www.darkreading.com Open in urlscan Pro
2606:4700::6811:7863 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/P6CDJ9dJzi
Effective URL:
https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_m...
Submission: On June 08 via api (June 8th 2022, 7:19:49 pm UTC) from US — Scanned from DE

Summary HTTP 110 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 40 IPs in 5 countries across 28 domains to perform 110 HTTP transactions. The main IP is 2606:4700::6811:7863, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.darkreading.com. The Cisco Umbrella rank of the primary domain is 167181.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 9th 2022. Valid for: a year.

This is the only time www.darkreading.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
34	2606:4700::68... 2606:4700::6811:7863	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
9	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.84 18.66.112.84	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.139.20 18.66.139.20	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.129.131 151.101.129.131	54113 (FASTLY) (FASTLY)
1	104.92.88.226 104.92.88.226	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.32.99.16 13.32.99.16	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:e200:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	13.32.99.109 13.32.99.109	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.43 52.222.236.43	16509 (AMAZON-02) (AMAZON-02)
1	108.138.17.27 108.138.17.27	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.103 13.32.99.103	16509 (AMAZON-02) (AMAZON-02)
1	54.162.212.248 54.162.212.248	14618 (AMAZON-AES) (AMAZON-AES)
1 2	142.0.173.15 142.0.173.15	7160 (NETDYNAMICS) (NETDYNAMICS)
1	18.66.139.117 18.66.139.117	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:7663	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.196.91.144 18.196.91.144	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0d::9b	15169 (GOOGLE) (GOOGLE)
1	54.74.116.255 54.74.116.255	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	34.111.234.236 34.111.234.236	15169 (GOOGLE) (GOOGLE)
2	185.221.87.248 185.221.87.248	206998 (NEW-2) (NEW-2)
4	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
110	40

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2606:4700::6811:7863 (United States)

ASN13335 (CLOUDFLARENET, US)

www.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beta.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.194.217 (United States)

ASN54113 (FASTLY, US)

eu-images.contentstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-84.fra56.r.cloudfront.net

assets.zephr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-20.fra60.r.cloudfront.net

informa-dark-reading.preview.zephr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.131 (United States)

ASN54113 (FASTLY, US)

6600d6d98e534115970f9529a45f3195.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.88.226 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-88-226.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-16.fra60.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:e200:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-109.fra60.r.cloudfront.net

static.iris.informa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-27.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-103.fra60.r.cloudfront.net

cdn.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.162.212.248 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-212-248.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.0.173.15 (United States) 1 redirects

ASN7160 (NETDYNAMICS, US)

trk.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-117.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7663 (United States)

ASN13335 (CLOUDFLARENET, US)

c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.91.144 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-91-144.eu-central-1.compute.amazonaws.com

eu01.in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.116.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-116-255.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.221.87.248 (Ireland)

ASN206998 (NEW-2, IE)

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	darkreading.com 1 redirects www.darkreading.com — Cisco Umbrella Rank: 167181 beta.darkreading.com — Cisco Umbrella Rank: 469229 trk.darkreading.com — Cisco Umbrella Rank: 692857 c.darkreading.com — Cisco Umbrella Rank: 554757	715 KB
15	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 stats.g.doubleclick.net — Cisco Umbrella Rank: 98	226 KB
9	contentstack.com eu-images.contentstack.com — Cisco Umbrella Rank: 92063	47 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 109 4bae76fa21a501a637e5bdc25d8b9e81.safeframe.googlesyndication.com Failed tpc.googlesyndication.com — Cisco Umbrella Rank: 142	92 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 604 script.hotjar.com — Cisco Umbrella Rank: 777 vars.hotjar.com — Cisco Umbrella Rank: 856 in.hotjar.com — Cisco Umbrella Rank: 1510	69 KB
3	google.com www.google.com — Cisco Umbrella Rank: 4 adservice.google.com — Cisco Umbrella Rank: 79	2 KB
3	treasuredata.com cdn.treasuredata.com — Cisco Umbrella Rank: 18682 eu01.in.treasuredata.com — Cisco Umbrella Rank: 46626	20 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 43	20 KB
2	nr-data.net bam.eu01.nr-data.net — Cisco Umbrella Rank: 9345	2 KB
2	ml314.com ml314.com — Cisco Umbrella Rank: 1485	32 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6180 adservice.google.de — Cisco Umbrella Rank: 8654	1 KB
2	informa.com static.iris.informa.com — Cisco Umbrella Rank: 89936	26 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 103	53 KB
2	ubembed.com 6600d6d98e534115970f9529a45f3195.js.ubembed.com — Cisco Umbrella Rank: 307522 assets.ubembed.com — Cisco Umbrella Rank: 9673	48 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	133 KB
2	zephr.com assets.zephr.com — Cisco Umbrella Rank: 35520 informa-dark-reading.preview.zephr.com — Cisco Umbrella Rank: 614288	16 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 362	17 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1039	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1174	15 KB
1	dpmsrv.com s.dpmsrv.com — Cisco Umbrella Rank: 19283	520 B
1	en25.com img.en25.com — Cisco Umbrella Rank: 5456	3 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1294	38 KB
1	gstatic.com fonts.gstatic.com	20 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1222	5 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2171	15 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 215	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 624	24 KB
1	t.co t.co — Cisco Umbrella Rank: 461	592 B
110	28

	Domain	Requested by
28	beta.darkreading.com	www.darkreading.com beta.darkreading.com
14	securepubads.g.doubleclick.net	www.darkreading.com beta.darkreading.com
9	eu-images.contentstack.com	www.darkreading.com
5	www.darkreading.com	t.co beta.darkreading.com www.darkreading.com
4	tpc.googlesyndication.com	www.darkreading.com beta.darkreading.com
4	pagead2.googlesyndication.com	beta.darkreading.com tpc.googlesyndication.com
3	www.google-analytics.com	beta.darkreading.com www.googletagmanager.com
2	bam.eu01.nr-data.net	beta.darkreading.com
2	ml314.com	beta.darkreading.com
2	www.google.com	www.darkreading.com beta.darkreading.com
2	eu01.in.treasuredata.com	beta.darkreading.com
2	c.darkreading.com	beta.darkreading.com
2	trk.darkreading.com	1 redirects www.darkreading.com
2	static.iris.informa.com	beta.darkreading.com
2	www.youtube.com	beta.darkreading.com
2	www.googletagmanager.com	beta.darkreading.com
1	adservice.google.com	beta.darkreading.com
1	adservice.google.de	beta.darkreading.com
1	js-agent.newrelic.com	beta.darkreading.com
1	www.google.de	www.darkreading.com
1	in.hotjar.com	beta.darkreading.com
1	stats.g.doubleclick.net	beta.darkreading.com
1	vars.hotjar.com	beta.darkreading.com
1	ping.chartbeat.net	www.darkreading.com
1	cdn.treasuredata.com	beta.darkreading.com
1	assets.ubembed.com	beta.darkreading.com
1	script.hotjar.com	beta.darkreading.com
1	static.chartbeat.com	beta.darkreading.com
1	static.hotjar.com	beta.darkreading.com
1	s.dpmsrv.com	beta.darkreading.com
1	img.en25.com	beta.darkreading.com
1	6600d6d98e534115970f9529a45f3195.js.ubembed.com	beta.darkreading.com
1	www.googleoptimize.com	beta.darkreading.com
1	informa-dark-reading.preview.zephr.com	beta.darkreading.com
1	fonts.gstatic.com	www.darkreading.com
1	static.cloudflareinsights.com	www.darkreading.com
1	assets.zephr.com	www.darkreading.com
1	stackpath.bootstrapcdn.com	www.darkreading.com
1	cdnjs.cloudflare.com	www.darkreading.com
1	code.jquery.com	www.darkreading.com
1	t.co
0	4bae76fa21a501a637e5bdc25d8b9e81.safeframe.googlesyndication.com Failed	beta.darkreading.com
110	42

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net

Subject Issuer	Validity	Valid
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
darkreading.com Cloudflare Inc ECC CA-3	`2022-05-09` - `2023-05-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.contentstack.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-08` - `2023-03-12`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
assets.zephr.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.preview.zephr.com Amazon	`2021-07-12` - `2022-08-10`	a year	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-04` - `2023-02-05`	a year	crt.sh
*.en25.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-09-14`	a year	crt.sh
*.dpmsrv.com Amazon	`2022-04-17` - `2023-05-16`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
static.iris.informa.com Amazon	`2021-09-02` - `2022-10-01`	a year	crt.sh
assets.ubembed.com Amazon	`2022-02-04` - `2023-03-05`	a year	crt.sh
*.treasuredata.com Amazon	`2021-09-17` - `2022-10-16`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.in.treasuredata.com Amazon	`2021-07-24` - `2022-08-22`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.ml314.com GoGetSSL RSA DV CA	`2022-03-29` - `2023-03-29`	a year	crt.sh
*.eu01.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-24` - `2023-02-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Frame ID: D6AA59F1865B3B80B18B3417783D3722
Requests: 104 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: 217388155898402CE952F8F6CF85D62B
Requests: 1 HTTP requests in this frame

Frame: https://4bae76fa21a501a637e5bdc25d8b9e81.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 17BB213A6FEB737267B1D45086BC02BC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E51C0D6869E4A624AD50E19489D024BC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1CDEC764EF1646BB530FC40332F43D6A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.co/P6CDJ9dJzi Page URL
https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_... Page URL

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

110
Requests

98 %
HTTPS

46 %
IPv6

28
Domains

42
Subdomains

40
IPs

5
Countries

1647 kB
Transfer

5305 kB
Size

30
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssyHSqIO535_3L0SPFrdG8G9MhzeUoxIBzStwMYiXOcVwMY9sWlAppj6aUP0SsuN5kiawM6Xw1h5dWJSEweSLBCDwgbld7g32kq-ti6ygli4K-9x42KA_qDyhnIyHpvM1_L3l-MC1DqZ21LVLNhlc18Ju6h_2hh2iz00RJ0-tjvb6uJiApc6fbmaEwUG-R_hT4h6yGGooYEulpQRXHfaoI1eJpWcWlzeNc3Ulh07UMALtCCGpiyTy_qibXopPJmtixswOlegM44j5Poo9A-AZwRENrxVTMloz5SfbUPId_EOJi3iZQt2ubzZwIFMnr8C8UHx5L44aWtZ136zxXoYMn3ojZ3an0Ibp0&sai=AMfl-YSDoNZlY-j99-tmsQ0WCtrcIrQP-vx3yxVjof2463PD6eF0EfGRdEAZZ1Rw-XZ3ibvH9vqypZ79JSqybeeAi8ZB5sRg21r9SjKoeNFQ42XqsoptW2BWXmpO-ALm9MNx&sig=Cg0ArKJSzE4oxPuIJZ81EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://symphony.paloaltonetworks.com/?utm_source=darkreadingtaps-field-amer-cortex&utm_medium=paid-social

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/P6CDJ9dJzi Page URL
https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-ransomware-esxi-servers-active-campaign%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ref2=https%3A%2F%2Ft.co%2F&tzo=0&ms=942&optin=disabled&firstPartyCookieDomain=trk.darkreading.com HTTP 302
https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-ransomware-esxi-servers-active-campaign%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ref2=https%3A%2F%2Ft.co%2F&tzo=0&ms=942&optin=disabled&elq1pcGUID=8DB95CE530A9499A905578014B4C2F6D

110 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 P6CDJ9dJzi
t.co/ 575 B
592 B 241ms
159ms Document
text/html 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/P6CDJ9dJzi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 261
content-type: text/html; charset=utf-8
date: Wed, 08 Jun 2022 19:19:41 GMT
expires: Wed, 08 Jun 2022 19:24:41 GMT
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 6cefd920ac76f5154133f4b4a5666218c67a5e1835b774ee9253afe88a2ac65a
x-response-time: 121
x-xss-protection: 0

GET
H2 200 Primary Request black-basta-ransomware-esxi-servers-active-campaign Show response
www.darkreading.com/threat-intelligence/ 402 KB
57 KB 274ms
192ms Document
text/html 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Requested by: Host: t.co
URL: https://t.co/P6CDJ9dJzi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: 248d50dc6935b368cbb715fe4f94b1df5bb1f3e3bcf6697561561f8154b65829

Request headers

Referer: https://t.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: s-maxage=30, stale-while-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7183fb053a63915f-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 08 Jun 2022 19:19:41 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding, Origin
x-powered-by: Next.js
x-proxy-by: https://www.darkreading.com

GET
H2 200 newrelic-browser.js Show response
beta.darkreading.com/js/ 30 KB
11 KB 426ms
425ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/js/newrelic-browser.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b0e0e1532b550e4aa75788c0be84dea157a9e3342eb01e2d5f037cdf638521d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 May 2022 07:51:41 GMT
server: cloudflare
etag: W/"7736-180fa3332c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=7200
cf-ray: 7183fb069d8c915f-FRA
expires: Wed, 08 Jun 2022 21:19:42 GMT

GET
H2 200 adsensebase.js Show response
beta.darkreading.com/js/prebid-ads/ 24 B
219 B 414ms
413ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/js/prebid-ads/adsensebase.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 757c66837cfbe8c2533e8c41099d8e50b20f83fbf84ead6a6d7435dcc2ad0884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 May 2022 07:51:41 GMT
server: cloudflare
etag: W/"18-180fa3332c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=7200
cf-ray: 7183fb069d9a915f-FRA
expires: Wed, 08 Jun 2022 21:19:42 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 175ms
55ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

f4d4d20fb35e356621a4e294b8052381133c6c7b4d809daaa9c02e229c8f6aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28140
x-xss-protection: 0
server: sffe
etag: "1239 / 61 of 1000 / last-modified: 1654686579"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Jun 2022 19:19:42 GMT

GET
H2 200 52183980cd24f89652ec.css
beta.darkreading.com/_next/static/css/ 433 KB
59 KB 80ms
80ms Stylesheet
text/css 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/css/52183980cd24f89652ec.css
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d4f9a24b30a47c538face82103ae43eaabfd5bdda77480caf5e0b0132b925f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 07:53:47 GMT
server: cloudflare
age: 1250120
etag: W/"628de08b-6c2a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 7183fb069d78915f-FRA
expires: Thu, 08 Jun 2023 19:19:41 GMT

GET
H2 200 webpack-7fb052d7c600418576ab.js Show response
beta.darkreading.com/_next/static/chunks/ 3 KB
2 KB 73ms
70ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/webpack-7fb052d7c600418576ab.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 809bfb85f0fe84db235d48e159f6eb86b6ebf69ac613c61d66e7c2aebb868398

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 07:53:47 GMT
server: cloudflare
age: 1249845
etag: W/"628de08b-ce0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 7183fb096c84915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 framework-3af989d3dbeb77832f99.js Show response
beta.darkreading.com/_next/static/chunks/ 129 KB
42 KB 84ms
81ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/framework-3af989d3dbeb77832f99.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dcc17de6c7a4aa95a465d7fbb436e3f4c412dad3aa183fde03fa32f9178c3ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Feb 2022 09:53:36 GMT
server: cloudflare
age: 8655643
etag: W/"62160420-2025e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 7183fb096c88915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 main-4579d29662f3fd692d14.js Show response
beta.darkreading.com/_next/static/chunks/ 90 KB
27 KB 75ms
72ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/main-4579d29662f3fd692d14.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3e34be9443c0ab7eb569e14bc5af571e06d760368b659a0a3a417ff743f785e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Feb 2022 11:22:47 GMT
server: cloudflare
age: 9786591
etag: W/"62064707-169c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 7183fb096c8c915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 _app-ed3bf26a215597ef97e2.js Show response
beta.darkreading.com/_next/static/chunks/pages/ 449 KB
142 KB 96ms
93ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/pages/_app-ed3bf26a215597ef97e2.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47cb96b05d896668a55f58a1a352f71a53fe50b1ab85a9920e8da3cbe3e20a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Apr 2022 10:53:01 GMT
server: cloudflare
age: 5473071
etag: W/"624d710d-70215"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 7183fb096c8e915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 75fc9c18-84e7ab66c7989b7a8b6f.js Show response
beta.darkreading.com/_next/static/chunks/ 59 KB
20 KB 78ms
75ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/75fc9c18-84e7ab66c7989b7a8b6f.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ac5442585942acb8da8f6fd1e2ef864b68a552686c83484c0044772d6a3ec77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Feb 2022 09:53:36 GMT
server: cloudflare
age: 8653399
etag: W/"62160420-eb8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 7183fb096c8f915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 c0ed2f06-8374a19ea75854b54102.js Show response
beta.darkreading.com/_next/static/chunks/ 372 KB
81 KB 89ms
87ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/c0ed2f06-8374a19ea75854b54102.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 403e89bf468c203d1f4887cbc4ab12878370cbade342b65d30c36a38d60894ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jan 2022 09:44:59 GMT
server: cloudflare
age: 11618671
etag: W/"61dea31b-5cf19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 7183fb096c91915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 466-a973b8e13a6f2860f90f.js Show response
beta.darkreading.com/_next/static/chunks/ 44 KB
15 KB 70ms
56ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/466-a973b8e13a6f2860f90f.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b30f33afeec62f5aef6d6e927c450c42ed04fa92264342f9a3cf361e3171d16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jan 2022 09:44:59 GMT
server: cloudflare
age: 11618671
etag: W/"61dea31b-b092"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 7183fb09fda2915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 291-55c701e69d5a14f2bfa0.js Show response
beta.darkreading.com/_next/static/chunks/ 8 KB
3 KB 62ms
48ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/291-55c701e69d5a14f2bfa0.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ced09284a1c4ae88949d807100d854ae5afebca35c07dc3d792c937ddbdc472

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Feb 2022 09:53:36 GMT
server: cloudflare
age: 8653399
etag: W/"62160420-1ee4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 7183fb09fda3915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 36-4030719854f3a1daeb7a.js Show response
beta.darkreading.com/_next/static/chunks/ 86 KB
27 KB 66ms
59ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/36-4030719854f3a1daeb7a.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c99565562824219eadf0a860cd9da35ac1d48410d3e65d467968c5af4fb4f62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Feb 2022 09:53:36 GMT
server: cloudflare
age: 8653822
etag: W/"62160420-15985"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 7183fb09fdb2915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 163-b67d0f660a885f8ad009.js Show response
beta.darkreading.com/_next/static/chunks/ 174 KB
50 KB 57ms
57ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/163-b67d0f660a885f8ad009.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfd4f754e134eb42e45e6bf5e41d05516b5ad6465deb4ca63ac77ffa58292b1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jan 2022 09:44:59 GMT
server: cloudflare
age: 11618671
etag: W/"61dea31b-2b73a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 7183fb09fdb9915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 844-74c2dc28aa7c154127ca.js Show response
beta.darkreading.com/_next/static/chunks/ 19 KB
7 KB 49ms
49ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/844-74c2dc28aa7c154127ca.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e14573ba9dd1cb9df5d3676c134f794ff4ff4629365e005b3c1dd79d3457870

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 Apr 2022 08:38:54 GMT
server: cloudflare
age: 3666438
etag: W/"6269011e-4aa7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-polished: origSize=19111
cf-bgj: minify
cf-ray: 7183fb0a0ddf915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 521-c929240aebd9411602ac.js Show response
beta.darkreading.com/_next/static/chunks/ 7 KB
2 KB 50ms
50ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/521-c929240aebd9411602ac.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3e24d795b082a4439815f85eb8492536f32471869b482f1c4e4754c6fb5261b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 Apr 2022 08:38:54 GMT
server: cloudflare
age: 3666500
etag: W/"6269011e-1ad2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 7183fb0a3e37915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 302-be658919964d3774c8db.js Show response
beta.darkreading.com/_next/static/chunks/ 112 KB
27 KB 52ms
51ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/302-be658919964d3774c8db.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74f5dbfff8c31d8876ddeb224b893ab65552f596b25b3577cf6d6f519c9e8ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Apr 2022 10:53:01 GMT
server: cloudflare
age: 5472394
etag: W/"624d710d-1be0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-polished: origSize=114187
cf-bgj: minify
cf-ray: 7183fb0a4e41915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 920-8276df14b36f7124344e.js Show response
beta.darkreading.com/_next/static/chunks/ 131 KB
38 KB 55ms
55ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/920-8276df14b36f7124344e.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8f56a12e38109ef29bb878c56b13963bdc33d48e7deed8a788a24fe0171d9cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jan 2022 09:44:59 GMT
server: cloudflare
age: 11618669
etag: W/"61dea31b-20a77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 7183fb0a5e5a915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 2-8ae03f4e3e5cb6e3d66a.js Show response
beta.darkreading.com/_next/static/chunks/ 136 KB
43 KB 61ms
60ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/2-8ae03f4e3e5cb6e3d66a.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a6c3d599df1f9652eaead106ccaf3af4eed8645fe10b0791499f8826c4febd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jan 2022 09:44:59 GMT
server: cloudflare
age: 11618669
etag: W/"61dea31b-22107"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 7183fb0a5e6f915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 311-12253774a83c27883651.js Show response
beta.darkreading.com/_next/static/chunks/ 54 KB
14 KB 53ms
52ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/311-12253774a83c27883651.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa329d3b29e8f762376ea2cab848dd2f7fce3f4830763b99bf36f0780df87443

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 07:53:47 GMT
server: cloudflare
age: 1250120
etag: W/"628de08b-d881"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 7183fb0a5e71915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 596-25f9fe51e4bc5e4ddd4f.js Show response
beta.darkreading.com/_next/static/chunks/ 17 KB
6 KB 51ms
50ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/596-25f9fe51e4bc5e4ddd4f.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86646baf6689e8941f4bfd0619eefc77c58b85e7f54dd83d84c8d834a410c4a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Apr 2022 09:17:34 GMT
server: cloudflare
age: 4873941
etag: W/"6256952e-42ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 7183fb0a5e73915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 470-23c01b4437a512c2fc06.js Show response
beta.darkreading.com/_next/static/chunks/ 13 KB
3 KB 65ms
65ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/470-23c01b4437a512c2fc06.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1813980c6380c04ed03acf13c8c9589024fa19202df34f668bb058fab3e251c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Apr 2022 10:53:01 GMT
server: cloudflare
age: 5472663
etag: W/"624d710d-3308"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 7183fb0a8edf915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 450-15120495ffb273a10a0a.js Show response
beta.darkreading.com/_next/static/chunks/ 71 KB
14 KB 55ms
55ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/450-15120495ffb273a10a0a.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d2a09a3afcca5fbef5ffa5a5fdd63673e83af9c6f4939541f46366b6adc806e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 07:53:47 GMT
server: cloudflare
age: 1250119
etag: W/"628de08b-11d07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 7183fb0a9f01915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 %5BhybidPage%5D-67d494911bcf2b5bffcd.js Show response
beta.darkreading.com/_next/static/chunks/pages/%5Bcategory%5D/ 36 KB
11 KB 56ms
55ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/pages/%5Bcategory%5D/%5BhybidPage%5D-67d494911bcf2b5bffcd.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78916daf46a47129f0fed3287e980faa6403d4ce0801c6448eff5ade12f6f1d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 07:53:47 GMT
server: cloudflare
age: 1249845
etag: W/"628de08b-8eb6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 7183fb0aaf2c915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 _buildManifest.js Show response
beta.darkreading.com/_next/static/dd289cdb277ccaa4c7473f56a7306bd55ae0973a/ 3 KB
1 KB 54ms
53ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/dd289cdb277ccaa4c7473f56a7306bd55ae0973a/_buildManifest.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84978f05058d591d3cadc3f61527f30dfcef5ada102582c1a85674a3fdb689e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 07:53:47 GMT
server: cloudflare
age: 1250119
etag: W/"628de08b-b66"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 7183fb0abf3b915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 _ssgManifest.js Show response
beta.darkreading.com/_next/static/dd289cdb277ccaa4c7473f56a7306bd55ae0973a/ 151 B
187 B 53ms
53ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/dd289cdb277ccaa4c7473f56a7306bd55ae0973a/_ssgManifest.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 293c780b3a79b98415e3b7e1f91d1f08510bfc18e5ab3bbe5fc99676d3c4f024

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 07:54:12 GMT
server: cloudflare
age: 1249845
etag: W/"628de0a4-97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 7183fb0abf3e915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 ransomware_Igor_Stevanovic-AlamyStockPhoto.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt83d3ee1a3d4cbdeb/621923ab8b3e7510843890ae/ 23 KB
23 KB 143ms
41ms Image
image/webp 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt83d3ee1a3d4cbdeb/621923ab8b3e7510843890ae/ransomware_Igor_Stevanovic-AlamyStockPhoto.jpg?quality=80&format=webply&width=690

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

61a009e526b05e5fe0364e2e0bffa52a5a7994bcb88a3d7c847749c506c61d4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 1264869
x-cache: HIT, HIT
fastly-io-info: ifsz=112342 idim=1119x747 ifmt=jpeg ofsz=23486 odim=690x461 ofmt=webp
filename1: custom
content-disposition: inline; filename=ransomware_Igor_Stevanovic-AlamyStockPhoto.webp
fastly-stats: io=1
content-length: 23486
x-request-id: 79248
x-served-by: cache-ams12734-AMS, cache-hhn4030-HHN
x-runtime: 97ms
x-timer: S1654715982.399062,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
etag: "fZvVyRluPBbjGEDUcDi+l/bckXauQdyGss4VV74Db0k"
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 143ms
44ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1111d"
vary: Accept-Encoding
x-hw: 1654715982.dop238.fr8.t,1654715982.cds236.fr8.hn,1654715982.cds274.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24038

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 20 KB
7 KB 123ms
46ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 603506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6458
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-500f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2Bk%2BWWU6Sle6YPX98Ohiu6%2B0yiPKpbOYbZ%2BbF3qMsK0sTzjgMkZF2l5Z0gt%2FyxAYsbYczWoHkCJ9jJSbvjknul79GeOoFZqWpJQy5wff9VPFmb3NRmEENuEn2SXSH8jZUaZHs6WR9hjj4s1qsHy8okEz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7183fb0a3e809b8c-FRA
expires: Mon, 29 May 2023 19:19:42 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ 49 KB
15 KB 150ms
71ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 565, 718, 718
age: 8650656
cdn-cachedat: 2021-06-08 18:02:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a9c552a6ef500abddb12a9852509d4ed
cf-ray: 7183fb0a3cd39182-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Whitelogo_1.png
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt3edeb23396a4b5dc/60b1ea7a9afdef577986633e/ 8 KB
8 KB 63ms
38ms Image
image/png 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt3edeb23396a4b5dc/60b1ea7a9afdef577986633e/Whitelogo_1.png

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2c947fb257287976cf7cd15cd2a488c1cc4093a5c5ff2a40a56ba9a7c9e07c08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 3185864
x-cache: HIT, HIT
fastly-io-info: ifsz=7774 idim=336x84 ifmt=png ofsz=7760 odim=336x84 ofmt=png
content-disposition: inline; filename=Whitelogo_1.png
fastly-stats: io=1
content-length: 7760
x-request-id: 50517
x-served-by: cache-ams12735-AMS, cache-hhn4030-HHN
x-runtime: 64ms
x-timer: S1654715982.399040,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "9lnNwdU3SaksRme/Az7CUYHUn98eOJQreS0ZWDc0+sA"
strict-transport-security: max-age=31557600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 zephr-browser.umd.js Show response
assets.zephr.com/zephr-browser/1.3.10/ 39 KB
15 KB 138ms
44ms Script
application/javascript 18.66.112.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zephr.com/zephr-browser/1.3.10/zephr-browser.umd.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-84.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d98f3c146304d61e34da5e04cb32b628c58b401b7c01576d6c47f8f1ca6bea02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 02:24:57 GMT
content-encoding: gzip
last-modified: Wed, 10 Nov 2021 11:00:47 GMT
server: AmazonS3
age: 60912
etag: W/"55053cbc5cf4062ebe713185efced2ca"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: i2QmJqCCMfU9fS-189IuYkI9YeHxFW2qUSDkKsXws2m_UNzM1cbsHA==

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 170ms
88ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7183fb0aedd79b9a-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 215 KB
64 KB 131ms
48ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T52Z3Z3

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c8febbe3fc158d74446fbc424c297fb7813084c8ba8b0f274e2cc15235fe1ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65340
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 18:25:46 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Jun 2022 19:19:42 GMT

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d44c3403ac31b08a81867bcfdb18981cd3a3e8e42356cf64dd68bead051b64b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 4UaOrEtFpBISc36j2jDu5w.woff2
fonts.gstatic.com/s/exo/v19/ 20 KB
20 KB 139ms
42ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo/v19/4UaOrEtFpBISc36j2jDu5w.woff2

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

951d29553c936c5e999247cfe53a9b08bf29b53cbb957e878e1e0ee7bd4dcae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 20:30:09 GMT
x-content-type-options: nosniff
age: 514173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20236
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:03:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Jun 2023 20:30:09 GMT

GET
H2 200 pdf.efec47dadbf7da17b090bbdb7ada07ba.png
beta.darkreading.com/_next/static/media/ 8 KB
8 KB 60ms
59ms Image
image/png 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beta.darkreading.com/_next/static/media/pdf.efec47dadbf7da17b090bbdb7ada07ba.png
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/_next/static/css/52183980cd24f89652ec.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e153b77b7b590360c91df38e894d46fd6061ce57cc0bbbc09f4c408a66bd0c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beta.darkreading.com/_next/static/css/52183980cd24f89652ec.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
cf-cache-status: HIT
age: 2678
cf-polished: origSize=11781
last-modified: Wed, 25 May 2022 07:53:47 GMT
content-length: 8484
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "628de08b-2e05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7183fb09bd23915f-FRA
expires: Wed, 08 Jun 2022 21:19:42 GMT

GET
H2 200 pubads_impl_2022060201.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
124 KB 38ms
38ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

3fef2bb487a75c68deb09f1bb519592f7688129de30f665c72d577df95c102a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126885
x-xss-protection: 0
last-modified: Thu, 02 Jun 2022 08:36:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 08 Jun 2023 19:06:47 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 95 B
109 B 123ms
46ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.darkreading.com

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

31778d7d5cdf674cb88174d58247acb84fc97239ee406994a646c5d3d0b8cb64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84
x-xss-protection: 0
expires: Wed, 08 Jun 2022 19:19:42 GMT

GET
H2 200 465.860e9d00e68bf80b4535.js Show response
beta.darkreading.com/_next/static/chunks/ 2 KB
1 KB 60ms
60ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/465.860e9d00e68bf80b4535.js
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8028c67a8d75e527561d4fb6fecbba6993ff48645f0b57d5033809e558e59d13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jan 2022 09:44:59 GMT
server: cloudflare
age: 11618496
etag: W/"61dea31b-95f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 7183fb0bb98e915f-FRA
expires: Thu, 08 Jun 2023 19:19:42 GMT

GET
H2 200 session Show response
www.darkreading.com/api/auth/ 2 B
309 B 436ms
436ms Fetch
application/json 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/api/auth/session
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
tracestate: 3288925@nr=0-1-3288925-256687733-6f868184d6f244bf----1654715982687
traceparent: 00-ef3c863aa7792b94d967a8798908ac90-6f868184d6f244bf-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyODg5MjUiLCJhcCI6IjI1NjY4NzczMyIsImlkIjoiNmY4NjgxODRkNmYyNDRiZiIsInRyIjoiZWYzYzg2M2FhNzc5MmI5NGQ5NjdhODc5ODkwOGFjOTAiLCJ0aSI6MTY1NDcxNTk4MjY4N319

Response headers

date: Wed, 08 Jun 2022 19:19:43 GMT
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: "2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7183fb0be9fd915f-FRA
content-length: 2

GET
H2 200 session Show response
www.darkreading.com/api/auth/ 2 B
364 B 228ms
228ms Fetch
application/json 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/api/auth/session
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
tracestate: 3288925@nr=0-1-3288925-256687733-f7741c2447dd704d----1654715982688
traceparent: 00-8ab022078646b2a16c91fef814935550-f7741c2447dd704d-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyODg5MjUiLCJhcCI6IjI1NjY4NzczMyIsImlkIjoiZjc3NDFjMjQ0N2RkNzA0ZCIsInRyIjoiOGFiMDIyMDc4NjQ2YjJhMTZjOTFmZWY4MTQ5MzU1NTAiLCJ0aSI6MTY1NDcxNTk4MjY4OH19

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: "2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7183fb0bea00915f-FRA
content-length: 2

GET
H2 200 Frame_1728.svg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt456fd002839bae7e/620377d02be9c249dcea7cc9/ 8 KB
3 KB 38ms
37ms Image
image/svg+xml 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt456fd002839bae7e/620377d02be9c249dcea7cc9/Frame_1728.svg?quality=80&format=webply&width=222

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

958136771bc42c0cbea29f08be65260d0b8b63020d9f41039261fbf26a0cc942

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
age: 3179641
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Frame_1728.svg+xml
fastly-stats: io=1
content-encoding: gzip
content-length: 3197
x-request-id: 37498
x-served-by: cache-ams21044-AMS, cache-hhn4030-HHN
x-runtime: 84ms
x-timer: S1654715983.707987,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 Article.svg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt27dca7fd9a7ec07d/60da98a6537dbc26a0e2a2d3/ 3 KB
1 KB 40ms
39ms Image
image/svg+xml 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt27dca7fd9a7ec07d/60da98a6537dbc26a0e2a2d3/Article.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de06fea245b0036d21764fcf2b9a4791c0a0f1e927e3916c7d779cb44a1977bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
age: 2580272
x-cache: HIT, HIT
content-disposition: inline; filename=Article.svg
fastly-stats: io=1
content-encoding: gzip
content-length: 1177
x-request-id: 69303
x-served-by: cache-ams21051-AMS, cache-hhn4030-HHN
x-runtime: 73ms
x-timer: S1654715983.708106,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 NathanEddyHeadshot.PNG
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltf8b5a94afa71c53a/628e3799daa31875dc0c9fc0/ 3 KB
3 KB 39ms
38ms Image
image/webp 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltf8b5a94afa71c53a/628e3799daa31875dc0c9fc0/NathanEddyHeadshot.PNG?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

76afb6d60cc897afee2432deba698cec096252516b5706b6a9a76dd1ae3f5d1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 1228468
x-cache: HIT, HIT
fastly-io-info: ifsz=219304 idim=435x410 ifmt=png ofsz=2872 odim=100x94 ofmt=webp
filename1: custom
content-disposition: inline; filename=NathanEddyHeadshot.webp
fastly-stats: io=1
content-length: 2872
x-request-id: 16019
x-served-by: cache-ams12731-AMS, cache-hhn4030-HHN
x-runtime: 45ms
x-timer: S1654715983.708387,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "y3lWvaOWPCsVmKQXqaicrxRS2cHykmz3ujWy63yHv9A"
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 10

GET
H2 200 msoffice_Wachiwit_shutterstock.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt346e8ac4c3f482a2/6296773dbd3c176ee20080c9/ 2 KB
3 KB 42ms
41ms Image
image/webp 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt346e8ac4c3f482a2/6296773dbd3c176ee20080c9/msoffice_Wachiwit_shutterstock.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f3e465e09932db45951f460bf7a0f43246d23e90ac1c593f0de7f3e3c03f3d03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 687890
x-cache: HIT, HIT
fastly-io-info: ifsz=553696 idim=1000x667 ifmt=jpeg ofsz=2442 odim=100x67 ofmt=webp
filename1: custom
content-disposition: inline; filename=msoffice_Wachiwit_shutterstock.webp
fastly-stats: io=1
content-length: 2442
x-request-id: 33460
x-served-by: cache-ams21020-AMS, cache-hhn4030-HHN
x-runtime: 116ms
x-timer: S1654715983.708707,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "fc5xp7mryQWM5cm7/y6VPcllnx1hwljNF03syOoFxEg"
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 ransomware_Igor_Stevanovic-AlamyStockPhoto.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt83d3ee1a3d4cbdeb/621923ab8b3e7510843890ae/ 1 KB
2 KB 40ms
40ms Image
image/webp 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt83d3ee1a3d4cbdeb/621923ab8b3e7510843890ae/ransomware_Igor_Stevanovic-AlamyStockPhoto.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cdbe958848f7dda8b482e630854482247fee298132049a22ff7985512e715c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 1264869
x-cache: HIT, HIT
fastly-io-info: ifsz=112342 idim=1119x747 ifmt=jpeg ofsz=1148 odim=100x67 ofmt=webp
filename1: custom
content-disposition: inline; filename=ransomware_Igor_Stevanovic-AlamyStockPhoto.webp
fastly-stats: io=1
content-length: 1148
x-request-id: 79248
x-served-by: cache-ams12722-AMS, cache-hhn4030-HHN
x-runtime: 97ms
x-timer: S1654715983.708677,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "gSRfaGD5DG+H7C7KE3IQu9D39mOQRt6MBWo/g/8rXHI"
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 Keep-out-sign_Tom_Grundy_Alamy.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt96416385a1400e58/628d13a0310f057723243009/ 2 KB
2 KB 41ms
40ms Image
image/webp 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt96416385a1400e58/628d13a0310f057723243009/Keep-out-sign_Tom_Grundy_Alamy.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

02aa45f76c2a20a014a84ea2098fef8e80405b2906d52874d01c3891204e99fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 1303214
x-cache: HIT, HIT
fastly-io-info: ifsz=270113 idim=1300x861 ifmt=jpeg ofsz=2292 odim=100x66 ofmt=webp
filename1: custom
content-disposition: inline; filename=Keep-out-sign_Tom_Grundy_Alamy.webp
fastly-stats: io=1
content-length: 2292
x-request-id: 21394
x-served-by: cache-ams12774-AMS, cache-hhn4030-HHN
x-runtime: 50ms
x-timer: S1654715983.708662,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "PsHLebAysaMx91+C7H4eWRgCetUSwM1rRXMUcUp5Cc4"
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 remotework-casualdress-imtmphoto-alamy.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4cf99756c21c9c39/627ae1056327fd1359b9460b/ 1 KB
2 KB 39ms
39ms Image
image/webp 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4cf99756c21c9c39/627ae1056327fd1359b9460b/remotework-casualdress-imtmphoto-alamy.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

516698b9f90a2859c94595d4ce50da041a541370181efdc1a902e6bf8ebc2143

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 2495817
x-cache: HIT, HIT
fastly-io-info: ifsz=335633 idim=3600x2400 ifmt=jpeg ofsz=1418 odim=100x67 ofmt=webp
filename1: custom
content-disposition: inline; filename=remotework-casualdress-imtmphoto-alamy.webp
fastly-stats: io=1
content-length: 1418
x-request-id: 9121
x-served-by: cache-ams12755-AMS, cache-hhn4030-HHN
x-runtime: 55ms
x-timer: S1654715983.708627,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "eab+hFFI62r0JyKRgQcpIkm7teouFst5pUDbconuWBo"
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 cookie-close.svg
beta.darkreading.com/icons/ 667 B
475 B 441ms
441ms Image
image/svg+xml 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beta.darkreading.com/icons/cookie-close.svg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5a1598944cdacee0760775794bff19417c31947033f3b013af8b6ceac45875c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 May 2022 07:51:41 GMT
server: cloudflare
etag: W/"29b-180fa3332c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=7200
cf-ray: 7183fb0bfa08915f-FRA
expires: Wed, 08 Jun 2022 21:19:43 GMT

GET
H2 200 image
www.darkreading.com/_next/ 654 B
916 B 162ms
162ms Image
image/webp 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/_next/image?url=%2F_next%2Fstatic%2Fimage%2Fpublic%2Fimages%2Firibbon-logo.61822a6f728dd50c5ab494ce9936bac3.png&w=96&q=75

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab36b8356d4b7e3e3591b161427e6fb18512a2ccc8a787f8cc03294cf2f30478

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: qza4NW1Lfj41kbFhQn5vsYUSoszIp4f4zAMpTPLzBHg=
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Origin, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
content-disposition: inline; filename="iribbon-logo.webp"
cache-control: public, max-age=315360000, immutable
content-security-policy: script-src 'none'; sandbox;
cf-ray: 7183fb0bfa29915f-FRA

GET
H2 200 features Show response
informa-dark-reading.preview.zephr.com/zephr/ 3 B
845 B 216ms
119ms Fetch
application/json 18.66.139.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://informa-dark-reading.preview.zephr.com/zephr/features
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-20.fra60.r.cloudfront.net
Software: /
Resource Hash: 5984eac0c5c6d947241e29dd5671b81a1546cedf77e08d38438ac47029969afa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: public, max-age=300
access-control-allow-credentials: true
access-control-allow-headers: Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-length: 3
x-amz-cf-id: K9d9MzZkOyho7MJusjWoai-fgPCaUVFJNBSsYGRhKag-nhHVpMBe7w==
x-blaize-request: fffffffff076616b

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 97 KB
38 KB 134ms
46ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-W6LRXN3

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f5048e9d739872e83395827e47dd2b561ad3446efb90163c21587c5dcb9d72e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38678
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 18:25:46 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Jun 2022 19:19:42 GMT

GET
H2 200 / Show response
6600d6d98e534115970f9529a45f3195.js.ubembed.com/ 481 B
762 B 130ms
37ms Script
application/json 151.101.129.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://6600d6d98e534115970f9529a45f3195.js.ubembed.com/
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f7f39efc89a78da2fc76423dc26b17d8a744b01b27b90144b9b7e897cea30fcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 1322
etag: W/aaab40e12ca91eabbcb0f8f10bd5715a-v0.179.2
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA56-C1
accept-ranges: none
x-amz-apigw-id: TaqdvG_tjoEFmkA=

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 139ms
44ms Script
application/x-javascript 104.92.88.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.92.88.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-88-226.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Fri, 01 Apr 2022 14:38:56 GMT
Date: Wed, 08 Jun 2022 19:19:42 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
ETag: "d69c9437d645d81:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Wed, 08 Jun 2022 19:19:42 GMT

GET
H/1.1 200
OK dpm_8effee409c625e1a2d8f5033631840e6ce1dcb64.min.js Show response
s.dpmsrv.com/ 0
520 B 135ms
38ms Script
application/x-javascript 13.32.99.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_8effee409c625e1a2d8f5033631840e6ce1dcb64.min.js
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-16.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 03:11:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Jun 2022 13:48:51 GMT
Server: AmazonS3
Age: 58090
ETag: "4a4dd3598707603b3f76a2378a4504aa"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Content-Length: 20
X-Amz-Cf-Id: uwbX7pQo8Sg8vAv1A-qAQxDy19kNoDnjO6EslHCD40Qjy26l74tWzw==

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 146ms
56ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bffe67c0ec41d02b174b3dd9f24fa95302ad338ff49423e542627fd8c91d5547

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 08 Jun 2022 19:19:42 GMT

GET
H2 200 hotjar-2610568.js Show response
static.hotjar.com/c/ 9 KB
4 KB 126ms
38ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2610568.js?sv=6

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

4a0a672a64519e480689294933e435eb92385bddd2bc8b534eb364d44c2a218c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:19 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 23
etag: W/9f4efbe23d8c4a49ea8c9ee251e59294
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: vxRaDWuHpDXZNEkN5jOpLonO7oiatlRk5DskbvOfpklwoC2FkYUEQQ==
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
69 KB 124ms
47ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c5d63315b32cbd86697788fd9827add6125b19f288d86872786d87b9e0387a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70595
x-xss-protection: 0
expires: Wed, 08 Jun 2022 19:19:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 125ms
37ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3634
date: Wed, 08 Jun 2022 18:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 08 Jun 2022 20:19:08 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
15 KB 127ms
45ms Script
application/x-javascript 2600:9000:223c:e200:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e200:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ad53ba7c073cc7c7e6f2a684129bebbcf956a9a4c6a7aa9068f575f4c533386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 18:09:44 GMT
content-encoding: gzip
last-modified: Thu, 02 Jun 2022 02:06:17 GMT
server: nginx
age: 4198
etag: W/"62981b19-9081"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: qHPmBiZ2bxLb66UYmXY2ygzbZnVDpA9U6X-2Soh3Sq3Uxjl8bxBbng==
expires: Wed, 08 Jun 2022 20:09:44 GMT

GET
H2 200 iris-t.js Show response
static.iris.informa.com/widgets/v3.0/ 8 KB
4 KB 125ms
38ms Script
application/javascript 13.32.99.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v3.0/iris-t.js
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a145882acbd04955e7c3d1b0a0d5565524cfec371087375dc669210495ee0b79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 08 Jun 2022 14:51:50 GMT
content-encoding: br
last-modified: Tue, 24 May 2022 08:49:58 GMT
server: AmazonS3
age: 16073
etag: W/"8e15701f1f41cf1a05f0cfe4dc0d20c3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: q_cS1S3qJru3l1e7TkZYw7iRWtjK70OF
via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
content-type: application/javascript
x-amz-cf-id: aGmuS6fyRtmuOfxI_EmuuOpKc88-FhhDdttIuhPw_PrZiHvmwb-QYg==

GET
H2 200 modules.e20d55506f3679282458.js Show response
script.hotjar.com/ 243 KB
63 KB 140ms
45ms Script
application/javascript 52.222.236.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e20d55506f3679282458.js

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-43.fra56.r.cloudfront.net

Software

Resource Hash

5418abfb61c7201ead45d21f215b481b45ee7c13ee78608dbbe1c6244543406b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 11:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 201217
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 64038
access-control-allow-origin: *
last-modified: Mon, 06 Jun 2022 11:25:40 GMT
etag: "1318b31283773d19556416b861d6cbe8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 2x0N13mO_t3Q_M3EWwkhQDj5y59TfzPChCQmiCX9chyMD_doud8how==

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.2/ 174 KB
48 KB 126ms
44ms Script
application/javascript 108.138.17.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 02:45:33 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 16:31:05 GMT
server: AmazonS3
age: 1269250
etag: W/"359008fe01078c59c66e034866170bd2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: 7heczk0UFJS_Gw2TESOchwcaWi1MtqVKTCqDb0KF0x4LSH99w8gw8w==

GET
H2 200 f23io39d.js Show response
static.iris.informa.com/ 70 KB
23 KB 47ms
46ms Script
application/javascript 13.32.99.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/f23io39d.js
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: r.70SgccGRmRk8cXfo6q55SZB1TmHyVy
content-encoding: gzip
etag: W/"a790df23a63287b42b6e7324cb81afd9"
last-modified: Thu, 02 Sep 2021 16:02:23 GMT
server: AmazonS3
age: 39873
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
date: Wed, 08 Jun 2022 08:39:49 GMT
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: GAAg4iQWnPKPayGvt5lnQS7JJHwHrSxWrwbmLcequKkzge7D0SjZ8w==

GET
H/1.1 200
OK td.min.js Show response
cdn.treasuredata.com/sdk/3.0/ 58 KB
20 KB 136ms
38ms Script
application/javascript 13.32.99.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.treasuredata.com/sdk/3.0/td.min.js
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-103.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 10 May 2022 23:11:40 GMT
Content-Encoding: gzip
Age: 2491684
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Mon, 05 Jul 2021 08:58:13 GMT
Server: AmazonS3
Etag: W/"4b9abb36767431f05495228eb82edf01"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
Cache-Control: public, max-age=315360000
X-Amz-Cf-Pop: FRA60-P3
X-Amz-Cf-Id: wsBdGbc-4ykhv2YRMObXHAqpFrC5H7-6t6o-wx0ZQEUYw2kN8jbDMg==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 377ms
123ms Image
image/gif 54.162.212.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=darkreading.com&p=%2Fthreat-intelligence%2Fblack-basta-ransomware-esxi-servers-active-campaign&u=0oS6tBt9DiqClDEvT&d=darkreading.com&g=53678&g0=threat-intelligence&g1=nathan%20eddy&g4=article&n=1&f=00001&c=0&x=0&m=0&y=3522&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=https%3A%2F%2Ft.co%2F&b=1399&_m=twitter&_x=dlvr.it&t=hQe1nBCVybqCBaBQtKbRz4CXjxiI&V=133&i=Black%20Basta%20Ransomware%20Targets%20ESXi%20Servers%20in%20Active%20Campaign&tz=0&sn=1&sv=BD6oFa8tf1UCJAHfYBGpOK_DaFB9_&sr=https%3A%2F%2Ft.co%2F&sd=1&im=067b2fff&_
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.212.248 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-212-248.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 19:19:43 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H/1.1

200
OK

svrGP
trk.darkreading.com/visitor/v200/
Redirect Chain

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-ransomware-esxi-servers-active-campaign%3Futm_source%3Ddlv...
https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-ransomware-esxi-servers-active-campaign%3Futm_source%3Ddlv...

49 B
504 B

189ms
188ms

Image
image/gif

142.0.173.15
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-ransomware-esxi-servers-active-campaign%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ref2=https%3A%2F%2Ft.co%2F&tzo=0&ms=942&optin=disabled&elq1pcGUID=8DB95CE530A9499A905578014B4C2F6D

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter

Protocol

HTTP/1.1

Server

142.0.173.15 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Jun 2022 19:19:43 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Date: Wed, 08 Jun 2022 19:19:42 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-ransomware-esxi-servers-active-campaign%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ref2=https%3A%2F%2Ft.co%2F&tzo=0&ms=942&optin=disabled&elq1pcGUID=8DB95CE530A9499A905578014B4C2F6D
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 468
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/966d033c/www-widgetapi.vflset/ 158 KB
51 KB 114ms
37ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/966d033c/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cafeda5705503ca6ff92919bd414affc6df1289ab44ffbc70edc404e386337b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 18:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4041
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52344
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 00:16:06 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 08 Jun 2023 18:12:22 GMT

GET
H2 200 box-63c3a81830bf549dafe40b369003f751.html Show response
vars.hotjar.com/ Frame 2173 2 KB
1 KB 125ms
37ms Document
text/html 18.66.139.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-117.fra60.r.cloudfront.net
Software: /
Resource Hash: f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 733537
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 07:34:06 GMT
etag: "e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified: Tue, 31 May 2022 07:33:23 GMT
vary: Accept-Encoding
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
x-amz-cf-id: jHrNtNCUL2tcEgobQjqyEeb-Usbz9HiLj2fiEwzMHH0xkbvqrMomFg==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 121ms
45ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=960887847&t=pageview&_s=1&dl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-ransomware-esxi-servers-active-campaign%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&dr=https%3A%2F%2Ft.co%2F&dp=%2Fthreat-intelligence%2Fblack-basta-ransomware-esxi-servers-active-campaign&ul=en-us&de=UTF-8&dt=Black%20Basta%20Ransomware%20Targets%20ESXi%20Servers%20in%20Active%20Campaign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEABRAAAAC~&jid=1114163668&gjid=946252422&cid=869113608.1654715983&tid=UA-135180592-2&_gid=425977547.1654715983&_r=1&gtm=2wg660T52Z3Z3&cg1=article&cg2=News&cg3=Threat%20Intelligence&cd1=article&cd2=nathan%20eddy&cd3=&cd4=News&cd5=Jun%2008%2C%202022&cd6=threat-intelligence&cd9=vulnerabilities-threats&cd10=0&cd16=blt8d5b3676a2accdec&cd17=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-ransomware-esxi-servers-active-campaign%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&cd18=3834%2Fdarkreading.home%2Farticle%2Fthreat-intelligence&cd20=vanguard%20-%20113&z=60372012

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 19:19:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 85ms
44ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-1X1EHQ3PFR&gtm=2oe660&_p=960887847&_z=ccd.tdB&cid=869113608.1654715983&ul=en-us&sr=1600x1200&_s=1&sid=1654715983&sct=1&seg=0&dl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-ransomware-esxi-servers-active-campaign%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&dr=https%3A%2F%2Ft.co%2F&dt=Black%20Basta%20Ransomware%20Targets%20ESXi%20Servers%20in%20Active%20Campaign&en=page_view&_fv=1&_ss=1&ep.pageType=article&ep.authorByline=nathan%20eddy&ep.publishDate=Jun%2008%2C%202022&ep.primaryCategory=threat-intelligence&ep.pageId=blt8d5b3676a2accdec&ep.adUnit=3834%2Fdarkreading.home%2Farticle%2Fthreat-intelligence&ep.sponsor=&ep.contentLabel=News&ep.secondaryTerms=vulnerabilities-threats&ep.gtmContainerId=scm%20-%20113&ep.primaryTermRealText=Threat%20Intelligence
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 19:19:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 ed0
c.darkreading.com/com.iiris/ Frame 0
0 252ms
172ms Preflight 2606:4700::6811:7663
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7663 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 5
cf-cache-status: DYNAMIC
cf-ray: 7183fb0ecb139b39-FRA
content-length: 0
date: Wed, 08 Jun 2022 19:19:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare

POST
H2 200 ed0 Show response
c.darkreading.com/com.iiris/ 2 B
297 B 193ms
192ms XHR
text/plain 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 08 Jun 2022 19:19:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7183fb0fdb35915f-FRA
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.darkreading.com
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
content-length: 2

OPTIONS
H2 204 js_pageviews_itcyber_darkreading
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ Frame 0
0 128ms
40ms Preflight 18.196.91.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1654715983080

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.91.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-91-144.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-td-fetch-api,x-td-write-key
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 7200
date: Wed, 08 Jun 2022 19:19:43 GMT
strict-transport-security: max-age=31536000

POST
H2 200 js_pageviews_itcyber_darkreading Show response
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ 16 B
477 B 125ms
41ms Fetch
application/json 18.196.91.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1654715983080

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.91.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-91-144.eu-central-1.compute.amazonaws.com

Software

Resource Hash

56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-TD-Write-Key: 100/bb9cbe21de3db7a5428506d7528e45b2c801a48c
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
X-TD-Fetch-Api: true
Content-Type: application/json

Response headers

date: Wed, 08 Jun 2022 19:19:43 GMT
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST
p3p: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
access-control-allow-origin: https://www.darkreading.com
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
content-length: 16

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 152ms
49ms XHR
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-135180592-2&cid=869113608.1654715983&jid=1114163668&gjid=946252422&_gid=425977547.1654715983&_u=aGBACEAARAAAAC~&z=1957898525

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 08 Jun 2022 19:19:43 GMT
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2610568/ 147 B
322 B 186ms
61ms XHR
application/json 54.74.116.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2610568/visit-data?sv=6
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.116.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-116-255.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4c88237efbd80053668d55dfb4f84f10c756d3d69142f801bd440d5ca4c46468

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 08 Jun 2022 19:19:43 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 169ms
74ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-135180592-2&cid=869113608.1654715983&jid=1114163668&_u=aGBACEAARAAAAC~&z=1941671550

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 19:19:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 169ms
75ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-135180592-2&cid=869113608.1654715983&jid=1114163668&_u=aGBACEAARAAAAC~&z=1941671550

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 19:19:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-spa-1212.min.js Show response
js-agent.newrelic.com/ 44 KB
17 KB 121ms
37ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1212.min.js
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebfe453394ff1be6ef75d380ab7c5535aea0b51832d045f0d5d0ef7e6535969c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: wY72Ah.NJX5KzzqRFK3uhSo3Jh07tDe4
content-encoding: gzip
etag: "8bd93bf0ecb2f4e971a2055a41402bb6"
x-amz-request-id: 78NFQ7CS7N7P6HKY
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16636
x-amz-id-2: NP12T6xW5b2hKoE+gok1hBlU7wo6l7Oqrg3Jov/jKyhOMK66IGjXJpWUcj2czQYmoKj5HhYQAW4=
x-served-by: cache-hhn4045-HHN
last-modified: Thu, 04 Nov 2021 21:16:16 GMT
server: AmazonS3
x-timer: S1654715984.790221,VS0,VE0
date: Wed, 08 Jun 2022 19:19:43 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 641

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 128ms
45ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.darkreading.com

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Jun 2022 19:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 129ms
46ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.darkreading.com

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Jun 2022 19:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
12 KB 92ms
92ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1916092640746695&correlator=868730124229632&eid=42531606&output=ldjh&gdfp_req=1&vrg=2022060201&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&adks=2734278250&sfv=1-0-38&ecs=20220608&fsapi=false&prev_scp=pos%3Dwelcome_v%26ptype%3Darticle%26pageid%3Dblt8d5b3676a2accdec%26aid%3D437102%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1654715983772&lmt=1654715983&dlt=1654715981814&idt=923&biw=1600&bih=1200&adxs=0&adys=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-ransomware-esxi-servers-active-campaign%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x3521&msz=0x0&fws=132&ohw=1600&ga_vid=869113608.1654715983&ga_sid=1654715984&ga_hid=960887847&ga_fc=true&btvi=0

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

caa64da70bedf50d1da1ce605022c27356b0a7c31940a28bebce13a101086696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11900
x-xss-protection: 0
google-lineitem-id: 5910849036
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138392875547
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 80ms
80ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1916092640746695&correlator=868730124229632&eid=42531606&output=ldjh&gdfp_req=1&vrg=2022060201&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=2&adks=4210692985&sfv=1-0-38&ecs=20220608&ists=1&fsapi=false&prev_scp=pos%3Dwallpaper_v%26ptype%3Darticle%26pageid%3Dblt8d5b3676a2accdec%26aid%3D437102%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1654715983778&lmt=1654715983&dlt=1654715981814&idt=923&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-ransomware-esxi-servers-active-campaign%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x3521&msz=0x0&fws=132&ohw=1600&ga_vid=869113608.1654715983&ga_sid=1654715984&ga_hid=960887847&ga_fc=true&btvi=-1

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

7d6259047bbcf9d75d31a524e6bb609dd21c38a03709e117500602e3c430b1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
google-lineitem-id: 5979154023
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138391041354
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 450 B
272 B 83ms
83ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1916092640746695&correlator=868730124229632&eid=42531606&output=ldjh&gdfp_req=1&vrg=2022060201&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=3&adks=2640520740&sfv=1-0-38&ecs=20220608&ists=1&fsapi=false&prev_scp=pos%3Doop_v%26ptype%3Darticle%26pageid%3Dblt8d5b3676a2accdec%26aid%3D437102%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1654715983781&lmt=1654715983&dlt=1654715981814&idt=923&biw=1600&bih=1200&adxs=0&adys=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-ransomware-esxi-servers-active-campaign%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x3521&msz=0x0&fws=132&ohw=1600&ga_vid=869113608.1654715983&ga_sid=1654715984&ga_hid=960887847&ga_fc=true&btvi=0

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

7e8150c59b298fedeaaa0cb5e605e2cf9b929d46e1fbccffc61893369484c644

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 242
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 450 B
268 B 70ms
70ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1916092640746695&correlator=868730124229632&eid=42531606&output=ldjh&gdfp_req=1&vrg=2022060201&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=4&adks=1007812694&sfv=1-0-38&ecs=20220608&fsapi=false&prev_scp=pos%3Dfloor_v%26gdpr_banner%3Don%26ptype%3Darticle%26pageid%3Dblt8d5b3676a2accdec%26aid%3D437102%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1654715983784&lmt=1654715983&dlt=1654715981814&idt=923&biw=1600&bih=1200&adxs=0&adys=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-ransomware-esxi-servers-active-campaign%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x3521&msz=0x0&fws=132&ohw=1600&ga_vid=869113608.1654715983&ga_sid=1654715984&ga_hid=960887847&ga_fc=true&btvi=0

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

5e00a1bf2b451d9f4e1f5d9fbeac83315567571f4834ed86b413d86c7a0e3f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 238
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 450 B
271 B 87ms
87ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1916092640746695&correlator=868730124229632&eid=42531606&output=ldjh&gdfp_req=1&vrg=2022060201&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=7x7&ifi=5&adks=2857532071&sfv=1-0-38&ecs=20220608&fsapi=false&prev_scp=pos%3Dadhesion_v%26gdpr_banner%3Don%26ptype%3Darticle%26pageid%3Dblt8d5b3676a2accdec%26aid%3D437102%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1654715983787&lmt=1654715983&dlt=1654715981814&idt=923&biw=1600&bih=1200&adxs=0&adys=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-ransomware-esxi-servers-active-campaign%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x3521&msz=7x0&fws=132&ohw=1600&ga_vid=869113608.1654715983&ga_sid=1654715984&ga_hid=960887847&ga_fc=true&btvi=0

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8246ffe2ec399394b0c84cacc975563051ab5da79e8c1816cac5d4d5f83a4856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 241
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 978ms
53ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022060201&st=env

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1347ba74ac099e1b3967fd8244a82277fdccb24db145e119acb7bbed6fc462ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Jun 2022 19:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10705
x-xss-protection: 0

GET container.html
4bae76fa21a501a637e5bdc25d8b9e81.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 17BB 0
0

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
32 KB 959ms
38ms Script
application/javascript 34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?85
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 75d893335a1d25db1bf02e25ab904d97a3af743128850d8566b93d197e56e9e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 18:57:27 GMT
age: 1337
x-guploader-uploadid: ADPycdsfQeNATfSOGVaI9pjd0P20qoH4B7MxbccfH-ZY6pb1-7Sf8cdCWYiBKxrBbEyALzjva9ShQzvYvWr_b7e4Zulhtw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32025
last-modified: Mon, 04 Apr 2022 15:43:44 GMT
server: UploadServer
cache-control: public,max-age=3600
etag: "25b1f355dd487bdf5381a749056080c4"
x-goog-hash: crc32c=dPpbog==, md5=JbHzVd1Ie99TgadJBWCAxA==
x-goog-generation: 1649087024620619
cache-id: FRA-1209ea83
x-cache-hit: hit
x-goog-stored-content-length: 32025
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
12 KB 89ms
89ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1916092640746695&correlator=868730124229632&eid=42531606&output=ldjh&gdfp_req=1&vrg=2022060201&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=6&adks=3202866112&sfv=1-0-38&ecs=20220608&fsapi=false&prev_scp=pos%3D300_1v_article%26ptype%3Darticle%26pageid%3Dblt8d5b3676a2accdec%26aid%3D437102%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1654715983802&lmt=1654715983&dlt=1654715981814&idt=923&biw=1600&bih=1200&adxs=654&adys=1040&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-ransomware-esxi-servers-active-campaign%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=869113608.1654715983&ga_sid=1654715984&ga_hid=960887847&ga_fc=true&btvi=0

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

0ebc2b6cb0389c9d1488258d77b4dbaa372f9d15f58de98d84a776bf3d7ee969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12683
x-xss-protection: 0
google-lineitem-id: 6013285663
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138389894517
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
13 KB 94ms
94ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1916092640746695&correlator=868730124229632&eid=42531606&output=ldjh&gdfp_req=1&vrg=2022060201&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=970x90%7C970x250%7C728x90&ifi=7&adks=742166842&sfv=1-0-38&ecs=20220608&fsapi=false&prev_scp=pos%3D728_1v%26ptype%3Darticle%26pageid%3Dblt8d5b3676a2accdec%26aid%3D437102%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1654715983807&lmt=1654715983&dlt=1654715981814&idt=923&biw=1600&bih=1200&adxs=315&adys=86&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-ransomware-esxi-servers-active-campaign%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=984x0&msz=970x0&fws=4&ohw=1600&ga_vid=869113608.1654715983&ga_sid=1654715984&ga_hid=960887847&ga_fc=true&btvi=0

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

67202988335fb3ec476f975b6b4150539f95a8044e6eff2444d72891ba0b9aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12837
x-xss-protection: 0
google-lineitem-id: 5997255023
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138392400579
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
12 KB 104ms
104ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1916092640746695&correlator=868730124229632&eid=42531606&output=ldjh&gdfp_req=1&vrg=2022060201&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=8&adks=2836960451&sfv=1-0-38&ecs=20220608&fsapi=false&prev_scp=pos%3D300_2v%26ptype%3Darticle%26pageid%3Dblt8d5b3676a2accdec%26aid%3D437102%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1654715983811&lmt=1654715983&dlt=1654715981814&idt=923&biw=1600&bih=1200&adxs=988&adys=126&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-ransomware-esxi-servers-active-campaign%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=308x0&msz=300x0&fws=4&ohw=1600&ga_vid=869113608.1654715983&ga_sid=1654715984&ga_hid=960887847&ga_fc=true&btvi=0

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

161ac6fb3a3335140ba6a9bac89ad1d683bd95fe26a10c29c4da94b66f84709f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12756
x-xss-protection: 0
google-lineitem-id: 5979154023
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138390265410
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 107ms
107ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1916092640746695&correlator=868730124229632&eid=42531606&output=ldjh&gdfp_req=1&vrg=2022060201&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=9&adks=1580050579&sfv=1-0-38&ecs=20220608&fsapi=false&prev_scp=pos%3Dvideo_v%26ptype%3Darticle%26pageid%3Dblt8d5b3676a2accdec%26aid%3D437102%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1654715983815&lmt=1654715983&dlt=1654715981814&idt=923&biw=1600&bih=1200&adxs=308&adys=936&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-ransomware-esxi-servers-active-campaign%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=646x1416&msz=646x0&fws=4&ohw=1600&ga_vid=869113608.1654715983&ga_sid=1654715984&ga_hid=960887847&ga_fc=true&btvi=0

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ac4ab2689ae49d6409a6cafdbd2180663a2e4c02550c43572c1f991d1a507273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9266
x-xss-protection: 0
google-lineitem-id: 5674929725
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138347225724
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
11 KB 107ms
107ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1916092640746695&correlator=868730124229632&eid=42531606&output=ldjh&gdfp_req=1&vrg=2022060201&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250%7C5x5&ifi=10&adks=442429047&sfv=1-0-38&ecs=20220608&fsapi=false&prev_scp=pos%3D300_1v%26ptype%3Darticle%26pageid%3Dblt8d5b3676a2accdec%26aid%3D437102%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1654715983821&lmt=1654715983&dlt=1654715981814&idt=923&biw=1600&bih=1200&adxs=988&adys=126&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-ransomware-esxi-servers-active-campaign%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=308x0&msz=300x0&fws=4&ohw=1600&ga_vid=869113608.1654715983&ga_sid=1654715984&ga_hid=960887847&ga_fc=true&btvi=0

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e19f988fbb13271fe93f9c2a9597a24ddca82a8c7a73ef6983959c3ddcdede90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10810
x-xss-protection: 0
google-lineitem-id: 5979154023
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138381188701
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 rum Show response
www.darkreading.com/cdn-cgi/ 0
189 B 89ms
88ms XHR
text/plain 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/rum?

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter
tracestate: 3288925@nr=0-1-3288925-256687733-39ac72f4604ad214----1654715983826
traceparent: 00-13fa95cf7b7ce0f490763d531d6b3f50-39ac72f4604ad214-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyODg5MjUiLCJhcCI6IjI1NjY4NzczMyIsImlkIjoiMzlhYzcyZjQ2MDRhZDIxNCIsInRyIjoiMTNmYTk1Y2Y3YjdjZTBmNDkwNzYzZDUzMWQ2YjNmNTAiLCJ0aSI6MTY1NDcxNTk4MzgyNn19
content-type: application/json

Response headers

date: Wed, 08 Jun 2022 19:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 7183fb130abf915f-FRA
vary: Origin

GET
H/1.1 200
OK NRJS-4eee28fd5f21ed85217 Show response
bam.eu01.nr-data.net/1/ 49 B
1 KB 986ms
103ms Script
text/javascript 185.221.87.248
NEW-2

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/1/NRJS-4eee28fd5f21ed85217?a=256687733&sa=1&v=1212.e95d35c&t=Unnamed%20Transaction&rst=2300&ck=1&ref=https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign&be=722&fe=2149&dc=1210&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1654715981537,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:38,%22ce%22:83,%22rq%22:83,%22rp%22:274,%22rpe%22:411,%22dl%22:277,%22di%22:865,%22ds%22:1210,%22de%22:1210,%22dc%22:2139,%22l%22:2149,%22le%22:2261%7D,%22navigation%22:%7B%7D%7D&fp=752&jsonp=NREUM.setToken
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.248 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 19:19:44 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 4
cross-origin-resource-policy: cross-origin
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Connection: keep-alive
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2XBHoKsFbJVuKBfYxGqwUzreDOqij%2FSKtr58E86szULIauxx56xFYasHj%2FAShaNceBw0seqxepBSDQSwH3fqpbQ8EAQ7BjdZMQmTNyUiJywTq%2B85QfjlChlW9ZXbw6ZIihoVzig4"}],"group":"cf-nel","max_age":604800}
Content-Type: text/javascript
Access-Control-Allow-Origin: *
access-control-allow-credentials: true
CF-Ray: 7183fb189f7f911f-FRA

GET
H2 200 3841950306008594447
tpc.googlesyndication.com/simgad/ 56 KB
56 KB 868ms
39ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3841950306008594447?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4149c14a4e03e24db64de0a2edd827c80fa4c42c998931a57ca64f0af8fbae3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 22:57:36 GMT
x-content-type-options: nosniff
age: 246128
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56861
x-xss-protection: 0
last-modified: Fri, 06 May 2022 17:13:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Jun 2023 22:57:36 GMT

GET
DATA 200
OK truncated
/ 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 607147f75e710874f0ea08302cae9008d93e9ecacd76c1db1d62f9b7874efc20

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
29 B 75ms
75ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDYyhCv461e2sk1ZeOchVYdWyQMXOTY9cYwP771q-KD26zBYrmu72213dYhWMZtRoCBI6Op1SYOlZFDFIeJSVVfKk63jvAxpX4nRe7z_IQWt-LnRG-1BVB6JK811SEdJrJdgPmXM3NUYKt-v5MC8cm9kxAdAAA2jAdS1hr_O6rr_0NR030sN7h_sshYgOQz7PbzMF8QsnzvGlWPkhh1nR_VOTM9AMWbSySbaHGeSvO2Kq15z-kObKBp9dLlkkGdQGX-21VPFSvIYqGG2bz2jmBbI5mUGM7hyVbzUnYJBE1Q0McqT6zxMER5f4EyF-iC7hN5H0LnmdBlYMYdHt_KLTWxIGS1CV897T0orckda4&sai=AMfl-YRAP-9c8E-EFaSF1zRJlztTpXd38Nnv4ja8GDCaeKIcopnodIsmtGiJau66x_tPfSUeDzjasV6M1z8CX1BNvT4xZEtJeBY4RWdxwm-HnX_MxDWGd4lMrgxrk11_8-am&sig=Cg0ArKJSzOWMVWTlY4k3EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign?utm_source=dlvr.it&utm_medium=twitter

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Jun 2022 19:19:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 08 Jun 2022 19:19:43 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 133ms
50ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 19:19:44 GMT

GET
H3 200 utsync.ashx Show response
ml314.com/ 62 B
81 B 188ms
113ms Script
application/javascript 34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=62439&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fblack-basta-ransomware-esxi-servers-active-campaign%3Futm_source%3Ddlvr.it%26utm_medium%3Dtwitter&pv=1654715984800_ll9qdb8no&bl=en-us&cb=2915110&return=&ht=&d=&dc=&si=1654715984800_ll9qdb8no&cid=&s=1600x1200&rp=https%3A%2F%2Ft.co%2F&v=2.5.1.2
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 19:19:44 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
expires: 0

POST
H/1.1 200
OK NRJS-4eee28fd5f21ed85217 Show response
bam.eu01.nr-data.net/events/1/ 24 B
871 B 67ms
67ms XHR
image/gif 185.221.87.248
NEW-2

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/events/1/NRJS-4eee28fd5f21ed85217?a=256687733&sa=1&v=1212.e95d35c&t=Unnamed%20Transaction&rst=3330&ck=1&ref=https://www.darkreading.com/threat-intelligence/black-basta-ransomware-esxi-servers-active-campaign
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.248 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 08 Jun 2022 19:19:44 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.darkreading.com
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iv3qJ8GXJerTnRDxle75rXwOR%2BykadTl5fkhOGHeVT2IgEze%2Fhj%2FXEklN8O96ePKUPyGqKJ3WKCMGkn8rLecscBCtjF9n4qEhpi0vihW1BjbgCtUmoBsFgTFmbsmoI7GyG4lxCYe"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
Connection: keep-alive
CF-Ray: 7183fb198969911f-FRA
Content-Length: 24

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E51C 13 KB
5 KB 37ms
37ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 921
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 19:04:23 GMT
expires: Thu, 08 Jun 2023 19:04:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1CDE 783 B
535 B 190ms
47ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: beta.darkreading.com
URL: https://beta.darkreading.com/js/newrelic-browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5cc767b773ab2a851fe78d9f0535cb6baa5aadce7b4dfa6d377fbb3fe5327bea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JkPswk89jt7m98YksXubxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-JkPswk89jt7m98YksXubxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 19:19:45 GMT
expires: Wed, 08 Jun 2022 19:19:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js Show response
pagead2.googlesyndication.com/bg/ Frame E51C 36 KB
14 KB 115ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b761e0b8eda3eb9f98b8b90f3bdb1a5844a63103a2d547b03b75f0525d7e386e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 06:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13815
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Jun 2023 06:48:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1CDE 0
0 112ms
86ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022060201&jk=1916092640746695&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E51C 0
9 B 38ms
38ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TXxyYA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:19:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 89ms
88ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022060201&jk=1916092640746695&bg=!lJell9PNAAaJfvByqX47ACkAdvg8WljZj0looXnDomD-ln3cb4x0Zvy6nVnu0JAzBpqkpWs8vfu2gAIAAABUUgAAAAFoAQcKAMZfj9taPjwLhGW1XnhFJO0taFiST_7qD7J58ZZFfzN6-5ms07VBvovzoa5DV7EQ-zWWeCa3919fQtalJXNxqSSCXdxjVrFLulHHDn0_A5xt1wf7Tyqqs1hUAzw7OWyACL0BZSGCM1uYa8R9bFXrzW9DdrLl0byWp1qanTya_VAG01qhbRk4O2FfBcgSWoj3eBotGOoslVLk2CFPqWhg5enF3JqDdVRoqLxCp-_F3CoJm4yoQM7Z5wmab0jkx12a61CPl_oPzpaZApj3Mgi_KtMOuebNDJt1A1HDKxBJjIgMtj2aA9HfGn03ywXiFgPNcQJOZUhkHyj3DK7XKiy0JDl_jLdFJnjy_ewuJwVSE51wiXQa_Ly5VaS7WzlQxYMTQ_aZDk8gX6_Qqfgq61Bqx0vhtTFF9wl6ZkTZBk_8rcVnf8KxAqp-_-V93jjHtvfgA1J16OsLGzKwTuW-e6kUq6c_DmCCDU1WWvOD-UACP-q57RimpaksYEaNnKVMmvjgYOxY9E13T8HeYifeOQ9qeaRzzBZIvuQ1p4NZJmn2kXcgaudSLQHCM9LKDfsiMca0rfMwfOEUXSebjTWYYt-hi73cFtjfyuJW8SSBR7foyRUmbfEMK7qu6K6E5eIyJIuzhUVVJMazGgxAglV3hYrbjmpTFsbAptUX4cpO6EHXXr9ZtVE4jA5hfBq31Hog8mXTLlm6Cd4rVWUnZ_xWaOnalXD71A7dD-M5t5Qi6EglS1fd0OcTbBGix6iUfm7BUKjmTL0IiuW1oZAgT-1j_ERTsf4TxbGibTpJKU2k9H09kOdFoEEo9Il5c0aYHegFVyKx6gemd-_FYUhLLVwDURjh2rSrxlAZzUghu4fOOvrQoQpNleYfdd-tbWiJA0F9UPtfXkPozTbugvutG-VCfZM6osL6FXo5zsbLBYqcE4QqGXBSV4yYQueumWPOcguIo9Awgd9caMu7iehtwPcXlQpXvTZbLwLZzVAB2Jzk3DC1uuTUEb1ePaE03Gjb5zaq-LFBdVvapY0GHpiTjBH70e4_GCAhZ4GeoguI8E4jRVBbgetMGVZsLse4mXBqxekOacFkQaIgBUEd46Lk4QbN7vODau0CtKGtojm4VQ9cOV2roY9Etb96ZnWhNe-ucP2PJ1LeUEg3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 4bae76fa21a501a637e5bdc25d8b9e81.safeframe.googlesyndication.com
URL: https://4bae76fa21a501a637e5bdc25d8b9e81.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-20 13:08:50	Name: muc Value: 0925f53c-0efd-43e3-9775-8c6705d644cb
.darkreading.com/	1970-01-20 05:48:11	Name: _gcl_au Value: 1.1.373288092.1654715983
.darkreading.com/	1969-12-31 23:59:59	Name: __Secure-next-auth.callback-url Value: https%3A%2F%2Fwww.darkreading.com
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 8xIoprhpSL4
.youtube.com/	1970-01-20 07:57:47	Name: VISITOR_INFO1_LIVE Value: -a-cWINcpjk
.darkreading.com/	1970-01-20 13:07:23	Name: _cb Value: 0oS6tBt9DiqClDEvT
.darkreading.com/	1970-01-20 13:07:23	Name: _chartbeat2 Value: .1654715982922.1654715982922.1.BD6oFa8tf1UCJAHfYBGpOK_DaFB9_.1
.darkreading.com/	1970-01-20 03:38:37	Name: _cb_svref Value: https%3A%2F%2Ft.co%2F
.darkreading.com/	1970-01-20 03:40:02	Name: _gid Value: GA1.2.425977547.1654715983
.darkreading.com/	1970-01-20 03:38:36	Name: _gat_UA-135180592-2 Value: 1
.darkreading.com/	1970-01-20 21:09:47	Name: _ga_1X1EHQ3PFR Value: GS1.1.1654715983.1.0.1654715983.0
.darkreading.com/	1970-01-20 21:09:47	Name: _ga Value: GA1.1.869113608.1654715983
.darkreading.com/	1970-01-20 03:38:37	Name: _sp_ses.94c4 Value: *
.darkreading.com/	1970-01-20 21:09:47	Name: _sp_id.94c4 Value: 66022624-fece-42c0-ab7c-3e759e7a2c96.1654715983.1.1654715983.1654715983.1a68ae65-5ab8-4b26-be7b-f2c414f761d3
.darkreading.com/	1970-01-20 21:09:47	Name: __td_signed Value: true
.darkreading.com/	1970-01-20 21:09:47	Name: _td Value: f699b472-7948-4b5b-8126-c716d547237d
www.darkreading.com/	1969-12-31 23:59:59	Name: __Host-next-auth.csrf-token Value: dc0bcc2193df2c3137637bef3d77f135c23094ac69f75d2c7f7929fb9e8f37e8%7Cf59af146311dded622d8ec475b745433be2939fccb20fa0f90cc8fb1374b5710
.darkreading.com/	1970-01-20 12:24:11	Name: _hjSessionUser_2610568 Value: eyJpZCI6ImZkNjZkOGQyLTc3OWYtNTE0Ni1hMTNhLWU3ZjlhNGIyNmZlYiIsImNyZWF0ZWQiOjE2NTQ3MTU5ODMxMjYsImV4aXN0aW5nIjpmYWxzZX0=
.darkreading.com/	1970-01-20 03:38:37	Name: _hjFirstSeen Value: 1
www.darkreading.com/	1970-01-20 03:38:36	Name: _hjIncludedInSessionSample Value: 0
.darkreading.com/	1970-01-20 03:38:37	Name: _hjSession_2610568 Value: eyJpZCI6ImZjYzlhY2JiLTlhMjgtNDZiYi05YWJlLWYxYzVmMWUwMDU2ZSIsImNyZWF0ZWQiOjE2NTQ3MTU5ODMxNTEsImluU2FtcGxlIjpmYWxzZX0=
www.darkreading.com/	1970-01-20 03:38:36	Name: _hjIncludedInPageviewSample Value: 1
.darkreading.com/	1970-01-20 03:38:37	Name: _hjAbsoluteSessionInProgress Value: 0
.in.treasuredata.com/	1970-01-20 21:09:47	Name: _td_global Value: d5aa6a36-dad1-4522-aae1-78f9a4e6e100
.darkreading.com/	1970-01-20 12:24:11	Name: sp Value: e41f7e7c-2c01-4fb8-970a-356fb8e36f82
.darkreading.com/	1970-01-20 13:07:23	Name: ELOQUA Value: GUID=8DB95CE530A9499A905578014B4C2F6D
www.darkreading.com/	1970-01-20 12:24:11	Name: informa_gdpr_cookie Value: 1
.darkreading.com/	1970-01-20 13:00:11	Name: __gads Value: ID=7bb94657e795c43e-22418d45abcd006c:T=1654715983:S=ALNI_MZ3dZuJfK5YJrSeCWGF7LjnXrzetg
.doubleclick.net/	1970-01-20 13:00:11	Name: IDE Value: AHWqTUmX_9PLHY1DVbhwY2bK8XAScwWYTXIP9w7188o8aMy0FqSYt5DMGossRm3cDEA
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: b1b5a737e5ebb711

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4bae76fa21a501a637e5bdc25d8b9e81.safeframe.googlesyndication.com
6600d6d98e534115970f9529a45f3195.js.ubembed.com
adservice.google.com
adservice.google.de
assets.ubembed.com
assets.zephr.com
bam.eu01.nr-data.net
beta.darkreading.com
c.darkreading.com
cdn.treasuredata.com
cdnjs.cloudflare.com
code.jquery.com
eu-images.contentstack.com
eu01.in.treasuredata.com
fonts.gstatic.com
img.en25.com
in.hotjar.com
informa-dark-reading.preview.zephr.com
js-agent.newrelic.com
ml314.com
pagead2.googlesyndication.com
ping.chartbeat.net
s.dpmsrv.com
script.hotjar.com
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
static.chartbeat.com
static.cloudflareinsights.com
static.hotjar.com
static.iris.informa.com
stats.g.doubleclick.net
t.co
tpc.googlesyndication.com
trk.darkreading.com
vars.hotjar.com
www.darkreading.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.youtube.com
4bae76fa21a501a637e5bdc25d8b9e81.safeframe.googlesyndication.com
104.244.42.197
104.92.88.226
108.138.17.27
13.32.99.103
13.32.99.109
13.32.99.16
142.0.173.15
142.250.185.130
151.101.129.131
151.101.194.217
151.101.66.137
18.196.91.144
18.66.112.84
18.66.139.117
18.66.139.20
18.66.97.49
185.221.87.248
2001:4de0:ac18::1:a:2b
2600:9000:223c:e200:18:1fcd:351:7bc1
2606:4700:440e::6812:2fe6
2606:4700::6811:190e
2606:4700::6811:7663
2606:4700::6811:7863
2606:4700::6812:acf
2a00:1450:4001:80e::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c0d::9b
34.111.234.236
52.222.236.43
54.162.212.248
54.74.116.255
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
02aa45f76c2a20a014a84ea2098fef8e80405b2906d52874d01c3891204e99fa
0a6c3d599df1f9652eaead106ccaf3af4eed8645fe10b0791499f8826c4febd7
0ac5442585942acb8da8f6fd1e2ef864b68a552686c83484c0044772d6a3ec77
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0cafeda5705503ca6ff92919bd414affc6df1289ab44ffbc70edc404e386337b
0e153b77b7b590360c91df38e894d46fd6061ce57cc0bbbc09f4c408a66bd0c7
0ebc2b6cb0389c9d1488258d77b4dbaa372f9d15f58de98d84a776bf3d7ee969
1347ba74ac099e1b3967fd8244a82277fdccb24db145e119acb7bbed6fc462ee
161ac6fb3a3335140ba6a9bac89ad1d683bd95fe26a10c29c4da94b66f84709f
1813980c6380c04ed03acf13c8c9589024fa19202df34f668bb058fab3e251c4
1ad53ba7c073cc7c7e6f2a684129bebbcf956a9a4c6a7aa9068f575f4c533386
1d2a09a3afcca5fbef5ffa5a5fdd63673e83af9c6f4939541f46366b6adc806e
1dcc17de6c7a4aa95a465d7fbb436e3f4c412dad3aa183fde03fa32f9178c3ca
248d50dc6935b368cbb715fe4f94b1df5bb1f3e3bcf6697561561f8154b65829
262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
293c780b3a79b98415e3b7e1f91d1f08510bfc18e5ab3bbe5fc99676d3c4f024
2c947fb257287976cf7cd15cd2a488c1cc4093a5c5ff2a40a56ba9a7c9e07c08
31778d7d5cdf674cb88174d58247acb84fc97239ee406994a646c5d3d0b8cb64
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
3fef2bb487a75c68deb09f1bb519592f7688129de30f665c72d577df95c102a8
403e89bf468c203d1f4887cbc4ab12878370cbade342b65d30c36a38d60894ee
4149c14a4e03e24db64de0a2edd827c80fa4c42c998931a57ca64f0af8fbae3d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47cb96b05d896668a55f58a1a352f71a53fe50b1ab85a9920e8da3cbe3e20a23
4a0a672a64519e480689294933e435eb92385bddd2bc8b534eb364d44c2a218c
4c88237efbd80053668d55dfb4f84f10c756d3d69142f801bd440d5ca4c46468
4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435
516698b9f90a2859c94595d4ce50da041a541370181efdc1a902e6bf8ebc2143
5418abfb61c7201ead45d21f215b481b45ee7c13ee78608dbbe1c6244543406b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9
5984eac0c5c6d947241e29dd5671b81a1546cedf77e08d38438ac47029969afa
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5c8febbe3fc158d74446fbc424c297fb7813084c8ba8b0f274e2cc15235fe1ef
5cc767b773ab2a851fe78d9f0535cb6baa5aadce7b4dfa6d377fbb3fe5327bea
5e00a1bf2b451d9f4e1f5d9fbeac83315567571f4834ed86b413d86c7a0e3f42
5e14573ba9dd1cb9df5d3676c134f794ff4ff4629365e005b3c1dd79d3457870
607147f75e710874f0ea08302cae9008d93e9ecacd76c1db1d62f9b7874efc20
61a009e526b05e5fe0364e2e0bffa52a5a7994bcb88a3d7c847749c506c61d4e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67202988335fb3ec476f975b6b4150539f95a8044e6eff2444d72891ba0b9aa7
74f5dbfff8c31d8876ddeb224b893ab65552f596b25b3577cf6d6f519c9e8ac9
757c66837cfbe8c2533e8c41099d8e50b20f83fbf84ead6a6d7435dcc2ad0884
75d893335a1d25db1bf02e25ab904d97a3af743128850d8566b93d197e56e9e9
76afb6d60cc897afee2432deba698cec096252516b5706b6a9a76dd1ae3f5d1d
78916daf46a47129f0fed3287e980faa6403d4ce0801c6448eff5ade12f6f1d0
7d6259047bbcf9d75d31a524e6bb609dd21c38a03709e117500602e3c430b1d4
7e8150c59b298fedeaaa0cb5e605e2cf9b929d46e1fbccffc61893369484c644
8028c67a8d75e527561d4fb6fecbba6993ff48645f0b57d5033809e558e59d13
809bfb85f0fe84db235d48e159f6eb86b6ebf69ac613c61d66e7c2aebb868398
8246ffe2ec399394b0c84cacc975563051ab5da79e8c1816cac5d4d5f83a4856
84978f05058d591d3cadc3f61527f30dfcef5ada102582c1a85674a3fdb689e2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86646baf6689e8941f4bfd0619eefc77c58b85e7f54dd83d84c8d834a410c4a0
8b0e0e1532b550e4aa75788c0be84dea157a9e3342eb01e2d5f037cdf638521d
8b30f33afeec62f5aef6d6e927c450c42ed04fa92264342f9a3cf361e3171d16
8c99565562824219eadf0a860cd9da35ac1d48410d3e65d467968c5af4fb4f62
8ced09284a1c4ae88949d807100d854ae5afebca35c07dc3d792c937ddbdc472
8d4f9a24b30a47c538face82103ae43eaabfd5bdda77480caf5e0b0132b925f1
951d29553c936c5e999247cfe53a9b08bf29b53cbb957e878e1e0ee7bd4dcae0
958136771bc42c0cbea29f08be65260d0b8b63020d9f41039261fbf26a0cc942
a145882acbd04955e7c3d1b0a0d5565524cfec371087375dc669210495ee0b79
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa329d3b29e8f762376ea2cab848dd2f7fce3f4830763b99bf36f0780df87443
ab36b8356d4b7e3e3591b161427e6fb18512a2ccc8a787f8cc03294cf2f30478
ac4ab2689ae49d6409a6cafdbd2180663a2e4c02550c43572c1f991d1a507273
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c
b761e0b8eda3eb9f98b8b90f3bdb1a5844a63103a2d547b03b75f0525d7e386e
bffe67c0ec41d02b174b3dd9f24fa95302ad338ff49423e542627fd8c91d5547
c5d63315b32cbd86697788fd9827add6125b19f288d86872786d87b9e0387a62
caa64da70bedf50d1da1ce605022c27356b0a7c31940a28bebce13a101086696
cdbe958848f7dda8b482e630854482247fee298132049a22ff7985512e715c86
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd4f754e134eb42e45e6bf5e41d05516b5ad6465deb4ca63ac77ffa58292b1f
d44c3403ac31b08a81867bcfdb18981cd3a3e8e42356cf64dd68bead051b64b4
d98f3c146304d61e34da5e04cb32b628c58b401b7c01576d6c47f8f1ca6bea02
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
de06fea245b0036d21764fcf2b9a4791c0a0f1e927e3916c7d779cb44a1977bd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e19f988fbb13271fe93f9c2a9597a24ddca82a8c7a73ef6983959c3ddcdede90
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e34be9443c0ab7eb569e14bc5af571e06d760368b659a0a3a417ff743f785e
e5a1598944cdacee0760775794bff19417c31947033f3b013af8b6ceac45875c
ebfe453394ff1be6ef75d380ab7c5535aea0b51832d045f0d5d0ef7e6535969c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f3e24d795b082a4439815f85eb8492536f32471869b482f1c4e4754c6fb5261b
f3e465e09932db45951f460bf7a0f43246d23e90ac1c593f0de7f3e3c03f3d03
f4d4d20fb35e356621a4e294b8052381133c6c7b4d809daaa9c02e229c8f6aab
f5048e9d739872e83395827e47dd2b561ad3446efb90163c21587c5dcb9d72e0
f7f39efc89a78da2fc76423dc26b17d8a744b01b27b90144b9b7e897cea30fcd
f8f56a12e38109ef29bb878c56b13963bdc33d48e7deed8a788a24fe0171d9cb
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

www.darkreading.com Open in urlscan Pro 2606:4700::6811:7863 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

110 Requests

98 %HTTPS

46 %IPv6

28 Domains

42 Subdomains

40 IPs

5 Countries

1647 kBTransfer

5305 kBSize

30 Cookies

1 Outgoing links

Page URL History

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.darkreading.com Open in urlscan Pro
2606:4700::6811:7863 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

98 %
HTTPS

46 %
IPv6

28
Domains

42
Subdomains

40
IPs

5
Countries

1647 kB
Transfer

5305 kB
Size

30
Cookies

110 HTTP transactions
3 data transactions