d1f41aa7
https://pixel.sitescout.com/iap/64ead273d1f41aa7?cookieQ=1

0
341 B

44ms
44ms

Image
text/plain

66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/64ead273d1f41aa7?cookieQ=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 18:54:37 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/iap/64ead273d1f41aa7?cookieQ=1
date: Fri, 05 Feb 2021 18:54:37 GMT
server: AC1.1
content-length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 82FD 42 B
108 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6y0K5qatQYpSGNOcryYSHUq1jbZztZ6zFzm4G40obUns5S5klzRuZH1EpBznVUwDnYQNNgkaKoBljE3KS7zRVXdi1F3lRlZYNo-oMVLY&sig=Cg0ArKJSzFgxT8KAHkF2EAE&id=osdim&mcvt=1000&p=587,1040,837,1340&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210203&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=592806581&rs=4&met=mue&la=0&cr=0&osd=0&vs=4&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 18:54:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0ECA 42 B
108 B 39ms
38ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuoxUU2kC2sd7-TThT3bDaLBsrXUcYhnSqaB6NpR2q5rfENLxGa81wADmFbXHIjvyCiEBZAc4k8hpZ9FWNIgQrDwV9QNZ3NXTHgksFh0iY&sig=Cg0ArKJSzJrK1aTzR3P2EAE&id=osdim&mcvt=1000&p=71,636,161,1364&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210203&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=606436291&rs=4&met=mue&la=0&cr=0&osd=0&vs=4&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 18:54:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 18:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 05 Feb 2021 18:54:38 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 0E0C 0
0 6ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 05 Feb 2021 17:34:28 GMT
expires: Sat, 05 Feb 2022 17:34:28 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4810
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

asyncPixelSync
pixel.sitescout.com/dmp/ Frame DB85
Redirect Chain

https://pixel.sitescout.com/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1

0
0

45ms
44ms

Document
text/html

66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Requested by: Host: www.bankinfosecurity.com
URL: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

:method: GET
:authority: pixel.sitescout.com
:scheme: https
:path: /dmp/asyncPixelSync?cookieQ=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ssi=c74a99a4-a039-49b0-9d0c-da2c37b7d5f6#1612551278430
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968

Response headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
set-cookie: ssi=c74a99a4-a039-49b0-9d0c-da2c37b7d5f6#1612551278430; Domain=.sitescout.com; Expires=Sat, 05-Feb-2022 18:54:38 GMT; Path=/; Secure; SameSite=None _ssuma=eyIzNCI6MTYxMjU1MTI3ODQ4NiwiMiI6MTYxMjU1MTI3ODQ4NiwiNCI6MTYxMjU1MTI3ODQ4NiwiMzkiOjE2MTI1NTEyNzg0ODYsIjciOjE2MTI1NTEyNzg0ODZ9; Domain=.sitescout.com; Expires=Sun, 07-Mar-2021 18:54:38 GMT; Path=/; Secure; SameSite=None
content-type: text/html;charset=UTF-8
content-length: 1139
date: Fri, 05 Feb 2021 18:54:38 GMT
server: AC1.1

Redirect headers

set-cookie: ssi=c74a99a4-a039-49b0-9d0c-da2c37b7d5f6#1612551278430; Domain=.sitescout.com; Expires=Sat, 05-Feb-2022 18:54:38 GMT; Path=/; Secure; SameSite=None
location: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
content-length: 0
date: Fri, 05 Feb 2021 18:54:38 GMT
server: AC1.1

GET
H2

200

dabbb58b17f5118e
pixel.sitescout.com/up/
Redirect Chain

https://pixel.sitescout.com/up/dabbb58b17f5118e?cntr_url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fblogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968
https://pixel.sitescout.com/up/dabbb58b17f5118e?cookieQ=1&cntr_url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fblogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968

43 B
417 B

499ms
498ms

Image
image/gif

66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/dabbb58b17f5118e?cookieQ=1&cntr_url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fblogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 18:54:38 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-type: image/gif
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/up/dabbb58b17f5118e?cookieQ=1&cntr_url=https%3A%2F%2Fwww.bankinfosecurity.com%2Fblogs%2Fdarkside-ransomware-gang-launches-affiliate-program-p-2968
date: Fri, 05 Feb 2021 18:54:37 GMT
server: AC1.1
content-length: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 43ms
42ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021020201&jk=3602337522462586&bg=!mpmlmdrNAAWnsTPUpzsAKQB2-DxaJqwcGfOQpEqHdRku1HPZ7hUYNpajsXuZfY0lMB3w4eSEK_MqAgAAAHRSAAAADWgBBwoBkzh4YQw2-Yp1m4LAvi-8Rg8F1p8igTuHN7H2sQy2ZKeoxo6Jz4aOd2IppN_ILJnd44qZnU-xu46edxywYY691nUZxoyX6lf26veiUVDbGymvB-94X2iZ0IaOaaqa0Muj9rx65lrRqkQfWRccorJULaBty7R0Hky2QCclqBFhfpGkQTDVank_3Tcqbqmr7shzsYGuIYPu08Z7B2mn7FwuwlCYPHvOzYYA6PgBU69NouxzKb_uokSxfSC10dC0T2ZPB7SIO_EVxO11l7dLtisabg0nx2SfEuLOXiqfSa-U4Y6gwA4g2iHZfYYHOrbYiMaz6eW2Huw7bESz6jOxg-T4cwhjXJMRuDZWeoFyyLNv4rwHD0qO0LIeROnALFARfHXVcO0jiuQUzH2VD9MlD3Jz--GMl8q0PTxFyjz1eCOIh_YDMNqV16-9c2eB0Z5S_BioNPISs2uTHi6UNeGrKQbj8miyC9cQaM3DjFbEs8AYEaurkolePX6uAe_85ncWnSc09ddwl3PnJrWDqJhYGuH67KqBN4yZAdILH8Idk2w7CbrQLojSeeiKmZXZjqi7A7YbX56MmTrVK1w7KGPPe1WXoKpzCbaecxXE8IEEJ7WWbblxkNOnN2hNEOpLdujat0Gz_A6RT0UyvK_p0oTTH6R9w-sGtBv1E-5NwMNkzf8Gl5UTyzyrFGqhuISQ1T8UNW9tgc8u-FhCG80c5_FnXKm79yjMDtw1iBxnaetuXOaR8fNPSozGzUkcbFdwsElfuDqaEbueBR4K8xqrVDM8vfV-hmlT7LkXqjbHZp8bi8SP2_06iHbaXKCbBeVpk3iNPavx6DuO-Yuml2NUlZtNyo30VV3vaBwRiLxM4-HcyZCwApvgY6tG8y3rbsegxl0-dxgeSd9LqxopiHlP0DqVsJqS9Hv82u961B5_2gJEmiMm5gbLgvN2WkVlrkQ6XRhbNocc5SzAwXcbebGxgcKFXzGQUTHBOtn1MIkfR_pzlUycr-raB0vGICL5FVSH_7grsCA3LGJU1hvYsxrYdFQDK7uR_Dl6psOUZ8yCocNPYvS2AF_gDCRatgSSdJRmGC_JhaEigxt_pauit-kDAK0utotYKqVH6eow28Lo7Rc56YF_9HFjOMph0maO1Iojk5Ag_1O25095L9DO4TvX

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 18:54:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B5B5 42 B
725 B 68ms
54ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2GgIKCbPHVNci4pE5vBiRbK3RlDOrELlPmZuPMOQKqx3enMAqypTvClAt72ra9HGojk1jzfpF6JSH6oMxOkH3zeXzR65zkwG0EV-SG5c&sig=Cg0ArKJSzMc5i5iqSDQWEAE&id=osdim&mcvt=1001&p=168,480,648,1120&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210203&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3082656849&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&rst=1612551277106&dlt=0&rpt=268&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.com/blogs/darkside-ransomware-gang-launches-affiliate-program-p-2968
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 18:54:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: chatserver3.comm100.com
URL: https://chatserver3.comm100.com/visitor.ashx?siteId=92035

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.addthis.com/	1970-01-20 01:21:46	Name: uvc Value: 1%7C5
.bankinfosecurity.com/	1970-01-20 01:17:27	Name: __gads Value: ID=02c15232e90c3f76-2239e8005fba00a5:T=1612551276:S=ALNI_Mbtf9Ok0Y4snEoCMLfOQSF2pmZOxQ
.bankinfosecurity.com/	1970-01-19 15:55:51	Name: _gat_newTracker Value: 1
.bankinfosecurity.com/	1970-01-19 15:55:51	Name: _gat Value: 1
www.bankinfosecurity.com/	1970-01-19 15:56:05	Name: PHPSESSID Value: 61l5avqphgktr5prh79p2s9rcu
.bankinfosecurity.com/	1970-01-20 09:27:03	Name: _ga Value: GA1.2.1301608742.1612551277
.addthis.com/	1970-01-20 01:21:46	Name: loc Value: MDAwMDBFVUNIWkgyMjc0MTg4NTAwMDAwMDBDSA==
www.bankinfosecurity.com/	1970-01-19 15:55:53	Name: __atuvs Value: 601d946bc7b11e81000
.bankinfosecurity.com/	1970-01-19 15:57:17	Name: _gid Value: GA1.2.1926437538.1612551277
www.bankinfosecurity.com/	1970-01-19 15:57:17	Name: _advert Value: false
www.bankinfosecurity.com/	1970-01-19 15:55:54	Name: visitorip Value: 185.156.175.107
.bankinfosecurity.com/	1970-01-20 09:27:03	Name: _mkto_trk Value: id:051-ZXI-237&token:_mch-bankinfosecurity.com-1612551276805-75073
www.bankinfosecurity.com/	1970-01-20 01:21:46	Name: __atuvc Value: 1%7C5

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://munchkin.marketo.net/159/munchkin.js(Line 22) Message: Munchkin.init("%s") options: 051-ZXI-237 [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com
051-zxi-237.mktoresp.com
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com
abs.twimg.com
adservice.google.com
adservice.google.de
bankinfosecurity.disqus.com
c.disquscdn.com
c19b6f9a0e04f21e0939d2c5a013d0aa.safeframe.googlesyndication.com
cdn01.basis.net
chatserver.comm100.com
chatserver3.comm100.com
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com
dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com
disqus.com
dnn506yrbagrg.cloudfront.net
dpm.demdex.net
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com
fonts.googleapis.com
fonts.gstatic.com
idsync.rlcdn.com
in.ml314.com
m.addthis.com
match.adsrvr.org
ml314.com
munchkin.marketo.net
nexus.ensighten.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel-a.basis.net
pixel.sitescout.com
ps.eyeota.net
px.ads.linkedin.com
s7.addthis.com
script.crazyegg.com
securepubads.g.doubleclick.net
sjs.bizographics.com
stats.g.doubleclick.net
sync.crwdcntrl.net
tpc.googlesyndication.com
v1.addthisedge.com
vue.comm100.com
worker.ismgcorp.com
www.bankinfosecurity.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
z.moatads.com
chatserver3.comm100.com
s7.addthis.com
104.108.144.152
104.111.236.192
104.130.251.6
104.20.5.43
13.224.195.149
151.101.112.134
151.101.128.134
178.79.227.167
18.197.253.20
18.203.78.129
192.28.147.68
216.58.212.130
23.210.248.44
23.210.250.213
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:4700::6812:a913
2606:4700::6813:9408
2620:1ec:21::14
2a00:1450:4001:800::200e
2a00:1450:4001:801::2002
2a00:1450:4001:801::2008
2a00:1450:4001:803::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:828::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:400c:c00::9a
2a02:26f0:12d:58a::3adf
2a05:f500:11:101::b93f:9005
34.120.207.148
34.249.66.13
34.253.109.165
35.168.139.27
50.56.167.254
52.48.170.220
52.57.150.20
66.155.71.149
009c50127f611914331c33d1d49dbccb29f74a45de2b95a5904e0f2dffe373e8
0350d3d1552afa73ec18428707927347a6f43b80daf233907b1a8c3b72706163
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
049ff070c122e652cf3cd6234bcbc9d8c2cc16b1fafa81c2b8c5a2d502817203
04d304d7ee49ac157f146382a46f02a666279bd7f29074f50e863b88f2affae9
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06de7c9fe72bb7c64bcdf8c5399d644473a36541d26caca1c23efe20aa1d656b
073ce3168634ada329dac67b06abf8e481474d636b512e6b558cc779d00e8fab
078694fa607a4862c870e5d1ce115df7682c6a8c7827eef2d63041f828c2b2b7
08664c784e2e547153e112c0b49fb0ba054958f44540ad55f237aa53ee09a0c2
0b98ef151918b353392ace0755adb2caea99148cbcf33bc5c67fdb35689eb399
0bab76e25c4a68094ac27dbf12f82f00f85e86134a6208e822e54197916170c6
0d718283d1d3eee75ad04351313b0e4fddfb59b2768d94b94e09c1c789ab8c80
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
11878f47a872e2c6a961ffb3cc9114e3631993896fc8d75aee4e18efb4177d7f
13892975e33fb5853617147076b1874a6c3ff9b63825ebc784db3259776e0b60
1421b94cdacee49c421b0b0bfb87c4acedfb9e6ef60d7e6d08a348281d8a1078
16adfeba2e6bc0d26685f7a21642a4dcc6be70defc83052676fea7476242ccbc
199cd24e6b0d526eb0c06060d87dee6425d302456b0a2cb3015778f6401c476d
1a0bbdba57f90a60fef89419fc940d8eae55c5b0d12ecbadde2beaef32ab2d90
1af8841dc633429e9843a8ef6d6ec2029364ef65bd2fedde3fded2db118ecf96
1b1668ce69dfbad0061c6a679474c5e5f60b76aa219d51efc7d6d28097094c4e
22fe53fc6026a4616081a694d918fc783d6b6d26ab1e28a97f468435f7a87f02
23da1dd7c3c9ea31b5cba0b16ddc8bd521f11ba2b622692f4ec5703fc7555221
247d04c4d14c60a79c16245a74a792a662f9e7adf784d68edd4520a35ec90251
256a489beea4a14eca458f6e5436758f1fcb8dd34034d3c36dd21b22a5841f3b
2c2d95b571cd748165805cc8f58879ec18f9d73fab946568a64fd4a5054d479a
2d24591129b05f46613a8205ac60f194126e4d195ec4869c279995b082e44d34
2d97474d3ed05307916451b561c284f8276fec9cc42cda8ed25e047287b4a8db
2e93e2fec2d7e0aab62180e19be2b2598e0929bd8d3bf4163c84afa9d58c328b
2f1eba35c5c38e67956012861717efdbc6d13c8de0d624213f66de83b8262ff3
2f7e96cd56d353d7b58766474e692a0675d2df71c3b7eb6839a21ca176080633
31184dd2e52ea96dd942ade7ee1f4f59ea6191c0a055a229085c5fdabc2391a8
34b0e89ab45c3699dffc71241329484503e8fb300b5ef93d964337f5d47ff040
3519430791a556992afa80bec581af583cbd3c6bbbb8ea95c648d9955238f07d
35e787a2043b2e95c58f997a71288074c3213de82c2bca137efd3d34ed62240e
3633addd8e4ba32729c9740bb8ca92b8407b088533fb710184f7e4ca383606dc
3b3ea3fed16289ca877eff01972f291afdf9ee8c3dd6e5512939c144612c62be
3c22bab3939dedf4827a886032ce8c275047ea3a86c206157aa4aee67f3de8e1
3c766722210633878a01a1266168f93abd804eb1d5b90539146ed55870822f1d
3cc579371308375f205bf88027aa245e12aec11c335030eda4b9187ff6cca66c
3e7547a62e6d182a13a336293cc60a80152ad60e7cc2ae1d2aa6c1539eeeb2d3
3f46c49fc4d5745cef9084ac8e05d4fb9dc175f39e5c2cc81fecfdd940ed43f0
3fede2d0c0a8c93b0c5d0ab0c38289a5743bb88720255b8298c520d2e3d90939
4179815331b1b050e45da1ccf1d1a8cb50904e1cbb92228b32d55d545d4aaf7c
41c93545a4e2a1a46bca581d80fec8c8da014e13b310c65d694e4af30c7da9bd
4546d13ea9bae9935dcd23f61d215a528120a53479bf51e372de3420029ed535
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
45b654564ab0214c2351630c705368c109f02f9db918272bf448a8d9e0239a9b
4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba
4965b9931e46284138e417b37f31da96db8289b8fcf7bd2e00e11e4ac73d1324
497027f65c5c003521ee574cfc1860ec3678e4d39314705fd5f334a7bf895b28
4a3f346ea5e34560b02f7ea3e1d25dc99ab15c8e6319ed99d7a93c5434623478
4c57a77761f2639985b760e69c5bbaffceb6100559dcf3296d3cc96ea6a0d305
4c92262ff23b2116bad93fc1e36f1a597dc713ad8b3cd03d56f8e49bec4cb186
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
4e2db1bef009e01901b4083a153f1607301428277a76f508e659dc2849cefa04
4e7304371ef9bcaea396e8928a9647f8306c296b9195c8763848d70c7f6f1390
5133e2e1a213ca44a8adb1f42f103a2d2e495849dfa4d42bf67c04fcc962e577
520b98e2bcf447dc842317f727c055cd39a64d94b1ceed726a0fd0c0c0d88d8a
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5593d7d222d4086d4427b7c81fb081bf45884d8e1499e1ac1adafb017dc102f9
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58451748ee362acf3449ef2a1a7b8183bbea3eb2351df91da2cff8ca7f9c119d
5bdf1120c4df8c868092d0bcb7f2540a85456fd94cd1e1a5570c9b63906b1a5b
5c58138f3203be4168c8b07177fb1cef74af0288d7d728f8ff76b7558393814c
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5e2499d3798db90822314fc9ac000ec6fc02669dd40ccafd5a7a4c0a5429153e
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
61ad563bdca64382404f02d2126abbde3f6017dc15c73f0149df822769c2fb78
649a363568f14d159a2e31d05081c63ee31a1fd60c4bbd8469c3b0e1b9b86107
652663d1ec2a8aed95a736ce7166461c7ab50b432012166b69af6c042eb88668
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6caf904d3dfc096ae3b4e40aed43181686bdf1bac4722b3dd2a775ab6d2a9992
6ec9288103b5919c36e28909faf04364cdf19cf7687e234663d0d9daab65a3c0
6f158dc2730efef7cbdc11cd67c3079379405c7634b349d622722d8738902c14
7745c31d889bee13c0417bc929a1ccc247651891f86dbac0ca823855495d16a4
77c36fad51d04a56e55d1d454094c4312c3b11443f42b456c3f5082d66696be1
77f76d1732075ad840bef40edca2f007e10ae98bf0ee054c569cae5147702804
78cf63898c91ce3b95e37bc53e07adba5c2ee705ff28c2dd1dd784173c264ad1
7904e7a7045de60ae17b20fc806a2b699288742ff47f3dab0451eecdd236bac2
7bcd31cd48941d1287630c9f1f852616cf59a1d86e3456ebee40bb2ea9519e78
7d0bada0d9b66aa1ca8eb906bb9736ca96e3859e9c05287a8f0cf5ffa9ff8760
7d0f9b0b591c5265ae7b8b1f8d84983cdac7dd6aef1bd64c9f60747cf93c49c4
7d655e8cd62ba58d86b3bc9c8e1e04a76506a4dfc852c3b3813deb0aef284548
7e404e3d8010247484e7051ecb5b73bcbf0c6cdb4642da1c4c2bf7fa0637680a
7eebe4b4d1771ae8e0d2b85c4e997e86db5a95a164e4e75928e3f64b4d6a62f0
7fc01ea5e4710b7119408c46f7393ea3019649a6f3686bd34a35394c1602484e
7fecb0770de49fb3088c6c5b5fc749481f40764f8bd9b543a76069560b82ae7e
7ff5b98c09ec9d2af43d4108160ea0455f91f415f83031cc79fbe24a3a765bb8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88bc65a6dd75b2b68c8a17b97105dd77a64a48b06100858f7a266ff5100f15a4
88c5a42e7fbc0839487147414a88531996b455a15cfc7d43dbc0102e55490f89
8bc7f122cae9e9efd75cd58076d06fb057d8f50abf07ffc1716e17d87682b9cf
8c358fba985e34fde571294a8d7e5be05aa97c1d7788651185d9b52d68131ad2
8d24db7742c1a5864fcef9b95b39da9f4bdce218cd525cbd2a6c1233a9cb020e
92a341abc5f2d9dc6eb72091ac3f092c53510a03af5359dfba5264c399a1a045
93f466f6b1a81c848140e51c839a5372034ab22182601e86dd86947ad3a7fe94
9419a6c5fc19230d3f6fc2ca0e98a65595c814c4ed6d7177cb0641b6d33d3ad5
95a98f7584b41c7846eca27c8c01226384b9b8cf1dd80451e05e39ed0ea23e95
971f0c03a1e63271a19b7de81d084c6acf81e7506dae8b31a0c6587c6ddf6a34
97cee131e5d1b5a56dd4a7e5ef5928da3e034863c8da5af632464e73d181430a
981b1d62df16dbd36899e6ad414d49087e7d6e15b5ca9ffa4b317559bd77a9c2
99485588d8ab19291dabc3f8832197ab27c44207de484dd879dcd5d22db6d9ac
9b17ef8136ff4490261985a5fa3797823003fa9b6215927406320ffc6dd0454f
9cfda57bf5032c33579ba5213ea3f6f04ae76eddf8169ccc03b65dad46387700
9e90b5929c3bc81d52b5bfc368ed07620f6ae4f157dea9a0c9691adb76a8f76e
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a12e6d1fe257ce02e3892a144eb1e4a4f872a2a0d2cef9df165d5d1af4ad146b
a1f7a074305cdfd701357d73dfc2880866b6b4625783ed423c91c723e7a83007
a2a277da2569a6a02eb090a14c5dd00b7eed026d44765b962064ff7770b3f199
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a543fd873f8588b08c0bc43a4802e1b303cd19c19eae4c5f21cad27d237efa91
a8d9b15e2f862a586c2ad38669d5afd3e96364c74144c91a2da2b7d193a822a3
a952a44375a3d8c869e96f85505fcbae076f4226021f08676a1b4627152252d0
ab0f6e4ad930c51195137c219a36d6b5574afff4729a195bca67739c14809124
acc344916fb77ad737461e034bd0563ff787c5f0ea4894fd9dbcba7711831660
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae3c472ff47a96820c1acdf9574b231a88f62a006b84d320eb313af40f32f2db
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed1d71b7280c09f06dc1f8e87795f9d89f7a1a8ab1af32ff8c92037ddeed6ee
aed6b24dec61af8b6701926d0fe2a8f3a73b86d3ae106959f3efcbe6c0d6e63b
afc30912f49409d63fc828c98ca6e442d633f258c00086139e16caaac08834b7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b64480f9f5331f95aa789febc0175894beedfc35a432723ba659db1abf3cd085
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
b9ab49d96dc0be76272cb51d1c4a46742121da070c4714a7064445bded354570
ba45c4b9710b1386b82a4354f829ee2f201e70742a2e646ffbedfa889e43d41f
ba7c566019a3e98a05d0396bfa8ed502df327a3fd776d718af69b7bb69f76fab
bd89877b4757664d4b91662aff6e743c81ab0165dd33e1e4c9f1dd6a95408857
c01655285f92ca94e19688e8fd484c2e489b62d2fb8084d187830328121165e7
c6fafa1c41875d3dd1720c87f143f5220d0dac3cb85bb3cb682de0f0a0f6a149
c70242480ad0a0ecc7c305d659f1fdb3a9cb1eb480927b46f8bd62d33ed0f8b2
c78d434a0e90b6578ba0f4a69754ee0ef2a6d5ccfe3438b52a36c86334823d6d
cd9cd7798ee12da699ea200f4f323b45ccafad4749e557fe7023ee7583c8b556
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d3d25e2880e7571f103144efb96b58b4909cc40cb5da975f2afd36f2566b7e66
d6e6f2d68bd8702be78ec1b547f9cb623113a667ab601db56939881467b6be7c
d70a3028255d1a036060fc12f9f6f44833151cf9ced2cad0f0a6a48a46a0c005
d9b18edccc6d6cdd3eb64d1835d42046cc84cdd8681ec26da7b6b3e7e3ab8875
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
da1650fa70ceadad47bc6ebde8f84fa2372fdb96bd7a15014e6bb58407813f10
dc13abd25a627a2481bced8a69e5daace0cac7eeb2ee19e7bc5b16852adc4279
dc43cf8f9176eaae7f0c467491d9d58f228cd17847b92ccd82678e83d728ce74
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e34a680ea26c1aeeb0163f836240d84892c4a889cd3fd92bd6b322eb575e3b45
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e51831d751ef667b1f703a47bb05802b681e6a30816f5cce0d56c3552a4eaa31
e9d7245d70231bd8a1e1fa0f24d3a41a82759fd08b9f1b2c43f0b95350062b30
ea3325c2094d82033ce9583d4180194fb82729dfae65b62925831a88a6838d7c
eb9ec684a7198fded61e248eaff2d28d0c9f8a15dfee8d9afff66aa6ff200461
ec1ddaa969a60e88a7ce9fca51b4db8665341d90276dc7c1c45732cd2b7c0b97
ec5b161252a2e2b526491ccae0f9bc98461f13ac082579421043e9d556ea2f3d
eccabf5cc7613433c3ddc71ff34391ae850d304d3aceb5666868c4947134f3b5
eefc2533a82b69fab9b19b9e316bb606e70d17d61b57f9ea841b26c59624bc20
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdaf82793fe181996634bf9829a3d31f7e59914e618331bb535bcbb0c1ba42e
f12bfcfe32a118f715dbfbd7c13833f73ed857e42dae19f8ef24fc8b473840af
f467b12ae8fdee3731a7421d0f9857dbd836f8a2db661162259f76978ef43dd2
f5f24ffc5d931243a6e2818cac716ed061b7cf0065aead0b1ab77e8c2af890cb
f74e2d00963a2a0a8b523d320bfb68aa86874bdf0997c56c1c5364a52c39e114
f7ca099949ccf915ad2c4fc296618c589c5d4a07010af23406e7965664577e45
f88b2b5e4a8f947a04577f81fd55971dc1670ce372f12980ed0069ceb1006b05
fc54c09a7a71615ec35a22ed20afa4034588986ed88c3fc184b2c0bc637c33fb
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fdde266ca5ee6280d872fb7477fa41e6042223028cc87abee0fd913cde07ad35
fe23684b1edefea3baae0735920493a2d54b111b27b614fc72514352eaf360cc
ff156a5b6de57332f7733fabec0ed5f0696038c04106c0a623951b8f34514bd2

www.bankinfosecurity.com Open in urlscan Pro 50.56.167.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

222 Requests

99 %HTTPS

48 %IPv6

34 Domains

55 Subdomains

39 IPs

8 Countries

10885 kBTransfer

14367 kBSize

13 Cookies

78 Outgoing links

Redirected requests

222 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bankinfosecurity.com Open in urlscan Pro
50.56.167.254 Public Scan

Screenshot
Live screenshot

Full Image

222
Requests

99 %
HTTPS

48 %
IPv6

34
Domains

55
Subdomains

39
IPs

8
Countries

10885 kB
Transfer

14367 kB
Size

13
Cookies

222 HTTP transactions
6 data transactions