www.truesec.com Open in urlscan Pro
76.76.21.9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Effective URL:
https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Submission: On August 02 via api (August 2nd 2022, 5:03:52 pm UTC) from US — Scanned from DE

Summary HTTP 74 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 13 domains to perform 74 HTTP transactions. The main IP is 76.76.21.9, located in United States and belongs to AMAZON-02, US. The main domain is www.truesec.com. The Cisco Umbrella rank of the primary domain is 690088.
TLS certificate: Issued by R3 on July 2nd 2022. Valid for: 3 months.

This is the only time www.truesec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 31	76.76.21.9 76.76.21.9	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:b949	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2606:4700:20:... 2606:4700:20::681a:9b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5605	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:170... 2a02:26f0:1700:11::b856:6798	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:886::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
74	17

31 76.76.21.9 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

blog.truesec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.truesec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b949 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:20::681a:9b5 (United States)

ASN13335 (CLOUDFLARENET, US)

optimise2.assets-servd.host	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5605 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:11::b856:6798 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:886::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	truesec.com 2 redirects blog.truesec.com www.truesec.com — Cisco Umbrella Rank: 690088	513 KB
17	assets-servd.host optimise2.assets-servd.host — Cisco Umbrella Rank: 111021	948 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 106	782 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 344	30 KB
3	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4640 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5269	81 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 63 static.doubleclick.net — Cisco Umbrella Rank: 468	1 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	33 KB
2	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4757	2 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 130	77 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 246	1 KB
1	google.com www.google.com — Cisco Umbrella Rank: 15	14 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 100	79 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 7362	147 KB
74	13

	Domain	Requested by
29	www.truesec.com	www.truesec.com
17	optimise2.assets-servd.host	www.truesec.com
9	www.youtube.com	www.truesec.com www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
2	consent.cookiebot.com	www.googletagmanager.com consent.cookiebot.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	forms.hsforms.com	js.hsforms.net
2	blog.truesec.com	2 redirects
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.googletagmanager.com	www.truesec.com
1	fonts.gstatic.com	www.youtube.com
1	js.hsforms.net	www.truesec.com
74	17

This site contains links to these domains. Also see Links.

Domain
www.cookiebot.com
www.crazyegg.com
policies.google.com
www.linkedin.com
stripe.com
www.hotjar.com
www.leadfeeder.com
twitter.com
www.facebook.com
legal.hubspot.com
www.redditinc.com
live.truesec.com
securitysummit.se
geekweek.truesec.com
checkout.truesec.com
campaign.truesec.com
truesec.com
career.truesec.com
www.huntress.com
doublepulsar.com
blog.truesec.com
github.com
newsroom.truesec.com
press.truesec.se

Subject Issuer	Validity	Valid
www.truesec.com R3	`2022-07-02` - `2022-09-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-04` - `2023-06-06`	a year	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-15` - `2023-06-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Frame ID: 2E2B370F8252A7D7509B8C48777D0BF1
Requests: 52 HTTP requests in this frame

Frame: https://www.youtube.com/embed/kKcko4LdeSM
Frame ID: FF67DFA715D6090E3DC8A25DDE0FB927
Requests: 20 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 139A5AF0A452019474B543846F647C5F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kaseya supply chain attack targeting MSPs to deliver REvil ransomware - TruesecPowered by Cookiebot

Page URL History Show full URLs

https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransom... HTTP 308
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransom... HTTP 308
https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware Page URL

Detected technologies

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

74
Requests

99 %
HTTPS

94 %
IPv6

13
Domains

17
Subdomains

17
IPs

2
Countries

2708 kB
Transfer

6673 kB
Size

2
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiebot.com/
Title: Powered by Cookiebot

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.crazyegg.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/legal/privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://stripe.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.hotjar.com/legal/policies/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.leadfeeder.com/privacy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://twitter.com/en/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policy.php/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://legal.hubspot.com/privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.redditinc.com/policies/privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://live.truesec.com/
Title: live.truesec.com

Search URL Search Domain Scan URL

URL: https://securitysummit.se/
Title: securitysummit.se

Search URL Search Domain Scan URL

URL: https://geekweek.truesec.com/
Title: geekweek.truesec.com

Search URL Search Domain Scan URL

URL: https://checkout.truesec.com/
Title: checkout.truesec.com

Search URL Search Domain Scan URL

URL: https://campaign.truesec.com/
Title: campaign.truesec.com

Search URL Search Domain Scan URL

URL: https://truesec.com/
Title: truesec.com

Search URL Search Domain Scan URL

URL: https://career.truesec.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Kaseya%20VSA,%20a%20product%20commonly%20used%20by%20MSPs%20to%20manage%20their%20clients%27%20IT%20environments,%20It%20was%20used%20as%20part%20of%20a%20supply%20chain%20attack%20delivering%20REvil%20ransomware%20to%20thousands%20of%20organizations.&url=https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Search URL Search Domain Scan URL

URL: https://www.huntress.com/blog/rapid-response-kaseya-vsa-mass-msp-ransomware-incident
Title: Huntress

Search URL Search Domain Scan URL

URL: https://doublepulsar.com/kaseya-supply-chain-attack-delivers-mass-ransomware-event-to-us-companies-76e4ec6ec64b
Title: Kevin Beaumont

Search URL Search Domain Scan URL

URL: https://blog.truesec.com/2021/07/06/kaseya-vsa-zero-day-exploit/
Title: we published the details of the exploit in a follow-up technical post

Search URL Search Domain Scan URL

URL: https://github.com/Truesec/Kaseya-CheckandMitigate
Title: released a script

Search URL Search Domain Scan URL

URL: https://newsroom.truesec.com/
Title: English Newsroom

Search URL Search Domain Scan URL

URL: https://press.truesec.se/
Title: Swedish Newsroom

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Truesec/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/Truesec
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/truesec/
Title: LinkedIn

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/ HTTP 308
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware HTTP 308
https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

74 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware Show response
www.truesec.com/hub/blog/
Redirect Chain

https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

425 KB
72 KB

553ms
414ms

Document
text/html

76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

58745313b5243ad1025f30f0dafa455a1e65f0f9317a049da877e5b685b17147

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
age: 8670
cache-control: public, max-age=0, must-revalidate
content-disposition: inline
content-encoding: br
content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-type: text/html; charset=utf-8
date: Tue, 02 Aug 2022 17:03:46 GMT
etag: W/"063ef80a3ab3fdae7dbd17f111636ff9"
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy: no-referrer
server: Vercel
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-matched-path: /hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
x-vercel-cache: HIT
x-vercel-id: fra1::b4z5c-1659459826439-d37cb3c1e081
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control: public, max-age=0, must-revalidate
content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-type: text/html
date: Tue, 02 Aug 2022 17:03:45 GMT
location: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy: no-referrer
refresh: 0;url=https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
server: Vercel
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-vercel-cache: MISS
x-vercel-id: fra1::z8gng-1659459825615-8a837efdbee7
x-xss-protection: 1; mode=block

GET
H2 200 7d4e890b448c723c.css
www.truesec.com/_next/static/css/ 109 KB
21 KB 26ms
26ms Stylesheet
text/css 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/css/7d4e890b448c723c.css

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6d2fe9b4b40aeacdc1441c782b47b8b9d6a1977207ebe854c55fc9e2bd2bebc9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10377
content-disposition: inline; filename="7d4e890b448c723c.css"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/css/7d4e890b448c723c.css
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: text/css; charset=utf-8
x-vercel-id: fra1:fra1::b4z5c-1659459826879-3e17c929e91b
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"2dc4f5bcd6727f07edf5a678b6420204"
content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 585 KB
147 KB 128ms
68ms Script
application/javascript 2606:4700::6811:b949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b949 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f26b5633d0577a58588a9c912e7a04badd4df1667411df0266516dedb2a3b7e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:46 GMT
via: 1.1 aa6e16f47d6a0519f52b8dcfca2d841a.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 551
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 26 Jul 2022 10:57:52 UTC
server: cloudflare
etag: W/"8cfc2a51250daf33edd2e1dda3f1654b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FaUt0VaOveb3BYay2T%2FmrFrv%2FLRRGws8Zf3fMoZOQoqwziDu09qTmsFtsl%2Fj53no3f0P5g%2FqJqOJSIu5cqA1ubiHyFS8pwrEtScxtIVmWSSJQQhWugLtsmhIXgKIf3SaQ2Mw5oFACLdO5bSO"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: elWqSweed2C2dWtDipd3d9hhUaqI4uV.
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 7348638e6833cc56-ZRH
x-amz-cf-id: ZmK4bg0GTMAMBkO7fbDtekYBIx5ySOuGftAUuGoPjZ2ueB6a8znQ6w==
x-hs-target-asset: FormsNext/static-5.519/bundles/project_with_deps.js

GET
H2 200 webpack-cb7634a8b6194820.js Show response
www.truesec.com/_next/static/chunks/ 2 KB
1 KB 141ms
131ms Script
application/javascript 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/webpack-cb7634a8b6194820.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

3b54dffddaa2eac539bd5b13d6f80c38da6076ce740db0c587a68e7e4f25c5b6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10377
content-disposition: inline; filename="webpack-cb7634a8b6194820.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/webpack-cb7634a8b6194820.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::b4z5c-1659459826890-bd3061ada2b1
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"1fd72a66e4bc2658bbca0754def47fc5"
content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 framework-fc97f3f1282ce3ed.js Show response
www.truesec.com/_next/static/chunks/ 137 KB
46 KB 141ms
131ms Script
application/javascript 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/framework-fc97f3f1282ce3ed.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

aadb91364d1393a1e6b4bc849eaabb92c4ed68437fb5f0ea95bd9d66ceeee2da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10377
content-disposition: inline; filename="framework-fc97f3f1282ce3ed.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/framework-fc97f3f1282ce3ed.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::b4z5c-1659459826896-549cdc52dfea
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"c53f07f31313b389b89993a3f36abdec"
content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 main-f962425130346e35.js Show response
www.truesec.com/_next/static/chunks/ 101 KB
28 KB 156ms
146ms Script
application/javascript 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/main-f962425130346e35.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a694204b892369f4801f39ef15a5b87d17e8c52492a08b0dda4d1e65535a1a38

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10377
content-disposition: inline; filename="main-f962425130346e35.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/main-f962425130346e35.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::b4z5c-1659459826901-828ba0fa66c0
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"8dd554256420d4c904ab8138d11ef6b4"
content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 _app-42c2264c9bd246d3.js Show response
www.truesec.com/_next/static/chunks/pages/ 201 KB
63 KB 171ms
161ms Script
application/javascript 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/pages/_app-42c2264c9bd246d3.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

48fd6ba978c02f0cc839f71e4f9d856f0dd07a0f5d90aba8c0e6a1bed43671b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10377
content-disposition: inline; filename="_app-42c2264c9bd246d3.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/pages/_app-42c2264c9bd246d3.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::b4z5c-1659459826905-e442d76b38fa
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"058906b7ab006a0bee8a35bbd2826b5e"
content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 970-c4b58c20ada208eb.js Show response
www.truesec.com/_next/static/chunks/ 8 KB
3 KB 201ms
192ms Script
application/javascript 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/970-c4b58c20ada208eb.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ca4bb2563b5be6323a5c153e14888dc16d1a0df7e1fbbe84c36330af56663e63

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10377
content-disposition: inline; filename="970-c4b58c20ada208eb.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/970-c4b58c20ada208eb.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::b4z5c-1659459826909-0575f3b08318
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"46901468ea03a39725e3cf334ca8d1bf"
content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 691-a674f5ff7f8c5717.js Show response
www.truesec.com/_next/static/chunks/ 89 KB
27 KB 202ms
193ms Script
application/javascript 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/691-a674f5ff7f8c5717.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2c10b2241bd7c2dd2327e79ed6e59f2cab8989f7feb45213946b57cc76ee74dc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10377
content-disposition: inline; filename="691-a674f5ff7f8c5717.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/691-a674f5ff7f8c5717.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::b4z5c-1659459826913-f79411ad0f16
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"e76bfe618155e2478138c125cc2a82d5"
content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 730-2707391f2540bce5.js Show response
www.truesec.com/_next/static/chunks/ 12 KB
3 KB 186ms
177ms Script
application/javascript 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/730-2707391f2540bce5.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6a7635f073465a506a5a7c252fe6f7a63efa0d4c6d24179b8aca1931653223ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10377
content-disposition: inline; filename="730-2707391f2540bce5.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/730-2707391f2540bce5.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::b4z5c-1659459826917-eb6e8d452dec
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"eb95648de70d3c859e18665674b947d4"
content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 495-b2e0536ae097a916.js Show response
www.truesec.com/_next/static/chunks/ 21 KB
7 KB 187ms
178ms Script
application/javascript 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/495-b2e0536ae097a916.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e9516416d3e2d9a9e3eb3965e0c11fd6cef5a890760c5d508e018e53b9c9dc66

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10377
content-disposition: inline; filename="495-b2e0536ae097a916.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/495-b2e0536ae097a916.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::b4z5c-1659459826921-3fa0b29f0694
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"ecb81145f60659ebb8b16a909cfcbd46"
content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 883-aa34bb07688ae7ac.js Show response
www.truesec.com/_next/static/chunks/ 37 KB
12 KB 187ms
178ms Script
application/javascript 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/883-aa34bb07688ae7ac.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

668abece3c2145837d1216937d4a95505afb62c397b751fc81b0240adf949297

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10377
content-disposition: inline; filename="883-aa34bb07688ae7ac.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/883-aa34bb07688ae7ac.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::b4z5c-1659459826925-1eb29dc8a90c
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"e41e2f7f3feff0de51fd30c5d7008a7c"
content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 634-46b95f13ec23b54c.js Show response
www.truesec.com/_next/static/chunks/ 19 KB
5 KB 242ms
234ms Script
application/javascript 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/634-46b95f13ec23b54c.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

9d99e69c4cb11e5f6b41962ae00d7add057c6544d5bba335a11144cc846c5f2b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10377
content-disposition: inline; filename="634-46b95f13ec23b54c.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/634-46b95f13ec23b54c.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::b4z5c-1659459826929-7a97b94e1050
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"7414b81fe0e91bffb64437162fcfddeb"
content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 752-f1db3c2aa7bf8815.js Show response
www.truesec.com/_next/static/chunks/ 22 KB
6 KB 241ms
233ms Script
application/javascript 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/752-f1db3c2aa7bf8815.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0f03b13ab9f360c0d12ea321ac9ccb10ae238ddf68b3516df9be28577077597a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10377
content-disposition: inline; filename="752-f1db3c2aa7bf8815.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/752-f1db3c2aa7bf8815.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::b4z5c-1659459826933-9ab0cfaeb3fb
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"b308b52830f20dbfb86f31006291c86f"
content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 479-5d8c6899657458d4.js Show response
www.truesec.com/_next/static/chunks/ 12 KB
4 KB 245ms
237ms Script
application/javascript 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/479-5d8c6899657458d4.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

afe0460b4e901509b33d39fc135851b008d07778ff3e9535eb7d05fddb99e569

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10377
content-disposition: inline; filename="479-5d8c6899657458d4.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/479-5d8c6899657458d4.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::b4z5c-1659459826937-c0e8cb7e5c97
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"f83af9aa2332d91258debb0e8b48a72c"
content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 984-a4a277ee85fc0262.js Show response
www.truesec.com/_next/static/chunks/ 43 KB
11 KB 188ms
180ms Script
application/javascript 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/984-a4a277ee85fc0262.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e834831c8a4d8dc236d8d355253fb7b415ac28b5d1d399d5589a3ef3ad476a91

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10377
content-disposition: inline; filename="984-a4a277ee85fc0262.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/984-a4a277ee85fc0262.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::b4z5c-1659459826941-17c6c8e5c05d
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"76c2a9caf8a38d6c472d7160f8dfcf5a"
content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 971-cb2f7330f4781a50.js Show response
www.truesec.com/_next/static/chunks/ 16 KB
5 KB 197ms
190ms Script
application/javascript 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/971-cb2f7330f4781a50.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4bf52ad6346cf4b39232efd4dc2259e168f197cbeadd7ed3391ae79295ac16ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10377
content-disposition: inline; filename="971-cb2f7330f4781a50.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/971-cb2f7330f4781a50.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::b4z5c-1659459826945-dd18d88078c2
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"238f1d99328c0b004aca00077a1704d6"
content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 992-598b9cc4860cbaeb.js Show response
www.truesec.com/_next/static/chunks/ 11 KB
4 KB 198ms
191ms Script
application/javascript 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/992-598b9cc4860cbaeb.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5b02b64a9d46ea92f6e4e2c6c7a82a38c2c987aaf84c394fedb4d2e0b26f8a6c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10377
content-disposition: inline; filename="992-598b9cc4860cbaeb.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/992-598b9cc4860cbaeb.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::b4z5c-1659459826949-bbba497e7f7f
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"6b8fd3dacc1c42b03407585bbfaa4b15"
content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 %5Bslug%5D-494bb3b74404c374.js Show response
www.truesec.com/_next/static/chunks/pages/hub/blog/ 4 KB
2 KB 243ms
237ms Script
application/javascript 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/pages/hub/blog/%5Bslug%5D-494bb3b74404c374.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

340cbec5172ab2a722e9832be565c0a8c36f55d4563e642102674bfe3f5a86ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10377
content-disposition: inline; filename="[slug]-494bb3b74404c374.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/pages/hub/blog/%5Bslug%5D-494bb3b74404c374.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::b4z5c-1659459826953-19ed46b349da
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"0cae7a75914150db9211280cf9c31575"
content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 _buildManifest.js Show response
www.truesec.com/_next/static/VVeP5d5JrWUzc3h6tOZ9E/ 3 KB
1 KB 240ms
234ms Script
application/javascript 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/VVeP5d5JrWUzc3h6tOZ9E/_buildManifest.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

efb74b355f2b19b507d429873a5205a23323780996cb9faa2cbbf92b00e70a21

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10377
content-disposition: inline; filename="_buildManifest.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/VVeP5d5JrWUzc3h6tOZ9E/_buildManifest.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::b4z5c-1659459826957-8807e2d2610a
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"19acf2942593b743303eff5683f80775"
content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 _ssgManifest.js Show response
www.truesec.com/_next/static/VVeP5d5JrWUzc3h6tOZ9E/ 564 B
753 B 241ms
235ms Script
application/javascript 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/VVeP5d5JrWUzc3h6tOZ9E/_ssgManifest.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

d13811d6fec5440a3a2b39e6f2bc708a134a7194d5eefe2a68fa0a17701eef4c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
x-content-type-options: nosniff
age: 10377
content-disposition: inline; filename="_ssgManifest.js"
content-length: 564
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/VVeP5d5JrWUzc3h6tOZ9E/_ssgManifest.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::b4z5c-1659459826961-d8c0bb622553
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: "4ef9e6b1fde0b036ec815ab03156b7a3"
content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
accept-ranges: bytes

GET
H2 200 _middlewareManifest.js Show response
www.truesec.com/_next/static/VVeP5d5JrWUzc3h6tOZ9E/ 92 B
681 B 241ms
236ms Script
application/javascript 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/VVeP5d5JrWUzc3h6tOZ9E/_middlewareManifest.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
x-content-type-options: nosniff
age: 10377
content-disposition: inline; filename="_middlewareManifest.js"
content-length: 92
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/VVeP5d5JrWUzc3h6tOZ9E/_middlewareManifest.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::b4z5c-1659459826965-bd30ca2e8fc2
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: "7c3f7e060745668041278118c0bb3d6d"
content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
accept-ranges: bytes

GET
H2 200 iStock-1282287699.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 171 KB
171 KB 1088ms
1014ms Image
image/webp 2606:4700:20::681a:9b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Blog/iStock-1282287699.jpg?w=1920&h=1080&auto=compress%2Cformat&fit=clip&dm=1639487607&s=446c3d9cf0a316baa4866b9e05be19b7
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59630935840a38c5b2a1c7191c2bea389e06888dbaf33946fd80c62474a5e8ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Tue, 02 Aug 2022 17:03:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0cegaaq%2F2AuZAGHWEYRyPZa3%2F3aJGB%2FFH2PMtODBY3HpaBIYptHD1CG9WJbOipPg3roMuMLS5aT1MHWAAEfGjp1D%2FtOLlQd1NfLLOoqLXSYXsOAEM2gSiyAR1fc5kDZi1pTqBwFMnfkVgCYmlij9ocISZYRrMk1rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: 21f64effaac9323dfdc24b65ec668cad
cf-ray: 7348638e8f5559bf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 atom-6-1.png
www.truesec.com/assets/patterns/ 515 B
728 B 241ms
236ms Image
image/png 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.truesec.com/assets/patterns/atom-6-1.png

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f1426c9322621378e362570f4ae1a661cf55a46b073bc83c568c2afe67d169e4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options: nosniff
age: 10377
content-disposition: inline; filename="atom-6-1.png"
x-vercel-cache: HIT
content-length: 515
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /assets/patterns/atom-6-1.png
date: Tue, 02 Aug 2022 17:03:47 GMT
strict-transport-security: max-age=63072000
content-type: image/png
x-vercel-id: fra1:fra1::b4z5c-1659459826969-42d4fdcf5dba
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: "6c972d066621be03b01c6e6ccf542b21"
accept-ranges: bytes

GET
H2 200 fabio-viggiani-truesec.jpg
optimise2.assets-servd.host/jealous-emu/production/Users/ 5 KB
6 KB 127ms
54ms Image
image/webp 2606:4700:20::681a:9b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Users/fabio-viggiani-truesec.jpg?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1638201165&s=fe902bc63a70da01b19a1fdd76e2e438
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f837149a0a9a2b92a8d7f152da2ef4e69b30f98ed029cddcfcaa76bf9883ffc1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Tue, 02 Aug 2022 17:03:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVCgdGUyx9%2BkgIv201ozqXnie3A8oOk5vZL%2FoNmQjKdJWk1JaYxX3wY6j5mB836PPBu%2BdHoA5vr0XZPhYBL%2Fx%2F%2FQ42r4uIVwWysGTzOpkHu0ErWBcenDD8o%2BZOsq9kh9FXAmjGqGCZ3OWknbn6QgderCwLUEFR%2B1AA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: 5b13e1e245d45555eacc00ae63ebb9e2
cf-ray: 7348638e8f5959bf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-overview-2.png
optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/ 62 KB
63 KB 488ms
414ms Image
image/webp 2606:4700:20::681a:9b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-overview-2.png?w=2014&auto=compress%2Cformat&fit=crop&dm=1633612810&s=24cdf07bab4e784794a5cd016d38a580
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ddbeaa61005463a17ff6d9903ff1d73a158e04a10db88ede26fe7f6d7ece989

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Tue, 02 Aug 2022 17:03:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SrL9GS6ESL%2F21EXUo4aW8gHZHioE3VAXYkSz3j2dVIPrfWJFutqfkA7JqUXr714eVgXhtO8%2F12Y2kERUzS2b067Uw%2FWPkMZ%2Fr6RBYsHx3JZ%2FyibyWjJh3nTPSbxwgd0M1ncwQQvZe8mp0tTz7Ki3PVLFct6eunCbxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: 6690ce38f46bca3066eb17c3a917f1d0
cf-ray: 7348638e8f5b59bf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-chain-3-2048x1115.png
optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/ 67 KB
67 KB 1480ms
1407ms Image
image/webp 2606:4700:20::681a:9b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-chain-3-2048x1115.png?w=2048&auto=compress%2Cformat&fit=crop&dm=1633612968&s=1085e821adf340562c1cfc500f8da762
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6243f3c77f193612648027475eaab6da009b985f0716acdfc021de263dd6f3c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Tue, 02 Aug 2022 17:03:48 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pz83cb7q5Q%2Bid5eGv1LHbcGKg%2BV9QKPEkJiCKzY58VHGza6LOoMx4ZHoaWX0K%2Bria5If4aGwraOujuksjp6xSALNJsoJ%2BP%2FVZAF41%2BLGkLkEfSBbs3soVYTJPYQ3MBZj7NJBQINAx1xmTTj5%2B71v%2BtusuaypWc6gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: d7f4bb228b7cff1ff849d4e43a2e841c
cf-ray: 7348638e8f6059bf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-wireshark4-2.png
optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/ 58 KB
58 KB 450ms
377ms Image
image/webp 2606:4700:20::681a:9b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-wireshark4-2.png?w=1006&auto=compress%2Cformat&fit=crop&dm=1633613057&s=c222f842416cda7285457d1695257fb0
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c931e84b0d28fb4eaca2ecf8dfb3d1b2b2537c1c916c0999411d755ce92f269c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Tue, 02 Aug 2022 17:03:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sp3%2BV%2BBV8OyWncnNiaVdQVLOB%2FeeIy89IV2pSoGsQvU97Qz9YwwMtJ31o1BBoGYfix1ixWrP%2BSJcac0xoqUJqZHxlA0FTmKCvlSVkYem%2FKv589nmVUfxfp1gBk17rYUsiMzKuBDP3kyqovNLgLwECZHsRbJq9%2FafOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: 0ff5f1f0a390887f99554a3aeaf6dceb
cf-ray: 7348638e8f5e59bf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 Mattias-Wahlen-Truesec-blog.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/2022/ 62 KB
62 KB 425ms
352ms Image
image/webp 2606:4700:20::681a:9b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/2022/Mattias-Wahlen-Truesec-blog.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1646664655&s=6f2a9b3afee6176c0f4d5bd4abcef13f
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48113d6d968a06309e6f0de034ee0a48838b086541626863fb6a1d587eb26758

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Tue, 02 Aug 2022 17:03:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzKz%2BFAzRYHFzryO%2B3GUlc7FweDAJnibtjpEhLIChTTBMsAx7wCbO%2FcBD8lWpO7sPHnSIHnTaGAcR%2BvFlTw8192tvgku6LMvACsRBltMP9Qlygbglv66SkuQuSBuRGxy0%2B1%2FuczTck93oiBuuZ9WwQkuU%2BJBmK2CvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: 56fd84c9cc985390abb9084daaa079d1
cf-ray: 7348638e8f6659bf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 mattias-wahlen-truesec.jpg
optimise2.assets-servd.host/jealous-emu/production/Users/ 7 KB
8 KB 322ms
321ms Image
image/webp 2606:4700:20::681a:9b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Users/mattias-wahlen-truesec.jpg?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1638201500&s=7d711e3c6533dc068e7a034103ac4893
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 080e4e6a3bb5279ae05d16d94e7ff0bf70d9a754bc9595ba104d01cb823bfff0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Tue, 02 Aug 2022 17:03:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRGCjL5od9C7JfJ3vroIATrPWBN39kBTuYBrDr3DiBdNj2qtG3EAIYrz9j7EMVBDgghrcVwJiLqp9sL7NjWq3e9XM7hjWj2%2BUjXbzglBLk%2BfkDtnaVooo3%2FsJE%2B9EHZHh%2FwSMFDr6b8XFSV8Epa8%2FiE2Wge6fba6EA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: cfe50a71905eb7bff2e2b46dc9a2177a
cf-ray: 7348638ed81d59bf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 alex-wong-l5Tzv1alcps-unsplash.jpg
optimise2.assets-servd.host/jealous-emu/production/Abstract/ 158 KB
159 KB 383ms
382ms Image
image/webp 2606:4700:20::681a:9b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Abstract/alex-wong-l5Tzv1alcps-unsplash.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633331430&s=542f834fa94c1cbbc7befe5371ede444
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5e896a3f9b16c1ed62fc2874360e9299ce7cfaa2d4cc75877ccd5a46ddd178f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Tue, 02 Aug 2022 17:03:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZgJ9hXM7yG6L1kuzxTCb86ttK8bZtIs0%2FYpONWkKVkp2tT1jxYXv2zaUl%2FCMvxmntilwgJB6SrPa8qOkXdiNyU%2FpzUBUH4SxhQjoNowJ2Faw%2BPCprFdEuZ%2Be1Eqou420uVD8ZahQKZ8nKJrr95VPtWOLQsT87f4UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: e7bdea64eed0b979a882a24e228ca4b3
cf-ray: 7348638ed82159bf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 silhouette-of-man-during-waiting-at-airport-WWUZ7G7-2-TEST.jpg
optimise2.assets-servd.host/jealous-emu/production/Hero/ 18 KB
19 KB 347ms
346ms Image
image/webp 2606:4700:20::681a:9b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Hero/silhouette-of-man-during-waiting-at-airport-WWUZ7G7-2-TEST.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633331362&s=8142cbbf24800f083d09465265ce6f61
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41a9b13eb00b9a9e361db7118f4121edce5df098b1f1e8c9d7e68c732c26cfa0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Tue, 02 Aug 2022 17:03:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJ27WxhhFomlmi0B3Iw9PiIsRcKF64%2FBqjV%2BVqoZ7GaZLZyswYZNruwcHqAMQX3NbB%2BOJ9HvMesEx7jJYDSH3bj9HtQAA63FjiGmRPoIOLMglIROHIC3GRgfp5a6brgCnkkZha%2BrvYt1y3XFhTEMYGmCUS6xgKGY%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: cb02bc928f2ddab767ea7793dad2a37e
cf-ray: 7348638ed82559bf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 iStock-524154022.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 10 KB
10 KB 371ms
370ms Image
image/webp 2606:4700:20::681a:9b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Blog/iStock-524154022.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1645126486&s=7df15f2b841768e1470878384f214b07
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff712ff2b433f78559d51464625a77b60171b9204216640e0073332a18c2a17c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Tue, 02 Aug 2022 17:03:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6rPnK1jNXv1Iiyyi0ooz7lIyelBbEXEPZo%2BG4eUO0O6stKxA%2Bvz6Bt%2Fj1rZa8lG8XbyXVbZE4ex%2FzseDawT7U%2FwFEjkcGIV3VYjykCgNCPO9gomMYSUb7UznUkZVaSym0HTc7kPb8RNoDewDF6tEOM%2BSnTRMTDKfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: 975ca2ad20b8daec7120560424b06d0a
cf-ray: 7348638ed82859bf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 Christoffer-Stromblad-Expert-Truesec.jpg
optimise2.assets-servd.host/jealous-emu/production/Users/ 11 KB
12 KB 451ms
450ms Image
image/webp 2606:4700:20::681a:9b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Users/Christoffer-Stromblad-Expert-Truesec.jpg?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1642085855&s=eaf6eafeac162cb64596501db683a96d
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: febc37aac923fba810d8d26c1afa7fc1845701770ebc722d1391e33220830147

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Tue, 02 Aug 2022 17:03:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6J3jZChHQxK6JK4RtYfOYLYDrbz%2BQB8hUTskl5pGQiF8jjEbqOx61sH9MPxckbSaVy4VIutz%2FakWKlSISxY4Ff871TxJ2TYDjVr%2F8vlq4U3QXqf10fvZhc2F38XKaHt9JdDivliEO6GJeq64XUQUid58OjEdwKY%2BHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: 85a8d9a4d8247678319619639b6bc627
cf-ray: 7348638ed82a59bf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 sajad-nori-B5knZPjp8SY-unsplash.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 42 KB
42 KB 158ms
157ms Image
image/webp 2606:4700:20::681a:9b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Blog/sajad-nori-B5knZPjp8SY-unsplash.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633379677&s=a8d6f548269a064995ee2c2152028dea
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46802a692af6557a560d548bcd048a28966d2b68beb29083974943de82b818a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Tue, 02 Aug 2022 17:03:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=woxuZmuHmonLkDxu5h%2Bx2b8AZSGuNLxoVEo4UCDKB77yFX6O8VxLVJrgetX%2F9aHwEzLBzsBsygtdZKbEzQc%2Fiovzqj8vdMeyuZWdtmoCZXF4p88yt3%2B%2F7OqweD7m%2B0gwoRkV56kvIyvlk245Z0cwNfgY3ldJUklLnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: 52b4d5ad0fc96204d3b03a6256af3cb6
cf-ray: 7348638ed82d59bf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 j3-tTwJ7xRQ-TEMP.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 94 KB
95 KB 619ms
618ms Image
image/webp 2606:4700:20::681a:9b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Blog/j3-tTwJ7xRQ-TEMP.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633331388&s=d12ed553f5c72d682ee2b1abb5dffc86
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd33bbecf9cd62f171950662a1f7fd70377af80b2a8c6710b8b5f26fb379fa0a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Tue, 02 Aug 2022 17:03:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRF8cnsTZu%2BQZ7TY5IrkXIpSpeYA50pJnNYIQxgl95gTWTUbyaeys9wlYqBlsF9cLAJTsyxGS8AgFNtfkeb5Bldf1BtdMD2AY5B1WWhIcfi5izR2szo%2BjlkW43YjGEQykdO6vXUM1c7GGKV4VcxKIL1WMtYKnUsMJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: 23b5ee3db52d22846df0ff952fa349c6
cf-ray: 7348638ed82f59bf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 dawid-zawila-fiu89zdeTQI-unsplash.jpg
optimise2.assets-servd.host/jealous-emu/production/Techtalk/ 43 KB
44 KB 347ms
346ms Image
image/webp 2606:4700:20::681a:9b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Techtalk/dawid-zawila-fiu89zdeTQI-unsplash.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633331446&s=a573c33a7c95d5da15ae4fcb9eb4bb5c
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9171a46ea05b0dc4401c5d7977a8e1979425ed485079803c9c602561dbc887bf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Tue, 02 Aug 2022 17:03:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OM%2BBBorxsUV0LJkaMuOp7Xv2LF%2FM%2Fl%2Bn22vLow00coqzct1dA%2FmcxHVhfuK%2BWKsHz61lW19o2B9YRTMQGzQbqzbsa61HzTSdKLaSp1ItNGF3S7CHxvo7k8vOXWc1%2F05%2Fo4k0B2txyW29t3AsEZPV76RD%2FQxdvvQmEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: 91fe99075562ec71fd51a3aafb08d0c1
cf-ray: 7348638ed83059bf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 kKcko4LdeSM Show response
www.youtube.com/embed/ Frame FF67 62 KB
27 KB 125ms
80ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/kKcko4LdeSM

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b722f311080f56362bf2b42fff60b469130763af0f7d202e808457f56e73534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Tue, 02 Aug 2022 17:03:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 font.woff2
www.truesec.com/fonts/NimbusSanReg/ 41 KB
41 KB 165ms
165ms Font
font/woff2 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/fonts/NimbusSanReg/font.woff2

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/7d4e890b448c723c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0b17da62fb36f7470a36919503a56c697359e2958588c16dfb667bc9891318f9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.truesec.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options: nosniff
age: 10376
content-disposition: inline; filename="font.woff2"
x-vercel-cache: HIT
content-length: 41772
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /fonts/NimbusSanReg/font.woff2
date: Tue, 02 Aug 2022 17:03:47 GMT
strict-transport-security: max-age=63072000
content-type: font/woff2
x-vercel-id: fra1:fra1::b4z5c-1659459826976-721bc9e405f7
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: "261528f699bd1e08b782c32c4b2323b4"
accept-ranges: bytes

GET
H2 200 font.woff2
www.truesec.com/fonts/NimbusSanLig/ 41 KB
41 KB 186ms
186ms Font
font/woff2 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/fonts/NimbusSanLig/font.woff2

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/7d4e890b448c723c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e30ce15e8acb6c3db0edadbc7fb54d04a8101efef317c703884a976c90335fe9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.truesec.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options: nosniff
age: 10376
content-disposition: inline; filename="font.woff2"
x-vercel-cache: HIT
content-length: 41712
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /fonts/NimbusSanLig/font.woff2
date: Tue, 02 Aug 2022 17:03:47 GMT
strict-transport-security: max-age=63072000
content-type: font/woff2
x-vercel-id: fra1:fra1::b4z5c-1659459826980-0c1d78cd01e4
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: "bfbe7dcd6caab25ca2c56fe4edfff22e"
accept-ranges: bytes

GET
H2 200 aerial-photographing-with-drone-picture-id1026580092.jpg
optimise2.assets-servd.host/jealous-emu/production/Report/ 27 KB
27 KB 560ms
559ms Image
image/webp 2606:4700:20::681a:9b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Report/aerial-photographing-with-drone-picture-id1026580092.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1644237367&s=626bfdc25169022e454c7f34d982ff85
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee0efafd4d3bf456260c4570c1f5f2ebe67af6ff74fcbaec9d0f871abf4b09e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truesec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Tue, 02 Aug 2022 17:03:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2tovspY6kaKRidt92DFSjMOSEaVDE3JSMD1gXAG2A4OGt13f4%2Fbc0VX0t9YpqrkNm98RcM83hEny8ujNuwIlgK7WSCLC7iVzK44hJI3sTxIDDxFNYpqsYneVaTvi5dDs6E11ArALg1ZhtDoLYhHo4kQyPo6%2F%2FXJWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: 00b3a9236efdd5ef219f531f4f05a51f
cf-ray: 7348638ed83159bf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 Threats-to-the-Swedish-Financial-Sector-in-2021.jpg
optimise2.assets-servd.host/jealous-emu/production/Report/ 89 KB
89 KB 323ms
322ms Image
image/webp 2606:4700:20::681a:9b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Report/Threats-to-the-Swedish-Financial-Sector-in-2021.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1649251517&s=bb18763115ad77774dbf74655b60155d
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86837e12d82b85a625555ac14b3f0be0123eb7c42171364bf42840f9696f964e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truesec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Tue, 02 Aug 2022 17:03:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDXVVTi%2B%2BlgTjJWnYW7byvS16EcBmY8F%2BUkHbKBocA5iq2IUrNJPDol5teLaLjAceSlwHediSC%2BRYwIuSbEzof%2BQQ79xJ0ziNQzoY5u2bdfKbVKJBl1WSh95cPBZsqcQh0j%2FxgDvXBB8Fl97Xxoo2UIHhTXPzOpi9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: b2c7a4905c13f68e0dbdf9a7e803e82c
cf-ray: 7348638ed83259bf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 jason-peter-Zkte7MW1j-I-unsplash.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 16 KB
17 KB 440ms
439ms Image
image/webp 2606:4700:20::681a:9b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Blog/jason-peter-Zkte7MW1j-I-unsplash.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633331352&s=8eee768e0555293df650e1d0deb396f9
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20b9d6ea07168a3f04fa08c07013134fa89e5ba2dc89cfda2b33d92e8a52d21f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truesec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Tue, 02 Aug 2022 17:03:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvDGJUt9YRht%2FdR3A%2FRzKFDtNlBCTffagePJNzcbcQutzE0g1ijWgS%2B5qQ84oToe4sem1yrJAIQ1qQovIznhFoEGoQXv5M9M6zrwyzfwSmZ70unjEHvh5FozRi5Z1rYA2xlpm2y2kEdf7LqmUDL6q66XDOkv2c4Zfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: fd547a971e9e0ebc2b3285121e9a964b
cf-ray: 7348638ed83459bf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 slider-next-active.svg
www.truesec.com/assets/slider/ 245 B
427 B 227ms
227ms Image
image/svg+xml 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.truesec.com/assets/slider/slider-next-active.svg

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/7d4e890b448c723c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5202c7efbe462a95aa34ec4cba8b72b4250884b76e5362ffddc14cec6c82e58e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options: nosniff
age: 10375
content-disposition: inline; filename="slider-next-active.svg"
x-vercel-cache: HIT
content-length: 245
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /assets/slider/slider-next-active.svg
date: Tue, 02 Aug 2022 17:03:47 GMT
strict-transport-security: max-age=63072000
content-type: image/svg+xml
x-vercel-id: fra1:fra1::b4z5c-1659459826984-bdd250b05fa2
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: "11d7245358f256721cd5ffa1386435f7"
accept-ranges: bytes

GET
H2 200 slider-prev-active.svg
www.truesec.com/assets/slider/ 266 B
454 B 202ms
202ms Image
image/svg+xml 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.truesec.com/assets/slider/slider-prev-active.svg

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/7d4e890b448c723c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5e059d5d50bd7b9859989431b0eb4288e8fddd12d6339e1d919fcae7924e999f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options: nosniff
age: 10375
content-disposition: inline; filename="slider-prev-active.svg"
x-vercel-cache: HIT
content-length: 266
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /assets/slider/slider-prev-active.svg
date: Tue, 02 Aug 2022 17:03:47 GMT
strict-transport-security: max-age=63072000
content-type: image/svg+xml
x-vercel-id: fra1:fra1::b4z5c-1659459826988-a672237acd9a
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: "9010c1a76008e78ca7efb5740a9bf86a"
accept-ranges: bytes

GET
H2 200 font.woff2
www.truesec.com/fonts/NimbusSanExtReg/ 29 KB
29 KB 221ms
221ms Font
font/woff2 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/fonts/NimbusSanExtReg/font.woff2

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/7d4e890b448c723c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

273a989952bcaab018a929e31149171f873713cd36caa79a6650a7bdd5b08130

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.truesec.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options: nosniff
age: 10376
content-disposition: inline; filename="font.woff2"
x-vercel-cache: HIT
content-length: 30036
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /fonts/NimbusSanExtReg/font.woff2
date: Tue, 02 Aug 2022 17:03:47 GMT
strict-transport-security: max-age=63072000
content-type: font/woff2
x-vercel-id: fra1:fra1::b4z5c-1659459826992-ea0824ea2173
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: "7f19a0a57a9ac444d78386fb0bcc375e"
accept-ranges: bytes

GET
H2 200 SourceCodePro-Regular.woff2
www.truesec.com/fonts/SourceCode/ 75 KB
75 KB 198ms
198ms Font
font/woff2 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/fonts/SourceCode/SourceCodePro-Regular.woff2

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/7d4e890b448c723c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8e89e4c4cbc9f5b62d5cc9939383f42998f58fcd22fa2d0f07a15ebcc11be892

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.truesec.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options: nosniff
age: 10376
content-disposition: inline; filename="SourceCodePro-Regular.woff2"
x-vercel-cache: HIT
content-length: 76848
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /fonts/SourceCode/SourceCodePro-Regular.woff2
date: Tue, 02 Aug 2022 17:03:47 GMT
strict-transport-security: max-age=63072000
content-type: font/woff2
x-vercel-id: fra1:fra1::b4z5c-1659459826996-fee6a42b2575
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: "7b64ae005dcd81a935c942003bc42592"
accept-ranges: bytes

GET
H2 200 www-player.css
www.youtube.com/s/player/7a7465f5/ Frame FF67 340 KB
47 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7a7465f5/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af5b01db369432e13c4fc7fd732a09338294d39668f7dd3d4c0c063db3a18be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/kKcko4LdeSM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:49:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94465
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47818
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 00:20:36 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 01 Aug 2023 14:49:22 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FF67 15 KB
16 KB 78ms
17ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 604626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 26 Jul 2023 17:06:41 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/7a7465f5/www-embed-player.vflset/ Frame FF67 307 KB
95 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7a7465f5/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2623028b608ddfeee51b931f3b9e12237167c360ad64d7f069b65055f9feaeea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/kKcko4LdeSM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:49:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94465
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96877
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 00:20:36 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 01 Aug 2023 14:49:22 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/ Frame FF67 2 MB
566 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1372e99784f1a09da0cfe05bdaf2eb4dc4cae8e68b37bc5ae5780636331f32b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/kKcko4LdeSM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:49:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94465
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 578743
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 00:20:36 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 01 Aug 2023 14:49:22 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/7a7465f5/fetch-polyfill.vflset/ Frame FF67 9 KB
3 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7a7465f5/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/kKcko4LdeSM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:49:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94465
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 00:20:36 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 01 Aug 2023 14:49:22 GMT

OPTIONS
H2 200 json
forms.hsforms.com/embed/v3/form/5907437/e3a542f3-ccea-4df6-b5e3-a9481f7b233b/ Frame 0
0 210ms
150ms Preflight
text/plain 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/5907437/e3a542f3-ccea-4df6-b5e3-a9481f7b233b/json?hutk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.truesec.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: x-requested-with
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://www.truesec.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 73486390baeacc56-ZRH
content-length: 18
content-type: text/plain; charset=utf-8
date: Tue, 02 Aug 2022 17:03:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: 33dddcde-40d0-4eda-8d3f-a7d9c998aa70
x-robots-tag: none
x-trace: 2B00FC9C67BE8F32F75CD6AB96579E51AB8F572261000000000000000000

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/5907437/e3a542f3-ccea-4df6-b5e3-a9481f7b233b/ 5 KB
2 KB 202ms
168ms XHR
application/json 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/5907437/e3a542f3-ccea-4df6-b5e3-a9481f7b233b/json?hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff6dbcd68e21f97f786d2db615aa18aa717ee4bc5488c30092cf12ed8dbcacbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript
Referer
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-origin-hublet: na1
date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 032be5ab-f7d0-4614-ae69-e0ae674e71c7
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
x-trace: 2BA478A932B17AF291637802CD574F492F9001C4EE000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.truesec.com
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 73486391dda423f7-ZRH
access-control-allow-headers: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 231 KB
79 KB 79ms
38ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K2VMF8D&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07eaaf3817c22c28bc2b9a573666d009d467856720ad0a2496b186c959590f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80447
x-xss-protection: 0
last-modified: Tue, 02 Aug 2022 16:24:07 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Aug 2022 17:03:47 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame FF67
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

56ms
24ms

XHR
application/json

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM

Protocol

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba9865182127d05bac3c641f23ae82d8259f143a25e15e166d74e2aaf0ef64bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 02 Aug 2022 17:03:47 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame FF67 29 B
588 B 58ms
16ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 16:49:42 GMT
x-content-type-options: nosniff
age: 845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 Aug 2022 17:04:42 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 67ms
24ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 02 Aug 2022 17:03:47 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame FF67 64 KB
30 KB 66ms
33ms XHR
application/json+protobuf 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

45f102e77abec861367be0ad51c58ed49b655c31567a540eceefc400ab48a056

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30272
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/ Frame FF67 119 KB
37 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d2c4e47d312ed9081170f9d3726d3334c0ed97022b18012e199d9e5e0d0ebb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/kKcko4LdeSM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:51:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94355
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37730
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 00:20:36 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 01 Aug 2023 14:51:12 GMT

GET
H2 200 IruI-nnR9cApON5NnX4a6Rk2hklUovmjhYf98lhYBDk.js Show response
www.google.com/js/th/ Frame FF67 36 KB
14 KB 60ms
17ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/IruI-nnR9cApON5NnX4a6Rk2hklUovmjhYf98lhYBDk.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22bb88fa79d1f5c02938de4d9d7e1ae91936864954a2f9a38587fdf258580439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 20:59:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 245057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 13:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 30 Jul 2023 20:59:30 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/ Frame FF67 27 KB
8 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6eec341c9c241a1081597ada35bc20370b48a3ef4ba97fc4d59fb7d37302a1f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/kKcko4LdeSM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:49:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94465
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8114
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 00:20:36 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 01 Aug 2023 14:49:22 GMT

GET
DATA 200
OK truncated
/ Frame FF67 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 zhvy3_ZaC9Fllc_FZVQZpBSnm1b8plAtnKLDVX2VgAP-WOrgyQ5YNCQLf_G_jkHn6zk_zit2BVw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame FF67 1 KB
1 KB 70ms
28ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/zhvy3_ZaC9Fllc_FZVQZpBSnm1b8plAtnKLDVX2VgAP-WOrgyQ5YNCQLf_G_jkHn6zk_zit2BVw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a463f197a33375cdbbe0b8aaa383f9219afbb4b6caba412fc7a642d146aeb9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1134
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 18 Jul 2022 11:01:55 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/kKcko4LdeSM/ Frame FF67 77 KB
77 KB 100ms
59ms Image
image/jpeg 2a00:1450:4001:801::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/kKcko4LdeSM/maxresdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eccab74b9739bef8ec0f81f6e8be004093244e1981268e09ef9fdc413cd7ee19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78758
x-xss-protection: 0
server: sffe
etag: "1625489413"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 02 Aug 2022 19:03:47 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame FF67 4 KB
3 KB 80ms
36ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 02 Aug 2022 17:03:47 GMT

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 100 KB
23 KB 102ms
25ms Script
application/javascript 2a02:26f0:1700:11::b856:6798
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js?cbid=fb174c59-0016-4d4c-8f79-2c133cf6c3fc
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2VMF8D&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:11::b856:6798 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6804249c39aae7d80cd20c9d78213ce15c35d47b5c21821641c6182c16eed1b5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: gzip
last-modified: Mon, 18 Jul 2022 09:11:56 GMT
etag: "056736d869ad81:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=687
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges: bytes
content-length: 23135
expires: Tue, 02 Aug 2022 17:15:14 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame FF67 0
9 B 15ms
15ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?h8xeZw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/kKcko4LdeSM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/103/ Frame FF67 52 KB
15 KB 53ms
18ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/103/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 09:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15123
x-xss-protection: 0
last-modified: Mon, 02 May 2022 15:04:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 03 Aug 2022 09:36:27 GMT

GET
H2 200 bc-v4.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame 139A 627 B
692 B 91ms
22ms Document
text/html 2a02:26f0:3500:886::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=fb174c59-0016-4d4c-8f79-2c133cf6c3fc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:886::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=31535935
content-encoding: gzip
content-length: 392
content-type: text/html
date: Tue, 02 Aug 2022 17:03:47 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Wed, 02 Aug 2023 17:02:42 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 cc.js Show response
consent.cookiebot.com/fb174c59-0016-4d4c-8f79-2c133cf6c3fc/ 252 KB
57 KB 75ms
75ms Script
application/x-javascript 2a02:26f0:1700:11::b856:6798
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/fb174c59-0016-4d4c-8f79-2c133cf6c3fc/cc.js?renew=false&referer=www.truesec.com&dnt=false&init=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=fb174c59-0016-4d4c-8f79-2c133cf6c3fc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:11::b856:6798 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b8b037ae2c2577ee207ab3d3d79ec6313540353510691fedacf22371160e6557

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 17:03:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=1200
content-length: 58010
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 26ms
26ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 02 Aug 2022 17:03:47 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame FF67 98 B
142 B 29ms
29ms XHR
application/json+protobuf 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

64fdf32f2fe2962dcaca4f21541547247cb72c6221ade5246111554a56244f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 02 Aug 2022 17:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

GET
H2 200 submit-arrow.svg
www.truesec.com/assets/form/ 243 B
407 B 25ms
25ms Image
image/svg+xml 76.76.21.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.truesec.com/assets/form/submit-arrow.svg

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/7d4e890b448c723c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

b12368d3c5dba872ff52f51d990122bb48b276fc7e21e4a12bf4bdcd52f33daa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options: nosniff
age: 10374
content-disposition: inline; filename="submit-arrow.svg"
x-vercel-cache: HIT
content-length: 243
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /assets/form/submit-arrow.svg
date: Tue, 02 Aug 2022 17:03:47 GMT
strict-transport-security: max-age=63072000
content-type: image/svg+xml
x-vercel-id: fra1:fra1::b4z5c-1659459827688-3c1ccf31af50
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: "e74b4a1bf651157f05cd7e175cbd64e6"
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 293 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame FF67 28 B
54 B 32ms
31ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/kKcko4LdeSM
X-YouTube-Client-Version: 1.20220731.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtoUTFJcDVYc2s0WSjysaWXBg%3D%3D
X-YouTube-Ad-Signals: dt=1659459827095&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C675%2C446&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 02 Aug 2022 17:03:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 02 Aug 2022 17:03:49 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: chPoRGTXE14
			.youtube.com/	1970-01-20 09:16:51	Name: VISITOR_INFO1_LIVE Value: hQ1Ip5Xsk4Y

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.truesec.com
consent.cookiebot.com
consentcdn.cookiebot.com
fonts.gstatic.com
forms.hsforms.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
js.hsforms.net
optimise2.assets-servd.host
static.doubleclick.net
www.google.com
www.googletagmanager.com
www.gstatic.com
www.truesec.com
www.youtube.com
yt3.ggpht.com
2606:4700:20::681a:9b5
2606:4700::6810:5605
2606:4700::6811:b949
2a00:1450:4001:801::2016
2a00:1450:4001:802::2006
2a00:1450:4001:802::200a
2a00:1450:4001:803::2004
2a00:1450:4001:806::2008
2a00:1450:4001:828::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a02:26f0:1700:11::b856:6798
2a02:26f0:3500:886::f09
76.76.21.9
07eaaf3817c22c28bc2b9a573666d009d467856720ad0a2496b186c959590f1b
080e4e6a3bb5279ae05d16d94e7ff0bf70d9a754bc9595ba104d01cb823bfff0
0b17da62fb36f7470a36919503a56c697359e2958588c16dfb667bc9891318f9
0f03b13ab9f360c0d12ea321ac9ccb10ae238ddf68b3516df9be28577077597a
1372e99784f1a09da0cfe05bdaf2eb4dc4cae8e68b37bc5ae5780636331f32b1
20b9d6ea07168a3f04fa08c07013134fa89e5ba2dc89cfda2b33d92e8a52d21f
22bb88fa79d1f5c02938de4d9d7e1ae91936864954a2f9a38587fdf258580439
2623028b608ddfeee51b931f3b9e12237167c360ad64d7f069b65055f9feaeea
273a989952bcaab018a929e31149171f873713cd36caa79a6650a7bdd5b08130
2c10b2241bd7c2dd2327e79ed6e59f2cab8989f7feb45213946b57cc76ee74dc
340cbec5172ab2a722e9832be565c0a8c36f55d4563e642102674bfe3f5a86ab
3b54dffddaa2eac539bd5b13d6f80c38da6076ce740db0c587a68e7e4f25c5b6
3b722f311080f56362bf2b42fff60b469130763af0f7d202e808457f56e73534
3ddbeaa61005463a17ff6d9903ff1d73a158e04a10db88ede26fe7f6d7ece989
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41a9b13eb00b9a9e361db7118f4121edce5df098b1f1e8c9d7e68c732c26cfa0
45f102e77abec861367be0ad51c58ed49b655c31567a540eceefc400ab48a056
46802a692af6557a560d548bcd048a28966d2b68beb29083974943de82b818a3
48113d6d968a06309e6f0de034ee0a48838b086541626863fb6a1d587eb26758
48fd6ba978c02f0cc839f71e4f9d856f0dd07a0f5d90aba8c0e6a1bed43671b0
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4bf52ad6346cf4b39232efd4dc2259e168f197cbeadd7ed3391ae79295ac16ba
5202c7efbe462a95aa34ec4cba8b72b4250884b76e5362ffddc14cec6c82e58e
58745313b5243ad1025f30f0dafa455a1e65f0f9317a049da877e5b685b17147
59630935840a38c5b2a1c7191c2bea389e06888dbaf33946fd80c62474a5e8ae
5b02b64a9d46ea92f6e4e2c6c7a82a38c2c987aaf84c394fedb4d2e0b26f8a6c
5e059d5d50bd7b9859989431b0eb4288e8fddd12d6339e1d919fcae7924e999f
6243f3c77f193612648027475eaab6da009b985f0716acdfc021de263dd6f3c9
64fdf32f2fe2962dcaca4f21541547247cb72c6221ade5246111554a56244f4f
668abece3c2145837d1216937d4a95505afb62c397b751fc81b0240adf949297
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6804249c39aae7d80cd20c9d78213ce15c35d47b5c21821641c6182c16eed1b5
6a7635f073465a506a5a7c252fe6f7a63efa0d4c6d24179b8aca1931653223ab
6d2fe9b4b40aeacdc1441c782b47b8b9d6a1977207ebe854c55fc9e2bd2bebc9
6eec341c9c241a1081597ada35bc20370b48a3ef4ba97fc4d59fb7d37302a1f0
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
86837e12d82b85a625555ac14b3f0be0123eb7c42171364bf42840f9696f964e
8af5b01db369432e13c4fc7fd732a09338294d39668f7dd3d4c0c063db3a18be
8e89e4c4cbc9f5b62d5cc9939383f42998f58fcd22fa2d0f07a15ebcc11be892
9171a46ea05b0dc4401c5d7977a8e1979425ed485079803c9c602561dbc887bf
9d2c4e47d312ed9081170f9d3726d3334c0ed97022b18012e199d9e5e0d0ebb4
9d99e69c4cb11e5f6b41962ae00d7add057c6544d5bba335a11144cc846c5f2b
a463f197a33375cdbbe0b8aaa383f9219afbb4b6caba412fc7a642d146aeb9ef
a694204b892369f4801f39ef15a5b87d17e8c52492a08b0dda4d1e65535a1a38
aadb91364d1393a1e6b4bc849eaabb92c4ed68437fb5f0ea95bd9d66ceeee2da
afe0460b4e901509b33d39fc135851b008d07778ff3e9535eb7d05fddb99e569
b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95
b12368d3c5dba872ff52f51d990122bb48b276fc7e21e4a12bf4bdcd52f33daa
b8b037ae2c2577ee207ab3d3d79ec6313540353510691fedacf22371160e6557
ba9865182127d05bac3c641f23ae82d8259f143a25e15e166d74e2aaf0ef64bf
c5e896a3f9b16c1ed62fc2874360e9299ce7cfaa2d4cc75877ccd5a46ddd178f
c931e84b0d28fb4eaca2ecf8dfb3d1b2b2537c1c916c0999411d755ce92f269c
ca4bb2563b5be6323a5c153e14888dc16d1a0df7e1fbbe84c36330af56663e63
d13811d6fec5440a3a2b39e6f2bc708a134a7194d5eefe2a68fa0a17701eef4c
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e30ce15e8acb6c3db0edadbc7fb54d04a8101efef317c703884a976c90335fe9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e834831c8a4d8dc236d8d355253fb7b415ac28b5d1d399d5589a3ef3ad476a91
e9516416d3e2d9a9e3eb3965e0c11fd6cef5a890760c5d508e018e53b9c9dc66
eccab74b9739bef8ec0f81f6e8be004093244e1981268e09ef9fdc413cd7ee19
ee0efafd4d3bf456260c4570c1f5f2ebe67af6ff74fcbaec9d0f871abf4b09e1
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
efb74b355f2b19b507d429873a5205a23323780996cb9faa2cbbf92b00e70a21
f1426c9322621378e362570f4ae1a661cf55a46b073bc83c568c2afe67d169e4
f26b5633d0577a58588a9c912e7a04badd4df1667411df0266516dedb2a3b7e5
f837149a0a9a2b92a8d7f152da2ef4e69b30f98ed029cddcfcaa76bf9883ffc1
fd33bbecf9cd62f171950662a1f7fd70377af80b2a8c6710b8b5f26fb379fa0a
febc37aac923fba810d8d26c1afa7fc1845701770ebc722d1391e33220830147
ff6dbcd68e21f97f786d2db615aa18aa717ee4bc5488c30092cf12ed8dbcacbf
ff712ff2b433f78559d51464625a77b60171b9204216640e0073332a18c2a17c

www.truesec.com Open in urlscan Pro 76.76.21.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

74 Requests

99 %HTTPS

94 %IPv6

13 Domains

17 Subdomains

17 IPs

2 Countries

2708 kBTransfer

6673 kBSize

2 Cookies

30 Outgoing links

Page URL History

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.truesec.com Open in urlscan Pro
76.76.21.9 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

99 %
HTTPS

94 %
IPv6

13
Domains

17
Subdomains

17
IPs

2
Countries

2708 kB
Transfer

6673 kB
Size

2
Cookies

74 HTTP transactions
2 data transactions