www.trendmicro.com Open in urlscan Pro
2.19.216.164 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
Submission: On March 21 via manual (March 21st 2024, 8:52:42 am UTC) from IT — Scanned from IT

Summary HTTP 358 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 46 IPs in 5 countries across 41 domains to perform 358 HTTP transactions. The main IP is 2.19.216.164, located in Prague, Czech Republic and belongs to AKAMAI-AS, US. The main domain is www.trendmicro.com.
TLS certificate: Issued by Entrust Certification Authority - L1M on May 20th 2023. Valid for: a year.

This is the only time www.trendmicro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
39	2.19.216.164 2.19.216.164	16625 (AKAMAI-AS) (AKAMAI-AS)
8	104.19.178.52 104.19.178.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.74 142.250.186.74	15169 (GOOGLE) (GOOGLE)
2	104.22.28.96 104.22.28.96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
50	18.67.240.89 18.67.240.89	16509 (AMAZON-02) (AMAZON-02)
11	193.108.153.10 193.108.153.10	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
22	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
1	35.201.125.192 35.201.125.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.194.12 34.111.194.12	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2.19.216.168 2.19.216.168	16625 (AKAMAI-AS) (AKAMAI-AS)
7	216.58.206.67 216.58.206.67	15169 (GOOGLE) (GOOGLE)
1	104.18.32.137 104.18.32.137	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	172.217.18.8 172.217.18.8	15169 (GOOGLE) (GOOGLE)
3	104.64.124.188 104.64.124.188	16625 (AKAMAI-AS) (AKAMAI-AS)
15	2.17.147.185 2.17.147.185	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
5	52.29.113.114 52.29.113.114	16509 (AMAZON-02) (AMAZON-02)
1	104.17.70.206 104.17.70.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.104.239.35 172.104.239.35	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	2.21.20.144 2.21.20.144	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 13	169.150.247.38 169.150.247.38	60068 (CDN77 _) (CDN77 _)
33	13.224.115.61 13.224.115.61	16509 (AMAZON-02) (AMAZON-02)
3	104.22.71.197 104.22.71.197	13335 (CLOUDFLAR...) (CLOUDFLARENET)
70	52.84.66.103 52.84.66.103	16509 (AMAZON-02) (AMAZON-02)
2	74.125.206.156 74.125.206.156	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.68 142.250.185.68	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
2	76.223.9.105 76.223.9.105	16509 (AMAZON-02) (AMAZON-02)
1	216.239.38.181 216.239.38.181	15169 (GOOGLE) (GOOGLE)
3	23.35.236.237 23.35.236.237	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.104.139.173 172.104.139.173	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	172.104.128.166 172.104.128.166	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
3 5	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
1	20.186.185.227 20.186.185.227	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	52.20.143.177 52.20.143.177	14618 (AMAZON-AES) (AMAZON-AES)
5	54.244.4.179 54.244.4.179	16509 (AMAZON-02) (AMAZON-02)
2	54.192.95.63 54.192.95.63	16509 (AMAZON-02) (AMAZON-02)
8	3.94.218.138 3.94.218.138	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.66.208 151.101.66.208	54113 (FASTLY) (FASTLY)
358	46

39 2.19.216.164 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-216-164.deploy.static.akamaitechnologies.com

www.trendmicro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.19.178.52 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.28.96 (None, )

ASN13335 (CLOUDFLARENET, US)

customer.cludo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 18.67.240.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-240-89.mad56.r.cloudfront.net

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 193.108.153.10 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-10.deploy.static.akamaitechnologies.com

trendmicro.scene7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.125.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.125.201.35.bc.googleusercontent.com

cdn.bc0a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.194.12 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 12.194.111.34.bc.googleusercontent.com

ixfd2-api.bc0a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.19.216.168 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-216-168.deploy.static.akamaitechnologies.com

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
02179915.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.32.137 (None, )

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.64.124.188 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-124-188.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2.17.147.185 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-147-185.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.29.113.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-113-114.eu-central-1.compute.amazonaws.com

datacloud.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.70.206 (None, )

ASN13335 (CLOUDFLARENET, US)

resources.trendmicro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.104.239.35 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1815-35.members.linode.com

script.opentracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.20.144 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-144.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 169.150.247.38 (Frankfurt am Main, Germany) 1 redirects

ASN60068 (CDN77 _, GB)
PTR: 169-150-247-38.bunnyinfra.net

load.sumome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 13.224.115.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-115-61.mad50.r.cloudfront.net

widget.equally.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.22.71.197 (None, )

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

70 52.84.66.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-66-103.mad51.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.206.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.68 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.9.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac3ff6aafb2cddae2.awsglobalaccelerator.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.38.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.237 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-237.deploy.static.akamaitechnologies.com

assets.adoberesources.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.139.173 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-104-139-173.ip.linodeusercontent.com

log.opentracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.128.166 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1644-166.members.linode.com

log.leadboxer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

945-cxd-062.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.186.185.227 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

hummingbirdwebsocket-va7.cloud.adobe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.20.143.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-143-177.compute-1.amazonaws.com

api.equally.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.244.4.179 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-244-4-179.us-west-2.compute.amazonaws.com

sumome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.192.95.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-95-63.mad51.r.cloudfront.net

bootstrap.driftapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.94.218.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-218-138.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.208 (United States)

ASN54113 (FASTLY, US)

driftt.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	driftt.com js.driftt.com — Cisco Umbrella Rank: 15218	786 KB
50	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1332	193 KB
40	trendmicro.com www.trendmicro.com resources.trendmicro.com	2 MB
37	equally.ai widget.equally.ai — Cisco Umbrella Rank: 143850 api.equally.ai — Cisco Umbrella Rank: 170762	436 KB
21	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	22 KB
18	sumome.com 1 redirects load.sumome.com — Cisco Umbrella Rank: 31885 sumome.com — Cisco Umbrella Rank: 28044	438 KB
15	6sc.co j.6sc.co — Cisco Umbrella Rank: 12527 c.6sc.co — Cisco Umbrella Rank: 17614 ipv6.6sc.co — Cisco Umbrella Rank: 12937 b.6sc.co — Cisco Umbrella Rank: 6975	40 KB
15	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	1 MB
11	scene7.com trendmicro.scene7.com	264 KB
8	drift.com metrics.api.drift.com — Cisco Umbrella Rank: 18210 event.api.drift.com — Cisco Umbrella Rank: 19688 targeting.api.drift.com — Cisco Umbrella Rank: 19742	2 KB
8	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 477	166 KB
7	gstatic.com fonts.gstatic.com	335 KB
5	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 734 www.linkedin.com — Cisco Umbrella Rank: 882	3 KB
5	tealiumiq.com datacloud.tealiumiq.com — Cisco Umbrella Rank: 9762	3 KB
5	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 353 6240125.fls.doubleclick.net Failed stats.g.doubleclick.net — Cisco Umbrella Rank: 195 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	2 KB
4	opentracker.net script.opentracker.net — Cisco Umbrella Rank: 375286 log.opentracker.net — Cisco Umbrella Rank: 346890	21 KB
3	adoberesources.net assets.adoberesources.net — Cisco Umbrella Rank: 189792	90 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 5 analytics.google.com — Cisco Umbrella Rank: 258	976 B
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 5328	29 KB
3	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 8080	9 KB
3	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 2051 c.go-mpulse.net — Cisco Umbrella Rank: 841	82 KB
2	driftapi.com bootstrap.driftapi.com — Cisco Umbrella Rank: 18701	17 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 19281	1 KB
2	t.co t.co — Cisco Umbrella Rank: 766	579 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 251	71 KB
2	bc0a.com cdn.bc0a.com — Cisco Umbrella Rank: 24825 ixfd2-api.bc0a.com — Cisco Umbrella Rank: 37297	15 KB
2	cludo.com customer.cludo.com — Cisco Umbrella Rank: 25935	77 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	5 KB
1	imgix.net driftt.imgix.net — Cisco Umbrella Rank: 45134	11 KB
1	akstat.io 02179915.akstat.io — Cisco Umbrella Rank: 85960	228 B
1	adobe.io hummingbirdwebsocket-va7.cloud.adobe.io — Cisco Umbrella Rank: 170598	155 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	274 B
1	mktoresp.com 945-cxd-062.mktoresp.com	318 B
1	leadboxer.com log.leadboxer.com — Cisco Umbrella Rank: 232886	216 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 813	703 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1756	17 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1208	15 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 2096	631 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 853	308 B
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 78	2 KB
0	twitter.com Failed analytics.twitter.com Failed
358	41

	Domain	Requested by
70	js.driftt.com	tags.tiqcdn.com www.trendmicro.com js.driftt.com
50	tags.tiqcdn.com	www.trendmicro.com
39	www.trendmicro.com	www.trendmicro.com
33	widget.equally.ai	tags.tiqcdn.com www.trendmicro.com widget.equally.ai
21	www.google-analytics.com	tags.tiqcdn.com www.trendmicro.com www.googletagmanager.com
15	www.googletagmanager.com	tags.tiqcdn.com www.googletagmanager.com www.google-analytics.com www.trendmicro.com
13	load.sumome.com	1 redirects www.trendmicro.com
11	trendmicro.scene7.com	www.trendmicro.com
9	b.6sc.co	www.trendmicro.com
8	cdn.cookielaw.org	www.trendmicro.com cdn.cookielaw.org
7	fonts.gstatic.com	fonts.googleapis.com
5	sumome.com	www.trendmicro.com
5	datacloud.tealiumiq.com	www.trendmicro.com tags.tiqcdn.com
4	targeting.api.drift.com	js.driftt.com
4	api.equally.ai	www.trendmicro.com
4	px.ads.linkedin.com	2 redirects www.trendmicro.com
3	assets.adoberesources.net	tags.tiqcdn.com assets.adoberesources.net
3	static.addtoany.com	tags.tiqcdn.com static.addtoany.com www.trendmicro.com
3	script.opentracker.net	tags.tiqcdn.com www.trendmicro.com
3	munchkin.marketo.net	tags.tiqcdn.com www.trendmicro.com munchkin.marketo.net
2	event.api.drift.com	js.driftt.com
2	metrics.api.drift.com	js.driftt.com
2	bootstrap.driftapi.com	js.driftt.com
2	epsilon.6sense.com	www.trendmicro.com
2	ipv6.6sc.co	www.trendmicro.com
2	c.6sc.co	www.trendmicro.com
2	t.co	www.trendmicro.com
2	www.google.com	1 redirects www.trendmicro.com
2	stats.g.doubleclick.net	www.trendmicro.com www.googletagmanager.com
2	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
2	cm.g.doubleclick.net	2 redirects
2	j.6sc.co	tags.tiqcdn.com www.trendmicro.com
2	s.go-mpulse.net	www.trendmicro.com
2	customer.cludo.com	www.trendmicro.com
2	fonts.googleapis.com	www.trendmicro.com client
1	driftt.imgix.net
1	02179915.akstat.io	s.go-mpulse.net
1	hummingbirdwebsocket-va7.cloud.adobe.io	assets.adoberesources.net
1	www.facebook.com	www.trendmicro.com
1	945-cxd-062.mktoresp.com	munchkin.marketo.net
1	www.linkedin.com	1 redirects
1	log.leadboxer.com	www.trendmicro.com
1	log.opentracker.net	www.trendmicro.com
1	analytics.google.com	www.googletagmanager.com
1	secure.adnxs.com	www.trendmicro.com
1	googleads.g.doubleclick.net	www.trendmicro.com
1	snap.licdn.com	tags.tiqcdn.com
1	static.ads-twitter.com	tags.tiqcdn.com
1	sp.analytics.yahoo.com	www.trendmicro.com
1	c.go-mpulse.net	www.trendmicro.com
1	resources.trendmicro.com	tags.tiqcdn.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	ixfd2-api.bc0a.com	cdn.bc0a.com
1	cdn.bc0a.com	tags.tiqcdn.com
1	www.youtube.com	www.trendmicro.com
0	analytics.twitter.com Failed	www.trendmicro.com
0	6240125.fls.doubleclick.net Failed	www.trendmicro.com tags.tiqcdn.com
358	57

This site contains links to these domains. Also see Links.

Domain
vicone.com
www.zerodayinitiative.com
community-trendmicro.force.com
trendmicro.my.site.com
newsroom.trendmicro.com
resources.trendmicro.com
success.trendmicro.com
trendmicro.com
cloudone.trendmicro.com
tm.login.trendmicro.com
signup.cj.com
www.addtoany.com
blog.jetbrains.com
nvd.nist.gov
www.cisa.gov
www.rapid7.com
www.theregister.com
www.volexity.com
github.com
www.linkedin.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.trendmicro.cz

Subject Issuer	Validity	Valid
www.trendmicro.com Entrust Certification Authority - L1M	`2023-05-20` - `2024-06-19`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.cludo.com AlphaSSL CA - SHA256 - G4	`2023-06-01` - `2024-07-02`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2024-03-19` - `2025-04-17`	a year	crt.sh
*.scene7.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
cdn.bc0a.com GTS CA 1D4	`2024-03-20` - `2024-06-18`	3 months	crt.sh
ixfd-api.bc0a.com GTS CA 1D4	`2024-02-23` - `2024-05-23`	3 months	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2024-03-06` - `2025-03-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
6sc.co R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
resources.trendmicro.com Cloudflare Inc ECC CA-3	`2023-05-18` - `2024-05-17`	a year	crt.sh
*.opentracker.net Sectigo RSA Domain Validation Secure Server CA	`2024-03-11` - `2025-04-11`	a year	crt.sh
*.tealiumiq.com Amazon RSA 2048 M01	`2023-07-26` - `2024-08-23`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-03-19` - `2024-09-11`	6 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-29` - `2024-03-28`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
equally.ai Amazon RSA 2048 M01	`2023-05-06` - `2024-06-03`	a year	crt.sh
static.addtoany.com E1	`2024-02-24` - `2024-05-24`	3 months	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.leadboxer.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-01` - `2024-08-16`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
load.sumome.com R3	`2024-03-19` - `2024-06-17`	3 months	crt.sh
*.cloud.adobe.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-17` - `2024-06-14`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
*.sumome.com Amazon RSA 2048 M03	`2024-01-18` - `2025-02-15`	a year	crt.sh
driftapi.com Amazon RSA 2048 M02	`2023-12-25` - `2025-01-21`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-07` - `2025-01-07`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
Frame ID: 195C4D839E0AF9238C1571820E484BF3
Requests: 241 HTTP requests in this frame

Frame: https://6240125.fls.doubleclick.net/activityi;src=6240125;type=windo0;cat=trend003;ord=9610545078773.832
Frame ID: 808467EBE99E2ADB6971910D8442C294
Requests: 3 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 50B104971171F11CFE9F76FFA3D4DE6B
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
Frame ID: 564862181E66874D6E6D962BF1B8FFAF
Requests: 39 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
Frame ID: B4AB33496E5AD1E3E88561B6FA426037
Requests: 36 HTTP requests in this frame

Frame: https://widget.equally.ai/equallyai-widget.css
Frame ID: 2FC488FA7DE53964AB9139F45996571A
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TeamCity Vulnerability Exploits Lead to Jasmin Ransomware, Other Malware Types | Trend Micro (FR)

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

SumoMe (Widgets) Expand

Overall confidence: 100%
Detected patterns

load\.sumome\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

358
Requests

97 %
HTTPS

0 %
IPv6

41
Domains

57
Subdomains

46
IPs

5
Countries

6581 kB
Transfer

17266 kB
Size

57
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://vicone.com/en
Title: Automobile

Search URL Search Domain Scan URL

URL: https://www.zerodayinitiative.com/about/
Title: Programme Zero Day Initiative (ZDI)

Search URL Search Domain Scan URL

URL: https://community-trendmicro.force.com/Gpartner/s/
Title: Connexion partenaire

Search URL Search Domain Scan URL

URL: https://trendmicro.my.site.com/Gpartner/s/partner-locator?language=en_US
Title: Trouver un partenaire

Search URL Search Domain Scan URL

URL: https://newsroom.trendmicro.com/
Title: Actualités

Search URL Search Domain Scan URL

URL: https://resources.trendmicro.com/Under-Attack-Form-fr.html
Title: Vous subissez une attaque ?

Search URL Search Domain Scan URL

URL: https://success.trendmicro.com/dcx/s/?language=en_US
Title: Portail de support professionnel

Search URL Search Domain Scan URL

URL: https://success.trendmicro.com/community/s
Title: Communauté professionnelle

Search URL Search Domain Scan URL

URL: https://success.trendmicro.com/dcx/s/threat?language=en_US
Title: Aide pour les virus et menaces

Search URL Search Domain Scan URL

URL: https://success.trendmicro.com/contact-support-europe
Title: Contacter le support

Search URL Search Domain Scan URL

URL: http://trendmicro.com/public-cloud-risk-assessment
Title: Évaluation de l’intégrité du cloud

Search URL Search Domain Scan URL

URL: https://community-trendmicro.force.com/Gpartner/s/login/?language=en_US&ec=302&startURL=%2FGpartner%2Fs%2F
Title: Portail partenaires

Search URL Search Domain Scan URL

URL: https://cloudone.trendmicro.com/
Title: Cloud One

Search URL Search Domain Scan URL

URL: https://tm.login.trendmicro.com/simplesaml/saml2/idp/SSOService.php
Title: Activation et gestion de produit

Search URL Search Domain Scan URL

URL: https://signup.cj.com/member/signup/publisher/?cid=1867119#/branded?_k=xaeu3t
Title: Associé parrainé

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&title=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)

Search URL Search Domain Scan URL

URL: https://blog.jetbrains.com/teamcity/2024/03/additional-critical-security-issues-affecting-teamcity-on-premises-cve-2024-27198-and-cve-2024-27199-update-to-2023-11-4-now/
Title: disclosed

Search URL Search Domain Scan URL

URL: https://nvd.nist.gov/vuln/detail/CVE-2024-27198
Title: CVE-2024-27198

Search URL Search Domain Scan URL

URL: https://nvd.nist.gov/vuln/detail/CVE-2024-27199
Title: CVE-2024-27199

Search URL Search Domain Scan URL

URL: https://www.cisa.gov/news-events/alerts/2024/03/07/cisa-adds-one-known-exploited-jetbrains-vulnerability-cve-2024-27198-catalog
Title: Known Exploited Vulnerabilities

Search URL Search Domain Scan URL

URL: https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/
Title: Rapid7

Search URL Search Domain Scan URL

URL: https://www.theregister.com/2024/03/07/teamcity_exploits_lead_to_ransomware/
Title: Jasmin ransomware

Search URL Search Domain Scan URL

URL: https://www.volexity.com/blog/2024/01/18/ivanti-connect-secure-vpn-exploitation-new-observations/
Title: exploitation activities

Search URL Search Domain Scan URL

URL: https://github.com/XZB-1248/Spark
Title: https://github.com/XZB-1248/Spark

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/trend-micro-europe

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TrendMicroEurope

Search URL Search Domain Scan URL

URL: https://twitter.com/trendmicrofr

Search URL Search Domain Scan URL

URL: https://www.instagram.com/trendmicro/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TrendMicroEurope

Search URL Search Domain Scan URL

URL: http://www.trendmicro.cz/
Title: Česká Republika

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=tealium_dmp&google_cm&tealium_vid=018e603645c10000fbc91523a40d03074006d06c00b08&tealium_account=trendmicro&tealium_profile=main HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tealium_dmp&google_cm=&tealium_vid=018e603645c10000fbc91523a40d03074006d06c00b08&tealium_account=trendmicro&tealium_profile=main&google_tc= HTTP 302
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_vid=018e603645c10000fbc91523a40d03074006d06c00b08&tealium_account=trendmicro&tealium_profile=main&google_gid=CAESEBsk8_KuhCUdISOg2BY7BQo&google_cver=1

Request Chain 104

https://load.sumome.com/ HTTP 301
https://load.sumome.com/sumome.js

Request Chain 127

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=652126079.1711011154&url=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&dma=0&npa=0&gtm=45He43k0n81TXG7CKVv9103800028za200&auid=1426161336.1711011154 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=652126079.1711011154&url=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&dma=0&npa=0&gtm=45He43k0n81TXG7CKVv9103800028za200&auid=1426161336.1711011154

Request Chain 196

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2908409&time=1711011154690&li_adsId=3808e5db-bed4-4718-89fc-4bd5a4a6ca3d&url=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2908409&time=1711011154690&li_adsId=3808e5db-bed4-4718-89fc-4bd5a4a6ca3d&url=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2908409%26time%3D1711011154690%26li_adsId%3D3808e5db-bed4-4718-89fc-4bd5a4a6ca3d%26url%3Dhttps%253A%252F%252Fwww.trendmicro.com%252Ffr_fr%252Fresearch%252F24%252Fc%252Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2908409&time=1711011154690&li_adsId=3808e5db-bed4-4718-89fc-4bd5a4a6ca3d&url=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&cookiesTest=true&liSync=true

358 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Show response
www.trendmicro.com/fr_fr/research/24/c/ 151 KB
27 KB 901ms
725ms Document
text/html 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

fb6cb25374114366c08bdbb2ff0d5c2b4a2b7a56ea6422b06397e25d26879ad5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' http: https: data: blob: wss: mediastream: android-webview-video-poster: ms-appx-web: gsa: endlesspic: ms-browser-extension chrome-extension asset * ; frame-ancestors 'self' https://*.trendmicro.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-length: 26876
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' http: https: data: blob: wss: mediastream: android-webview-video-poster: ms-appx-web: gsa: endlesspic: ms-browser-extension chrome-extension asset * ; frame-ancestors 'self' https://*.trendmicro.com
content-type: text/html;charset=utf-8
date: Thu, 21 Mar 2024 08:52:32 GMT
server: nginx
server-timing: cdn-cache; desc=MISS edge; dur=38 origin; dur=622 ak_p; desc="1711011151482_34706340_37396373_66051_12939_35_89_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 24648 0 pmb=mRUM,2
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-prod-a-01: Yes
x-prod-n-02: Yes
x-xss-protection: 1;mode=block

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/821060e3-3f9c-4a2f-8613-8e0db4841f79/ 157 KB
20 KB 461ms
74ms Script
application/x-javascript 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/821060e3-3f9c-4a2f-8613-8e0db4841f79/OtAutoBlock.js

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d65e7caa301734c3ce94cff66d9450615b86422c96b78314604483b01361bc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Mar 2024 08:52:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 43411
content-md5: oTTSHJgjL0rQVAXF/4Fe5Q==
content-length: 20208
x-ms-lease-status: unlocked
last-modified: Mon, 11 Mar 2024 20:41:44 GMT
server: cloudflare
etag: 0x8DC420BAA0C26C3
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: abb342e0-501e-0040-66f4-733ebb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 867cb4d85ab04be7-MXP
expires: Fri, 22 Mar 2024 08:52:32 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 449ms
63ms Script
application/javascript 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d85e4dcb52ce714c7136eb95a32765325205a4aabdb51932bd9024c400be665d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Mar 2024 08:52:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /RTAD1TAPuPWblD15GN1pg==
age: 51672
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6842
x-ms-lease-status: unlocked
last-modified: Wed, 20 Mar 2024 16:03:51 GMT
server: cloudflare
etag: 0x8DC48F7561F532F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 19d928c2-a01e-008f-4ce0-7ab0e9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 867cb4d85aad4be7-MXP

GET
H2 200 jquery.min.js Show response
www.trendmicro.com/etc.clientlibs/clientlibs/granite/ 111 KB
34 KB 98ms
94ms Script
application/javascript 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery.min.js

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

1b973667ceb759e49f2982721f36e4d20a2f8b5dce8c47ccf3039d6ab748143e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
x-prod-a-01: Yes
last-modified: Thu, 07 Mar 2024 19:49:32 GMT
server: Akamai Resource Optimizer
x-prod-n-02: Yes
date: Thu, 21 Mar 2024 08:52:32 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711011152334_34706340_37397998_1151_12220_34_0_219";dur=1
content-length: 34051
x-xss-protection: 1;mode=block

GET
H2 200 utils.min.js Show response
www.trendmicro.com/etc.clientlibs/clientlibs/granite/ 10 KB
4 KB 119ms
116ms Script
application/javascript 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/utils.min.js

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

799cb15a25ed2fa78bdba496d1afbc68f033a3a5dd9ead12f4eaac4e0a93236d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
x-prod-a-01: Yes
last-modified: Thu, 07 Mar 2024 19:55:09 GMT
server: Akamai Resource Optimizer
date: Thu, 21 Mar 2024 08:52:32 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711011152323_34706340_37397999_52_9901_34_0_219";dur=1
x-prod-n-01: Yes
content-length: 3224
x-xss-protection: 1;mode=block

GET
H2 200 css
fonts.googleapis.com/ 27 KB
2 KB 560ms
55ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

90b024f2bb6ac5bf0a8a77160406044bc6e6549fbf7717a88af8e82023d9fa62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 08:52:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 08:52:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 08:52:32 GMT

GET
H2 200 cludo-search.min.css
customer.cludo.com/css/296/1798/ 16 KB
3 KB 582ms
78ms Stylesheet
text/css 104.22.28.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer.cludo.com/css/296/1798/cludo-search.min.css
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.28.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 676e66eeb5e721df2e68029d518067cece19d56d7e0b4a1c9a2e3c449a232bca

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Apr 2022 10:55:26 GMT
server: cloudflare
age: 52396
etag: W/"0238c4e6e55d81:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=300
cf-ray: 867cb4d93e23bb17-MXP
alt-svc: h3=":443"; ma=86400
x-lb: 2

GET
H2 200 clientlib-trendresearch.min.css
www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/ 334 KB
34 KB 74ms
72ms Stylesheet
text/css 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch.min.css

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

b35729fbd7b15d7dc7ee79950ed13a0446ca2f0324d8b8f78dc22429e58de7e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
x-prod-a-01: Yes
last-modified: Tue, 19 Mar 2024 17:17:30 GMT
server: Akamai Resource Optimizer
x-prod-n-02: Yes
date: Thu, 21 Mar 2024 08:52:32 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1711011152323_34706340_37397996_211_9750_34_0_255";dur=1
content-length: 34277
x-xss-protection: 1;mode=block

GET
H2 200 header-footer.min.css
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/ 60 KB
6 KB 94ms
93ms Stylesheet
text/css 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/header-footer.min.css

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

14c7ed6b9b540b42d3ec969bbe0cb8d4ea30965c15f5669b4fffddd405c0b3c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
x-prod-a-01: Yes
last-modified: Thu, 07 Mar 2024 19:49:13 GMT
server: Akamai Resource Optimizer
date: Thu, 21 Mar 2024 08:52:32 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711011152327_34706340_37397997_466_13302_34_0_255";dur=1
x-prod-n-01: Yes
content-length: 5477
x-xss-protection: 1;mode=block

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 668 B
1 KB 557ms
54ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.sync.js
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57293ad5df2d14ab26b26a0340de794783f3aab77314462d5267b7da9cc3a983

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: SliPUWHA4hio2AZKZY18hRJJuv1wUkZr
date: Thu, 21 Mar 2024 08:51:05 GMT
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD56-P4
age: 89
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 668
last-modified: Tue, 19 Mar 2024 13:02:16 GMT
server: AmazonS3
etag: "4cffdb95dfe6dfded09b9c77ffcf668f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: Hmoqyqv0CJv8OhwXCa_EoUkHfD9Tt48SLwRZ7da0Y-229Vkj5fBJbA==

GET
H2 200 tm-logo-red-white-t.svg
www.trendmicro.com/content/dam/trendmicro/global/en/core/images/logos/ 5 KB
3 KB 119ms
118ms Image
image/svg+xml 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trendmicro.com/content/dam/trendmicro/global/en/core/images/logos/tm-logo-red-white-t.svg

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

4c38452d4117e2bb77829601aca27ac6584ebdf4d42ce505c0f7b1ae0f933147

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: gzip
x-prod-a-01: Yes
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 08:52:32 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711011152325_34706340_37398000_217_12016_34_0_182";dur=1
x-prod-n-01: Yes
content-length: 2173
x-xss-protection: 1;mode=block
last-modified: Wed, 20 Mar 2024 14:25:57 GMT
server: nginx
etag: W/"154e-614185e7e51af"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=628
accept-ranges: bytes
expires: Thu, 21 Mar 2024 09:03:00 GMT

GET
H2 200 trend-vision-one-laptop-console-nav.svg
www.trendmicro.com/content/dam/trendmicro/global/en/core/images/console-images/navigation/ 529 KB
381 KB 120ms
119ms Image
image/svg+xml 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trendmicro.com/content/dam/trendmicro/global/en/core/images/console-images/navigation/trend-vision-one-laptop-console-nav.svg

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

d50a796a476b1fcf5c96954fd3576ff056c278490683dce6f1504a9ded73edc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: gzip
x-prod-a-01: Yes
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 08:52:32 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711011152323_34706340_37398001_67_9995_34_0_182";dur=1
x-prod-n-01: Yes
content-length: 389784
x-xss-protection: 1;mode=block
last-modified: Wed, 20 Mar 2024 16:27:04 GMT
server: nginx
etag: "8428e-6141a0fa05c46"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=628
accept-ranges: bytes
expires: Thu, 21 Mar 2024 09:03:00 GMT

GET
H2 200 sps-mobile-security-enterprise-console-shot
trendmicro.scene7.com/is/image/trendmicro/ 20 KB
20 KB 464ms
43ms Image
image/webp 193.108.153.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trendmicro.scene7.com/is/image/trendmicro/sps-mobile-security-enterprise-console-shot?scl=1.0&qlt=95&fmt=webp-alpha

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-10.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

68c21f3bfefc064bc07808b48bba6165dfc210d152ba4a6a35a567ed49151877

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 21 Mar 2024 08:52:32 GMT
-x-adobe-smart-imaging: 0
akamai-grn: 0.0ace3617.1711011152.67a588bb
x-adobe-assetlist: QlpoOTFBWSZTWXsmWcsAAAMTgAACgAoeZ94gIABUUwmmgNMQinpphTajYQvKwELeE/OVgBtGKtmHupZyE1aayT3xGL5wi+DNlz8XckU4UJB7JlnL
x-adobe-smart-imaging: 0
x-akamai-cache: Hit
content-length: 19998
-x-adobe-assetlist: [trendmicro/sps-mobile-security-enterprise-console-shot]
last-modified: Wed, 04 Jan 2023 02:50:40 GMT
server: Unknown
x-adobe-modifierlist: QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag: "183303c0127c38a2849f7046d6cccef2"
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 21 Mar 2024 10:32:29 GMT

GET
H2 200 xdr-product-console-shot
trendmicro.scene7.com/is/image/trendmicro/ 18 KB
18 KB 414ms
66ms Image
image/webp 193.108.153.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trendmicro.scene7.com/is/image/trendmicro/xdr-product-console-shot?scl=1.0&qlt=95&fmt=webp-alpha

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-10.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

74f5da663574c88f8694494adf45161949674fcfff783f3306b0644dc2a84adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 21 Mar 2024 08:52:32 GMT
last-modified: Wed, 04 Jan 2023 02:43:22 GMT
server: Unknown
akamai-grn: 0.0ace3617.1711011152.67a588bc
x-adobe-modifierlist: QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag: "b3ffdce154f5ac33f90bafd0b8f52ddf"
x-adobe-assetlist: QlpoOTFBWSZTWSzIeOkAAAITgAACgAoOZ95AIAAxTJiZBkYUGTQMGpD6ZCPsuEfgkoW50OJVGIEuNhB8XckU4UJAsyHjpA==
access-control-allow-origin: *
content-type: image/webp
x-adobe-smart-imaging: 0
x-akamai-cache: Hit
content-length: 18350
expires: Thu, 21 Mar 2024 16:37:56 GMT

GET
H2 200 cloud-one-workload-security-console-shot
trendmicro.scene7.com/is/image/trendmicro/ 20 KB
21 KB 41ms
40ms Image
image/webp 193.108.153.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trendmicro.scene7.com/is/image/trendmicro/cloud-one-workload-security-console-shot?scl=1.0&qlt=95&fmt=webp-alpha

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-10.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

da316d75d41c92dac17387c6c4e18d457cbbecb0587ed53081bb21afcb4e0e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 21 Mar 2024 08:52:32 GMT
-x-adobe-smart-imaging: 0
akamai-grn: 0.0ace3617.1711011152.67a5894d
x-adobe-assetlist: QlpoOTFBWSZTWVD58OwAAAMTgAACgAoub56gIABIaptRnqJ6hmnpQoGmhkZMSSLjJ2xPlk8aolRMHW9P0K4v6ZmsZxYj7mYYAH4u5IpwoSCh8+HY
x-adobe-smart-imaging: 0
x-akamai-cache: Hit
content-length: 20734
-x-adobe-assetlist: [trendmicro/cloud-one-workload-security-console-shot]
last-modified: Wed, 04 Jan 2023 02:50:40 GMT
server: Unknown
x-adobe-modifierlist: QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag: "fd80448de919134c924f18226b59ecd2"
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 21 Mar 2024 16:49:28 GMT

GET
H2 200 cloud-one-container-console-shot
trendmicro.scene7.com/is/image/trendmicro/ 22 KB
23 KB 42ms
38ms Image
image/webp 193.108.153.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trendmicro.scene7.com/is/image/trendmicro/cloud-one-container-console-shot?scl=1.0&qlt=95&fmt=webp-alpha

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-10.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

cd1eef6ba8780ec4e408014498fe98f8691792cc00168d4b115f1500d502a3fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 21 Mar 2024 08:52:33 GMT
-x-adobe-smart-imaging: 0
akamai-grn: 0.0ace3617.1711011153.67a58bf5
x-adobe-assetlist: QlpoOTFBWSZTWc9xaQ0AAAKTgAACgAouZ54AIAAxTTIxMTEGqekZkm0empyIbj0HcSqB1ZIzRPumGYlwpg/X3llbou5IpwoSGe4tIaA=
x-adobe-smart-imaging: 0
x-akamai-cache: Hit
content-length: 22816
-x-adobe-assetlist: [trendmicro/cloud-one-container-console-shot]
last-modified: Wed, 04 Jan 2023 02:43:25 GMT
server: Unknown
x-adobe-modifierlist: QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag: "0bd7f96f29e779fac6dc954866b8de36"
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 21 Mar 2024 13:55:01 GMT

GET
H2 200 cloud-one-file-storage-console-shot
trendmicro.scene7.com/is/image/trendmicro/ 10 KB
11 KB 54ms
50ms Image
image/webp 193.108.153.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trendmicro.scene7.com/is/image/trendmicro/cloud-one-file-storage-console-shot?scl=1.0&qlt=95&fmt=webp-alpha

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-10.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

3f95c868390ea2426ee26d756867a51141df402ab30ccc73404c16450fc10f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 21 Mar 2024 08:52:33 GMT
-x-adobe-smart-imaging: 0
akamai-grn: 0.0ace3617.1711011153.67a58bf6
x-adobe-assetlist: QlpoOTFBWSZTWaHvYKkAAAMTgAACgAov554AIAAiJpPU9qjRtGahTCaaA0xAgVNPUgQa0soHgmo+qZZMeYfZyOm7hWBvwXckU4UJCh72CpA=
x-adobe-smart-imaging: 0
x-akamai-cache: Hit
content-length: 10478
-x-adobe-assetlist: [trendmicro/cloud-one-file-storage-console-shot]
last-modified: Wed, 04 Jan 2023 02:50:40 GMT
server: Unknown
x-adobe-modifierlist: QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag: "81b7f638d5ac80cfde194124da99cc5e"
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 21 Mar 2024 14:01:39 GMT

GET
H2 200 user-protection-endpoint-security-console-shot
trendmicro.scene7.com/is/image/trendmicro/ 25 KB
25 KB 102ms
98ms Image
image/webp 193.108.153.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trendmicro.scene7.com/is/image/trendmicro/user-protection-endpoint-security-console-shot?scl=1.0&qlt=95&fmt=webp-alpha

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-10.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

290932922734f12d9845a1deb845664413c2ea63d5bb49447c94fe82533f2b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 21 Mar 2024 08:52:33 GMT
last-modified: Wed, 04 Jan 2023 02:43:22 GMT
server: Unknown
akamai-grn: 0.0ace3617.1711011153.67a58bf7
x-adobe-modifierlist: QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag: "9de0ea20e5fe60912bf8469e34a18b27"
x-adobe-assetlist: QlpoOTFBWSZTWQ+geoMAAAMTgAACgAoOZ94gIABQpkxMgyMIp4p+qemU9TaZTJq4p1b4ExbFuyFyAEo3I47vS8sa9eMaAp7KSGSmP+LuSKcKEgH0D1Bg
access-control-allow-origin: *
content-type: image/webp
x-adobe-smart-imaging: 0
x-akamai-cache: Hit
content-length: 25532
expires: Thu, 21 Mar 2024 14:41:25 GMT

GET
H2 200 zero-trust-access-console-shot
trendmicro.scene7.com/is/image/trendmicro/ 24 KB
24 KB 54ms
50ms Image
image/webp 193.108.153.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trendmicro.scene7.com/is/image/trendmicro/zero-trust-access-console-shot?scl=1.0&qlt=95&fmt=webp-alpha

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-10.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

1c580985c46f2d69e9d251c3275a031da27d8219e702677f7285ddad9134c562

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 21 Mar 2024 08:52:33 GMT
last-modified: Wed, 04 Jan 2023 02:43:22 GMT
server: Unknown
akamai-grn: 0.0ace3617.1711011153.67a58c01
x-adobe-modifierlist: QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag: "54553bd846274282dee4b07c8fd3198b"
x-adobe-assetlist: QlpoOTFBWSZTWRRgqYoAAAKTgAACgAouZ54QIAAxTJiZBkYRGmI0aaYkQvgyR6UW88UjS0OOQNJdMCXWOiWk3XxdyRThQkBRgqYo
access-control-allow-origin: *
content-type: image/webp
x-adobe-smart-imaging: 0
x-akamai-cache: Hit
content-length: 24410
expires: Thu, 21 Mar 2024 11:31:12 GMT

GET
H2 200 all-products-console-shot
trendmicro.scene7.com/is/image/trendmicro/ 64 KB
64 KB 65ms
61ms Image
image/webp 193.108.153.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trendmicro.scene7.com/is/image/trendmicro/all-products-console-shot?scl=1.0&qlt=95&fmt=webp-alpha

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-10.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

293ceaa480bda1594e9f61f6a52858999cd0aad1ef4f5d3eafe7cc559727e41d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 21 Mar 2024 08:52:33 GMT
-x-adobe-smart-imaging: 0
akamai-grn: 0.0ace3617.1711011153.67a58c02
x-adobe-assetlist: QlpoOTFBWSZTWQAjRP8AAAITgAACgAouZ94AIAAxTJiZBkYUND1NNMmI6GwgBZcHKQWGdiFA8L4puS7nSfF3JFOFCQACNE/w
x-adobe-smart-imaging: 0
x-akamai-cache: Hit
content-length: 65306
-x-adobe-assetlist: [trendmicro/all-products-console-shot]
last-modified: Mon, 27 Mar 2023 00:57:09 GMT
server: Unknown
x-adobe-modifierlist: QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag: "891ae1c6af5064a7f40d8b2f96a4ea68"
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 21 Mar 2024 09:40:07 GMT

GET
H2 200 asrm-console-shot
trendmicro.scene7.com/is/image/trendmicro/ 14 KB
15 KB 86ms
82ms Image
image/webp 193.108.153.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trendmicro.scene7.com/is/image/trendmicro/asrm-console-shot?scl=1.0&qlt=95&fmt=webp-alpha

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-10.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

84f657435e631a1442815def2faa66eb24833b1047908ebd71275bfbef9690ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 21 Mar 2024 08:52:33 GMT
-x-adobe-smart-imaging: 0
akamai-grn: 0.0ace3617.1711011153.67a58c03
x-adobe-assetlist: QlpoOTFBWSZTWXWqKgQAAAGTgAACgAouZ5wAIAAih6jTRg1ChppgAZYQojzNFvCnA3RgB2Kn4u5IpwoSDrVFQIA=
x-adobe-smart-imaging: 0
x-akamai-cache: Hit
content-length: 14534
-x-adobe-assetlist: [trendmicro/asrm-console-shot]
last-modified: Wed, 04 Jan 2023 02:43:26 GMT
server: Unknown
x-adobe-modifierlist: QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag: "1ac209128f661abb8a982d1bdb20d08e"
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 21 Mar 2024 10:29:24 GMT

GET
H2 200 email-security-console-shot
trendmicro.scene7.com/is/image/trendmicro/ 24 KB
25 KB 99ms
95ms Image
image/webp 193.108.153.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trendmicro.scene7.com/is/image/trendmicro/email-security-console-shot?scl=1.0&qlt=95&fmt=webp-alpha

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-10.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

3a3abfe7b0630828bff7d1f3a6e29c316f1a432e1909877d8c713abf14e43c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 21 Mar 2024 08:52:33 GMT
last-modified: Wed, 04 Jan 2023 02:50:40 GMT
server: Unknown
akamai-grn: 0.0ace3617.1711011153.67a58c04
x-adobe-modifierlist: QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag: "adeabd4b80e2b5f6ab0d131473fa84c3"
x-adobe-assetlist: QlpoOTFBWSZTWRAIvj0AAAITgAACgAouZ54gIAAxTJiZBkYUNDIaegk92DgGNMkdi6AkXb2vg3gSTUZJXJ/F3JFOFCQEAi+PQA==
access-control-allow-origin: *
content-type: image/webp
x-adobe-smart-imaging: 0
x-akamai-cache: Hit
content-length: 24906
expires: Thu, 21 Mar 2024 13:10:52 GMT

GET
H2 200 search-script.js Show response
customer.cludo.com/scripts/bundles/ 419 KB
74 KB 55ms
54ms Script
application/javascript 104.22.28.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://customer.cludo.com/scripts/bundles/search-script.js
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.28.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dba583880106c1d132324a73e774c64efc449671a5dbc701130713a31dca708

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Mar 2024 16:54:28 GMT
server: cloudflare
age: 156
etag: W/"0faf41db070da1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
cf-ray: 867cb4d9cf5bbb17-MXP
alt-svc: h3=":443"; ma=86400
x-lb: 4

GET
H2 200 share-more.svg
www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch/resources/img/ 648 B
773 B 183ms
180ms Image
image/svg+xml 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch/resources/img/share-more.svg

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

179eb991060face02477e0406b1a413ac50ec26fe9f397e07e4ee95f7e6a5298

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-prod-n-02: Yes
x-prod-a-01: Yes
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 21 Mar 2024 08:52:33 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=65, origin; dur=0, ak_p; desc="1711011153239_34706340_37399821_8178_12972_30_0_219";dur=1
content-length: 362
x-xss-protection: 1;mode=block
last-modified: Thu, 23 Apr 2020 17:32:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=900
expires: Thu, 21 Mar 2024 09:07:33 GMT

GET
H2 200 printer.svg
www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch/resources/img/ 8 KB
8 KB 244ms
240ms Image
text/html 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch/resources/img/printer.svg
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-216-164.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:33 GMT
content-encoding: gzip
last-modified: Tue, 16 Jun 2020 18:35:29 GMT
server: AkamaiNetStorage
etag: "4dc263680765839bcf154c31da4ae22b:1592332529.612416"
vary: Accept-Encoding
content-type: text/html
cache-control: no-cache, no-store
server-timing: cdn-cache; desc=HIT, edge; dur=148, origin; dur=0, ak_p; desc="1711011153233_34706340_37399822_15834_12852_32_0_219";dur=1
accept-ranges: bytes
content-length: 3235
expires: Thu, 21 Mar 2024 08:52:33 GMT

GET
H2 200 fig1.jpg
www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/ 18 KB
19 KB 211ms
208ms Image
image/jpeg 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/fig1.jpg

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

01f7a1c10421a3d2b9299e0cb674457eddfdfb976fdc326cd047c35386ac1efb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-prod-n-02: Yes
x-prod-a-01: Yes
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 08:52:33 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=98, origin; dur=0, ak_p; desc="1711011153242_34706340_37399823_11767_12512_30_0_146";dur=1
content-length: 18612
x-xss-protection: 1;mode=block
last-modified: Wed, 20 Mar 2024 12:55:48 GMT
server: nginx
etag: "48b4-614171c170c9a"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=331
accept-ranges: bytes
expires: Thu, 21 Mar 2024 08:58:04 GMT

GET
H2 200 fig2.jpg
www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/ 16 KB
17 KB 136ms
133ms Image
image/jpeg 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/fig2.jpg

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7c40f6479cd773da323b1a305a7428ddb729d6dd4be2f3cff692c9e0ab8a3696

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Thu, 21 Mar 2024 08:52:33 GMT
x-prod-a-01: Yes
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=34, origin; dur=0, ak_p; desc="1711011153226_34706340_37399824_3757_9919_30_0_146";dur=1
x-prod-n-01: Yes
content-length: 16502
x-xss-protection: 1;mode=block
last-modified: Wed, 20 Mar 2024 12:55:27 GMT
server: nginx
etag: "4076-614171adc2805"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=136
accept-ranges: bytes
expires: Thu, 21 Mar 2024 08:54:49 GMT

GET
H2 200 fig3.jpg
www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/ 116 KB
117 KB 266ms
263ms Image
image/jpeg 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/fig3.jpg

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3edf1b20cd75d920dcaaa7e8e0afa8c202082439c4ae73c727520bf262226dfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Thu, 21 Mar 2024 08:52:33 GMT
x-prod-a-01: Yes
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=78, origin; dur=0, ak_p; desc="1711011153324_34706340_37399825_17915_17986_30_0_146";dur=1
x-prod-n-01: Yes
content-length: 118944
x-xss-protection: 1;mode=block
last-modified: Wed, 20 Mar 2024 12:55:27 GMT
server: nginx
etag: "1d0a0-614171add7be5"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=271
accept-ranges: bytes
expires: Thu, 21 Mar 2024 08:57:04 GMT

GET
H2 200 fig4.jpg
www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/ 20 KB
20 KB 168ms
166ms Image
image/jpeg 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/fig4.jpg

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

98fce16653a4c67641a5c23f23ec479cdd529512ded6082de51fccaa8a3a6151

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-prod-n-02: Yes
x-prod-a-01: Yes
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 08:52:33 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=56, origin; dur=0, ak_p; desc="1711011153225_34706340_37399826_5933_10265_30_0_146";dur=1
content-length: 20234
x-xss-protection: 1;mode=block
last-modified: Wed, 20 Mar 2024 12:55:12 GMT
server: nginx
etag: "4f0a-6141719f32251"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=366
accept-ranges: bytes
expires: Thu, 21 Mar 2024 08:58:39 GMT

GET
H2 200 fig5.jpg
www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/ 89 KB
90 KB 169ms
166ms Image
image/jpeg 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/fig5.jpg

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

0a305f7a3044062f80e65bf0b312932776f71e4c603653fed82694a52d501f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Thu, 21 Mar 2024 08:52:33 GMT
x-prod-a-01: Yes
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=49, origin; dur=0, ak_p; desc="1711011153226_34706340_37399827_5347_12154_30_0_146";dur=1
x-prod-n-01: Yes
content-length: 91430
x-xss-protection: 1;mode=block
last-modified: Wed, 20 Mar 2024 12:55:27 GMT
server: nginx
etag: "16526-614171adb4570"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=340
accept-ranges: bytes
expires: Thu, 21 Mar 2024 08:58:13 GMT

GET
H2 200 fig6.jpg
www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/ 180 KB
180 KB 190ms
187ms Image
image/jpeg 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/fig6.jpg

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

10a3c276043d1d096cad8f445089b095712d22d0718d9e9e546e77ef8424d635

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-prod-n-02: Yes
x-prod-a-01: Yes
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 08:52:33 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=88, origin; dur=0, ak_p; desc="1711011153230_34706340_37399828_9601_12719_30_0_146";dur=1
content-length: 183812
x-xss-protection: 1;mode=block
last-modified: Wed, 20 Mar 2024 12:59:00 GMT
server: nginx
etag: "2ce04-61417278b586d"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=348
accept-ranges: bytes
expires: Thu, 21 Mar 2024 08:58:21 GMT

GET
H2 200 fig7.jpg
www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/ 46 KB
46 KB 137ms
134ms Image
image/jpeg 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/fig7.jpg

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b1812ee96bab043e7581a6ace51e4451be5665542ee7d7b168a872d47fae58d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Thu, 21 Mar 2024 08:52:33 GMT
x-prod-a-01: Yes
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=38, origin; dur=0, ak_p; desc="1711011153226_34706340_37399829_4232_9795_30_0_146";dur=1
x-prod-n-01: Yes
content-length: 46728
x-xss-protection: 1;mode=block
last-modified: Wed, 20 Mar 2024 12:55:27 GMT
server: nginx
etag: "b688-614171adc8d97"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315
accept-ranges: bytes
expires: Thu, 21 Mar 2024 08:57:48 GMT

GET
H2 200 fig8.jpg
www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/ 66 KB
66 KB 178ms
176ms Image
image/jpeg 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/fig8.jpg

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

957e9a4df26f0b04aefe60516d59611a52bee32540d8d822f49de466fd13cdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Thu, 21 Mar 2024 08:52:33 GMT
x-prod-a-01: Yes
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=69, origin; dur=0, ak_p; desc="1711011153225_34706340_37399830_7162_10517_30_0_146";dur=1
x-prod-n-01: Yes
content-length: 67614
x-xss-protection: 1;mode=block
last-modified: Wed, 20 Mar 2024 13:02:41 GMT
server: nginx
etag: "1081e-6141734bea051"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=245
accept-ranges: bytes
expires: Thu, 21 Mar 2024 08:56:38 GMT

GET
H2 200 fig9.jpg
www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/ 34 KB
34 KB 317ms
315ms Image
image/jpeg 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/fig9.jpg

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

081e53bb08c0bf2511fb81eda72d5917a78316d54735b57de6976957419c160e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Thu, 21 Mar 2024 08:52:33 GMT
x-prod-a-01: Yes
x-content-type-options: nosniff
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=66, origin; dur=162, ak_p; desc="1711011153228_34706340_37399831_23367_13099_32_0_146";dur=1
x-prod-n-01: Yes
content-length: 34765
x-xss-protection: 1;mode=block
last-modified: Wed, 20 Mar 2024 12:55:27 GMT
server: nginx
etag: "87cd-614171adc37a5"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=1795
accept-ranges: bytes
expires: Thu, 21 Mar 2024 09:22:28 GMT

GET
H2 200 fig10.jpg
www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/ 196 KB
197 KB 407ms
405ms Image
image/jpeg 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/fig10.jpg

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ab916d8025c8264d98271dcbaa2ef31e46761358c01bf1b17eca6737a1caead0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Thu, 21 Mar 2024 08:52:33 GMT
x-prod-a-01: Yes
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=307, origin; dur=0, ak_p; desc="1711011153239_34706340_37399832_32439_15574_30_0_146";dur=1
x-prod-n-01: Yes
content-length: 201057
x-xss-protection: 1;mode=block
last-modified: Wed, 20 Mar 2024 12:55:27 GMT
server: nginx
etag: "31161-614171adc9180"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=299
accept-ranges: bytes
expires: Thu, 21 Mar 2024 08:57:32 GMT

GET
H2 200 fig11.jpg
www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/ 73 KB
73 KB 182ms
180ms Image
image/jpeg 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/fig11.jpg

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

841125fda41a157eed81cf8206376a6bb78d640ea02fa6856eb576e3799461d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-prod-n-02: Yes
x-prod-a-01: Yes
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 08:52:33 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=81, origin; dur=0, ak_p; desc="1711011153228_34706340_37399833_8645_12219_30_0_146";dur=1
content-length: 74753
x-xss-protection: 1;mode=block
last-modified: Wed, 20 Mar 2024 12:55:56 GMT
server: nginx
etag: "12401-614171c99189b"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=275
accept-ranges: bytes
expires: Thu, 21 Mar 2024 08:57:08 GMT

GET
H2 200 fig12.jpg
www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/ 48 KB
48 KB 334ms
333ms Image
image/jpeg 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trendmicro.com/content/dam/trendmicro/global/en/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware/fig12.jpg

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1ee59d4aeecaef2771f6bf21e5f1fa814171ec96615a372ef082167874e0871a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Thu, 21 Mar 2024 08:52:33 GMT
x-prod-a-01: Yes
x-content-type-options: nosniff
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=91, origin; dur=160, ak_p; desc="1711011153225_34706340_37399834_25411_10431_31_0_146";dur=1
x-prod-n-01: Yes
content-length: 49010
x-xss-protection: 1;mode=block
last-modified: Wed, 20 Mar 2024 12:55:27 GMT
server: nginx
etag: "bf72-614171adb83f1"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
expires: Thu, 21 Mar 2024 09:22:33 GMT

GET
H2 200 granite.min.js Show response
www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/ 4 KB
2 KB 65ms
65ms Script
application/javascript 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

c986afd07a4082d65befeef18869a4cd5e00f3ac6e8228d49658802c7453a1b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
x-prod-a-01: Yes
last-modified: Thu, 07 Mar 2024 20:21:57 GMT
server: Akamai Resource Optimizer
date: Thu, 21 Mar 2024 08:52:32 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711011152985_34706340_37399286_192_13495_31_0_182";dur=1
x-prod-n-01: Yes
content-length: 1422
x-xss-protection: 1;mode=block

GET
H2 200 clientLibs.min.js Show response
www.trendmicro.com/etc.clientlibs/trendmicro/editableTemplateComponents/content/footer/v1/footer/ 646 B
630 B 63ms
62ms Script
application/javascript 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendmicro/editableTemplateComponents/content/footer/v1/footer/clientLibs.min.js

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

db05d4267dfa54efcffce5353b6b16959137d2387075f61974be55c6d3d6413c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
x-prod-a-01: Yes
last-modified: Thu, 07 Mar 2024 21:58:07 GMT
server: Akamai Resource Optimizer
date: Thu, 21 Mar 2024 08:52:33 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711011153050_34706340_37399431_105_12384_31_0_182";dur=1
x-prod-n-01: Yes
content-length: 251
x-xss-protection: 1;mode=block

GET
H2 200 sly.min.js Show response
www.trendmicro.com/content/dam/trendmicro/global/core-library/ 18 KB
7 KB 79ms
78ms Script
application/javascript 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/content/dam/trendmicro/global/core-library/sly.min.js

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

e8dc09e4ddc3c326ef6341498e7e8e70af3a848713429b909be53c947b43da10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
x-prod-a-01: Yes
date: Thu, 21 Mar 2024 08:52:33 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="1711011153068_34706340_37399469_555_12432_31_0_182";dur=1
x-prod-n-01: Yes
content-length: 6497
x-xss-protection: 1;mode=block
last-modified: Wed, 20 Mar 2024 10:46:09 GMT
server: Akamai Resource Optimizer
etag: "48de-6141547e2d84a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=533827
accept-ranges: bytes
expires: Wed, 27 Mar 2024 13:09:40 GMT

GET
H2 200 jwplayer.js Show response
www.trendmicro.com/content/dam/trendmicro/global/core-library/ 81 KB
23 KB 118ms
118ms Script
application/javascript 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/content/dam/trendmicro/global/core-library/jwplayer.js

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

3dc5d7f667c6a793c6a56b96afffa81664350fdb10c7544112ea9057e563dc6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
x-prod-a-01: Yes
date: Thu, 21 Mar 2024 08:52:33 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=37, ak_p; desc="1711011153122_34706340_37399583_3825_17668_30_0_182";dur=1
x-prod-n-01: Yes
content-length: 22997
x-xss-protection: 1;mode=block
last-modified: Thu, 14 Mar 2024 03:16:41 GMT
server: Akamai Resource Optimizer
etag: "1457a-61317555a88df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=59871
accept-ranges: bytes
expires: Fri, 22 Mar 2024 01:30:24 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 506ms
70ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

ESF /

Resource Hash

5bb22e81453d6b69b10d640ba35b9a6ff3cc402d23e8b034bb3a1f1cee362084

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=it for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 21 Mar 2024 08:52:33 GMT

GET
H2 200 clientlib-trendresearch.min.js Show response
www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/ 385 KB
99 KB 122ms
117ms Script
application/javascript 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch.min.js

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

a4328c78cf1b5cc23e5b78142d563d1f2a92eac3ca9d0e0d68c86c4a2084db10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
x-prod-a-01: Yes
last-modified: Thu, 07 Mar 2024 18:27:06 GMT
server: Akamai Resource Optimizer
x-prod-n-02: Yes
date: Thu, 21 Mar 2024 08:52:33 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=29, ak_p; desc="1711011153214_34706340_37399771_3686_12792_30_0_182";dur=1
content-length: 101376
x-xss-protection: 1;mode=block

GET
H2 200 header-footer.min.js Show response
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/ 36 KB
6 KB 66ms
62ms Script
application/javascript 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/header-footer.min.js

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

523e8e412693994fe6b7c57035ee70d6d0981da58428747101852ac0710fbded

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
x-prod-a-01: Yes
last-modified: Thu, 14 Mar 2024 03:09:25 GMT
server: Akamai Resource Optimizer
x-prod-n-02: Yes
date: Thu, 21 Mar 2024 08:52:33 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711011153206_34706340_37399772_38_12733_30_0_182";dur=1
content-length: 5336
x-xss-protection: 1;mode=block

GET
H2 200 821060e3-3f9c-4a2f-8613-8e0db4841f79.json Show response
cdn.cookielaw.org/consent/821060e3-3f9c-4a2f-8613-8e0db4841f79/ 5 KB
2 KB 489ms
78ms XHR
application/x-javascript 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/821060e3-3f9c-4a2f-8613-8e0db4841f79/821060e3-3f9c-4a2f-8613-8e0db4841f79.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46de57c6df31c44a1643554ab0f35c98726915610e15cfdc96e16f8b7bad1aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Mar 2024 08:52:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14262
content-md5: 7hy1cOK5Wwhy8x7W0rnWIw==
content-length: 1774
x-ms-lease-status: unlocked
last-modified: Mon, 11 Mar 2024 20:41:46 GMT
server: cloudflare
etag: 0x8DC420BAB62D29C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 41e52c64-b01e-0077-1e67-79ec17000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 867cb4dbaef54c6d-MXP
expires: Fri, 22 Mar 2024 08:52:33 GMT

GET
H2 200 autopilot_sdk.js Show response
cdn.bc0a.com/autopilot/f00000000017219/ 37 KB
14 KB 256ms
152ms Script
application/javascript 35.201.125.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bc0a.com/autopilot/f00000000017219/autopilot_sdk.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.sync.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.125.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

192.125.201.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

8f165f985e320dc59f197fbbb490da7c547d89887457ad09dfe75599c950bc7f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://www.trendmicro.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-goog-meta-marvel_enabled: false
content-security-policy: default-src 'self' 'unsafe-inline';
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPq0I9kCdZTi3RwmRGj80Y8UbVscEtsfVmwNUBzWFDEHS-HtBy4NVSk1JNjHpOI8CXZVhxQ
x-goog-meta-sdk_canonical_host
x-goog-meta-sdk_whitelist: ixf
x-goog-stored-content-encoding: gzip
x-goog-meta-publishingdate: 2023-10-20 15:39:22
x-goog-meta-sdk_canonical_protocol
etag: "3aad08e612ecaabb32fad8e36d99578e"
vary: Accept-Encoding
x-goog-generation: 1697816362499806
content-language: en
access-control-allow-origin: *
x-goog-meta-custom: true
access-control-expose-headers: Content-Type
x-goog-meta-marvel_test_mode: false
cache-control: public, max-age=360
content-type: application/javascript
x-goog-meta-spa: false
expires: Thu, 21 Mar 2024 08:58:33 GMT
x-goog-meta-sdk_version: 1.5.9
date: Thu, 21 Mar 2024 08:52:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-goog-meta-sdk_account_id: f00000000017219
x-goog-meta-sdk_request_parameters_case_sensitive: false
x-goog-meta-marvel_config_consistency_custom: {"data-url":"dataservice.tmok.tm/tc.png,trendmicro.scene7.com,0,.66,1&qlt=80,1.0&amp","data-dropsrcset":"true","data-customerid":"f00000000017219","data-ignorepath":"uat-author.we.trendmicro.com,uat.we.trendmicro.com,prod-author.we.trendmicro.com,qa-author.we.trendmicro.com,qa.we.trendmicro.com"}
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-marvel_customer_id
x-goog-metageneration: 3
x-goog-meta-sdk_log_level: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12736
x-goog-meta-content_only: false
last-modified: Fri, 20 Oct 2023 15:39:22 GMT
server: UploadServer
x-goog-hash: crc32c=x1TL3Q==, md5=Oq0I5hLsqrsy+tjjbZlXjg==
x-goog-stored-content-length: 12736
accept-ranges: bytes
x-goog-meta-disable_debug_elements: false

GET
H2 200 0348870233 Show response
ixfd2-api.bc0a.com/api/ixf/1.0.0/get_capsule/f00000000017219/ 8 KB
1 KB 177ms
52ms XHR
application/json 34.111.194.12
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ixfd2-api.bc0a.com/api/ixf/1.0.0/get_capsule/f00000000017219/0348870233?client=js_sdk&client_version=1.5.9&orig_url=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&base_url=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.128%20Safari%2F537.36
Requested by: Host: cdn.bc0a.com
URL: https://cdn.bc0a.com/autopilot/f00000000017219/autopilot_sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.194.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 12.194.111.34.bc.googleusercontent.com
Software: bws/1.0 /
Resource Hash: 9f0f8b97bbedd536c657c8509450f8dbcc3618032ee7b22577d6d6f00f6a0e47

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-be-pop: BRU-1-301
date: Thu, 21 Mar 2024 08:52:24 GMT
content-encoding: br
via: 1.1 google
server: bws/1.0
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 LJA84-589LU-SVNVV-WKPLQ-NBTC7 Show response
s.go-mpulse.net/boomerang/ 159 KB
40 KB 516ms
98ms Script
application/javascript 2.19.216.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/LJA84-589LU-SVNVV-WKPLQ-NBTC7
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.216.168 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-216-168.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2f1872ca675850da33a82c31c6f2c573bc2a8a7c4634c21ed0370638193975b0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:33 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Tue, 19 Dec 2023 08:14:27 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 41190

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 310 KB
71 KB 91ms
90ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.js
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e935a8d1a20e5b651a2bb6e6ea0542e85e25700fc38681f9868e07462cdc948b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: yeVSCk_s0cceMEkRLK5skf_QsG_DRE.6
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:44 GMT
last-modified: Tue, 19 Mar 2024 13:02:16 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 178
x-amz-server-side-encryption: AES256
etag: W/"6c6f1bca28b11df72372f492697d3dcc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: XOiFZM2GD7VcK749OBHdb-Uyz1Wa9StADyM8xYX1HcGp91g39x-DGA==

GET
H2 200 xdr-product-console-shot
trendmicro.scene7.com/is/image/trendmicro/ 18 KB
18 KB 73ms
72ms Image
image/webp 193.108.153.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trendmicro.scene7.com/is/image/trendmicro/xdr-product-console-shot?scl=1.0&qlt=95&fmt=webp-alpha

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-10.deploy.static.akamaitechnologies.com

Software

Unknown /

Resource Hash

74f5da663574c88f8694494adf45161949674fcfff783f3306b0644dc2a84adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 21 Mar 2024 08:52:33 GMT
last-modified: Wed, 04 Jan 2023 02:43:22 GMT
server: Unknown
akamai-grn: 0.0ace3617.1711011153.67a58c17
x-adobe-modifierlist: QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag: "b3ffdce154f5ac33f90bafd0b8f52ddf"
x-adobe-assetlist: QlpoOTFBWSZTWSzIeOkAAAITgAACgAoOZ95AIAAxTJiZBkYUGTQMGpD6ZCPsuEfgkoW50OJVGIEuNhB8XckU4UJAsyHjpA==
access-control-allow-origin: *
content-type: image/webp
x-adobe-smart-imaging: 0
x-akamai-cache: Hit
content-length: 18350
expires: Thu, 21 Mar 2024 16:37:56 GMT

GET
H2 200 jquery.min.js Show response
www.trendmicro.com/etc.clientlibs/clientlibs/granite/ 111 KB
34 KB 90ms
89ms Script
application/javascript 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery.min.js

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

1b973667ceb759e49f2982721f36e4d20a2f8b5dce8c47ccf3039d6ab748143e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
x-prod-a-01: Yes
last-modified: Thu, 07 Mar 2024 19:49:32 GMT
server: Akamai Resource Optimizer
x-prod-n-02: Yes
date: Thu, 21 Mar 2024 08:52:33 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711011153257_34706340_37399905_294_10692_30_0_219";dur=1
content-length: 34051
x-xss-protection: 1;mode=block

GET
H2 200 OpenSans.woff2
www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch/resources/fonts/OpenSans/ 58 KB
58 KB 169ms
167ms Font
application/octet-stream 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch/resources/fonts/OpenSans/OpenSans.woff2

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

4a7f7e246fb61ccc3f57cd38061bbbdd4ada9768649d9d3e3362ec46be278bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch.min.css
Origin: https://www.trendmicro.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Thu, 21 Mar 2024 08:52:33 GMT
x-prod-a-01: Yes
x-content-type-options: nosniff
last-modified: Mon, 08 May 2023 17:33:35 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: public, max-age=1540
server-timing: cdn-cache; desc=HIT, edge; dur=86, origin; dur=0, ak_p; desc="1711011153278_34706340_37399934_9089_10515_30_0_255";dur=1
x-prod-n-01: Yes
content-length: 59444
x-xss-protection: 1;mode=block

GET
H2 200 material-symbols-outlined.woff2
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/ 225 KB
226 KB 81ms
79ms Font
application/octet-stream 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/material-symbols-outlined.woff2

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ad514bcb3f2e982a190a5e963a29655f37824683a85f6b9ebe942ebd735e18ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch.min.css
Origin: https://www.trendmicro.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Thu, 21 Mar 2024 08:52:33 GMT
x-prod-a-01: Yes
x-content-type-options: nosniff
last-modified: Thu, 07 Sep 2023 17:07:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: public, max-age=378
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711011153276_34706340_37399935_325_11021_30_0_255";dur=1
x-prod-n-01: Yes
content-length: 230732
x-xss-protection: 1;mode=block

GET
H2 200 422ea8eb-ab70-4ffb-9bf3-5a841254edba-3.woff
www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch/resources/fonts/interstate/ 72 KB
72 KB 353ms
352ms Font
application/x-font-woff 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch/resources/fonts/interstate/422ea8eb-ab70-4ffb-9bf3-5a841254edba-3.woff

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f64a06f7949a0dabe65e7683ade627d29301122d68a4bc3239b161ec00697e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch.min.css
Origin: https://www.trendmicro.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-prod-n-02: Yes
x-prod-a-01: Yes
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2020 17:32:22 GMT
server: nginx
date: Thu, 21 Mar 2024 08:52:33 GMT
x-frame-options: SAMEORIGIN
content-type: application/x-font-woff
cache-control: public, max-age=1321
server-timing: cdn-cache; desc=HIT, edge; dur=206, origin; dur=0, ak_p; desc="1711011153345_34706340_37399936_27713_12669_30_0_255";dur=1
content-length: 73259
x-xss-protection: 1;mode=block

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 454ms
52ms Font
font/woff2 216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.trendmicro.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 00:50:53 GMT
x-content-type-options: nosniff
age: 201700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 00:50:53 GMT

GET
H2 200 icomoon.ttf
www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch/resources/fonts/ 24 KB
14 KB 168ms
166ms Font
application/x-font-ttf 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch/resources/fonts/icomoon.ttf

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

bc6e1ea2c2ddcb591413f7bd88178f4563bd3dbbb5726fa86ad11777f99d5bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch.min.css
Origin: https://www.trendmicro.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-prod-n-02: Yes
x-prod-a-01: Yes
x-content-type-options: nosniff
last-modified: Thu, 09 Dec 2021 18:07:24 GMT
server: nginx
date: Thu, 21 Mar 2024 08:52:33 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-font-ttf
cache-control: public, max-age=830
server-timing: cdn-cache; desc=HIT, edge; dur=72, origin; dur=0, ak_p; desc="1711011153278_34706340_37399938_7637_10812_30_0_255";dur=1
content-length: 14370
x-xss-protection: 1;mode=block

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 49 KB
49 KB 508ms
107ms Font
font/woff2 216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f3.1e100.net

Software

sffe /

Resource Hash

0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.trendmicro.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 08:07:09 GMT
x-content-type-options: nosniff
age: 175524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50296
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:10:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 08:07:09 GMT

GET
H2 200 OpenSans-SemiBold.woff2
www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch/resources/fonts/OpenSans-SemiBold/ 58 KB
58 KB 143ms
142ms Font
application/octet-stream 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch/resources/fonts/OpenSans-SemiBold/OpenSans-SemiBold.woff2

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5c30d00dbb97ec4c05d6b41e850ea8ffab1c1623692de4193bcb235639be1d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch.min.css
Origin: https://www.trendmicro.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-prod-n-02: Yes
x-prod-a-01: Yes
x-content-type-options: nosniff
last-modified: Mon, 08 May 2023 17:33:35 GMT
server: nginx
date: Thu, 21 Mar 2024 08:52:33 GMT
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: public, max-age=1403
server-timing: cdn-cache; desc=HIT, edge; dur=50, origin; dur=0, ak_p; desc="1711011153279_34706340_37399939_5577_13152_30_0_255";dur=1
content-length: 59480
x-xss-protection: 1;mode=block

GET
H2 200 dade3edf-02a3-4844-947e-95175f24faef-3.woff
www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch/resources/fonts/InterstateExtraLight/ 37 KB
38 KB 240ms
240ms Font
application/x-font-woff 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch/resources/fonts/InterstateExtraLight/dade3edf-02a3-4844-947e-95175f24faef-3.woff

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

d5f14381258973e1a93167d8b3486ae1b2665ea072feb622e1ec0a446facc400

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch.min.css
Origin: https://www.trendmicro.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Thu, 21 Mar 2024 08:52:33 GMT
x-prod-a-01: Yes
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2020 17:32:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/x-font-woff
cache-control: public, max-age=755
server-timing: cdn-cache; desc=HIT, edge; dur=108, origin; dur=0, ak_p; desc="1711011153318_34706340_37399940_15288_22062_30_0_255";dur=1
x-prod-n-01: Yes
content-length: 38313
x-xss-protection: 1;mode=block

GET
H2 200 Interstate-Bold.woff2
www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch/resources/fonts/Interstate-Bold/ 50 KB
51 KB 148ms
148ms Font
application/octet-stream 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch/resources/fonts/Interstate-Bold/Interstate-Bold.woff2

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1203817a41844d7b3fb01f6ebdef78975b98e96e09719b60fecc368afde2fc6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch.min.css
Origin: https://www.trendmicro.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Thu, 21 Mar 2024 08:52:33 GMT
x-prod-a-01: Yes
x-content-type-options: nosniff
last-modified: Mon, 08 May 2023 17:33:35 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: public, max-age=1350
server-timing: cdn-cache; desc=HIT, edge; dur=53, origin; dur=0, ak_p; desc="1711011153276_34706340_37399941_5606_10868_30_0_255";dur=1
x-prod-n-01: Yes
content-length: 51664
x-xss-protection: 1;mode=block

GET
H2 200 e9258aa9-8d38-4395-b7e7-e18df29986f1-3.woff
www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch/resources/fonts/interstate-light/ 68 KB
68 KB 122ms
122ms Font
application/x-font-woff 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch/resources/fonts/interstate-light/e9258aa9-8d38-4395-b7e7-e18df29986f1-3.woff

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

beb4690cf911f555766083248e81809736077be198a40edad9868c9e4469ca65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.trendmicro.com/etc.clientlibs/trendresearch/clientlibs/clientlib-trendresearch.min.css
Origin: https://www.trendmicro.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-prod-n-02: Yes
x-prod-a-01: Yes
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2020 17:32:22 GMT
server: nginx
date: Thu, 21 Mar 2024 08:52:33 GMT
x-frame-options: SAMEORIGIN
content-type: application/x-font-woff
cache-control: public, max-age=1335
server-timing: cdn-cache; desc=HIT, edge; dur=39, origin; dur=0, ak_p; desc="1711011153276_34706340_37399942_4181_10809_30_0_255";dur=1
content-length: 69724
x-xss-protection: 1;mode=block

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 69 B
308 B 457ms
56ms XHR
application/json 104.18.32.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.32.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.trendmicro.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 867cb4deaf904beb-MXP
access-control-allow-headers: Content-Type

GET
H2 200 utils.min.js Show response
www.trendmicro.com/etc.clientlibs/clientlibs/granite/ 10 KB
4 KB 82ms
81ms Script
application/javascript 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/utils.min.js

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

799cb15a25ed2fa78bdba496d1afbc68f033a3a5dd9ead12f4eaac4e0a93236d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
x-prod-a-01: Yes
last-modified: Thu, 07 Mar 2024 19:55:09 GMT
server: Akamai Resource Optimizer
date: Thu, 21 Mar 2024 08:52:33 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711011153332_34706340_37400048_32_12551_30_0_219";dur=1
x-prod-n-01: Yes
content-length: 3224
x-xss-protection: 1;mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 121 KB
47 KB 464ms
64ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0743ce78cab3838059e4e6e8fd56b26e126b47ad59a4e0beeefb935d751775b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47864
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Mar 2024 08:52:33 GMT

GET
H2 404 token.json Show response
www.trendmicro.com/libs/granite/csrf/ 245 B
460 B 119ms
119ms XHR
text/html 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trendmicro.com/libs/granite/csrf/token.json
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-216-164.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ddb3a051562457ce3d69a677341ad2cccad3a6c7dc6ca563c3a0c7a69ea181e7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:33 GMT
content-encoding: gzip
x-prod-a-01: Yes
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
server-timing: cdn-cache; desc=HIT, edge; dur=51, origin; dur=0, ak_p; desc="1711011153458_34706340_37400325_5041_13024_30_0_219";dur=1
content-length: 206

GET
H2 200 dict.en.json Show response
www.trendmicro.com/libs/cq/i18n/ 14 KB
4 KB 309ms
309ms XHR
application/json 2.19.216.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trendmicro.com/libs/cq/i18n/dict.en.json

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-164.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

da8c4697d246d5dde073b87ff33798d3fc46c4a3c5ca37626292b8efc7c3de99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-prod-n-02: Yes
x-prod-a-01: Yes
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
date: Thu, 21 Mar 2024 08:52:33 GMT
etag: "b91bea50244aae0b72b630e6c7e2791f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json;charset=utf-8
cache-control: public, max-age=900
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=44, origin; dur=190, ak_p; desc="1711011153493_34706340_37400447_23536_12504_30_0_255";dur=1
content-length: 4080
x-xss-protection: 1;mode=block

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202310.2.0/ 426 KB
103 KB 48ms
47ms Script
application/javascript 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

838f4b697deefb701f31eb892e6dde74a92dd7c65d4d56f967bb79c17a66d79e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Mar 2024 08:52:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3zwKFeg02sA5dMnkMN3c/A==
age: 51672
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 105024
x-ms-lease-status: unlocked
last-modified: Tue, 05 Dec 2023 03:37:34 GMT
server: cloudflare
etag: 0x8DBF54385213BD6
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9da7b195-801e-001e-0647-27d55b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 867cb4df3ee94be7-MXP

GET
H2 200 utag.255.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 408 B
851 B 55ms
51ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.255.js?utv=ut4.44.201708221516
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59ab9a69534e7f922327cac4bb2bf4dad6f9f54b1a1b25d507caf924d4875c4e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: yK3GvB1pfiV2FIVsJ33vXHXzGbPd0Viv
date: Thu, 21 Mar 2024 08:49:45 GMT
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD56-P4
age: 177
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 408
last-modified: Tue, 19 Mar 2024 13:02:15 GMT
server: AmazonS3
etag: "49256e30ee60e58fdd2af8dfd8f52b2c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1296000
accept-ranges: bytes
x-amz-cf-id: tIwThAIDAtA9gbl1U6KVqXBPCDTEuR4EYzLRBpW1-IHY2G6Hl5-RnA==

GET
H2 200 utag.18.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 2 KB
1 KB 55ms
51ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.18.js?utv=ut4.44.201510262117
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ad235cfa11b9acda282b80197f937f38319b70d8a822b93c9e711e54210ddb9

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: Cf0yd0INUt2lgXA433ovDRVRxSpexNpw
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:08 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 177
x-amz-server-side-encryption: AES256
etag: W/"205d78d6027bdc6110d97ef2ec13c3b6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 6HDZwIxHxVgXT6KYFFUlvozWzSUdLkqFF1CN7kLpH463Xr5dCBbtUQ==

GET
H2 200 utag.539.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 4 KB
2 KB 56ms
52ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.539.js?utv=ut4.44.202302152254
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f1a27a760c37b6a154ebcffada85ee428f16ed95a9d505bb7be5a1f6ae453240

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: S6DXauaNHRl.5zcC4gwm.Y1qL4H4opg3
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:14 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 177
x-amz-server-side-encryption: AES256
etag: W/"3cc1f8b429a72f1ccd31dba94c5c79de"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 4hYyugv9KnwVjuUYwh9jvRS1PTLVN0EhkpDiiejIow41P_dE4-0KHg==

GET
H2 200 utag.260.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 23 KB
6 KB 73ms
68ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.260.js?utv=ut4.44.201708221516
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 48525ad3a15cfb854852bc4f8dfe22d07bbd11d3daf48faafa6a80f1f18810fa

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: Vjx7FQn5XzbrV.Ef3RDzbQ0lQxDaAuyO
content-encoding: gzip
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:15 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 177
x-amz-server-side-encryption: AES256
etag: W/"9ebeb5d5a723927bbba94f8c0fa9733b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: hMxSrS02sKmM9_uSjTcARHKp0j_AykUxHM_SFW-IsGRzyj8UssSNgQ==

GET
H2 200 utag.101.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 27 KB
7 KB 73ms
68ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.101.js?utv=ut4.44.202307121000
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 659f693fbd2abaae1b91cef6d973fec486e1bee1f23aaf97a7d13f02667f0c34

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: G4B0YTipUxYlCftwgxcZQ9V55ZcuO5gD
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:11 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 177
x-amz-server-side-encryption: AES256
etag: W/"818f73e4e7bfda18cb914185117bf1b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 1CMxC7FgvJTsUjg3FFER3ZcIWXYEWDrHJJN-aaXFgNMjtLI8SiTOGQ==

GET
H2 200 utag.100.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 23 KB
6 KB 73ms
68ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.100.js?utv=ut4.44.202307121000
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50c22b5e697df683124649676d06ae96bc0b2929b26ee990aa5ba12d55a2ce6a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: Ac.gi41Lr0_Y_LD3YHACURQlvGuwOWFx
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:12 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 177
x-amz-server-side-encryption: AES256
etag: W/"6fe7c3c093d9b62a099527e329f44769"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: kN2hj1MKCdXooSeQIltrJCRo8Ff08-sfPSt-r_YNQa13gEFJXHSlTg==

GET
H2 200 utag.75.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 3 KB
2 KB 73ms
69ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.75.js?utv=ut4.44.201608171750
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21e2885d41a3c2cebe9123cf9859052d95d35442fc49d9e602ebf401f2bfc3a5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: 6w2QcpAUXSVypFqM2Z6rtrTVJ7ruuOm8
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:07 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 177
x-amz-server-side-encryption: AES256
etag: W/"39f3579a4c6ccefeb8cf77f93deea8c6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: sArwhnHaQ7fDoIDMkPf9Rp63HU6SIevoedSzkZtXZxfJ_u11gLFHvg==

GET
H2 200 utag.252.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 2 KB
1 KB 73ms
69ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.252.js?utv=ut4.44.201708221330
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e67f35914cc53cf840305d670c5690088c0da3154278cebc65f40bed4316ea8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: pjCyLzi8nL8b6qLUWJYsEzatzU3iGwvT
content-encoding: gzip
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:06 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 177
x-amz-server-side-encryption: AES256
etag: W/"af72aff877c8569213030ba86fa2db19"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: g4C8Q_TvTLB1EzrA63xaKk7ld3EpDGnBl5K0i_7EA-TjTPKdqXlj3w==

GET
H2 200 utag.158.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 3 KB
2 KB 72ms
68ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.158.js?utv=ut4.44.201708221516
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1e3e039c51364c1f9c32ba63773a244a96fd289f08eb702411e1a6e9704084a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: C3lAntNR1nAKr8NX5WZSr2QSyFnRkLm3
content-encoding: gzip
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:09 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 177
x-amz-server-side-encryption: AES256
etag: W/"a66e2881eae548312b7e17e6c7d979a5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: g5Fp38QPYSnLvxA0BcnGNY3KJ8TCYMsMGv22egKSyHxcuLzPP0fPUQ==

GET
H2 200 utag.361.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 7 KB
2 KB 73ms
69ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.361.js?utv=ut4.44.202001241305
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e12a301591d014a6efb09c31c2811b608370cabcc8260d1d3eee04ae71430d7b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: vESkSsft2cdkQfc0Lc.aLXwoIAbwOsvj
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:11 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 177
x-amz-server-side-encryption: AES256
etag: W/"64cdb02d75634512343e7be32ac749da"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 0nJkOppZss4GUXfpQB8Gtcx_pvier6r-K9KvWCWEBCe0LcfgGApuLQ==

GET
H2 200 utag.321.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 5 KB
2 KB 91ms
87ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.321.js?utv=ut4.44.201708311522
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e468297705e8272bd97f922625167980fdedd95e6dfce99a1faa960c1be3c68

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: aMN70KddL27OPFWCuSZ6cxuaNoqduW7e
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:13 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 177
x-amz-server-side-encryption: AES256
etag: W/"4695ddd426dab98f74d4c9515cb6995d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: GqkUZVELEKL5lXsht3wHvbczllvGK6DPOOE2hivh75ILPQa9tOUHgg==

GET
H2 200 utag.417.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 4 KB
2 KB 90ms
87ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.417.js?utv=ut4.44.202307211458
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c405da852de09620661dca52797287f678e666e4e1f5835b327285ee8621f31

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: COvsziJkB9KPzd4ee_DGzKKs5eMoH7L8
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:15 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 177
x-amz-server-side-encryption: AES256
etag: W/"3f7ab7021aeb4807b3fd8c425c1728e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: jhZz_LTL8Oef9ehW_LVO1CH3E1zkGyHYF9KYZgwHncjOjIebWu24FQ==

GET
H2 200 utag.523.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 10 KB
3 KB 90ms
87ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.523.js?utv=ut4.44.202010211554
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 98a2259789a3127ef95143618f275587a8402a19928447439794e05e675850bf

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: iCHLOpF4avW2aK6Emxd9vjKSQp.D3eEc
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:15 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 177
x-amz-server-side-encryption: AES256
etag: W/"c02617d87ebf7b2e06bfeee252fe938c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 36j2hDtjnXU9V8ZeueTFbOImDtm4OOb-KPImnhVhRh1_ylclmMQWCQ==

GET
H2 200 utag.525.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 2 KB
1 KB 92ms
89ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.525.js?utv=ut4.44.202010151358
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec9132d0a36ed2d9037fcf30d99f00e8fd935484c60ce22f3df052c54564b06c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: Wb5YkTPW_w0MSUe.QerAKNLSQepxvsqC
content-encoding: gzip
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:09 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 177
x-amz-server-side-encryption: AES256
etag: W/"61b476feb9ef0f898cf571677762c09e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: sBDoI1HMmMK4nhXbJnWUtjHJKlF5DTvq4kxql7dMZnptLdav7yduQw==

GET
H2 200 utag.536.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 18 KB
6 KB 90ms
87ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.536.js?utv=ut4.44.202012081217
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0349f91a0cbc1774e8ca090e6102f9e041f6f5b29cd317a632c0b8a70f8eeeb0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: L6txDV2s2sxrGmuh7a61qMn_.8MiPDjB
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:14 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 177
x-amz-server-side-encryption: AES256
etag: W/"1fd03c613bc7a7890ab5ee6f165a27c9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Dmkz-a_nt3NVL93lS_MtJdjVCPLvhfKzu2OfJvk9UAdf_sZZPiRuzA==

GET
H2 200 utag.542.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 10 KB
3 KB 92ms
89ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.542.js?utv=ut4.44.202104211340
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d3f389ef362eb1f034dd5fecadf89e7d5ff85cae3c2c3fdf7ca1fc23f590e09

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: HInZcu8wi0TLxYIxqav5I9BvJRq1GIDj
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:12 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 177
x-amz-server-side-encryption: AES256
etag: W/"0b11a88835d5eab92549f08eff56d3e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: QFd2BfyJFxKxXdy4gFwpHFNqTSAUpWh4BJ7F2iaGi6Fl3e_xny1R3A==

GET
H2 200 utag.551.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 2 KB
1 KB 92ms
90ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.551.js?utv=ut4.44.202206160737
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f374ef673fd02575d09d87b9788aab1b150e1d3817100bdb40970e07873a0d45

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: vNSv2bPGIWXkew5c3A2X8BE8NyW_bsMM
content-encoding: gzip
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:09 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 176
x-amz-server-side-encryption: AES256
etag: W/"508d520622d67684bd0d0b1e0c30fd0c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: BWm2nYQHEDz9IXlT2n_BP0xwhCLGi1iCEpq5eTtg4cBd5Tmy-yh4nQ==

GET
H2 200 utag.555.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 4 KB
2 KB 92ms
89ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.555.js?utv=ut4.44.202108111458
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a971914079ce7633667c84ad7c4a2ed0f5da99cb54689159b1113576f9038dbc

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: SzSyEK8khJoQUspSM6jOeDbfBNnwB0xE
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:47 GMT
last-modified: Tue, 19 Mar 2024 13:02:15 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 177
x-amz-server-side-encryption: AES256
etag: W/"07563dcbf6b61899a15e725c838864e4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 4aUdgP_xcB7bDwML5D8ESJ-Iqc2lOnHRP3IrX-xJUITDptrGYlrOiA==

GET
H2 200 utag.576.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 14 KB
5 KB 91ms
89ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.576.js?utv=ut4.44.202307032021
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 305a8b631d2a635350a9821b47ef992134f3613115b2d207e8586ae547d38c18

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: FyDzuvxewsndAevfhRAb9SG1S.DuvXAZ
content-encoding: gzip
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:47 GMT
last-modified: Tue, 19 Mar 2024 13:02:12 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 177
x-amz-server-side-encryption: AES256
etag: W/"3091e88ca28a42c7f3a5cce74e1ead7f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: XWjWzEhs7S7iA62cEkV0nWnU0dLyDHlGILQ_Ynt7hVqUq1Z-dbwv7g==

GET
H2 200 utag.591.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 2 KB
2 KB 92ms
89ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.591.js?utv=ut4.44.202302221438
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69b3cd1e2bcd07c1b1c5dd565ea94af512e10601717a3515b89917ebcea8d582

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: FpgYOlzn..HHJQ_pJhViRZdmxlalVucP
content-encoding: gzip
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:50:26 GMT
last-modified: Tue, 19 Mar 2024 13:02:07 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 128
x-amz-server-side-encryption: AES256
etag: W/"e2e1e50daa8a835f26111830b2a8ed07"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: hxk95yghQh9DVTEXScoygoJ74kppU_3cNMrXX5gab_-q80huV7hVmg==

GET
H2 200 utag.592.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 2 KB
1 KB 92ms
90ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.592.js?utv=ut4.44.202303031111
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec8fa72ac5292e4c3a7aed1cac6784de56eb8ef02bf843ad198276e6f950e87b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: 7w_h2GlQoGrXPDSs82fk2jyA6EvkJPOt
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:47 GMT
last-modified: Tue, 19 Mar 2024 13:02:14 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 177
x-amz-server-side-encryption: AES256
etag: W/"1657c6d8664fed180fd81d726cc7d969"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: gfMJ1T9hjlqFapzVg2zt4IFmz_Q8xeAsWv8vQwBCjMpf7bc-sdwUFg==

GET
H2 200 utag.614.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 2 KB
1 KB 91ms
89ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.614.js?utv=ut4.44.202308081416
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d5cbfbc5846630e246bd68b2be476b29ec7e8412cc10eb2d21cce8f7d282495

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: FAE7Xi_ZDQqYslLOaaVN6fRHqBiL6kZO
content-encoding: gzip
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:47 GMT
last-modified: Tue, 19 Mar 2024 13:02:15 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 177
x-amz-server-side-encryption: AES256
etag: W/"118012378dbc678ecd43bfd904a59f6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: IpfhBaxbj7aZNyEqqwbBeCAs_n-zJtlmLHcUixdhhK0m77D2qr2Vpg==

GET
H2 200 utag.619.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 4 KB
2 KB 465ms
464ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.619.js?utv=ut4.44.202311081014
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27202323ae9cd982c9e1dc8fe8ff60b7d72d424c2bf475214644426e00253feb

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: pn72bmwQDViMtEGrpqYkmFEn9JzmJUsr
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:52:35 GMT
last-modified: Tue, 19 Mar 2024 13:02:09 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
x-amz-server-side-encryption: AES256
etag: W/"9b5c26bf2d0928e37081ad9af2c12425"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Kgg6rYSLqFJCcFK60zS6MJBLp29bs20PqhGgd-UOWzCfzmD7AXYRBg==

GET
H2 200 utag.621.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 4 KB
2 KB 92ms
90ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.621.js?utv=ut4.44.202403051655
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 41d196c42c4f9465f14f1b766f862d839badfb0098cb09d79ade62f0c1aca995

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: Z7QWNksWOFAMtpjbQNI_39rzjmJzN0WG
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:45 GMT
last-modified: Tue, 19 Mar 2024 13:02:08 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 177
x-amz-server-side-encryption: AES256
etag: W/"c50c8dc4165d8226a0fe9ec6c892377b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: USEQuMfw9h_cfnwj0WswIpdQS9nwHQPPnSh4o40r7MazYjHiNkIdlw==

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/821060e3-3f9c-4a2f-8613-8e0db4841f79/018df10f-970e-7a0e-8877-3501403b37a5/ 108 KB
26 KB 68ms
67ms Fetch
application/x-javascript 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/821060e3-3f9c-4a2f-8613-8e0db4841f79/018df10f-970e-7a0e-8877-3501403b37a5/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18f1cfebeef3939fa5e6ce5629c502a660f2338d4ad898e251c72bcb9412b85e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Mar 2024 08:52:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 32132
content-md5: oqG9yjHCjmp+Vnctlz9j7g==
content-length: 25959
x-ms-lease-status: unlocked
last-modified: Mon, 11 Mar 2024 20:42:01 GMT
server: cloudflare
etag: 0x8DC420BB47211A0
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6db1b22b-701e-001a-71f4-73585c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 867cb4dfecf24c6d-MXP
expires: Fri, 22 Mar 2024 08:52:33 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
2 KB 237ms
112ms Script
application/x-javascript 104.64.124.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.124.188 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-124-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 08:52:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 6si.min.js Show response
j.6sc.co/ 64 KB
18 KB 207ms
65ms Script
application/javascript 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

8c1781ec4483c6fb3bd9ad005d312800eaf24e232c12976624bff84f8ab908b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Feb 2024 19:00:41 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "65d799d9-101dd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 17693
expires: Thu, 21 Mar 2024 08:52:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 37ms
35ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 07:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3865
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 21 Mar 2024 09:48:08 GMT

GET
H2

200

i.gif
datacloud.tealiumiq.com/vdata/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tealium_dmp&google_cm&tealium_vid=018e603645c10000fbc91523a40d03074006d06c00b08&tealium_account=trendmicro&tealium_profile=main
https://cm.g.doubleclick.net/pixel?google_nid=tealium_dmp&google_cm=&tealium_vid=018e603645c10000fbc91523a40d03074006d06c00b08&tealium_account=trendmicro&tealium_profile=main&google_tc=
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_vid=018e603645c10000fbc91523a40d03074006d06c00b08&tealium_account=trendmicro&tealium_profile=main&google_gid=CAESEBsk8_KuhCUdISOg2BY7BQo&google_c...

43 B
644 B

36ms
36ms

Image
image/gif

52.29.113.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://datacloud.tealiumiq.com/vdata/i.gif?tealium_vid=018e603645c10000fbc91523a40d03074006d06c00b08&tealium_account=trendmicro&tealium_profile=main&google_gid=CAESEBsk8_KuhCUdISOg2BY7BQo&google_cver=1
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
Protocol: H2
Server: 52.29.113.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-113-114.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
x-serverid: uconnect_i-0529fbafa358cbe5f
x-tid: aa295bdb92984eb78fbfdfbd8f09cff3
x-did: 018e603645c10000fbc91523a40d03074006d06c00b08
vary: Origin
content-type: image/gif
x-acc: trendmicro:main:2:vdata
x-ulver: df301e29a375b2bdd301a0b10f98b02796e8efec-SNAPSHOT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region: eu-central-1
content-length: 43
x-uuid: b122eb92-a20c-4d0a-8979-1673d3c855b2
expires: Thu, 21 Mar 2024 08:52:34 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://datacloud.tealiumiq.com/vdata/i.gif?tealium_vid=018e603645c10000fbc91523a40d03074006d06c00b08&tealium_account=trendmicro&tealium_profile=main&google_gid=CAESEBsk8_KuhCUdISOg2BY7BQo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 415
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 revenuepulse-lib-v3.js Show response
resources.trendmicro.com/rs/945-CXD-062/images/ 2 KB
1 KB 374ms
198ms Script
application/x-javascript 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.trendmicro.com/rs/945-CXD-062/images/revenuepulse-lib-v3.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8366292b6413e815888abbc34c7800df0b1d8101bff22e1f3ca1f34170a73b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sat, 09 Mar 2024 02:50:00 GMT
server: cloudflare
etag: "300bbb-6f3-613315d5b4a78"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 867cb4e1587b59a7-MXP
content-length: 695
expires: Thu, 21 Mar 2024 08:53:34 GMT

GET
H2 200 config.json Show response
c.go-mpulse.net/api/ 2 KB
1004 B 549ms
129ms XHR
application/json 2.19.216.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=LJA84-589LU-SVNVV-WKPLQ-NBTC7&d=www.trendmicro.com&t=5703371&v=1.785.70&sl=0&si=0a06c2c0-46eb-4546-b31c-5d4f0e918095-saownj&plugins=AK,ConfigOverride,Continuity,PageParams,RT,PaintTiming,NavigationTiming,ResourceTiming,Memory,Errors,Akamai,EventTiming,BFCache,LOGN&acao=&ak.ai=807181
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.216.168 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-216-168.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7e6a1b9a1a05ec49ca33a212091a043809f8ff3b4538c7782a2275db878eefdc

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 821

GET
H/1.1 200 / Show response
script.opentracker.net/ 23 KB
7 KB 540ms
60ms Script
text/javascript 172.104.239.35
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://script.opentracker.net/?site=www.trendmicro.fr
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.239.35 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1815-35.members.linode.com
Software: /
Resource Hash: 26ac6c3878c853adc0ab94127403b3b5b8fa18d1869ca285564338d92a75e020

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 08:52:33 GMT
Cache-Control: no-cache
Content-Encoding: gzip
vary: Origin,Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET activityi;src=6240125;type=windo0;cat=trend003;ord=2032744542087.6833
6240125.fls.doubleclick.net/ Frame 8084 0
0

GET
H2 200 i.js Show response
datacloud.tealiumiq.com/trendmicro/main/16/ 33 B
610 B 154ms
36ms Script
application/javascript 52.29.113.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://datacloud.tealiumiq.com/trendmicro/main/16/i.js?cb=55068551994987416&jsonp=utag.ut.getvisitorid
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.113.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-113-114.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1bf3c2bc7a61528d088ad564a9ce1138491498bffc1988c38051be666b6e0c3c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
x-serverid: uconnect_i-00acb555dd5291155
x-tid: aa295bdb92984eb78fbfdfbd8f09cff3
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: trendmicro:main:16:datacloud
x-ulver: df301e29a375b2bdd301a0b10f98b02796e8efec-SNAPSHOT
content-type: application/javascript
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region: eu-central-1
content-length: 33
x-uuid: aa295bdb-9298-4eb7-8fbf-dfbd8f09cff3
expires: Thu, 21 Mar 2024 08:52:34 GMT

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
631 B 224ms
61ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10105370&js=no

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 21 Mar 2024 08:52:34 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 133ms
31ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.542.js?utv=ut4.44.202104211340
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption: AES256
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100179-IAD, cache-muc13944-MUC

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 216 KB
58 KB 451ms
52ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 21 Mar 2024 08:52:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57659
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=12, mss=1288, tbw=2766, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: Ky5MI7fQN++sUud1Gid9QL9yoXJ/ZkEBPVbH6In09SasXltqzAGHOt6Kjg7mcNyftHm3tJdQNAQ4XygS7SSX8w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 48 KB
17 KB 493ms
46ms Script
application/javascript 2.21.20.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.20.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-20-144.deploy.static.akamaitechnologies.com

Software

Resource Hash

85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 Mar 2024 16:03:53 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=55267
accept-ranges: bytes
content-length: 17224

GET
H2

200

sumome.js Show response
load.sumome.com/
Redirect Chain

https://load.sumome.com/
https://load.sumome.com/sumome.js

2 KB
2 KB

34ms
34ms

Script
application/javascript

169.150.247.38
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/sumome.js
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
Protocol: H2
Server: 169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 169-150-247-38.bunnyinfra.net
Software: BunnyCDN-DE1-1081 /
Resource Hash: a3b11be6a6c186ced8dc022a1c23ddd094d95dcbcc39117be374523b22d6567f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-amz-request-id: 5MC4HT11REWWCGSS
cdn-cachedat: 03/19/2024 18:26:59
cdn-pullzone: 1686293
x-amz-id-2: 0uwomtJwLlmxRwuHrZg+m6HCkbUdCkSEsojGFUPseExBfokK5FxsrZPdkl9LjyWlahwHm4Z1py4=
last-modified: Tue, 19 Mar 2024 18:22:20 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"2533545e8cb1377ba860930b9fd778b9"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=600
cdn-requestid: e7c26f0fbbb518e461e805c7f0e7b15f
cdn-requestcountrycode: IT
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

date: Thu, 21 Mar 2024 08:52:34 GMT
server: BunnyCDN-DE1-1081
content-type: text/html
location: https://load.sumome.com/sumome.js
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: no-cache
cdn-pullzone: 1686293
cdn-requestid: a91ec1424a89b815d60aac564953d9a2
cdn-requestcountrycode: IT
content-length: 162

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
98 KB 69ms
68ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PCCSVH5M9H&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b096ead789f3f6692260d6ccabd7f7250ed9a2fa17c17ab64860b6f26576b04d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100418
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 08:52:34 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 259 KB
87 KB 56ms
56ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TXG7CKV&l=dataLayer

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b7990c63262d3478523ce40c36629e6af6f33b4f96c942f7a38d995d90024a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89093
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Mar 2024 08:52:34 GMT

GET
H2 200 equally-widget.min.js Show response
widget.equally.ai/ 938 KB
258 KB 262ms
95ms Script
application/javascript 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.equally.ai/equally-widget.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.614.js?utv=ut4.44.202308081416

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1ed544b374d4c02027cc0a0e43a8fee0e216939384efdc5f1e0b1ede30366f77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:05:45 GMT
content-encoding: gzip
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 3570
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: W/"bf4c7d53ee8c8d1ee317a7b70423d59f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: dOc_9zWZ2yTtfhxmZ5fPg0083YGKGPMtj9vUoovoJD6T7CVST2lg6g==

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 497ms
71ms Script
application/javascript 104.22.71.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.71.197 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13572
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"257f9651f9cfd949f6dde30f51352116"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iHvfBudMtC%2BwLmr%2Bp9WKJonZJxuOM7dgZIPfhmuY894p8ArMQ1jKrDf3iE6IcgBXyItYTIdzy3HmOa0xaigDEjd4Rz4ltdNYxWCR3jJPeEn45rE6SZTjvAc4EzYilwlrLC6V%2BTt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-ray: 867cb4e42e0f5271-MXP

GET
H2 200 sv2uuh4gw3ms.js Show response
js.driftt.com/include/1711011300000/ 220 KB
62 KB 376ms
215ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1711011300000/sv2uuh4gw3ms.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.551.js?utv=ut4.44.202206160737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

17e70f90def9a1c940d3058eb5a92e799cce54b564b5c170eeb829810574fbb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: dkMchjetv5DIX09qjPM.nM7kdQMAmR01
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 21 Mar 2024 08:52:34 GMT
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 39
last-modified: Mon, 11 Mar 2024 20:33:52 GMT
server: istio-envoy
etag: W/"e96096360f42afc817bbb30e00c13f5f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tDTt7lVNXpkbddha4gUxL6Wa2peDPgjzCcbK50pRZcARbvwdyA7iKg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
210 B 43ms
42ms XHR
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1634809178&t=pageview&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&ul=en-us&de=UTF-8&dt=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACAABBAAAACAkJg~&cid=327041742.1711011154&tid=UA-36872905-3&_gid=1602907143.1711011154&_slc=1&cd15=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&z=1153230577

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.trendmicro.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
83 B 42ms
41ms XHR
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1634809178&t=pageview&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&ul=en-us&de=UTF-8&dt=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACAABBAAAACAkJg~&cid=327041742.1711011154&tid=UA-36872905-6&_gid=1602907143.1711011154&_slc=1&cd15=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&z=1335404898

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

3c455a838efdbb611b38e5727139ab7b298aa9e6d7b9229e70e0026182c59acb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.trendmicro.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
80 B 42ms
42ms XHR
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1634809178&t=pageview&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&ul=en-us&de=UTF-8&dt=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACAABBAAAACAkJg~&cid=327041742.1711011154&tid=UA-36872905-7&_gid=1602907143.1711011154&_slc=1&cd15=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&z=1611686485

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fec6e7c36c69095d38ed7ec24d0e3c27e42a45e60470a977029dff2e18fab316

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.trendmicro.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
80 B 43ms
42ms XHR
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1634809178&t=pageview&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&ul=en-us&de=UTF-8&dt=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACAABBAAAACAkJg~&cid=327041742.1711011154&tid=UA-36872905-8&_gid=1602907143.1711011154&_slc=1&cd15=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&z=1557940199

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

b7431a06942519f1e9aaac2822856ef1c372797c26c2e5d4aaf823623557201a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.trendmicro.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
80 B 42ms
41ms XHR
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1634809178&t=pageview&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&ul=en-us&de=UTF-8&dt=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACAABBAAAACAkJg~&cid=327041742.1711011154&tid=UA-36872905-9&_gid=1602907143.1711011154&_slc=1&cd15=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&z=412799725

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

be5961e267b1d1c503355c8e716be39139f9671ebc7d6a58719e1aaf9e82025f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.trendmicro.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
80 B 45ms
45ms XHR
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1634809178&t=pageview&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&ul=en-us&de=UTF-8&dt=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACAABBAAAACAkJg~&cid=327041742.1711011154&tid=UA-36872905-10&_gid=1602907143.1711011154&_slc=1&cd15=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&z=493805546

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

b0320c6cf482b927eed1b60c209708227cefae4b49cb87518f87bba744f333ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.trendmicro.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
80 B 44ms
44ms XHR
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1634809178&t=pageview&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&ul=en-us&de=UTF-8&dt=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACAABBAAAACAkJg~&cid=327041742.1711011154&tid=UA-36872905-11&_gid=1602907143.1711011154&_slc=1&cd15=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&z=418209694

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

e977378fc763940e16a1785f5a7270ad54cff08c6f929d88e3b050ec2a84a580

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.trendmicro.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
80 B 43ms
43ms XHR
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1634809178&t=pageview&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&ul=en-us&de=UTF-8&dt=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACAABBAAAACAkJg~&cid=327041742.1711011154&tid=UA-36872905-12&_gid=1602907143.1711011154&_slc=1&cd15=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&z=2144310433

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a317d0c413b8d00f74e5778405d2d72eaae5a9dbc6cec47ec320e21759584d65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.trendmicro.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
80 B 42ms
41ms XHR
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1634809178&t=pageview&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&ul=en-us&de=UTF-8&dt=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiAABBAAAACAkJg~&jid=642682261&gjid=152888516&cid=327041742.1711011154&tid=UA-36872905-5&_gid=1602907143.1711011154&_slc=1&z=73837343

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

e2b6b69e884b97b64d32ec79daaae0c8a743a198e1b972ef97e154f5d5f86f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.trendmicro.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
349 B 521ms
59ms XHR
text/plain 74.125.206.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-36872905-5&cid=327041742.1711011154&jid=642682261&gjid=152888516&_gid=1602907143.1711011154&_u=YGDAiAABBAAAAGAkJg~&z=1296691908

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.trendmicro.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 21 Mar 2024 08:52:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 35ms
34ms Image
image/gif 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1634809178&t=pageview&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&ul=en-us&de=UTF-8&dt=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACAABBAAAAAAkJ~&cid=327041742.1711011154&tid=UA-44690910-24&_gid=1602907143.1711011154&cd3=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&z=138979925

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2024 22:00:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 39105
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202310.2.0/assets/ 13 KB
3 KB 56ms
55ms Fetch
application/json 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.2.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jMofvR4jSi4vqxABuEyIag==
age: 38188
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3017
x-ms-lease-status: unlocked
last-modified: Tue, 05 Dec 2023 03:37:27 GMT
server: cloudflare
etag: 0x8DBF54380AB9553
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 478795c8-601e-0029-5f51-2707f7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 867cb4e10e9d4c6d-MXP

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202310.2.0/assets/ 21 KB
4 KB 56ms
56ms Fetch
text/css 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Mar 2024 08:52:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 50771
x-ms-lease-status: unlocked
last-modified: Tue, 05 Dec 2023 03:37:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: f5b97204-101e-0023-7aab-27a340000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 867cb4e10e9e4c6d-MXP

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
87 KB 53ms
53ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HSS3WREM8Z&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5b0f599f1ef2f78b1ed26ddb28471be656d48a48fbf4d13a47ff6109979201dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89271
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 08:52:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
87 KB 48ms
48ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8NK5WKVH4J&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

68f1240ba52184709373d35d3a259f9a4d3971e89b0c8f2e7c5e475d0abca472

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89160
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 08:52:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
87 KB 61ms
60ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9QHD3P38EF&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

59ba65218d8060b232c4bd7b39cb47a009eb6ba014839e411742325b1f34251f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89158
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 08:52:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
87 KB 52ms
50ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-93585RYGPB&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d791dcf4eb9ff2966314c72ecfb1aeb36a30185d494b700e7e837e589a431885

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89174
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 08:52:34 GMT

GET
H2

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=652126079.1711011154&url=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jas...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=652126079.1711011154&url=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploit...

42 B
494 B

514ms
69ms

Ping
image/gif

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=652126079.1711011154&url=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&dma=0&npa=0&gtm=45He43k0n81TXG7CKVv9103800028za200&auid=1426161336.1711011154

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=652126079.1711011154&url=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&dma=0&npa=0&gtm=45He43k0n81TXG7CKVv9103800028za200&auid=1426161336.1711011154
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
87 KB 52ms
52ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B6B5TMPL5M&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4502d90d4891f41f40dd7cbeac4587e4f86fb594523a8955ad12ec24591ad768

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89088
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 08:52:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
87 KB 53ms
52ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q8079E61JF&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c74e34addf46cea3b85748da4b1043413882219c2b5cc2b31881c86b33d0b77f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89088
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 08:52:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
87 KB 49ms
49ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J3BCDGQ9EV&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5ff339328cb5e32fa877b8d5fd4b6d68a3fbd942472a11a1a02cff0d62cfab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89085
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 08:52:34 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
56 B 42ms
41ms Ping
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-PCCSVH5M9H&gtm=45je43k0v888878635za200&_p=1711011153369&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&gdid=dYmQxMT&cid=327041742.1711011154&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711011154&sct=1&seg=0&dl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&dt=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&en=page_view&_fv=1&_ss=1&_ee=1&ep.consumer=not_consumer&tfd=2785
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PCCSVH5M9H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
87 KB 53ms
53ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GBTVB6FHY4&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ba7a3f8927ab919125c2f79685818256635c2410240e66a04a5f2e588e5ab9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89097
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 08:52:34 GMT

GET
H2 200 i.gif
datacloud.tealiumiq.com/trendmicro/main/16/ 43 B
774 B 38ms
38ms Image
image/gif 52.29.113.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://datacloud.tealiumiq.com/trendmicro/main/16/i.gif?t3=undefined&t4=undefined&cb=0.9709071066219968
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.113.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-113-114.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
x-serverid: uconnect_i-0d811dbcb7b581341
x-tid: aa295bdb92984eb78fbfdfbd8f09cff3
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: trendmicro:main:16:datacloud
x-ulver: df301e29a375b2bdd301a0b10f98b02796e8efec-SNAPSHOT
content-type: image/gif
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region: eu-central-1
content-length: 43
x-uuid: 6948d37d-bda6-48fd-b71e-9897766aa4af
expires: Thu, 21 Mar 2024 08:52:34 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 259 KB
87 KB 51ms
50ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TXG7CKV&l=dataLayer

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

14e4c9011085a1a1aca567703fe6b22b4a506a6b9f0d4cbe6dc77bcdeb367ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89095
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Mar 2024 08:52:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
98 KB 61ms
61ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PCCSVH5M9H&l=dataLayer&cx=c

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c7aac34bc3071b83b84411c4601ec24f897843379955000ebb1a542279419f14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100417
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 08:52:34 GMT

GET
H2 200 i.js Show response
datacloud.tealiumiq.com/trendmicro/main/16/ 33 B
608 B 36ms
36ms Script
application/javascript 52.29.113.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://datacloud.tealiumiq.com/trendmicro/main/16/i.js?cb=55068551994987416&jsonp=utag.ut.getvisitorid
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.113.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-113-114.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1bf3c2bc7a61528d088ad564a9ce1138491498bffc1988c38051be666b6e0c3c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
x-serverid: uconnect_i-041bd983b1c2c1827
x-tid: aa295bdb92984eb78fbfdfbd8f09cff3
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: trendmicro:main:16:datacloud
x-ulver: df301e29a375b2bdd301a0b10f98b02796e8efec-SNAPSHOT
content-type: application/javascript
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region: eu-central-1
content-length: 33
x-uuid: 698c7d22-e24d-425c-88c6-1285a47352fb
expires: Thu, 21 Mar 2024 08:52:34 GMT

GET
H/1.1 200 / Show response
script.opentracker.net/ 23 KB
7 KB 327ms
41ms Script
text/javascript 172.104.239.35
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://script.opentracker.net/?site=www.trendmicro.fr
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.239.35 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1815-35.members.linode.com
Software: /
Resource Hash: ecef26458daba9305e06e4fc90cfcbb3b584c99d76c050cdbc1159f91e32c5ec

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 08:52:33 GMT
Cache-Control: no-cache
Content-Encoding: gzip
vary: Origin,Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H2 200 6si.min.js Show response
j.6sc.co/ 64 KB
18 KB 45ms
44ms Script
application/javascript 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

8c1781ec4483c6fb3bd9ad005d312800eaf24e232c12976624bff84f8ab908b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Feb 2024 19:00:41 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "65d799d9-101dd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 17693
expires: Thu, 21 Mar 2024 08:52:34 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
2 KB 42ms
41ms Script
application/x-javascript 104.64.124.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.124.188 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-124-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 08:52:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 121 KB
47 KB 44ms
43ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d8b02bb2295510fac147295e78168e3b7c08f499946ec7d5561bd38d5e5937df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47864
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Mar 2024 08:52:34 GMT

GET
H2 200 utag.255.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 408 B
841 B 52ms
52ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.255.js?utv=ut4.44.201708221516
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59ab9a69534e7f922327cac4bb2bf4dad6f9f54b1a1b25d507caf924d4875c4e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: yK3GvB1pfiV2FIVsJ33vXHXzGbPd0Viv
date: Thu, 21 Mar 2024 08:49:45 GMT
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD56-P4
age: 178
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 408
last-modified: Tue, 19 Mar 2024 13:02:15 GMT
server: AmazonS3
etag: "49256e30ee60e58fdd2af8dfd8f52b2c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1296000
accept-ranges: bytes
x-amz-cf-id: 2IFuh0TexSdrbebYdbjeqF69nYHzfVRv1VfLMazaDaN9Y1wq6DKkCQ==

GET
H2 200 utag.18.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 2 KB
1 KB 53ms
53ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.18.js?utv=ut4.44.201510262117
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ad235cfa11b9acda282b80197f937f38319b70d8a822b93c9e711e54210ddb9

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: Cf0yd0INUt2lgXA433ovDRVRxSpexNpw
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:08 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 178
x-amz-server-side-encryption: AES256
etag: W/"205d78d6027bdc6110d97ef2ec13c3b6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 3ovb7vZaChmbq12E6wLMsAiFxrCfjUG1Q96-o_Aaagqe72XIxBZmBw==

GET
H2 200 utag.539.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 4 KB
2 KB 53ms
53ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.539.js?utv=ut4.44.202302152254
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f1a27a760c37b6a154ebcffada85ee428f16ed95a9d505bb7be5a1f6ae453240

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: S6DXauaNHRl.5zcC4gwm.Y1qL4H4opg3
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:14 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 178
x-amz-server-side-encryption: AES256
etag: W/"3cc1f8b429a72f1ccd31dba94c5c79de"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Q8RkmmfLXsv3r1YmI96MEa4B5sYJeXtZzI5-AvFHSGsJhEfOAURXLQ==

GET
H2 200 utag.260.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 23 KB
6 KB 53ms
53ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.260.js?utv=ut4.44.201708221516
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 48525ad3a15cfb854852bc4f8dfe22d07bbd11d3daf48faafa6a80f1f18810fa

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: Vjx7FQn5XzbrV.Ef3RDzbQ0lQxDaAuyO
content-encoding: gzip
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:15 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 178
x-amz-server-side-encryption: AES256
etag: W/"9ebeb5d5a723927bbba94f8c0fa9733b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: h8iPmO7iVUiUPe9DeDZVoT28NnodT0EDW2LfhlUc9hToHT4OAZ7I9g==

GET
H2 200 utag.101.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 27 KB
7 KB 63ms
62ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.101.js?utv=ut4.44.202307121000
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 659f693fbd2abaae1b91cef6d973fec486e1bee1f23aaf97a7d13f02667f0c34

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: G4B0YTipUxYlCftwgxcZQ9V55ZcuO5gD
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:11 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 178
x-amz-server-side-encryption: AES256
etag: W/"818f73e4e7bfda18cb914185117bf1b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: f0uUvU7SP9jUgHOli5Cf10v6XjM_9TwwMOoHUiFW1Y8o6iD3z33cxg==

GET
H2 200 utag.100.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 23 KB
6 KB 63ms
62ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.100.js?utv=ut4.44.202307121000
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50c22b5e697df683124649676d06ae96bc0b2929b26ee990aa5ba12d55a2ce6a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: Ac.gi41Lr0_Y_LD3YHACURQlvGuwOWFx
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:12 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 178
x-amz-server-side-encryption: AES256
etag: W/"6fe7c3c093d9b62a099527e329f44769"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: IM6tyAg0ulTAxjFTpiMI806qaiXpjiOkQv4FkPC8t9GxucmO6P6DrA==

GET
H2 200 utag.75.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 3 KB
2 KB 61ms
61ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.75.js?utv=ut4.44.201608171750
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21e2885d41a3c2cebe9123cf9859052d95d35442fc49d9e602ebf401f2bfc3a5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: 6w2QcpAUXSVypFqM2Z6rtrTVJ7ruuOm8
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:07 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 178
x-amz-server-side-encryption: AES256
etag: W/"39f3579a4c6ccefeb8cf77f93deea8c6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: KezgWPHunqx8u-ljKjr6I00UACcb496HUhQUzwHH-7Cb9ufbCFW8BA==

GET
H2 200 utag.252.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 2 KB
1 KB 66ms
64ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.252.js?utv=ut4.44.201708221330
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e67f35914cc53cf840305d670c5690088c0da3154278cebc65f40bed4316ea8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: pjCyLzi8nL8b6qLUWJYsEzatzU3iGwvT
content-encoding: gzip
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:06 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 178
x-amz-server-side-encryption: AES256
etag: W/"af72aff877c8569213030ba86fa2db19"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: RnW3LYYerzy46w8FqzYmtkSVeZAuQ1Mt5H3-aJXEvC8XpPw0M_ku2A==

GET
H2 200 utag.158.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 3 KB
2 KB 63ms
63ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.158.js?utv=ut4.44.201708221516
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1e3e039c51364c1f9c32ba63773a244a96fd289f08eb702411e1a6e9704084a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: C3lAntNR1nAKr8NX5WZSr2QSyFnRkLm3
content-encoding: gzip
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:09 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 178
x-amz-server-side-encryption: AES256
etag: W/"a66e2881eae548312b7e17e6c7d979a5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: PLR8S05yrQ2YzaH_raymx7sH5sF-sPoKJSc4ek17Nkgb1iydWTy2fw==

GET
H2 200 utag.361.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 7 KB
2 KB 61ms
61ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.361.js?utv=ut4.44.202001241305
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e12a301591d014a6efb09c31c2811b608370cabcc8260d1d3eee04ae71430d7b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: vESkSsft2cdkQfc0Lc.aLXwoIAbwOsvj
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:11 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 178
x-amz-server-side-encryption: AES256
etag: W/"64cdb02d75634512343e7be32ac749da"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Y8mCWTMQVW74tUZBoyBp1fYyeIJ6CUcFEnW3iNosDWhgBNVfjROlCg==

GET
H2 200 utag.321.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 5 KB
2 KB 59ms
59ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.321.js?utv=ut4.44.201708311522
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e468297705e8272bd97f922625167980fdedd95e6dfce99a1faa960c1be3c68

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: aMN70KddL27OPFWCuSZ6cxuaNoqduW7e
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:13 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 178
x-amz-server-side-encryption: AES256
etag: W/"4695ddd426dab98f74d4c9515cb6995d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: gp7qpDzr3JDGZg5RB7Q7SCX8Lntf1mePydVHjffI5dO17UdyKmPI9g==

GET
H2 200 utag.417.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 4 KB
2 KB 57ms
57ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.417.js?utv=ut4.44.202307211458
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c405da852de09620661dca52797287f678e666e4e1f5835b327285ee8621f31

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: COvsziJkB9KPzd4ee_DGzKKs5eMoH7L8
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:15 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 178
x-amz-server-side-encryption: AES256
etag: W/"3f7ab7021aeb4807b3fd8c425c1728e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 5EW90H_DHgBCDrkkLaWr6eUy3xD101-7T_TWkTVAkexC19TrJ4K8Bw==

GET
H2 200 utag.523.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 10 KB
3 KB 55ms
54ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.523.js?utv=ut4.44.202010211554
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 98a2259789a3127ef95143618f275587a8402a19928447439794e05e675850bf

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: iCHLOpF4avW2aK6Emxd9vjKSQp.D3eEc
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:15 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 178
x-amz-server-side-encryption: AES256
etag: W/"c02617d87ebf7b2e06bfeee252fe938c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: VKT-tEFIBjIR7A9DDmr2IxJTj5x8yGnsyNlZp8IBKppqtWmzV3ZclA==

GET
H2 200 utag.525.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 2 KB
1 KB 57ms
57ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.525.js?utv=ut4.44.202010151358
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec9132d0a36ed2d9037fcf30d99f00e8fd935484c60ce22f3df052c54564b06c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: Wb5YkTPW_w0MSUe.QerAKNLSQepxvsqC
content-encoding: gzip
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:09 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 178
x-amz-server-side-encryption: AES256
etag: W/"61b476feb9ef0f898cf571677762c09e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: V-2I-9wJioLYbyc6heFUo6RtSbxuum1vIXFR6GH5wHimkWINBFsfDw==

GET
H2 200 utag.536.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 18 KB
6 KB 57ms
57ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.536.js?utv=ut4.44.202012081217
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0349f91a0cbc1774e8ca090e6102f9e041f6f5b29cd317a632c0b8a70f8eeeb0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: L6txDV2s2sxrGmuh7a61qMn_.8MiPDjB
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:14 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 178
x-amz-server-side-encryption: AES256
etag: W/"1fd03c613bc7a7890ab5ee6f165a27c9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: av_1JTOogiCfmNoWIks4X-scXKlr0201BRI3KBE-jvSYwPv0DOZmmg==

GET
H2 200 utag.542.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 10 KB
3 KB 55ms
54ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.542.js?utv=ut4.44.202104211340
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d3f389ef362eb1f034dd5fecadf89e7d5ff85cae3c2c3fdf7ca1fc23f590e09

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: HInZcu8wi0TLxYIxqav5I9BvJRq1GIDj
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:12 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 178
x-amz-server-side-encryption: AES256
etag: W/"0b11a88835d5eab92549f08eff56d3e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: OFCX2L_XpcqUB0f6-tqW7AZBZXf69QAux-fqacDDaRFSJpLI7crdww==

GET
H2 200 utag.551.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 2 KB
1 KB 53ms
52ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.551.js?utv=ut4.44.202206160737
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f374ef673fd02575d09d87b9788aab1b150e1d3817100bdb40970e07873a0d45

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: vNSv2bPGIWXkew5c3A2X8BE8NyW_bsMM
content-encoding: gzip
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:46 GMT
last-modified: Tue, 19 Mar 2024 13:02:09 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 177
x-amz-server-side-encryption: AES256
etag: W/"508d520622d67684bd0d0b1e0c30fd0c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 9QHUgEoGIMzCgzRZIaVR3eJ7SMiJOcx7GoQKU2vNPmmiEIHFAeV9zQ==

GET
H2 200 utag.555.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 4 KB
2 KB 53ms
52ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.555.js?utv=ut4.44.202108111458
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a971914079ce7633667c84ad7c4a2ed0f5da99cb54689159b1113576f9038dbc

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: SzSyEK8khJoQUspSM6jOeDbfBNnwB0xE
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:47 GMT
last-modified: Tue, 19 Mar 2024 13:02:15 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 178
x-amz-server-side-encryption: AES256
etag: W/"07563dcbf6b61899a15e725c838864e4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: lfgb7jomLUFttmZ5ajtb1VVTyCEp8Qf01m-6Dywbgi85alvyhYE4uQ==

GET
H2 200 utag.576.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 14 KB
5 KB 53ms
53ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.576.js?utv=ut4.44.202307032021
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 305a8b631d2a635350a9821b47ef992134f3613115b2d207e8586ae547d38c18

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: FyDzuvxewsndAevfhRAb9SG1S.DuvXAZ
content-encoding: gzip
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:47 GMT
last-modified: Tue, 19 Mar 2024 13:02:12 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 178
x-amz-server-side-encryption: AES256
etag: W/"3091e88ca28a42c7f3a5cce74e1ead7f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 9nF_jzzmQdorMmL_2Nlzgm6AYQrsZqwbFWFfaX7JcL1ZnQR68jJ2Gg==

GET
H2 200 utag.591.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 2 KB
2 KB 52ms
52ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.591.js?utv=ut4.44.202302221438
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69b3cd1e2bcd07c1b1c5dd565ea94af512e10601717a3515b89917ebcea8d582

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: FpgYOlzn..HHJQ_pJhViRZdmxlalVucP
content-encoding: gzip
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:50:26 GMT
last-modified: Tue, 19 Mar 2024 13:02:07 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 129
x-amz-server-side-encryption: AES256
etag: W/"e2e1e50daa8a835f26111830b2a8ed07"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: MLanNbbSYBrJI5tlrs39CoutCxAaEaL8IondWxt0o9eskoR6jh4ojQ==

GET
H2 200 utag.592.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 2 KB
1 KB 53ms
52ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.592.js?utv=ut4.44.202303031111
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec8fa72ac5292e4c3a7aed1cac6784de56eb8ef02bf843ad198276e6f950e87b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: 7w_h2GlQoGrXPDSs82fk2jyA6EvkJPOt
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:47 GMT
last-modified: Tue, 19 Mar 2024 13:02:14 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 178
x-amz-server-side-encryption: AES256
etag: W/"1657c6d8664fed180fd81d726cc7d969"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: GKrDjHJ2I4a1hY88QikalXh8ESL29VS815HC_4puaq4CLRLYQfPCgA==

GET
H2 200 utag.614.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 2 KB
1 KB 52ms
52ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.614.js?utv=ut4.44.202308081416
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d5cbfbc5846630e246bd68b2be476b29ec7e8412cc10eb2d21cce8f7d282495

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: FAE7Xi_ZDQqYslLOaaVN6fRHqBiL6kZO
content-encoding: gzip
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:49:47 GMT
last-modified: Tue, 19 Mar 2024 13:02:15 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
age: 178
x-amz-server-side-encryption: AES256
etag: W/"118012378dbc678ecd43bfd904a59f6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: yC6ipZdkzpxTeqnXspakg78JzCHf8jvIA3mbmjVCVnnX5E5ensgolg==

GET
H2 200 utag.619.js Show response
tags.tiqcdn.com/utag/trendmicro/europe/prod/ 4 KB
2 KB 53ms
53ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.619.js?utv=ut4.44.202311081014
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27202323ae9cd982c9e1dc8fe8ff60b7d72d424c2bf475214644426e00253feb

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: pn72bmwQDViMtEGrpqYkmFEn9JzmJUsr
content-encoding: br
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 08:52:35 GMT
last-modified: Tue, 19 Mar 2024 13:02:09 GMT
server: AmazonS3
x-amz-cf-pop: MAD56-P4
x-amz-server-side-encryption: AES256
etag: W/"9b5c26bf2d0928e37081ad9af2c12425"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: vgZWt64g9Hw4fNxEw9TdrZH9qDwoezxzm-W0deaZKWiSCUHcIkzJdA==

GET
H2 200 LJA84-589LU-SVNVV-WKPLQ-NBTC7 Show response
s.go-mpulse.net/boomerang/ 159 KB
40 KB 146ms
146ms Script
application/javascript 2.19.216.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/LJA84-589LU-SVNVV-WKPLQ-NBTC7
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.216.168 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-216-168.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2f1872ca675850da33a82c31c6f2c573bc2a8a7c4634c21ed0370638193975b0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Tue, 19 Dec 2023 08:14:27 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 41190

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
623 B 47ms
47ms Image
image/svg+xml 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Mar 2024 08:52:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 51673
x-ms-lease-status: unlocked
last-modified: Wed, 20 Mar 2024 16:03:53 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 4899f52e-d01e-002c-35e0-7ad52c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 867cb4e23cd94be7-MXP

GET
H2 200 adsct
t.co/i/ 43 B
204 B 323ms
232ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=6919f9fe-10af-4959-bac4-eb52081e7236&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cd767544-28ee-4ff6-9abc-cc133d448e09&tw_document_href=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvy74&type=javascript&version=2.3.29

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-response-time: 188
date: Thu, 21 Mar 2024 08:52:33 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: de499e52d773aac4
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: dfcbacd0a1c67fe2fa9c3619bd8b949801462c5481a0909178c8251d5d6dab77
content-length: 43

GET adsct
analytics.twitter.com/i/ 0
0

GET
H2 200 adsct
t.co/i/ 43 B
375 B 153ms
152ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=ba9a2e36-e6b9-42df-b80a-125107e810d9&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cd767544-28ee-4ff6-9abc-cc133d448e09&tw_document_href=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nwah&type=javascript&version=2.3.29

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-response-time: 104
date: Thu, 21 Mar 2024 08:52:33 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: c40ea4227e5f96c5
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: dfcbacd0a1c67fe2fa9c3619bd8b949801462c5481a0909178c8251d5d6dab77
content-length: 43

GET adsct
analytics.twitter.com/i/ 0
0

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
703 B 167ms
64ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
an-x-request-uuid: d665d178-e614-4843-ba40-3f8da5a30de0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.198.62.224; 185.198.62.224; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
195 B 52ms
42ms XHR
text/html 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-147-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.trendmicro.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 4 B
285 B 582ms
137ms XHR
text/html 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-147-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.trendmicro.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: null
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711011154683_34706357_153397771_1662_1068_28_74_219";dur=1
content-length: 4
expires: Thu, 21 Mar 2024 08:52:34 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 43ms
42ms Script
application/x-javascript 104.64.124.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.124.188 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-124-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 08:52:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Sat, 29 Jun 2024 08:52:34 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 42ms
42ms Ping
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-93585RYGPB&gtm=45je43k0v9126552113za200&_p=1711011153369&gcs=G111&gcd=13t3t3t3t6&npa=0&dma=0&gdid=dYmQxMT&ul=en-us&sr=1600x1200&cid=327041742.1711011154&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&dt=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&sid=1711011154&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_15=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&tfd=2985
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-93585RYGPB&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 46ms
46ms Ping
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-9QHD3P38EF&gtm=45je43k0v9126425456za200&_p=1711011153369&gcs=G111&gcd=13t3t3t3t6&npa=0&dma=0&gdid=dYmQxMT&ul=en-us&sr=1600x1200&cid=327041742.1711011154&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&dt=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&sid=1711011154&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_15=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&tfd=3007
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9QHD3P38EF&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 42ms
42ms Ping
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HSS3WREM8Z&gtm=45je43k0v9164396489za200&_p=1711011153369&gcs=G111&gcd=13t3t3t3t6&npa=0&dma=0&gdid=dYmQxMT&ul=en-us&sr=1600x1200&cid=327041742.1711011154&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&dt=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&sid=1711011154&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_15=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&tfd=3031
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HSS3WREM8Z&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 42ms
41ms Ping
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8NK5WKVH4J&gtm=45je43k0v9126156099za200&_p=1711011153369&gcs=G111&gcd=13t3t3t3t6&npa=0&dma=0&gdid=dYmQxMT&ul=en-us&sr=1600x1200&cid=327041742.1711011154&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&dt=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&sid=1711011154&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_15=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&tfd=3060
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8NK5WKVH4J&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 42ms
41ms Ping
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Q8079E61JF&gtm=45je43k0v9126405765za200&_p=1711011153369&gcs=G111&gcd=13t3t3t3t6&npa=0&dma=0&gdid=dYmQxMT&ul=en-us&sr=1600x1200&cid=327041742.1711011154&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&dt=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&sid=1711011154&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_15=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&tfd=3112
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q8079E61JF&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 42ms
42ms Ping
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-J3BCDGQ9EV&gtm=45je43k0v9125500130za200&_p=1711011153369&gcs=G111&gcd=13t3t3t3t6&npa=0&dma=0&gdid=dYmQxMT&ul=en-us&sr=1600x1200&cid=327041742.1711011154&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&dt=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&sid=1711011154&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_15=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&tfd=3138
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J3BCDGQ9EV&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 46ms
45ms Ping
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-B6B5TMPL5M&gtm=45je43k0v9126019539za200&_p=1711011153369&gcs=G111&gcd=13t3t3t3t6&npa=0&dma=0&gdid=dYmQxMT&ul=en-us&sr=1600x1200&cid=327041742.1711011154&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&dt=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&sid=1711011154&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_15=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&tfd=3160
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B6B5TMPL5M&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 2 KB
1 KB 209ms
81ms XHR
application/json 76.223.9.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.9.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash: b7bbdc3129ae37c086f065965812e8cdbf25a78eac9895319e6845e947f239b9

Request headers

Referer: https://www.trendmicro.com/
accept-language: it-IT,it;q=0.9
Authorization: Token f0978075a275d14104571cd0b3e9919c9748869b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
X-6s-CustomID: WebTag1.0 810eb8f4ed8abcee5cd1e233263d8d3f

Response headers

x-trace-id: 7738670115019591460
date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: gzip
server: nginx
vary: Origin, Accept-Encoding
content-type: application/json
x-6si-region: eu-central-1a
access-control-allow-origin: https://www.trendmicro.com
access-control-expose-headers: X-6si-Region
access-control-allow-credentials: true
timing-allow-origin: https://6sense.com, https://www.ssga.com
content-length: 821

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 159ms
50ms Preflight 76.223.9.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.9.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://www.trendmicro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.trendmicro.com
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
date: Thu, 21 Mar 2024 08:52:34 GMT
server: nginx
timing-allow-origin: https://6sense.com, https://www.ssga.com
x-6si-region: eu-central-1a
x-trace-id: 8253532904053550194

POST
H2 204 collect
analytics.google.com/g/ 0
247 B 557ms
75ms Ping
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-GBTVB6FHY4&gtm=45je43k0v9126309663za200&_p=1711011153369&_gaz=1&gcs=G111&gcd=13t3t3t3t6&npa=0&dma=0&gdid=dYmQxMT&ul=en-us&sr=1600x1200&cid=327041742.1711011154&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&dt=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&sid=1711011154&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3191
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GBTVB6FHY4&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 55ms
55ms Ping
text/plain 74.125.206.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GBTVB6FHY4&cid=327041742.1711011154&gtm=45je43k0v9126309663za200&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t6&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GBTVB6FHY4&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.206.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wk-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.gif
datacloud.tealiumiq.com/trendmicro/main/16/ 43 B
825 B 36ms
36ms Image
image/gif 52.29.113.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://datacloud.tealiumiq.com/trendmicro/main/16/i.gif?t3=undefined&t4=undefined&cb=0.1887928494431157
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.113.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-113-114.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
x-serverid: uconnect_i-071f1d1fa212a047f
x-tid: aa295bdb92984eb78fbfdfbd8f09cff3
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: trendmicro:main:16:datacloud
x-ulver: df301e29a375b2bdd301a0b10f98b02796e8efec-SNAPSHOT
content-type: image/gif
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region: eu-central-1
content-length: 43
x-uuid: a67cb53e-3e29-4bcb-a7a1-04b95f2c0219
expires: Thu, 21 Mar 2024 08:52:34 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
195 B 55ms
54ms XHR
text/html 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-147-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.trendmicro.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 4 B
284 B 306ms
138ms XHR
text/html 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-147-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.trendmicro.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: null
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711011154847_34706357_153397772_1665_1026_28_0_219";dur=1
content-length: 4
expires: Thu, 21 Mar 2024 08:52:34 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 303ms
294ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=e55146e6-5efb-4461-8606-c47f548269b3&session=b8bd12ac-1a4c-4f03-8876-b53874b7a2f2&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2021%20Mar%202024%2008%3A52%3A34%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-27198%20and%20CVE-2024-27199%20are%20vulnerabilities%20within%20the%20TeamCity%20On-Premises%20platform%20that%20can%20allow%20attackers%20to%20gain%20administrative%20control%20over%20affected%20systems.%22%2C%22keywords%22%3A%22malware%2Cexploits%20%26%20vulnerabilities%2Cresearch%2Ccyber%20threats%2Cendpoints%2Cransomware%2Carticles%2C%20news%2C%20reports%22%2C%22title%22%3A%22TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&pageViewId=a317d4ed-cc88-4bba-8cb4-fbeff807c230&an_uid=0&v=1.1.15

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 303ms
295ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=e55146e6-5efb-4461-8606-c47f548269b3&session=b8bd12ac-1a4c-4f03-8876-b53874b7a2f2&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2021%20Mar%202024%2008%3A52%3A34%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22f0978075a275d14104571cd0b3e9919c9748869b%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2021%20Mar%202024%2008%3A52%3A34%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22810eb8f4ed8abcee5cd1e233263d8d3f%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2021%20Mar%202024%2008%3A52%3A34%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2021%20Mar%202024%2008%3A52%3A34%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2021%20Mar%202024%2008%3A52%3A34%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2021%20Mar%202024%2008%3A52%3A34%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-27198%20and%20CVE-2024-27199%20are%20vulnerabilities%20within%20the%20TeamCity%20On-Premises%20platform%20that%20can%20allow%20attackers%20to%20gain%20administrative%20control%20over%20affected%20systems.%22%2C%22keywords%22%3A%22malware%2Cexploits%20%26%20vulnerabilities%2Cresearch%2Ccyber%20threats%2Cendpoints%2Cransomware%2Carticles%2C%20news%2C%20reports%22%2C%22title%22%3A%22TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&pageViewId=a317d4ed-cc88-4bba-8cb4-fbeff807c230&an_uid=0&v=1.1.15

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 loader.js Show response
assets.adoberesources.net/ 14 KB
5 KB 475ms
43ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adoberesources.net/loader.js?orgId=29C656F85FE1CBB80A495C08%40AdobeOrg&instanceId=trendmicroincorporated&env=prod&geo=va7
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 522b0302b75093a1679534b376a50b1a7638c1bdbdc2555fab353596ac8b167f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:35 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2024 21:57:49 GMT
server: AkamaiNetStorage
etag: "cdd7eec69bd957598c300853518ae87f:1710971869.1631"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=508
accept-ranges: bytes
content-length: 5345
expires: Thu, 21 Mar 2024 09:01:03 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
430 B 54ms
54ms Script
application/javascript 18.67.240.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=trendmicro/europe/202403191301&cb=1711011154615
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.240.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-240-89.mad56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Thu, 21 Mar 2024 08:47:23 GMT
via: 1.1 98b6dca4385ec1f7f02195a0ad8115a0.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD56-P4
age: 312
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: Od-YisBSBNtJAWeWaD5bffNjTHHbN3zCV9AXvT55__9P9RadgQSOcw==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 44ms
43ms Image
image/gif 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-36872905-5&cid=327041742.1711011154&jid=642682261&_u=YGDAiAABBAAAAGAkJg~&z=1870989399

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3617363145015639 Show response
connect.facebook.net/signals/config/ 62 KB
13 KB 175ms
174ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3617363145015639?v=2.9.150&r=stable&domain=www.trendmicro.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

8f9dbd5fe4abbb87986d718a3b84515680dde4a6ca64d98949443715a458d845

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 21 Mar 2024 08:52:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=64, mss=1288, tbw=62796, tp=-1, tpl=-1, uplat=139, ullat=0
pragma: public
x-fb-debug: 6/MxQFIqCTPYCp4KNoDKMkIzT9dqVyt3ixeslE+2bOAdgxN9U5FtGAmut907LTr85UQ86nY/hhC9WUsAUZZwFA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200 /
log.opentracker.net/ 44 B
235 B 478ms
28ms Image
image/gif 172.104.139.173
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.opentracker.net/?p=1&mid=1711011154443%3A1711011154443&fv=true&ti=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&sh=1200&sw=1600&sc=24&lc=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&ref=&t0=1711011154445&cld=Thu%20Mar%2021%202024%2009%3A52%3A34%20GMT%2B0100%20(Central%20European%20Standard%20Time)&si=www.trendmicro.fr&ots=1.1711011154445.1711011154445.1711011154445&otui=2040846486.1711011154445.1711011154445.1711011154445.1.1.0&otr=false&otor=false&otpe=false&ot_site=www.trendmicro.fr&pix&rnd=54681
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 172.104.139.173 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 172-104-139-173.ip.linodeusercontent.com
Software: /
Resource Hash: 2f8847dddd520cab371dd2e596ea27f647fbf18dcda0dadc2e7a8ec6af7614ab

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 08:52:35 GMT
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 44
Content-Type: image/gif;charset=ISO-8859-1

GET
H/1.1 200
OK /
log.leadboxer.com/ 44 B
216 B 465ms
31ms Image
image/gif 172.104.128.166
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.leadboxer.com/?p=1&mid=1711011154443%3A1711011154443&fv=true&ti=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&sh=1200&sw=1600&sc=24&lc=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&ref=&t0=1711011154445&cld=Thu%20Mar%2021%202024%2009%3A52%3A34%20GMT%2B0100%20(Central%20European%20Standard%20Time)&si=www.trendmicro.fr&ots=1.1711011154445.1711011154445.1711011154445&otui=2040846486.1711011154445.1711011154445.1711011154445.1.1.0&otr=false&otor=false&otpe=false&ot_site=www.trendmicro.fr&pix&rnd=54681
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.128.166 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1644-166.members.linode.com
Software: Apache-Coyote/1.1 /
Resource Hash: 2f8847dddd520cab371dd2e596ea27f647fbf18dcda0dadc2e7a8ec6af7614ab

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 08:52:34 GMT
Cache-Control: no-cache
Server: Apache-Coyote/1.1
Content-Length: 44
Content-Type: image/gif;charset=ISO-8859-1

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2908409&time=1711011154690&li_adsId=3808e5db-bed4-4718-89fc-4bd5a4a6ca3d&url=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamci...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2908409&time=1711011154690&li_adsId=3808e5db-bed4-4718-89fc-4bd5a4a6ca3d&url=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamci...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2908409%26time%3D1711011154690%26li_adsId%3D3808e5db-bed4-4718-89fc-4bd5a4a6ca3d%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2908409&time=1711011154690&li_adsId=3808e5db-bed4-4718-89fc-4bd5a4a6ca3d&url=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamci...

0
161 B

415ms
415ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2908409&time=1711011154690&li_adsId=3808e5db-bed4-4718-89fc-4bd5a4a6ca3d&url=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&cookiesTest=true&liSync=true
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:35 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: C7869B2B2A744670AECB62F2E702DCF8 Ref B: MRS20EDGE0122 Ref C: 2024-03-21T08:52:35Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYUJ9QllSqyRhRCk5bTfw==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 08:52:35 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYUJ9QioDW50P5eW5TeXQ==
pragma: no-cache
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: F958BEA6C5D54E64B02A4C5BD9DE8F00 Ref B: MRS20EDGE0122 Ref C: 2024-03-21T08:52:35Z
x-frame-options: sameorigin
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2908409&time=1711011154690&li_adsId=3808e5db-bed4-4718-89fc-4bd5a4a6ca3d&url=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK visitWebPage
945-cxd-062.mktoresp.com/webevents/ 2 B
318 B 1548ms
126ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://945-cxd-062.mktoresp.com/webevents/visitWebPage?_mchNc=1711011154697&_mchCn=&_mchId=945-CXD-062&_mchTk=_mch-trendmicro.com-1711011154696-25413&_mchHo=www.trendmicro.com&_mchPo=&_mchRu=%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 08:52:36 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 29cfc988-7690-4a82-a056-9e21d9dd6d0b

GET
H2 200 sm.25.html Show response
static.addtoany.com/menu/ Frame 50B1 716 B
730 B 66ms
65ms Document
text/html 104.22.71.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.25.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.71.197 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.trendmicro.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

access-control-allow-origin: *
age: 12520
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 867cb4e50f5e5271-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 08:52:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wU20Yb%2BBplEo29l%2FK9Yoydeb3jaQuEI%2BkziT5qdWQtbULCRYDAxKu45kOg%2Ff5gJcaoL4rmQXysTn4pZ4ctgn8hOC1IszljeGQQgGiys8jBnZjpmiSlu2fhGOerQLd5Z0crPLZ0P"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 core.Ep5bSEmr.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 481ms
66ms Script
application/javascript 104.22.71.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.71.197 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.trendmicro.com/
Origin: https://www.trendmicro.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14307
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"a995aaed2cd978eb5749462d1dc3635e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7MKwCOJwMtM4AEqCFhpUoLYRkaLAZdFv%2Fnsz%2FsvVmOULogQ2ia3CydHcGBWgVaBHyY3KDUwhjC1QOGLcQD76anqSepjM%2FMvG4ullBi2zm7N7TO7gd3c%2F5bHUAf2vQhr1OMp0Tgu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 867cb4e79c71ba9d-MXP

GET
H2 200 69.c978c5584f881e790132.js Show response
load.sumome.com/ 114 KB
38 KB 75ms
75ms Script
application/javascript 169.150.247.38
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/69.c978c5584f881e790132.js
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 169-150-247-38.bunnyinfra.net
Software: BunnyCDN-DE1-1081 /
Resource Hash: 33bc1e4cb0149bcd78b51946dd003707ffa7ecfce57fc898f60a2ca39538cfbf

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-amz-request-id: 1N4R9PQRDB0H4H04
cdn-cachedat: 03/19/2024 20:35:18
cdn-pullzone: 1686293
x-amz-id-2: iupVD5pquUnQjdplqS/DG+NVhl0gBuVyze3TLbBuUsulDY+IZay885tDHw0rBmdYN/ROKXXopdk=
last-modified: Tue, 19 Mar 2024 18:22:18 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"3dae70388578c04a238027665e47b465"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=31536000
cdn-requestid: fca8ee1c69bfe8d9b1f57b65c59f132e
cdn-requestcountrycode: IT
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 70.c978c5584f881e790132.js Show response
load.sumome.com/ 305 KB
106 KB 35ms
35ms Script
application/javascript 169.150.247.38
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/70.c978c5584f881e790132.js
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 169-150-247-38.bunnyinfra.net
Software: BunnyCDN-DE1-1081 /
Resource Hash: 765fe57b204048f057b2ec41b9ccd659a95cb6812069909809a200f0c324f3d6

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:34 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-amz-request-id: MHTYBQ2AGJ462G6T
cdn-cachedat: 03/19/2024 18:23:31
cdn-pullzone: 1686293
x-amz-id-2: Ec0z/AMQpg61mKHmdl7wlSSTt6sPjVNgb0VOdNUFN+q+V84Zr9tpuShKWxu21xZWLP91EMg76PY=
last-modified: Tue, 19 Mar 2024 18:22:18 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"4400357c24e17d0ffc79e80e8c71afe9"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=31536000
cdn-requestid: ba9942d743d12c37ebbbebf63eda7c52
cdn-requestcountrycode: IT
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200 / Show response
script.opentracker.net/ 23 KB
7 KB 44ms
44ms Script
text/javascript 172.104.239.35
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://script.opentracker.net/?site=www.trendmicro.fr
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.239.35 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1815-35.members.linode.com
Software: /
Resource Hash: 24e22507b02ff38435d5956214b14ded35c87d005d700975d099baa23cffe31d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 08:52:33 GMT
Cache-Control: no-cache
Content-Encoding: gzip
vary: Origin,Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET activityi;src=6240125;type=windo0;cat=trend003;ord=6274135721982.741
6240125.fls.doubleclick.net/ Frame 8084 0
0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 908ms
28ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3617363145015639&ev=PageView&dl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&rl=&if=false&ts=1711011154913&sw=1600&sh=1200&v=2.9.150&r=stable&a=tmtealium&ec=0&o=4126&fbp=fb.1.1711011154911.419446950&cs_est=true&ler=empty&cdl=API_unavailable&it=1711011154670&coo=false&rqm=GET

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=10, mss=1288, tbw=2758, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 21 Mar 2024 08:52:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET activityi;src=6240125;type=windo0;cat=trend003;ord=9610545078773.832
6240125.fls.doubleclick.net/ Frame 8084 0
0

GET
H2 200 index.js Show response
assets.adoberesources.net/builds/2e002edac02f17141cc631c4d3cd772932f77ce1/dist/core/src/ 164 KB
40 KB 43ms
42ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adoberesources.net/builds/2e002edac02f17141cc631c4d3cd772932f77ce1/dist/core/src/index.js
Requested by: Host: assets.adoberesources.net
URL: https://assets.adoberesources.net/loader.js?orgId=29C656F85FE1CBB80A495C08%40AdobeOrg&instanceId=trendmicroincorporated&env=prod&geo=va7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ecf05e61b777f6259e5eee9a1f8e2e0b8c0ee517e5bc68397bc33b954a0f6984

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:35 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2024 21:50:51 GMT
server: AkamaiNetStorage
etag: "c783c2b69491c4ac34fd71210a49044d:1710971451.074892"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=246
accept-ranges: bytes
content-length: 40283
expires: Thu, 21 Mar 2024 08:56:41 GMT

GET
H2 200 index.js Show response
assets.adoberesources.net/builds/2e002edac02f17141cc631c4d3cd772932f77ce1/dist/core-ui/src/ 171 KB
45 KB 96ms
96ms Script
application/x-javascript 23.35.236.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adoberesources.net/builds/2e002edac02f17141cc631c4d3cd772932f77ce1/dist/core-ui/src/index.js
Requested by: Host: assets.adoberesources.net
URL: https://assets.adoberesources.net/loader.js?orgId=29C656F85FE1CBB80A495C08%40AdobeOrg&instanceId=trendmicroincorporated&env=prod&geo=va7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-237.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d51896f359c81dc33404803c3865908779ff90223b398beb21594a00ff739451

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:35 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2024 21:50:50 GMT
server: AkamaiNetStorage
etag: "938caef400b5daf05b8b6c8928bb6607:1710971450.991195"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=250
accept-ranges: bytes
expires: Thu, 21 Mar 2024 08:56:45 GMT

GET
H2 200 activation Show response
hummingbirdwebsocket-va7.cloud.adobe.io/ 31 B
155 B 886ms
330ms Fetch
application/json 20.186.185.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://hummingbirdwebsocket-va7.cloud.adobe.io/activation?contentUrl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&sessionId=&forceSessionId=&orgId=29C656F85FE1CBB80A495C08%40AdobeOrg&instanceId=trendmicroincorporated&ecid=&mkto_trk=_mch-trendmicro.com-1711011154696-25413&timeZone=Europe%2FRome&liveStreamId=&leadEmail=&uiType=chatbot
Requested by: Host: assets.adoberesources.net
URL: https://assets.adoberesources.net/builds/2e002edac02f17141cc631c4d3cd772932f77ce1/dist/core/src/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.186.185.227 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: adobe /
Resource Hash: 64aaaebe719f5b40769347c1614638fe3920e36b34cf72f7f014acb4f0ca4591

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 21 Mar 2024 08:52:35 GMT
server: adobe
etag: W/"1f-dyzKdl3Xf0NtxQ5ItCF4t8uRtFY"
content-length: 31
content-type: application/json; charset=utf-8

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 254ms
253ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=e55146e6-5efb-4461-8606-c47f548269b3&session=b8bd12ac-1a4c-4f03-8876-b53874b7a2f2&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2021%20Mar%202024%2008%3A52%3A35%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2021%20Mar%202024%2008%3A52%3A34%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%221001%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-27198%20and%20CVE-2024-27199%20are%20vulnerabilities%20within%20the%20TeamCity%20On-Premises%20platform%20that%20can%20allow%20attackers%20to%20gain%20administrative%20control%20over%20affected%20systems.%22%2C%22keywords%22%3A%22malware%2Cexploits%20%26%20vulnerabilities%2Cresearch%2Ccyber%20threats%2Cendpoints%2Cransomware%2Carticles%2C%20news%2C%20reports%22%2C%22title%22%3A%22TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&pageViewId=a317d4ed-cc88-4bba-8cb4-fbeff807c230&an_uid=0&v=1.1.15

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:35 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 config Show response
api.equally.ai/api/v1/widget/ 36 KB
36 KB 161ms
160ms XHR
application/json 52.20.143.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.equally.ai/api/v1/widget/config?apiKey=82MjGgGBc5p9X1otEipH&userID=808079d55d05b124ff85619540644bfb
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.20.143.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-143-177.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a76488e4ba6a708ac7f62edd5e5cf8c88cc3d5658da0a779c57a3e0e19c854e4

Request headers

Referer: https://www.trendmicro.com/
accept-language: it-IT,it;q=0.9
X-Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 21 Mar 2024 08:52:36 GMT
server: nginx
content-length: 36890
apigw-requestid: U-NFRiE_IAMEV8A=
content-type: application/json

OPTIONS
H2 204 config
api.equally.ai/api/v1/widget/ Frame 0
0 595ms
152ms Preflight 52.20.143.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.equally.ai/api/v1/widget/config?apiKey=82MjGgGBc5p9X1otEipH&userID=808079d55d05b124ff85619540644bfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.20.143.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-143-177.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-referer
Access-Control-Request-Method: GET
Origin: https://www.trendmicro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: U-NFPj9fIAMEVfw=
date: Thu, 21 Mar 2024 08:52:36 GMT
server: nginx

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
198 B 220ms
219ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.trendmicro.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 21 Mar 2024 08:52:35 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: D6C101FAADA94474B53EED8CB407192A Ref B: MRS20EDGE0122 Ref C: 2024-03-21T08:52:36Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://www.trendmicro.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYUJ9QsFILHSvlpRrtdBw==

GET
H2 200 core Show response
js.driftt.com/ Frame 5648 2 KB
1 KB 163ms
162ms Document
text/html 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

32ac58e9211746f23be43c1a08e9fd2ea1e70894c9b346ceb2ec5b6a4d2e855c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.trendmicro.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 08:52:36 GMT
etag: W/"43f6ef3eb7cdf84d04fbe559fe20d0ca"
last-modified: Mon, 11 Mar 2024 20:33:26 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-id: EvN_WWMjz_ak7WmzxFfpdMCLh1oWWkWmq3Cjqd4idNxrAFa0k8iSJQ==
x-amz-cf-pop: MAD51-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: Xk2ApDiIfF4vsXUInZWMQVectuDNMd3P
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 16

GET
H2 200 chat Show response
js.driftt.com/core/ Frame B4AB 2 KB
1 KB 399ms
399ms Document
text/html 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1711011300000/sv2uuh4gw3ms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

32ac58e9211746f23be43c1a08e9fd2ea1e70894c9b346ceb2ec5b6a4d2e855c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.trendmicro.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 08:52:36 GMT
etag: W/"43f6ef3eb7cdf84d04fbe559fe20d0ca"
last-modified: Mon, 11 Mar 2024 20:33:26 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-id: zj51Rs2FOIfWjLgrUUb3T0wZElWoGDG4T_zFkmgrsRZ22t-Oxaayqg==
x-amz-cf-pop: MAD51-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: Xk2ApDiIfF4vsXUInZWMQVectuDNMd3P
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 14

POST
H2 200 / Show response
sumome.com/api/load/ 795 B
1 KB 640ms
205ms XHR
application/json 54.244.4.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumome.com/api/load/

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.244.4.179 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-4-179.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

75fdf57b7ecfa013bcc9a4cf30302323c42faee9913f99fadbf1807a31fb14d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.trendmicro.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 21 Mar 2024 08:52:36 GMT
content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
server: nginx/1.21.5
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.trendmicro.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 795

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 252ms
251ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=e55146e6-5efb-4461-8606-c47f548269b3&session=b8bd12ac-1a4c-4f03-8876-b53874b7a2f2&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2021%20Mar%202024%2008%3A52%3A36%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2021%20Mar%202024%2008%3A52%3A35%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-27198%20and%20CVE-2024-27199%20are%20vulnerabilities%20within%20the%20TeamCity%20On-Premises%20platform%20that%20can%20allow%20attackers%20to%20gain%20administrative%20control%20over%20affected%20systems.%22%2C%22keywords%22%3A%22malware%2Cexploits%20%26%20vulnerabilities%2Cresearch%2Ccyber%20threats%2Cendpoints%2Cransomware%2Carticles%2C%20news%2C%20reports%22%2C%22title%22%3A%22TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&pageViewId=a317d4ed-cc88-4bba-8cb4-fbeff807c230&an_uid=0&v=1.1.15

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:36 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 runtime~main.116b73f6.js Show response
js.driftt.com/core/assets/js/ Frame 5648 6 KB
3 KB 53ms
52ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

83a1088237eb2a988a69f8db6a56993c1d49b151f51b557f9e0474781e574382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
Origin: https://js.driftt.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:33:25 GMT
x-amz-version-id: 1P82BNX74XsNPu3eys_SW395jIzb0Ina
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 821951
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Mon, 11 Mar 2024 20:13:32 GMT
server: istio-envoy
etag: W/"48be90169fe0ba4b6b870650832b40b6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: F29H9nOrg7vms0NmTCLQK9Ibjbmd0m09WKmxVcPnHFouXVncmmDOmw==

GET
H2 200 9.4a3e9801.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 35 KB
13 KB 71ms
70ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
Origin: https://js.driftt.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 04:31:52 GMT
x-amz-version-id: P2CnU4dglGqXmLvHVQUiIIbamLNNMwyg
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 5113244
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 23
last-modified: Fri, 19 Jan 2024 18:48:21 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HJkV_yqpeZfrOmGg0WnH0n18bahYX20dxozu4HuW-d_QWJ8qrRnUbQ==

GET
H2 200 main~493df0b3.9e1d5232.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 7 KB
3 KB 73ms
73ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.9e1d5232.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9dcb7df984f468cee4f41f0e76ea672a02601350aefe9bccffa7bd0120782941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
Origin: https://js.driftt.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id: rlUjojg2gTbtwdGP_pdjObQJE7FQKLQJ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Fri, 08 Mar 2024 21:52:28 GMT
server: istio-envoy
etag: W/"73b9f4a9eb62a2176090bf9c21a639a7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8Uy1lBb6uRnFBhbPSs_SaNqTPNSgjilSrt-lGkXnsLUsKeI-4fz6Wg==

GET
H2 200 52.b1edaf4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 23 KB
8 KB 56ms
53ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id: O2lV9BfAoMGuWCy5h2KZx1r2hHWHdRQH
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 08 Mar 2024 21:52:27 GMT
server: istio-envoy
etag: W/"cd29b9bc973e48a7fcd0ee7153bdf03b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AVkPBwdZ9_Sl5d_HsLaV3Dnz91Ow9N-WWhuEph20oLB05IuDuBNk4Q==

GET
H2 200 35.d0f1ccda.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 36 KB
10 KB 60ms
57ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 04:31:53 GMT
x-amz-version-id: fq8kfrZsbQkjVJK.exVAbA4IcZkhXjo_
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 5113243
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 44
last-modified: Fri, 19 Jan 2024 18:48:20 GMT
server: istio-envoy
etag: W/"46fa5a7bc37a22544a908e4ad950309c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UcGLIl86a86LaZsCq0k5K_BopBCJeCTA4-vHrMoDOnth0xR2Ul8zxg==

GET
H2 200 22.6b9a301a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 32 KB
11 KB 72ms
70ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 02:35:06 GMT
x-amz-version-id: ASX5gifQ5mLvmmbg7PivixmgUUP9NeP3
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 6243450
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Wed, 03 Jan 2024 21:36:01 GMT
server: istio-envoy
etag: W/"d8739a9fe9a3a42936f5cd86c8727494"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XRw1hmTxZXRN9WBXxsCRao6iUECS1cIkxXtyrOyUbN5n1te_rVkZ_A==

GET
H2 200 19.6f85b843.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 17 KB
6 KB 72ms
71ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:57 GMT
x-amz-version-id: DbwcQn3g_fkeD8DIIgOY5MqJQcEFzwP1
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 5656539
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Thu, 11 Jan 2024 23:20:33 GMT
server: istio-envoy
etag: W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: r89zgpbH8atrJAUspojixFJ_04V-LBbmQNuWYsK6mQrqD6z5g63wfg==

GET
H2 200 43.7ac85d58.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 25 KB
8 KB 73ms
71ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.7ac85d58.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

63c035e2f43180086b19ec08f35c8deee82b2b804ddfcf92f7f0e6d835957bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id: kSQfBnXe3RrQ76A7.epJ9X5L3Vb2TouI
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Fri, 08 Mar 2024 21:52:27 GMT
server: istio-envoy
etag: W/"48be1563378f7c36bdadc0f2eb616856"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YSwAupdzDqvthrTp6x_0H97DumkNiK2MHhW0TE_ExDXq_I0UEVr2pg==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 74 KB
23 KB 89ms
87ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 04:31:53 GMT
x-amz-version-id: PXT8yWGFqAZQ.y1iePvroflRi4C.xHMB
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 5113243
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 32
last-modified: Fri, 19 Jan 2024 18:48:20 GMT
server: istio-envoy
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wWkUcZTyPgiPTbgqUVano4JeCwcPSJX6EV7ny5IcXAkPCb7rJwYpbw==

GET
H2 200 26.04e7f30b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 66 KB
20 KB 90ms
89ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 04:31:53 GMT
x-amz-version-id: oHAxFfOI.BBzS4vMpqolAZceVKpcTFWk
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 5113243
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 32
last-modified: Fri, 19 Jan 2024 18:48:20 GMT
server: istio-envoy
etag: W/"49ce5445ddcf5d24ef3badc4eb1a11dd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QcBJ5nV44D-nQdevNpibcIg5FlDQjoXOb9MJqI7RCv8igJg2ugPcbg==

GET
H2 200 14.e24a6190.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 91 KB
28 KB 106ms
104ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 04:31:53 GMT
x-amz-version-id: QPIZH3VD0WDXr5RF0il6mYOPUtdRfIkL
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 5113243
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 19 Jan 2024 18:48:19 GMT
server: istio-envoy
etag: W/"16d7ae86e21434a32157d3226ac9bb77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NJX_2GkEeHlIxzT8QMwbsXvvMXqr8n0EyQcHp6dBIt4_fRm3n0hrWw==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 23 KB
7 KB 107ms
106ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:57 GMT
x-amz-version-id: fTPxsmx5We5V2pMGDl1ykjBzTcYFF2dc
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 5656539
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Thu, 11 Jan 2024 23:20:32 GMT
server: istio-envoy
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: w9-t3vFAXFkMRBR9LlznBkmmCQswqYt_euOGnf09ay5O_wALWm4xqg==

GET
H2 200 18.9c1bd1fb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 62 KB
20 KB 108ms
107ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 04:31:52 GMT
x-amz-version-id: CYoP2lRQcsOHCpTgtpB9USWpj6ziONsI
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 5113243
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 12
last-modified: Fri, 19 Jan 2024 18:48:20 GMT
server: istio-envoy
etag: W/"02f09379c544befa413d22eb57ed41de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pUJ1F6ZjyzdYSXzCKVk7NrnKS3l_W4Zwi3Ofg_Bg6G_qooyLdxgXMQ==

GET
H2 200 50.de3b5864.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 105 KB
34 KB 126ms
125ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/50.de3b5864.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id: BecLvOdVAWkrJUptshR_Vz6xe2maTdmW
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 08 Mar 2024 21:52:27 GMT
server: istio-envoy
etag: W/"114785899ceb423273fcc17aaad202e9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vOn9bYbzvKY-hIAlkgzDy1S1Is8M3c8tHSfEIeCGuAPMUSUYGWeRFg==

GET
H2 200 42.f634da7c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 12 KB
4 KB 128ms
127ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.f634da7c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

df3b4f7ee9b54dc67162d74792e3906d8888a0a83068b490fb6830cc6954d5c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id: vXeKg.tGpOUOXbODWyYzAbmB8cSGPgwQ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 08 Mar 2024 21:52:27 GMT
server: istio-envoy
etag: W/"c65db597e762d33246cfbec56b886523"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5fx4Nn_7J_1AyONynG6qV39ytxMoL5P-er-6f62Lju8CR0QbpQNlKg==

GET
H2 200 29.31d09948.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 13 KB
6 KB 128ms
128ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.31d09948.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 02:35:06 GMT
x-amz-version-id: KTTi4yCTy1UGa3DumhwoXuyKnL5aShJx
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 6243450
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Wed, 03 Jan 2024 21:36:01 GMT
server: istio-envoy
etag: W/"455157cb49065fb85fed54901ddaeb0e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q29JdA5BpIWvzCOn3h9G_qFLusHcwFJOwj8T13Qgcw4vBkZAmyoCWg==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 17 KB
7 KB 129ms
128ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:57 GMT
x-amz-version-id: mbKfJZbsWw.V.LuUA4S0Y6Eza3IzJhvH
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 5656539
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 13
last-modified: Thu, 11 Jan 2024 23:20:33 GMT
server: istio-envoy
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GbVBLRI38p3RfMCyg6Z8kwBKCnHdzkUQzJ4AQ19wcCanYVwfgosyzg==

GET
H2 200 8.ab226b4a.chunk.css
js.driftt.com/core/assets/css/ Frame 5648 31 KB
4 KB 129ms
128ms Stylesheet
text/css 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.ab226b4a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ff8f406b684c6674dbd3705d3f6d2cd10b5eedbc2c67a7773f235d69ef122d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 21:38:16 GMT
x-amz-version-id: Iy50rWLvnka9klYMF5qa_8hsgho0e_uB
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 4706060
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Fri, 26 Jan 2024 18:11:46 GMT
server: istio-envoy
etag: W/"1e97f00f07b87f701d0bf06259f954e4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 72Ux0kOu6PGXSP5C-ljiyCeExV_MCVUZD8WgSudJi_NtmbMRUD7UMg==

GET
H2 200 8.936ecc7b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 82 KB
26 KB 130ms
129ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.936ecc7b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2a6798144639128186f875d40209d2974025f20d7e11247a15ae93a943fbc5a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id: FQouIpJB67.TtbWNnCfyFf1DGTjBcG.T
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 47
last-modified: Fri, 08 Mar 2024 21:52:28 GMT
server: istio-envoy
etag: W/"f5556c13c2079425542f4c096b2ce080"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DDrrjwZWIGO20qAxkNglaeYxTZniqg-bdKlVnmcWnvea3SlPAbGI-g==

GET
H2 200 16.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 5648 24 B
697 B 131ms
130ms Stylesheet
text/css 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:57 GMT
x-amz-version-id: cjmAovuEiO_UgT_SbmRc4LEODevxIfAQ
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MAD51-C2
age: 5656539
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 12
content-length: 24
last-modified: Thu, 11 Jan 2024 23:20:31 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AvfY-IW2tneI0zNFFS47ouJ0U5eWbigNvExJYjOVpHWmQ6PewgfFMQ==

GET
H2 200 16.11fbfe91.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 93 KB
24 KB 138ms
138ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.11fbfe91.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c0bb47b69b5ee22057a3c661e95661c72aff43895a545655c818884c341a989f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id: z3o_HHOeuy1UElwxf68oZYXhsU2pCtPK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Fri, 08 Mar 2024 21:52:26 GMT
server: istio-envoy
etag: W/"648b5bf0ecc273c631d2a26fe0984dc1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7UO_ne1uvV-7w7quGV_lvAJm1WBVP2w0f2uFzbe0NDzC596Hzlh2lg==

GET
H2 200 24.efe55fb2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 51 KB
14 KB 142ms
142ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.efe55fb2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

4e098a9d431d9fc4e4cb77057760ff506fd0cbbcfbfce59f1c30d88f8fa01be0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:33:25 GMT
x-amz-version-id: zLPip1evuIT3lMB0y7bldjjKQGFoZPDc
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 821951
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Mon, 11 Mar 2024 20:13:30 GMT
server: istio-envoy
etag: W/"33a0f37f879cb0561d6751c995d660a7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ESISkdLBWOf9i_qx7wU2PJ-Q-iuYmJ_nXZeTV2MHCfixqJnhnkS38g==

GET
H2 200 17.37d97059.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 41 KB
13 KB 143ms
143ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.37d97059.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

796519ebc8d7edbcb37a42b98be60ed304998eabdf8d26fa2f60b41331d0a627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:33:25 GMT
x-amz-version-id: Gratp3sycpdqsaiklnAY8j0B1idZrtk6
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 821950
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 27
last-modified: Mon, 11 Mar 2024 20:13:29 GMT
server: istio-envoy
etag: W/"dade390e0df80c6f2569b3f376adfd1f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _w_eV0iuNqLkXKUOlIFFHLuOSq1EOnqIt4MiL5p3qt_m7oEsY1W0QA==

GET
H2 200 runtime~main.116b73f6.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 6 KB
3 KB 53ms
52ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

83a1088237eb2a988a69f8db6a56993c1d49b151f51b557f9e0474781e574382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
Origin: https://js.driftt.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:33:25 GMT
x-amz-version-id: 1P82BNX74XsNPu3eys_SW395jIzb0Ina
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 821951
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Mon, 11 Mar 2024 20:13:32 GMT
server: istio-envoy
etag: W/"48be90169fe0ba4b6b870650832b40b6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2_jF4txbNBQKVNSa6d00bHArWP16-6p1SdxB7nIBaD0kXHh25MZ3Dg==

GET
H2 200 9.4a3e9801.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 35 KB
13 KB 53ms
53ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
Origin: https://js.driftt.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 04:31:52 GMT
x-amz-version-id: P2CnU4dglGqXmLvHVQUiIIbamLNNMwyg
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 5113244
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 23
last-modified: Fri, 19 Jan 2024 18:48:21 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WTzYoWZBpulohZ3vfQM8xNSoRSiiER1jCUi57DTuAfKE01jNMhboCw==

GET
H2 200 main~493df0b3.9e1d5232.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 7 KB
3 KB 54ms
54ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.9e1d5232.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9dcb7df984f468cee4f41f0e76ea672a02601350aefe9bccffa7bd0120782941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
Origin: https://js.driftt.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id: rlUjojg2gTbtwdGP_pdjObQJE7FQKLQJ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Fri, 08 Mar 2024 21:52:28 GMT
server: istio-envoy
etag: W/"73b9f4a9eb62a2176090bf9c21a639a7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CrlGwZV8dtue-zLJQQtPpfsuxB5eJ4bSqjrxZiDaX-TSqutdXLFoIA==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 9 KB
3 KB 55ms
54ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 04:31:53 GMT
x-amz-version-id: 08r2XpGeoDFNMbu2KdA5sUcNzgA7P3Es
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 5113243
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 19 Jan 2024 18:48:19 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HXEENpon6ysHnV8D3_CyYBc5FAT1PGDuIa3J7Xlksq5uaCW-ypFfcw==

GET
H2 200 31.c043863a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 27 KB
9 KB 55ms
54ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/31.c043863a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7236ba4d18121d1c1e55329fd2110eb585b49ded5d66b2fe461f15369c7d3dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id: xQshf8Fb.UbAzXwlaVlUWAyR86uYq5q8
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 08 Mar 2024 21:52:27 GMT
server: istio-envoy
etag: W/"80a16a7469ece9a85df7ac8d39605662"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tTcy0WQEYM1n9A4-nGOgsFv9etmwGUKt3-vOwnXe2ZLuFU70IN79Lw==

GET
H2 200 27.b5e8f5e1.chunk.css
js.driftt.com/core/assets/css/ Frame 5648 8 KB
2 KB 54ms
53ms Stylesheet
text/css 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/27.b5e8f5e1.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7849ba1748f8188749df28e9d59ca4e570a8495684353d8df4715fa70a81e787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:33:40 GMT
x-amz-version-id: zyzXY0HiUV0Kx0xDA0irOuT14sRG0uSI
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1858736
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Wed, 28 Feb 2024 20:09:21 GMT
server: istio-envoy
etag: W/"e7107bc29ccb3c6d928f0f8f10a0f22d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2ncTIywimI3i2GCOkKCLXV9uGLquSiiHRrk8LOwNqkiGwJWZSBWK0A==

GET
H2 200 27.42a90a1f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 15 KB
6 KB 56ms
55ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.42a90a1f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b781a271d23f8fcb33421408a4ab099770b32368548f88c651c0fd1c15cb2a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id: uqJrHTB3r0l.Z3re932SJbB_rTNlMYGC
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Fri, 08 Mar 2024 21:52:26 GMT
server: istio-envoy
etag: W/"3305c113acc7be7b8411abd6abfa37ba"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uLqOQijaW7EmonhkDnbsnc2tUJI9apEdaDXjCs_T1J_dSEVwVycBXQ==

GET
H2 200 25.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 5648 365 B
1 KB 55ms
55ms Stylesheet
text/css 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 04:31:53 GMT
x-amz-version-id: WkyoejPxxQPSWuz7wp08dB3ia8IHQ973
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MAD51-C2
age: 5113243
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 26
content-length: 365
last-modified: Fri, 19 Jan 2024 18:48:18 GMT
server: istio-envoy
etag: "06b2963b029c0824382815165bfea73e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Z8RRxXxNG7_E4yDijsoUT0eZx60QZmklRhYdIWX16LebUs8eON0QXg==

GET
H2 200 25.9b0bf998.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 92 KB
25 KB 56ms
56ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.9b0bf998.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8dc3ae7b3048c6650ce35b4258f8e6486d181292ce9a851ba91e9a8cedc8c992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:11 GMT
x-amz-version-id: w1vYVnqvPS7c1kB_xxUXFRcMNruM5sce
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074565
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 08 Mar 2024 21:52:26 GMT
server: istio-envoy
etag: W/"93cac7762688667f0d703a16f04812a7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iOn_qcAVYlV7moeovRX4jlF84r9skJiFJS1w6rbT1t5LHsxgcwwtzA==

GET
H2 200 52.b1edaf4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 23 KB
8 KB 58ms
54ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id: O2lV9BfAoMGuWCy5h2KZx1r2hHWHdRQH
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 08 Mar 2024 21:52:27 GMT
server: istio-envoy
etag: W/"cd29b9bc973e48a7fcd0ee7153bdf03b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xCv9ATGoXlaiKa9LmmvXYmpnNDWpxVHw2iPcBf8tvCSvCgixEDpVQg==

GET
H2 200 35.d0f1ccda.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 36 KB
10 KB 58ms
55ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 04:31:53 GMT
x-amz-version-id: fq8kfrZsbQkjVJK.exVAbA4IcZkhXjo_
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 5113243
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 44
last-modified: Fri, 19 Jan 2024 18:48:20 GMT
server: istio-envoy
etag: W/"46fa5a7bc37a22544a908e4ad950309c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 95_MNF2UzUwcZmIi_ekX1picZ18rHvnEm5rDBRtL8ZDlDybGu32iCQ==

GET
H2 200 22.6b9a301a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 32 KB
11 KB 59ms
55ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 02:35:06 GMT
x-amz-version-id: ASX5gifQ5mLvmmbg7PivixmgUUP9NeP3
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 6243450
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Wed, 03 Jan 2024 21:36:01 GMT
server: istio-envoy
etag: W/"d8739a9fe9a3a42936f5cd86c8727494"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hBiOSWHIOtq9aQH6xgg3-qVJMJd_kwJY6gCf0717ismc5-armKqcBg==

GET
H2 200 19.6f85b843.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 17 KB
6 KB 60ms
56ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:57 GMT
x-amz-version-id: DbwcQn3g_fkeD8DIIgOY5MqJQcEFzwP1
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 5656539
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Thu, 11 Jan 2024 23:20:33 GMT
server: istio-envoy
etag: W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aLFTUChLhW-2pGjlijir-zrsIrdIPLSlWB-KCKKKUpQDj6p1JlBwlA==

GET
H2 200 43.7ac85d58.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 25 KB
8 KB 60ms
57ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.7ac85d58.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

63c035e2f43180086b19ec08f35c8deee82b2b804ddfcf92f7f0e6d835957bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id: kSQfBnXe3RrQ76A7.epJ9X5L3Vb2TouI
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Fri, 08 Mar 2024 21:52:27 GMT
server: istio-envoy
etag: W/"48be1563378f7c36bdadc0f2eb616856"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oTz-adri1xJoG2qrwCr0UUe8h27tm68UGqoivJyzdIT8DSfEJCt3sw==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 74 KB
23 KB 61ms
58ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 04:31:53 GMT
x-amz-version-id: PXT8yWGFqAZQ.y1iePvroflRi4C.xHMB
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 5113243
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 32
last-modified: Fri, 19 Jan 2024 18:48:20 GMT
server: istio-envoy
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9o5l6pICHZXEmeuadtkSxd2-YyXUvTgXSR8pE16r5pd09goJGXyb-w==

GET
H2 200 26.04e7f30b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 66 KB
20 KB 62ms
59ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 04:31:53 GMT
x-amz-version-id: oHAxFfOI.BBzS4vMpqolAZceVKpcTFWk
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 5113243
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 32
last-modified: Fri, 19 Jan 2024 18:48:20 GMT
server: istio-envoy
etag: W/"49ce5445ddcf5d24ef3badc4eb1a11dd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Rh-i-GtGzZVgnC8oVtfWU_KGvEh_IhEzBB_vK9dEWg4Ee0AoCjQSbw==

GET
H2 200 14.e24a6190.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 91 KB
28 KB 74ms
71ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 04:31:53 GMT
x-amz-version-id: QPIZH3VD0WDXr5RF0il6mYOPUtdRfIkL
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 5113243
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 19 Jan 2024 18:48:19 GMT
server: istio-envoy
etag: W/"16d7ae86e21434a32157d3226ac9bb77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wpT36aNaPaYQkG6ooZfVJDC55FEG1IZ4dTTWUDlL4mjraWfyodv9RA==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 23 KB
7 KB 75ms
72ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:57 GMT
x-amz-version-id: fTPxsmx5We5V2pMGDl1ykjBzTcYFF2dc
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 5656539
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Thu, 11 Jan 2024 23:20:32 GMT
server: istio-envoy
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zreimA_VexNcyn9pTIdk0beBSIcH_Iwlarc_r9uBcl7zJ50EFgS3JA==

GET
H2 200 18.9c1bd1fb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 62 KB
20 KB 76ms
73ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 04:31:52 GMT
x-amz-version-id: CYoP2lRQcsOHCpTgtpB9USWpj6ziONsI
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 5113243
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 12
last-modified: Fri, 19 Jan 2024 18:48:20 GMT
server: istio-envoy
etag: W/"02f09379c544befa413d22eb57ed41de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dmpn1sRPurEImDLjkHbMQJxlKyOm79SGAZCL8rbztMyI8VZnNaTsng==

GET
H2 200 50.de3b5864.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 105 KB
34 KB 78ms
76ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/50.de3b5864.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id: BecLvOdVAWkrJUptshR_Vz6xe2maTdmW
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 08 Mar 2024 21:52:27 GMT
server: istio-envoy
etag: W/"114785899ceb423273fcc17aaad202e9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RvisSIdhCEw3q_0LFY2ZUEPlyIQW23-Xu7VGO9hLiJRyJiEkZndghg==

GET
H2 200 42.f634da7c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 12 KB
4 KB 79ms
77ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.f634da7c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

df3b4f7ee9b54dc67162d74792e3906d8888a0a83068b490fb6830cc6954d5c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id: vXeKg.tGpOUOXbODWyYzAbmB8cSGPgwQ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 08 Mar 2024 21:52:27 GMT
server: istio-envoy
etag: W/"c65db597e762d33246cfbec56b886523"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SB0z46huIq1IZhprOxcdHFzIIpPytIe_fIORU7IRpVfXoSNgKjGdNg==

GET
H2 200 29.31d09948.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 13 KB
6 KB 80ms
78ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.31d09948.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 02:35:06 GMT
x-amz-version-id: KTTi4yCTy1UGa3DumhwoXuyKnL5aShJx
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 6243450
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Wed, 03 Jan 2024 21:36:01 GMT
server: istio-envoy
etag: W/"455157cb49065fb85fed54901ddaeb0e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gbWVqX9ZK9oN02h252eoCpFzJJDtQEdwsGqYoFb4jYO84mMxMtPcyg==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 17 KB
7 KB 80ms
78ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:57 GMT
x-amz-version-id: mbKfJZbsWw.V.LuUA4S0Y6Eza3IzJhvH
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 5656539
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 13
last-modified: Thu, 11 Jan 2024 23:20:33 GMT
server: istio-envoy
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: p_hZocL4LgDRGWORlF0s_BT9_zM1OOci4_-RWqlcPy3PeO6SeroT6w==

GET
H2 200 8.ab226b4a.chunk.css
js.driftt.com/core/assets/css/ Frame B4AB 31 KB
4 KB 76ms
74ms Stylesheet
text/css 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.ab226b4a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ff8f406b684c6674dbd3705d3f6d2cd10b5eedbc2c67a7773f235d69ef122d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 21:38:16 GMT
x-amz-version-id: Iy50rWLvnka9klYMF5qa_8hsgho0e_uB
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 4706060
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Fri, 26 Jan 2024 18:11:46 GMT
server: istio-envoy
etag: W/"1e97f00f07b87f701d0bf06259f954e4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lY6cITqEgxE4Xip0Tbf6ENz_Q4JlcS4M9Wc-OKDrwUUPAl-v4Z1AWw==

GET
H2 200 8.936ecc7b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 82 KB
26 KB 81ms
79ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.936ecc7b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2a6798144639128186f875d40209d2974025f20d7e11247a15ae93a943fbc5a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id: FQouIpJB67.TtbWNnCfyFf1DGTjBcG.T
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 47
last-modified: Fri, 08 Mar 2024 21:52:28 GMT
server: istio-envoy
etag: W/"f5556c13c2079425542f4c096b2ce080"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ccmTOj3KcG13F5xOQI08KJo_SULz-JteGRUHIZ3G4WxStG3ftB5prQ==

GET
H2 200 16.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame B4AB 24 B
697 B 77ms
75ms Stylesheet
text/css 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:57 GMT
x-amz-version-id: cjmAovuEiO_UgT_SbmRc4LEODevxIfAQ
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MAD51-C2
age: 5656539
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 12
content-length: 24
last-modified: Thu, 11 Jan 2024 23:20:31 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3CJP-7GEOBZs5bBd3Tpo3anu137VbYhgmrjsUJxNT7IffNX2132wZg==

GET
H2 200 16.11fbfe91.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 93 KB
24 KB 81ms
80ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.11fbfe91.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c0bb47b69b5ee22057a3c661e95661c72aff43895a545655c818884c341a989f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id: z3o_HHOeuy1UElwxf68oZYXhsU2pCtPK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Fri, 08 Mar 2024 21:52:26 GMT
server: istio-envoy
etag: W/"648b5bf0ecc273c631d2a26fe0984dc1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Uc9_3AHePnC03BnJmgBDY4h70JVKJNPsL7V1HzGU1xN9ufzJjPDTiA==

GET
H2 200 24.efe55fb2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 51 KB
14 KB 89ms
88ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.efe55fb2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

4e098a9d431d9fc4e4cb77057760ff506fd0cbbcfbfce59f1c30d88f8fa01be0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:33:25 GMT
x-amz-version-id: zLPip1evuIT3lMB0y7bldjjKQGFoZPDc
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 821951
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Mon, 11 Mar 2024 20:13:30 GMT
server: istio-envoy
etag: W/"33a0f37f879cb0561d6751c995d660a7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Cb7tlketYoinyOxn4YNydavGB1U1A3VJptOx0uVCs-YAoqRfX5OhPg==

GET
H2 200 17.37d97059.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 41 KB
13 KB 90ms
89ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.37d97059.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

796519ebc8d7edbcb37a42b98be60ed304998eabdf8d26fa2f60b41331d0a627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:33:25 GMT
x-amz-version-id: Gratp3sycpdqsaiklnAY8j0B1idZrtk6
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 821950
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 27
last-modified: Mon, 11 Mar 2024 20:13:29 GMT
server: istio-envoy
etag: W/"dade390e0df80c6f2569b3f376adfd1f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: O5a-Nh2hVlUB81_rk5iXIrC4QwA46zlm_x7kQ19WqBxtVVI4Sj6tqA==

GET
H2 200 39.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame B4AB 3 KB
1 KB 54ms
54ms Stylesheet
text/css 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/39.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id: UcZhIKxPiJynhkWzqWd9d6dr.VpqzWB3
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Fri, 08 Mar 2024 21:52:24 GMT
server: istio-envoy
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LjJi9R2pm847OHfHA7gLWQ_oSZ1h5qRRLIeOAEcIyXgrEgB1IFnGWg==

GET
H2 200 39.f1d268f5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 3 KB
2 KB 55ms
55ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.f1d268f5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9373a860524d692ce81c1f8f266b511cd597a7f1dbb9fb674c57a303101c21bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:11 GMT
x-amz-version-id: uVEyZ5tRXLdtqtE229DGMUJWzGeJV7TR
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074565
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 08 Mar 2024 21:52:27 GMT
server: istio-envoy
etag: W/"b5201ff04da30312910b71e1da072dd2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iLRbjt4rYqe7AT0tcpyK6LMIsJQ9ZTUVUZUUSrAlVy6A_7wH_ROIyQ==

POST
H2 204 /
02179915.akstat.io/ 0
228 B 233ms
220ms Ping
image/gif 2.19.216.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://02179915.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/LJA84-589LU-SVNVV-WKPLQ-NBTC7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.168 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-168.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.trendmicro.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:36 GMT
content-type: image/gif
access-control-allow-origin: https://www.trendmicro.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
x-xss-protection: 0
expires: Thu, 21 Mar 2024 08:52:36 GMT

OPTIONS
H2 204 services
sumome.com/ Frame 0
0 199ms
199ms Preflight 54.244.4.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumome.com/services
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.244.4.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-244-4-179.us-west-2.compute.amazonaws.com
Software: nginx/1.21.5 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sumo-auth
Access-Control-Request-Method: POST
Origin: https://www.trendmicro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: https://www.trendmicro.com
access-control-max-age: 2592000
date: Thu, 21 Mar 2024 08:52:36 GMT
server: nginx/1.21.5

POST
H2 200 services Show response
sumome.com/ 124 B
613 B 221ms
220ms XHR
application/json 54.244.4.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumome.com/services

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.244.4.179 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-4-179.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

88d1d0dd8730d866219619561304b3b5c22e3999a59dab5f70b88384312eff0f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

X-Sumo-Auth: XC7TmjujYK1ctAUbjw5htEUw
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.trendmicro.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 21 Mar 2024 08:52:37 GMT
content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
server: nginx/1.21.5
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.trendmicro.com
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
content-length: 124

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 9 KB
3 KB 56ms
54ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 04:31:53 GMT
x-amz-version-id: 08r2XpGeoDFNMbu2KdA5sUcNzgA7P3Es
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 5113243
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 19 Jan 2024 18:48:19 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gEYzjWwrVJxjWdJlRn3aqKOXdNPEl_95BpAmNtm9m-lgBrYmJonGvg==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame B4AB 7 KB
2 KB 54ms
53ms Stylesheet
text/css 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 04:31:54 GMT
x-amz-version-id: Vrii1QAwAk2mMl0tO4UF6jc4.fwSSWea
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 5113242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 19 Jan 2024 18:48:18 GMT
server: istio-envoy
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bAIsC1TwrslIcIxNrmTGDKJA8Y76Y9qznIGkdn9yZQdQ5Pzq5UUEbg==

GET
H2 200 3.2a4c7561.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 46 KB
14 KB 56ms
55ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.2a4c7561.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

257cbdcb36feb3ef9bc1c5bdb9c777af5ae08f0834ece8a4ce5d74fbfeb7ea0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:11 GMT
x-amz-version-id: Ij0e.e6AkWNNfAhEvnGK4qzljUH2ysS9
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074565
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 08 Mar 2024 21:52:27 GMT
server: istio-envoy
etag: W/"2d79b64b95d2aa829a460e0d02cca148"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wOLjnpy5hEXQ6yUzjSHt-JQGBasRlOPRF-Vr9JLDRzdDKRfVJEL6ug==

GET
H2 200 1.1bcc8082.chunk.css
js.driftt.com/core/assets/css/ Frame B4AB 44 KB
7 KB 54ms
53ms Stylesheet
text/css 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.1bcc8082.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:11 GMT
x-amz-version-id: J9K9ed_T2U1DfO8_gHKqtr8IE2EyErto
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074565
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 24
last-modified: Fri, 08 Mar 2024 21:52:24 GMT
server: istio-envoy
etag: W/"3b8ba82e1bac13ee29e9764a55620d99"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zJcjUhNRfZSzCbtdib0_FAI9QuzztxAn9Ti5W9_UG0n1ZqqYWFz-3A==

GET
H2 200 1.e85d7ac7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 73 KB
25 KB 56ms
56ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.e85d7ac7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

be971140ab0a1717adb1a00cc77b30392799132f9493fa12e3ae6125c4474397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:11 GMT
x-amz-version-id: l5W_uQvW_IlwbRhp8acJTVWIqJn8bj5m
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074565
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Fri, 08 Mar 2024 21:52:25 GMT
server: istio-envoy
etag: W/"e6e6eb57e75c25c19fa49b6a49852936"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pSB-O9_-4un2k4sT8PBjOGPTvAHWnMKs9DIGICAsobHvtZ7QPtlj8g==

GET
H2 200 28.812d5a7c.chunk.css
js.driftt.com/core/assets/css/ Frame B4AB 16 KB
3 KB 55ms
54ms Stylesheet
text/css 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/28.812d5a7c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

a03b854d10519fd5be9cdcbc78fad3927c1a3de9e84fa74353c8a19cc20d0501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:11 GMT
x-amz-version-id: 4DKwArnsEad_45FTV7lDarWR0I2cfneh
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074565
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 08 Mar 2024 21:52:24 GMT
server: istio-envoy
etag: W/"6f779260053e30787f84dfa7ba6743e5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ECEsxFQzj0Hjciu6wyDGiH44CKT5TtVY61_2d_swjRAAQwGNHNFGYQ==

GET
H2 200 28.caa75eae.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 20 KB
7 KB 57ms
57ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.caa75eae.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d51a4c1c5d8e010e04d9eb59e04242c20557bc928bc36e401c157a05c0171788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:11 GMT
x-amz-version-id: mC9SawLOV8oKr2SAmrqkSOSIj6G_pv_0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074565
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Fri, 08 Mar 2024 21:52:27 GMT
server: istio-envoy
etag: W/"481aab9660002090188fee60921b6ec7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1Onh6uCkGvggeOD3KEhDARgrMCSlykVXxGqnXF4Y5KPm66dzxyhYdQ==

POST
H2 200 v2 Show response
bootstrap.driftapi.com/widget_bootstrap/ping/ Frame 5648 207 B
849 B 318ms
158ms XHR
application/json 54.192.95.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.driftapi.com/widget_bootstrap/ping/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.95.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-95-63.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

443746c308fe991b78c8f840b5e110cc95bb7e0f4a3964cc9484496e413f3d59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 21 Mar 2024 08:52:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9d749cb7a21113d40b8187b4b33cf322.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C3
requestid: 14b598d0df96d85
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 8
content-length: 207
server: istio-envoy
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
x-amz-cf-id: 3PD-4Y1dHxIXh6XkiH4aszD6h8WU2S6SdGVLDWYIduFJNxvaLcon7Q==

OPTIONS
H2 204 config
api.equally.ai/api/v1/widget/ Frame 0
0 144ms
144ms Preflight 52.20.143.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.equally.ai/api/v1/widget/config?apiKey=82MjGgGBc5p9X1otEipH&userID=808079d55d05b124ff85619540644bfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.20.143.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-143-177.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-referer
Access-Control-Request-Method: POST
Origin: https://www.trendmicro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: U-NFUi6goAMEVgA=
date: Thu, 21 Mar 2024 08:52:36 GMT
server: nginx

GET
H2 200 OpenDyslexic-Regular.woff
widget.equally.ai/fonts/ 16 KB
17 KB 304ms
147ms Font
font/woff 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.equally.ai/fonts/OpenDyslexic-Regular.woff

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2282dbd646a0e093b6315a3692cb2ab6c9bca68d46c01f7c6fba2f1ae924a953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.trendmicro.com/
Origin: https://www.trendmicro.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:53:08 GMT
via: 1.1 52523006e1ee5c08eea6e9267e18fabe.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 3570
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 16636
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: "7312cd3f9b4e0804d9051e37e97579bf"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: font/woff
access-control-allow-origin: *
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-frame-options: SAMEORIGIN
accept-ranges: bytes
x-amz-cf-id: hEfJvSaI_wjwkOi-QQEcAQYOj_ouQzCfkGsbaNN7PWq143CxlCFthw==

POST
H2 200 config Show response
api.equally.ai/api/v1/widget/ 27 B
158 B 158ms
157ms XHR
application/json 52.20.143.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.equally.ai/api/v1/widget/config?apiKey=82MjGgGBc5p9X1otEipH&userID=808079d55d05b124ff85619540644bfb
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.20.143.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-143-177.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 16270c15435abfbd1e22c9a06378d29d8823f68d61216d61422d1b0b0643e776

Request headers

Referer: https://www.trendmicro.com/
accept-language: it-IT,it;q=0.9
X-Referer: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 21 Mar 2024 08:52:37 GMT
server: nginx
content-length: 27
apigw-requestid: U-NFVgnqoAMEVVg=
content-type: application/json

GET
H2 200 en.json Show response
widget.equally.ai/locales/ 10 KB
4 KB 196ms
97ms Fetch
application/json 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.equally.ai/locales/en.json

Requested by

Host: widget.equally.ai
URL: https://widget.equally.ai/equally-widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f3d804706c6ccb7955d146f5b9a86c200ee5788031e0c8601a0d758da2ce6e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:06:09 GMT
content-encoding: gzip
via: 1.1 52523006e1ee5c08eea6e9267e18fabe.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 3570
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: W/"c8654951b307d59acadb3324470b6d22"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-frame-options: SAMEORIGIN
x-amz-cf-id: JM8t7j2xfYg2bmZb_bxDv1_uQhPr8Zgu81uOuRd7Ew2jCYbdDDj7hg==

GET
H2 200 equallyai-widget.css
widget.equally.ai/ Frame 2FC4 32 KB
7 KB 63ms
63ms Stylesheet
text/css 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.equally.ai/equallyai-widget.css

Requested by

Host: widget.equally.ai
URL: https://widget.equally.ai/equally-widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

652efd827c7d4bdbc5062da31da261ea6aff861b1735ab640eb5aea11e52deda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 15:18:50 GMT
content-encoding: gzip
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 63228
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: W/"f36e46b286460d4bdf52555bcf3c77fc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-amz-cf-id: TNDYRbXy25SOx5rcIs4PAgUAGYwsZOccMeeH7XhRIxLB0W8MpGJNhg==

GET
H2 200 en.svg
widget.equally.ai/flags/ Frame 2FC4 1 KB
971 B 83ms
78ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/en.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a8f57ae36e7533f330d488d78955b84759053d8890dbc12a940f5f16c0169c47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:22:11 GMT
content-encoding: gzip
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 12950
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: W/"ebf36f856cee41bb0004b1be873bc62f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-amz-cf-id: Zl6jU42dhwmtKgnOykfzw-uoaAcAZIS3pRJotR87v7UQ-U-7QSrYqQ==

GET
H2 200 es.svg
widget.equally.ai/flags/ Frame 2FC4 148 KB
36 KB 84ms
79ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/es.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f8b2beb661f2060ad9acfc574d17fb9b51d984c3ec4559defc2360a1192ba667

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:22:11 GMT
content-encoding: gzip
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 12950
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: W/"ce15a45bbe7193fd267a2b79f695f851"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-amz-cf-id: 9sIXfqMspjSOXDHYyqRqhG5gjq9vGwCS3HyRye41GSczo_tm2sW12g==

GET
H2 200 de.svg
widget.equally.ai/flags/ Frame 2FC4 411 B
926 B 83ms
78ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/de.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

22c3fd46dc28317aef90042c0753148aa68707737146640e11165d6df6c02178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:22:11 GMT
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 12950
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 411
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: "53d375e4d05c0f07c61381c149666a95"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: _NoK8tPxfLniGMOEFjrhLry5NswjJ8G9pY_-TUj9zogN20pTaVApCg==

GET
H2 200 pt.svg
widget.equally.ai/flags/ Frame 2FC4 11 KB
6 KB 83ms
78ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/pt.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

42f2a22d45c6f2d8ba1ebc17ed8b417762baeed4f314c68deb39d8534b8f8ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:04:48 GMT
content-encoding: gzip
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 85670
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: W/"3db75d5500aac310ba9be72fe78c09a0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-amz-cf-id: N4Ufjje3Yb1aTJ-BFc3yZGmVawsRSeIOC63Y5NFpcFaeXu_c6yW70A==

GET
H2 200 fr.svg
widget.equally.ai/flags/ Frame 2FC4 468 B
983 B 109ms
104ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/fr.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e3d85ea6dbd284d131f55a919eccaf1eb6bc6b8b57804859ee984bc57bb931a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:04:33 GMT
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 12949
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 468
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: "aba229ec8b9399af14875fba8715b4e5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: O2vsjwhl3uTBnavyS-37xZx9HSwWM4A0SrQAsvgtTAsEjRwKf327nw==

GET
H2 200 it.svg
widget.equally.ai/flags/ Frame 2FC4 202 B
715 B 109ms
105ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/it.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

985a85728ad37064b2b77bf64f50abedc823aee1f9f85918aa1adbb54e6af176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:22:11 GMT
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 12950
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 202
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: "4f6374bbba141514028cfee25e6b8b50"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: 6oVY5YDMe13BUIY8L_nyPmbgQ1ods6jgncV8-fQqgQF8n41G8oi-vw==

GET
H2 200 ru.svg
widget.equally.ai/flags/ Frame 2FC4 232 B
747 B 109ms
105ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/ru.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a8b719965d947ab374c07d0da488c475e73334fc9ca9f2c970f0c176ea609f0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:04:48 GMT
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 85670
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 232
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: "8c35008bdd453eb7092e5589433ee345"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: GbXLB-T8urXb_NWzqCA-12ch9R00JYcLzo3NvKB5rJjyckDgs1CmCQ==

GET
H2 200 nl.svg
widget.equally.ai/flags/ Frame 2FC4 175 B
690 B 110ms
105ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/nl.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0d04d9eadc49c5514881c1c3f7c465a10a37ead378bc5e61cf96fdfcb3599e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:04:33 GMT
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 12949
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 175
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: "5f6ef944bbde5608a5cfd566abc3a61a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: rMhGd8X0EkbO09LkdXybZbgGnJ2yFMr9Z7aVGh0pEt12Mo9FEaNTlQ==

GET
H2 200 pl.svg
widget.equally.ai/flags/ Frame 2FC4 142 B
656 B 138ms
134ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/pl.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

608e5ed6a0820b02ac00e5ee7457a9822b5e5c1be9cba69d17c5a3e9ca4a4377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:04:48 GMT
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 85670
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 142
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: "e2afe0f6676f52f2142f71e9b3570e81"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: lpMUbrC9US2lwU9pfycsSwExAjcsr-3IFBIOdZFYrgWalQbFkPw9OA==

GET
H2 200 bg.svg
widget.equally.ai/flags/ Frame 2FC4 294 B
790 B 110ms
106ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/bg.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3beaf2aa05abc754a560f723315ba58156356abc654d952382c6e6bb60cfb7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:11:41 GMT
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 67257
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 294
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: "d35abad4c97cd9e2b3cc342cb745d11d"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: 3J7PKkByDLi56X1Jyutizb6-m66Pvsjr57WxihMjcpxUeWAw3qOXkw==

GET
H2 200 he.svg
widget.equally.ai/flags/ Frame 2FC4 856 B
1 KB 138ms
134ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/he.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0d86756671757b1622e49e7b1405334d749dc18b0377b422fa0b8a0c493d9dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 05:38:30 GMT
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 11648
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 856
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: "39aa6f7e5890377271d5434c4f76386b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: ksA1PjEncVGflkDaOkUQyzT27CUDw2K_4Gz-bEZ2pIgzUWcbMI6USA==

GET
H2 200 cz.svg
widget.equally.ai/flags/ Frame 2FC4 212 B
726 B 138ms
134ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/cz.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a71bcb7e97223bdca2ff6105c4e261e96eaed1009d6326c404abe20011ed7dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:04:48 GMT
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 85670
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 212
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: "047e732decd62b9d3ce350a2cd8f4de6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: tceAA3f0SPIP6Ll8WAXwqEKsxeME7Uiq46hZvGlK6h8ETgmq8e0TAg==

GET
H2 200 dk.svg
widget.equally.ai/flags/ Frame 2FC4 222 B
737 B 109ms
106ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/dk.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

dc4827058fb343b6fa6383fb5e3471f4ab744a82d0f6ec9d895e8ce5d2a969ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:04:33 GMT
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 12949
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 222
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: "c0cd63470ccdd66eb1b70437c4897d2e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: 6JLZiuZftaWX5G3zdmEQ77GKYfOPtAKLwWilHxdWQnEqYkg3BhTkuQ==

GET
H2 200 fi.svg
widget.equally.ai/flags/ Frame 2FC4 233 B
748 B 110ms
106ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/fi.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2f57f5b4ec3968d3127d25c1ba8973b593df0bfa8171a12d7c9f399a038ca071

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:04:33 GMT
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 12949
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 233
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: "079f4bcbd1f4a3a2ac55d1071961eaa4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: iQnGV_aWFDYy4mFfToHaMCh0jB4ZTIX4KCJ9SbYXAWu4YHpJ0aPgLQ==

GET
H2 200 se.svg
widget.equally.ai/flags/ Frame 2FC4 216 B
731 B 149ms
145ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/se.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1d7c3fc0594c8fb856d9fd0a13a752dfaf8643c8b073582909c88be24e7e416f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:37 GMT
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 12948
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 216
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: "1f642770ccba1a8f5948ac69923c15ba"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: qvdYMG32SYo5smR4588cQJ9sYPYHJVlU9FxENxRKPL6zG3cqq5FfNg==

GET
H2 200 lt.svg
widget.equally.ai/flags/ Frame 2FC4 178 B
692 B 110ms
107ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/lt.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

429d40e370103a47cb2fa03e143136308ce0ad387fc05acfff349d40406440a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 07:22:11 GMT
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 12948
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 178
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: "60ce52ef375f0a7bf84149719ad6a8e2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: QkFmdAEkMbKoVSx0A0C0dbD7jNIo_7w6IH82YQN35dsADXX2axG7gQ==

GET
H2 200 ro.svg
widget.equally.ai/flags/ Frame 2FC4 178 B
694 B 110ms
107ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/ro.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ea3e3c17cfd414a403313ddc73a62a264cbc205d962214e272321566e0d78ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 13:36:25 GMT
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 69373
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 178
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: "a9e8cdfefb0cb78dfe786276f500656a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: BMHE14pyHvf0GVdRxa7H4vNKSXxHjje1zFXpyHBttvZFodII2LQEcw==

GET
H2 200 gr.svg
widget.equally.ai/flags/ Frame 2FC4 206 B
722 B 111ms
108ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/gr.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

86cce2a11b19e83087b4ea15be2c293563f8dc90df958488174c2194e2adac07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:04:48 GMT
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 85670
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 206
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: "abd7d677957e863655f6bc059dbaebfb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: 24lbV8GHTW-zOYDW-2LsZbDzCyznScICchxhMyDe-SJkxoNF7h97nw==

GET
H2 200 hr.svg
widget.equally.ai/flags/ Frame 2FC4 66 KB
29 KB 128ms
125ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/hr.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ecd619e1013f1de98ab10d4693d8d17ff1924494c099aaef02b0700636b51339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:04:33 GMT
content-encoding: gzip
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 11415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: W/"f4e06f4da88eab5e630a6263b8f5ebdf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-amz-cf-id: WYbzsKTSc3AHOMFWZzG6XHRiZ-zeOjYKBDrmYOGkXfM9gY6SBqydRw==

GET
H2 200 lv.svg
widget.equally.ai/flags/ Frame 2FC4 138 B
634 B 130ms
127ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/lv.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

442240b6d0d4290a8a5bf289beae6d52665dc71f7cb529034682c8fdcf313bb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:11:41 GMT
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 67257
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 138
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: "12cebcfb5d166f7cd2b6a3fb48c0924d"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: W3pI5BuxWsOyaayPEmFBFe8eZahaCeDIDupbTJkcGzO1ayo2PGDKPg==

GET
H2 200 sl.svg
widget.equally.ai/flags/ Frame 2FC4 2 KB
1 KB 130ms
128ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/sl.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

aa4fda18694f1e60c937933eebd752cc3ed0701652f0dfca84677c3267b26db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:04:48 GMT
content-encoding: gzip
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 85670
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: W/"9b4bb3b189e8285e10fc2637df225958"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-amz-cf-id: D_GAN_zyVxaqf02Iw4obbdwZohPRaMFHbWZVBOyJh8iP5D2E-HTdXw==

GET
H2 200 mt.svg
widget.equally.ai/flags/ Frame 2FC4 15 KB
8 KB 131ms
128ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/mt.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a5c2eee915ed72695afcc7898018bf57c41e62c9b7b964e8de8bbbec9e895d2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:04:48 GMT
content-encoding: gzip
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 85670
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: W/"66e76e37d320e1ef728362a420f7eb3e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-amz-cf-id: NDR3iS6VCTxBsXQzF1uoZxdbCHVjQIrbLi5Db7hjASYBFp_gIYhizQ==

GET
H2 200 sk.svg
widget.equally.ai/flags/ Frame 2FC4 1 KB
1 KB 131ms
129ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/sk.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

645f75dbf15f9931d4c25509f2d3b55e8be7d97209957535382ecfd96658d7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:04:48 GMT
content-encoding: gzip
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 85670
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: W/"45bde9f51532f5f7cc44fa912e57fa26"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-amz-cf-id: Ea_GaFBKskROGLnARaK3zZg40RB7uHi2j2Zpct82-7yEaKI5SUsiBQ==

GET
H2 200 ar.svg
widget.equally.ai/flags/ Frame 2FC4 28 KB
11 KB 131ms
129ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/ar.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b0b36326e3e5b74624ee8b5de8273ea00f7bbe9b5ba0da6250cbe7b3c637505e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 05:42:23 GMT
content-encoding: gzip
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 11415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: W/"1b79db27bb882afead5050e6fa59818c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-amz-cf-id: CjNQMEIbdiaYjrDZhThQR2MnY1mOti9KkE3wcjtUcJ9_pL5M9S7d3A==

GET
H2 200 ja.svg
widget.equally.ai/flags/ Frame 2FC4 209 B
705 B 133ms
131ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/ja.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

35e785339e19d1ec1987cb9c3d8e66fc97f29a287db0b0b590b8dfdd96d4766b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:11:41 GMT
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 67257
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 209
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: "a1e1ea513a3fcd801e85db4373ce8cd6"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: uD4pnxEgGXnJMH2kCsjUMer10MaYGMnIUVLVApP_iKo0SMfINA7D2A==

GET
H2 200 zh.svg
widget.equally.ai/flags/ Frame 2FC4 589 B
1 KB 136ms
135ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/zh.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d2992931db929f1541337b2427833930743899025888d5df0cd8359179c3a6eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:04:33 GMT
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 11415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 589
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: "70f58c27d22d2fc42e3ae42109a6165b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: 8vAZ4TCur9OZAYVrCAKB03n7O47GDIzhneKJJo1GpKoBQDJBDZ2v7g==

GET
H2 200 ko.svg
widget.equally.ai/flags/ Frame 2FC4 628 B
1 KB 133ms
132ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/ko.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

557804ca07c2ab312bddc4c711c548563a1302a25eeebbff8dae19cbd4cc5e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:04:48 GMT
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 85670
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 628
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: "10679d585c351917622b94494b8a0329"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: _7d0Ja0e7oMD3pzW3ws6DXTDuf2W-u9goJ590ssD-nTLL3EF7Vhs5A==

GET
H2 200 sq.svg
widget.equally.ai/flags/ Frame 2FC4 8 KB
4 KB 134ms
133ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/sq.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e223abdb13c475b827e74fa29a44a98e26675402fb46513eadc875faca72305e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:04:48 GMT
content-encoding: gzip
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 85670
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: W/"9ca1e7c55a76c6f0c5b34c29ed911c8f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-amz-cf-id: 7t_NpVn4B1IW3-4F88SpSPSHjBkVNH2NkLUEgYooXkVTnlcYZFiltg==

GET
H2 200 mk.svg
widget.equally.ai/flags/ Frame 2FC4 416 B
931 B 134ms
133ms Image
image/svg+xml 13.224.115.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.equally.ai/flags/mk.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.115.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-115-61.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5a9c8a96b2d409c2295838d5e7c6182170f35aba3ec747dc2a818b96d8e8b23d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:04:48 GMT
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MAD50-C1
age: 85670
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 416
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 18:01:30 GMT
server: AmazonS3
etag: "93c15186533262b4a99e531c484d4459"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: xi5EghIs1i0WXrSUTTr_xH7Qn1x32gXFlb6Au8EkmxPRlmnbPhWvTQ==

GET
H2 200 6.c978c5584f881e790132.js Show response
load.sumome.com/ 95 KB
33 KB 32ms
31ms Script
application/javascript 169.150.247.38
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/6.c978c5584f881e790132.js
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 169-150-247-38.bunnyinfra.net
Software: BunnyCDN-DE1-1081 /
Resource Hash: 21b4b5ff7892c77646bc393bfc752994256c973b941efa1aec36293a69fd2f44

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:37 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-amz-request-id: 3Z6KC8VPH7Y049H2
cdn-cachedat: 03/19/2024 18:23:34
cdn-pullzone: 1686293
x-amz-id-2: Pvlby5gfuv8+58b7dMozbaPb1FmTA5d1MMfFDaRJgg3k5nJUwEeUd+FCWG3QNKHWhRMhDynK0RI=
last-modified: Tue, 19 Mar 2024 18:22:18 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6f4c087b28164d947a47fb62257f909e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=31536000
cdn-requestid: 815f595b828f9a6c930d3dec7be3a244
cdn-requestcountrycode: IT
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 7.c978c5584f881e790132.js Show response
load.sumome.com/ 5 KB
3 KB 90ms
89ms Script
application/javascript 169.150.247.38
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/7.c978c5584f881e790132.js
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 169-150-247-38.bunnyinfra.net
Software: BunnyCDN-DE1-1081 /
Resource Hash: b9e78be0f5224e190705834d95672a44d55bc8f81a20c4f1c5d00d0a5aacd4d4

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:37 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-amz-request-id: 3Z6R1QBRJ5F39EXJ
cdn-cachedat: 03/19/2024 18:23:34
cdn-pullzone: 1686293
x-amz-id-2: wU4KWroLq+WofMFVtAp06vFVGy00TIejL1XHXuojdmZukIfoO/zMKBkPaJF10z9sV5auP1GfZBk=
last-modified: Tue, 19 Mar 2024 18:22:18 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"a862561e5de97b31ada3930894ce0b62"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=31536000
cdn-requestid: 3a522bce9f4cc1aedbb271a3850593bb
cdn-requestcountrycode: IT
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 3.c978c5584f881e790132.js Show response
load.sumome.com/ 3 KB
2 KB 66ms
65ms Script
application/javascript 169.150.247.38
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/3.c978c5584f881e790132.js
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 169-150-247-38.bunnyinfra.net
Software: BunnyCDN-DE1-1081 /
Resource Hash: e833b1b7985a4d05ae0fc5e7a9414f3faf83686d39113ebcf7caf305e7950aaa

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:37 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-amz-request-id: 3Z6KBGDDW8BAFD5B
cdn-cachedat: 03/19/2024 18:23:34
cdn-pullzone: 1686293
x-amz-id-2: dymjPxrlxnViRJX00RJ/oMONbKVzwrzR9yOwTXWOdkUkkHw2qgkKHYcB04cX2buCVXwAm0B8mJM=
last-modified: Tue, 19 Mar 2024 18:22:17 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"9d03ccd6006f71971d8f911341c7a65a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=31536000
cdn-requestid: f35bfbaf0da1e58c8286471b292dd6f6
cdn-requestcountrycode: IT
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 9.c978c5584f881e790132.js Show response
load.sumome.com/ 11 KB
5 KB 59ms
59ms Script
application/javascript 169.150.247.38
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/9.c978c5584f881e790132.js
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 169-150-247-38.bunnyinfra.net
Software: BunnyCDN-DE1-1081 /
Resource Hash: 49effd3bbbb1dddb200fbd1272f0e7df5af38625de89f6c8c1f226013ec477e1

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:37 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-amz-request-id: 3Z6MA7YZ6JTA3VJ3
cdn-cachedat: 03/19/2024 18:23:34
cdn-pullzone: 1686293
x-amz-id-2: uY9tlq0dKihI9zmNKgjB+UJmVgL4SMiAkK7XAwJMFnEYyH0VzMfYgT3KzwJVZL3hwUWGm90dS+M=
last-modified: Tue, 19 Mar 2024 18:22:18 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"568694d3b0dc7e18e01f77ae4d9fac05"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=31536000
cdn-requestid: 0e64fa767437460cc714962241e6b265
cdn-requestcountrycode: IT
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 22.c978c5584f881e790132.js Show response
load.sumome.com/ 393 KB
112 KB 67ms
66ms Script
application/javascript 169.150.247.38
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/22.c978c5584f881e790132.js
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 169-150-247-38.bunnyinfra.net
Software: BunnyCDN-DE1-1081 /
Resource Hash: 7647014de1c328cc183c3cec3d1f996673787d574c4ded0030600ab0d91bd390

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:37 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-amz-request-id: 3Z6VZYFHZZSR91XV
cdn-cachedat: 03/19/2024 18:23:34
cdn-pullzone: 1686293
x-amz-id-2: oD+Z7gHBIxYO2xD6tb7rIBr6+6rI++xscvQGSw1gF5TvxZqmkxwkNnRxZJADDrqKEMBmjC88OAo=
last-modified: Tue, 19 Mar 2024 18:22:17 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"676fac8dce27280140b870066174099f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=31536000
cdn-requestid: 997da68873dc4cc6a88f726c5eb848d2
cdn-requestcountrycode: IT
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 21.c978c5584f881e790132.js Show response
load.sumome.com/ 177 KB
51 KB 79ms
79ms Script
application/javascript 169.150.247.38
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/21.c978c5584f881e790132.js
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 169-150-247-38.bunnyinfra.net
Software: BunnyCDN-DE1-1081 /
Resource Hash: 9d8c14e18e56b348754805de8ad9cea81f0b3d93c99cff02e5af0e6638833583

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:37 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-amz-request-id: 3Z6Q3AC27KGDWZK1
cdn-cachedat: 03/19/2024 18:23:34
cdn-pullzone: 1686293
x-amz-id-2: 2VlxzoRljZm6UnBOIubZhkDoRTmKAtdg1Kt9b0figxOt8cENFMosYmLFvVVePzqY5qSANQPvNpQ=
last-modified: Tue, 19 Mar 2024 18:22:18 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"ae0b1a2625573bd203a9ee1035782f3b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=31536000
cdn-requestid: 8b2a46e842c763ceed0cdc96e95f273e
cdn-requestcountrycode: IT
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 615ms
614ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=e55146e6-5efb-4461-8606-c47f548269b3&session=b8bd12ac-1a4c-4f03-8876-b53874b7a2f2&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2021%20Mar%202024%2008%3A52%3A37%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2021%20Mar%202024%2008%3A52%3A36%20GMT%22%2C%22timeSpent%22%3A%221039%22%2C%22totalTimeSpent%22%3A%223042%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-27198%20and%20CVE-2024-27199%20are%20vulnerabilities%20within%20the%20TeamCity%20On-Premises%20platform%20that%20can%20allow%20attackers%20to%20gain%20administrative%20control%20over%20affected%20systems.%22%2C%22keywords%22%3A%22malware%2Cexploits%20%26%20vulnerabilities%2Cresearch%2Ccyber%20threats%2Cendpoints%2Cransomware%2Carticles%2C%20news%2C%20reports%22%2C%22title%22%3A%22TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&pageViewId=a317d4ed-cc88-4bba-8cb4-fbeff807c230&an_uid=0&v=1.1.15

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:37 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 0.c978c5584f881e790132.js Show response
load.sumome.com/ 5 KB
3 KB 34ms
33ms Script
application/javascript 169.150.247.38
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/0.c978c5584f881e790132.js
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 169-150-247-38.bunnyinfra.net
Software: BunnyCDN-DE1-1081 /
Resource Hash: aa306e3f9d8088342bd9b2782ae2d5aec86d705fbe6582d7f162f7258672fbef

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:37 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-amz-request-id: KX3Z7VPVEK8PT034
cdn-cachedat: 03/19/2024 18:23:36
cdn-pullzone: 1686293
x-amz-id-2: dAIEjVBipbeEYpI1dV4dQVkLNvbcblenJWSp1mCsUD5NlaGSye2Do+mPCjm9wJaMTd9U4wQeQXw=
last-modified: Tue, 19 Mar 2024 18:22:17 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"83819fa0ff76bb1a8c38339998b60f70"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=31536000
cdn-requestid: 50d0721d1bee7dfeed178d6c983c2c31
cdn-requestcountrycode: IT
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 94.c978c5584f881e790132.js Show response
load.sumome.com/ 1 MB
79 KB 34ms
34ms Script
application/javascript 169.150.247.38
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/94.c978c5584f881e790132.js
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 169-150-247-38.bunnyinfra.net
Software: BunnyCDN-DE1-1081 /
Resource Hash: ea05ad76e8d224961ca5fd4a3b7d0d00eb2c2322346ce81bc0c0112beb001594

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:37 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-amz-request-id: KX3S3SFSVW7RY33D
cdn-cachedat: 03/19/2024 18:23:35
cdn-pullzone: 1686293
x-amz-id-2: LnK6LCY+OvOFTsypwtVYGXUtBOPQTjmUxRr4ooRv0VM7OJS3ZMDUaGXNWDcK9QTvz4oijXYjp5c=
last-modified: Tue, 19 Mar 2024 18:22:18 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"2c1c97212628e38c04a9bdc6a6d98c26"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=31536000
cdn-requestid: e8e16c860e16728d8ebd57f89beb521f
cdn-requestcountrycode: IT
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 96.c978c5584f881e790132.js Show response
load.sumome.com/ 221 B
757 B 44ms
44ms Script
application/javascript 169.150.247.38
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/96.c978c5584f881e790132.js
Requested by: Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS: 169-150-247-38.bunnyinfra.net
Software: BunnyCDN-DE1-1081 /
Resource Hash: 3cfb3d15a79010b9427845e8f3f1ac5b740ff60f7c0f28d241420fad9275d51a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:37 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-amz-request-id: KX3N8ZA3825K4NJ2
cdn-cachedat: 03/19/2024 18:23:36
cdn-pullzone: 1686293
x-amz-id-2: Hhv9tWcRoVMXP43AqR1evxcPLEnxbkLLb0CdmEfQfBivyeihlyI2KGkj3m2EkcTlIuZ9D16IB6c=
last-modified: Tue, 19 Mar 2024 18:22:18 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"3a6030bbbfe46a13e32a2bd0a3c25620"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cache-control: max-age=31536000
cdn-requestid: 6a6a59a63730464e140c5762103d5116
cdn-requestcountrycode: IT
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 v3 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 5648 25 B
465 B 897ms
153ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v3

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 21 Mar 2024 08:52:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: ef1bff08be4b37c
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 15
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

POST
H2 200 widget_bootstrap Show response
bootstrap.driftapi.com/ Frame 5648 49 KB
16 KB 656ms
656ms XHR
application/json 54.192.95.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.driftapi.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.95.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-95-63.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6b5a887764fa7bc3e9cea74cf4694e7920555bac72c82cfc310c2356cff1f60e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 21 Mar 2024 08:52:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 9d749cb7a21113d40b8187b4b33cf322.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C3
requestid: 1a67892935a1bf8f
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 508
server: istio-envoy
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
x-amz-cf-id: tcukkLSxLh5gykgyi7pqSM6ATjYpsh1ddUNhxmDmaNUvH3NM6hA12w==

GET
H2 200 css
fonts.googleapis.com/ 66 KB
2 KB 441ms
440ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

13b36e3ed76d8e00bbb541da922af895344bb8921edb34fac45ab5afe4186f71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 08:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 08:42:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 08:52:37 GMT

OPTIONS
H2 204 features
sumome.com/api/site/bcb4650331e445fc191ac9b7b41e418e46fc2a34a4d8417ac1cb72c278c31c3a/ Frame 0
0 570ms
569ms Preflight 54.244.4.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumome.com/api/site/bcb4650331e445fc191ac9b7b41e418e46fc2a34a4d8417ac1cb72c278c31c3a/features?site_id=bcb4650331e445fc191ac9b7b41e418e46fc2a34a4d8417ac1cb72c278c31c3a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.244.4.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-244-4-179.us-west-2.compute.amazonaws.com
Software: nginx/1.21.5 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sumo-auth
Access-Control-Request-Method: GET
Origin: https://www.trendmicro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: https://www.trendmicro.com
access-control-max-age: 2592000
date: Thu, 21 Mar 2024 08:52:38 GMT
server: nginx/1.21.5

GET
H2 200 features Show response
sumome.com/api/site/bcb4650331e445fc191ac9b7b41e418e46fc2a34a4d8417ac1cb72c278c31c3a/ 3 KB
1 KB 205ms
205ms XHR
application/json 54.244.4.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumome.com/api/site/bcb4650331e445fc191ac9b7b41e418e46fc2a34a4d8417ac1cb72c278c31c3a/features?site_id=bcb4650331e445fc191ac9b7b41e418e46fc2a34a4d8417ac1cb72c278c31c3a

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.244.4.179 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-4-179.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

fa4cf15573934177ab93dc306116372c05316ec80a6fd1e43fb73ce7b578cfe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.trendmicro.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
X-Sumo-Auth: XC7TmjujYK1ctAUbjw5htEUw

Response headers

date: Thu, 21 Mar 2024 08:52:38 GMT
content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
content-encoding: gzip
server: nginx/1.21.5
etag: "1141492075"
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.trendmicro.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 42ms
41ms Font
font/woff2 216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.trendmicro.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 00:50:53 GMT
x-content-type-options: nosniff
age: 201704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 00:50:53 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 49ms
49ms Font
font/woff2 216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.trendmicro.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 00:50:53 GMT
x-content-type-options: nosniff
age: 201704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 00:50:53 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 68ms
68ms Font
font/woff2 216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.trendmicro.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 00:50:53 GMT
x-content-type-options: nosniff
age: 201704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 00:50:53 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 78ms
77ms Font
font/woff2 216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.trendmicro.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 00:50:53 GMT
x-content-type-options: nosniff
age: 201704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 00:50:53 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 49 KB
49 KB 76ms
76ms Font
font/woff2 216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f3.1e100.net

Software

sffe /

Resource Hash

0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.trendmicro.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 08:07:09 GMT
x-content-type-options: nosniff
age: 175528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50296
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:10:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 08:07:09 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 262ms
262ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=e55146e6-5efb-4461-8606-c47f548269b3&session=b8bd12ac-1a4c-4f03-8876-b53874b7a2f2&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2021%20Mar%202024%2008%3A52%3A38%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2021%20Mar%202024%2008%3A52%3A37%20GMT%22%2C%22timeSpent%22%3A%221010%22%2C%22totalTimeSpent%22%3A%224052%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-27198%20and%20CVE-2024-27199%20are%20vulnerabilities%20within%20the%20TeamCity%20On-Premises%20platform%20that%20can%20allow%20attackers%20to%20gain%20administrative%20control%20over%20affected%20systems.%22%2C%22keywords%22%3A%22malware%2Cexploits%20%26%20vulnerabilities%2Cresearch%2Ccyber%20threats%2Cendpoints%2Cransomware%2Carticles%2C%20news%2C%20reports%22%2C%22title%22%3A%22TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&pageViewId=a317d4ed-cc88-4bba-8cb4-fbeff807c230&an_uid=0&v=1.1.15

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:38 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 track Show response
event.api.drift.com/ Frame 5648 710 B
792 B 140ms
140ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

6787627c7d9403ba2a6293cfaa5e2df91ccd7e95934b5cdea9856fdcaffe08ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: it-IT,it;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIyMTM3MzI4MDE4OCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE1MjY2MzIiLCJleHAiOjE3NDI1NDcxNTcsImlhdCI6MTcxMTAxMTE1N30.o5wA0aiLIL9XIyiyiiH7Gr-hKxagzwgEYv9CrlCq0vnArIWQkORxUjk1_ZAWF-qJal3TIK4HfrQ2a3LvkjMGGQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Mar 2024 08:52:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 32be9863af2e46b3
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 710

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 146ms
139ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 21 Mar 2024 08:52:38 GMT
requestid: drift5660de84c9f9e32d12efc2e5b5b
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H2 200 evaluate_with_log Show response
targeting.api.drift.com/targeting/ Frame 5648 1 KB
488 B 141ms
140ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

24d596c782e011293b276ab997281a729085cc5cb72aae7686c4a179f7e9a12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: it-IT,it;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIyMTM3MzI4MDE4OCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE1MjY2MzIiLCJleHAiOjE3NDI1NDcxNTcsImlhdCI6MTcxMTAxMTE1N30.o5wA0aiLIL9XIyiyiiH7Gr-hKxagzwgEYv9CrlCq0vnArIWQkORxUjk1_ZAWF-qJal3TIK4HfrQ2a3LvkjMGGQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Mar 2024 08:52:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: f02fa4a38cedbce9
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 424

OPTIONS
H2 200 evaluate_with_log
targeting.api.drift.com/targeting/ Frame 0
0 148ms
139ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 21 Mar 2024 08:52:38 GMT
requestid: drift2ba35c24d158229a4aa8b703072
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

OPTIONS
H2 200 widget
targeting.api.drift.com/impressions/ Frame 0
0 138ms
137ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 21 Mar 2024 08:52:39 GMT
requestid: drift6d98bc84e3ca84c8a4cecb01bfb
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H2 204 widget Show response
targeting.api.drift.com/impressions/ Frame 5648 0
37 B 148ms
147ms XHR
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: it-IT,it;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIyMTM3MzI4MDE4OCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE1MjY2MzIiLCJleHAiOjE3NDI1NDcxNTcsImlhdCI6MTcxMTAxMTE1N30.o5wA0aiLIL9XIyiyiiH7Gr-hKxagzwgEYv9CrlCq0vnArIWQkORxUjk1_ZAWF-qJal3TIK4HfrQ2a3LvkjMGGQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Mar 2024 08:52:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 4bdf8ffc2532c6cf
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 9
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 312 KB
98 KB 56ms
55ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-4502MK3B94&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e1faacf7c2ec09c34520a4d332a407f5604effd3ce60705f334dbf747bb44753

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100094
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 08:52:39 GMT

GET
H2 200 58.df4c0996.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5648 19 KB
7 KB 53ms
52ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/58.df4c0996.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

26326196e5083389665b95a2a6c859464aa25e3601dc062b01d6279095f2f25d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=8b029293-7c5c-4314-8769-864f446a76d5&sessionStarted=1711011156.124&campaignRefreshToken=1fc4b499-1040-4a97-8f47-d7153e674bf4&hideController=false&pageLoadStartTime=1711011152304&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:12 GMT
x-amz-version-id: MfNPO0hWIgB0HhAvUydp2VqfnGbeyUyv
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074567
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Fri, 08 Mar 2024 21:52:27 GMT
server: istio-envoy
etag: W/"accef82c4f6636ec26f17bd7b8068438"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: U_PYZldeu3deVhEgg1k_OjHTOr0z5ATkkZQqbF2-TLDw27zU9pr07A==

GET
H2 200 58.df4c0996.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 19 KB
7 KB 67ms
66ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/58.df4c0996.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

26326196e5083389665b95a2a6c859464aa25e3601dc062b01d6279095f2f25d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:12 GMT
x-amz-version-id: MfNPO0hWIgB0HhAvUydp2VqfnGbeyUyv
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074567
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Fri, 08 Mar 2024 21:52:27 GMT
server: istio-envoy
etag: W/"accef82c4f6636ec26f17bd7b8068438"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YSuibOjOSkcVLzZIGF6IUmtMAiyO1FHFlWkjnmBgG5Q9jHHLze2GTQ==

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fcustomer-api-avatars-prod%2F2284428%2Ff331705e2d525cf05f9525c63e68a52b8gxkvpdikcb4
driftt.imgix.net/ Frame 5648 11 KB
11 KB 465ms
57ms Image
image/png 151.101.66.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://driftt.imgix.net/https%3A%2F%2Fs3.amazonaws.com%2Fcustomer-api-avatars-prod%2F2284428%2Ff331705e2d525cf05f9525c63e68a52b8gxkvpdikcb4?fit=max&fm=png&h=200&w=200&s=a843b9e42f9ffd3393a7d819197454bb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

028722cf7a6b732c492d0810e85286172433a8487c5fc2361af0b13f4f78580d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:39 GMT
x-content-type-options: nosniff
age: 1384661
x-cache: HIT, HIT
x-imgix-id: b7b146d2ca1566ad67c06b71a0a0b1ddb436705b
cross-origin-resource-policy: cross-origin
content-length: 10934
x-served-by: cache-sjc10057-SJC, cache-mxp6930-MXP
x-imgix-render-farm: 02.131592
last-modified: Tue, 05 Mar 2024 08:14:58 GMT
server: Google Frontend
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 38.e483d03f.chunk.css
js.driftt.com/core/assets/css/ Frame B4AB 900 B
2 KB 54ms
53ms Stylesheet
text/css 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/38.e483d03f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

12ffe3ad71f763d9057baf43e0f1c1482bb9a0372602020554c4d52f52b37981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:16 GMT
x-amz-version-id: iRajPbGKMxoA6aLl7rDRPjOXwRus.UEc
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MAD51-C2
age: 1074563
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
content-length: 900
last-modified: Fri, 08 Mar 2024 21:52:24 GMT
server: istio-envoy
etag: "0bd11a8facc0a9d41713c64ed1ba1289"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3UmgWIrJ-LTOiwpGcquxsPIEdyvK_yL1QfcNyXpCOM4lb2qhASRsbw==

GET
H2 200 38.74e727ec.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B4AB 10 KB
4 KB 54ms
54ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.74e727ec.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

1563e2beb0447a3ee8637fc14ac597cfadd130094320deb3655adf5ffdf90543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711011152304
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:23:16 GMT
x-amz-version-id: iJaaL01n7JXrFYFqzXioqR1xK1DXxbKz
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
age: 1074563
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 08 Mar 2024 21:52:27 GMT
server: istio-envoy
etag: W/"cfd16fa4d1e6ecb26660a58c35707d0b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UW-v9N_riPQE5KsrNMlUOmYIwsgIURUnQbR9Ket9Eod2Oum4wL2BsA==

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 47ms
47ms Ping
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-4502MK3B94&gtm=45je43k0v884954515za200&_p=1711011153369&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&gdid=dYmQxMT&cid=327041742.1711011154&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711011159&sct=1&seg=0&dl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&dt=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&en=Playbook%20Fired&_fv=1&_ss=1&_ee=1&ep.event_category=Drift%20Widget&ep.event_label=Playbook%20ID%3A%202688866&ep.non_interaction=true&tfd=8032
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4502MK3B94&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 268ms
268ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=e55146e6-5efb-4461-8606-c47f548269b3&session=b8bd12ac-1a4c-4f03-8876-b53874b7a2f2&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2021%20Mar%202024%2008%3A52%3A39%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2021%20Mar%202024%2008%3A52%3A38%20GMT%22%2C%22timeSpent%22%3A%221074%22%2C%22totalTimeSpent%22%3A%225126%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-27198%20and%20CVE-2024-27199%20are%20vulnerabilities%20within%20the%20TeamCity%20On-Premises%20platform%20that%20can%20allow%20attackers%20to%20gain%20administrative%20control%20over%20affected%20systems.%22%2C%22keywords%22%3A%22malware%2Cexploits%20%26%20vulnerabilities%2Cresearch%2Ccyber%20threats%2Cendpoints%2Cransomware%2Carticles%2C%20news%2C%20reports%22%2C%22title%22%3A%22TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&pageViewId=a317d4ed-cc88-4bba-8cb4-fbeff807c230&an_uid=0&v=1.1.15

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:39 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3.ee35dea2.chunk.js Show response
js.driftt.com/conductor/assets/ 158 B
855 B 52ms
52ms Script
application/javascript 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/conductor/assets/3.ee35dea2.chunk.js

Requested by

Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3005a54fc57fc2d8c70cc41e4ca7fcaaed7514b03f28581082c454e6a2d11f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 04:37:25 GMT
x-amz-version-id: S7g.J4YfGb4VEAbCSJSXUSwHGt7NJwZ4
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MAD51-C2
age: 5544914
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
content-length: 158
last-modified: Thu, 11 Jan 2024 17:27:52 GMT
server: istio-envoy
etag: "e6714addd36102488fb27a980401fd36"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Tud0kY4gJ47MlDTdGXTgPSuZjSvlv5cllB2DPHkwpBCQXyMliN5KBA==

GET
H2 206 notification.5f7c6014.mp3
js.driftt.com/conductor/assets/media/ 8 KB
8 KB 55ms
55ms Media
audio/mpeg 52.84.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/conductor/assets/media/notification.5f7c6014.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.66.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-66-103.mad51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bf06f41bb3a1429115fa2dcfbee9986234d6d319da3597648e4e980340d52027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.trendmicro.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 13 Feb 2024 22:55:19 GMT
x-amz-version-id: KgJ7G_ARc9nvQxQ4ppnspVRamEMToBMa
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MAD51-C2
age: 3146240
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-7754/7755
x-envoy-upstream-service-time: 20
Content-Length: 7755
last-modified: Fri, 09 Feb 2024 17:52:50 GMT
server: istio-envoy
etag: "5f7c6014cf73831f91963a668b71fbb9"
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HiEPe7krAnYSWe5J_V-QTVswUAu58mw0A6OfYGwxb68wgYHPimHtCw==

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 42ms
42ms Ping
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-PCCSVH5M9H&gtm=45je43k0v888878635za200&_p=1711011153369&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&gdid=dYmQxMT&cid=327041742.1711011154&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=2&sid=1711011154&sct=1&seg=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&dt=TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)&en=page_view&_ee=1&_et=684&tfd=8481
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PCCSVH5M9H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 08:52:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trendmicro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event3/ Frame 5648 25 B
107 B 283ms
282ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event3/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 21 Mar 2024 08:52:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: fe0e4ee71797d620
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 15
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 278ms
278ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=e55146e6-5efb-4461-8606-c47f548269b3&session=b8bd12ac-1a4c-4f03-8876-b53874b7a2f2&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2021%20Mar%202024%2008%3A52%3A40%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2021%20Mar%202024%2008%3A52%3A39%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226127%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-27198%20and%20CVE-2024-27199%20are%20vulnerabilities%20within%20the%20TeamCity%20On-Premises%20platform%20that%20can%20allow%20attackers%20to%20gain%20administrative%20control%20over%20affected%20systems.%22%2C%22keywords%22%3A%22malware%2Cexploits%20%26%20vulnerabilities%2Cresearch%2Ccyber%20threats%2Cendpoints%2Cransomware%2Carticles%2C%20news%2C%20reports%22%2C%22title%22%3A%22TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&pageViewId=a317d4ed-cc88-4bba-8cb4-fbeff807c230&an_uid=0&v=1.1.15

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:40 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 258ms
257ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=e55146e6-5efb-4461-8606-c47f548269b3&session=b8bd12ac-1a4c-4f03-8876-b53874b7a2f2&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2021%20Mar%202024%2008%3A52%3A41%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2021%20Mar%202024%2008%3A52%3A40%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%227129%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2024-27198%20and%20CVE-2024-27199%20are%20vulnerabilities%20within%20the%20TeamCity%20On-Premises%20platform%20that%20can%20allow%20attackers%20to%20gain%20administrative%20control%20over%20affected%20systems.%22%2C%22keywords%22%3A%22malware%2Cexploits%20%26%20vulnerabilities%2Cresearch%2Ccyber%20threats%2Cendpoints%2Cransomware%2Carticles%2C%20news%2C%20reports%22%2C%22title%22%3A%22TeamCity%20Vulnerability%20Exploits%20Lead%20to%20Jasmin%20Ransomware%2C%20Other%20Malware%20Types%20%7C%20Trend%20Micro%20(FR)%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&pageViewId=a317d4ed-cc88-4bba-8cb4-fbeff807c230&an_uid=0&v=1.1.15

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.trendmicro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 08:52:41 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 6240125.fls.doubleclick.net
URL: https://6240125.fls.doubleclick.net/activityi;src=6240125;type=windo0;cat=trend003;ord=2032744542087.6833?

Domain: analytics.twitter.com
URL: https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6919f9fe-10af-4959-bac4-eb52081e7236&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cd767544-28ee-4ff6-9abc-cc133d448e09&tw_document_href=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvy74&type=javascript&version=2.3.29

Domain: analytics.twitter.com
URL: https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=ba9a2e36-e6b9-42df-b80a-125107e810d9&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cd767544-28ee-4ff6-9abc-cc133d448e09&tw_document_href=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nwah&type=javascript&version=2.3.29

Domain: 6240125.fls.doubleclick.net
URL: https://6240125.fls.doubleclick.net/activityi;src=6240125;type=windo0;cat=trend003;ord=6274135721982.741?

Domain: 6240125.fls.doubleclick.net
URL: https://6240125.fls.doubleclick.net/activityi;src=6240125;type=windo0;cat=trend003;ord=9610545078773.832?

Verdicts & Comments Add Verdict or Comment

233 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

57 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.trendmicro.com/fr_fr/research/24/c	1970-01-20 19:59:59	Name: __smVID Value: eee87b5c73a4a0fae58aacf1f6482ac0ffcc25d8ea73f1c72f05ce75bb010efc
.tealiumiq.com/trendmicro	1970-01-21 04:52:51	Name: TVT Value: Thu+Mar+21+08%3A52%3A34+2024~~~undefined~undefined~~~~~~\|Thu+Mar+21+08%3A52%3A34+2024~~~undefined~undefined~~~~~~
.trendmicro.com/	1969-12-31 23:59:59	Name: _c1Ref Value: /fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
.trendmicro.com/	1970-01-20 20:00:03	Name: channeloriginator Value: Direct
.trendmicro.com/	1970-01-20 20:00:03	Name: channelcloser Value: Direct
.trendmicro.com/	1969-12-31 23:59:59	Name: ga_utm_cookie Value: utm_campaign=undefined&utm_medium=undefined&utm_source=undefined&utm_content=undefined
.trendmicro.com/	1970-01-21 04:52:51	Name: initialTrafficSource Value: utmcsr=(direct)\|utmcmd=(none)\|utmccn=(not set)
.trendmicro.com/	1969-12-31 23:59:59	Name: __utmzzses Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: mK7eXSz5L-4
.youtube.com/	1970-01-20 23:36:03	Name: VISITOR_INFO1_LIVE Value: V-3GGKLiD8g
.youtube.com/	1970-01-20 23:36:03	Name: VISITOR_PRIVACY_METADATA Value: CgJVUxIEGgAgIg%3D%3D
.trendmicro.com/	1969-12-31 23:59:59	Name: google_id_captured Value: true
.trendmicro.com/	1970-01-20 19:18:17	Name: _gid Value: GA1.2.1602907143.1711011154
.trendmicro.com/	1970-01-20 19:16:51	Name: _gat_tealium Value: 1
.tealiumiq.com/	1970-01-21 04:02:27	Name: TAPID Value: trendmicro/main>aa295bdb92984eb78fbfdfbd8f09cff3\|
.trendmicro.com/	1970-01-20 21:26:27	Name: _gcl_au Value: 1.1.1426161336.1711011154
.doubleclick.net/	1970-01-21 04:52:51	Name: IDE Value: AHWqTUk-04DKWqmwoT9re2-QyV4XbkIDsSQzj2n6sGFJ-Wtm3rBPmJPfrUCxfR_7Los
.yahoo.com/	1970-01-21 04:02:48	Name: A3 Value: d=AQABBFL1-2UCEN2UgsGVTmp9pWWlVwelr1sFEgEBAQFG_WUFZue6Jm0A_eMAAA&S=AQAAAlNwKl0ReeuR1uQkJIr8hnA
.trendmicro.com/	1970-01-20 19:18:17	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Mar+21+2024+09%3A52%3A34+GMT%2B0100+(Central+European+Standard+Time)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=521754e8-cb1c-4fa4-a805-1e9ce24d8e7c&interactionCount=0&landingPath=https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A0%2CC0004%3A0
.resources.trendmicro.com/	1970-01-20 19:16:52	Name: __cf_bm Value: AzVzIx8YGMr4t6G8dKO6DdXe9W43RUxv2K1.yvpINQ4-1711011154-1.0.1.1-9RQmTOrOSjpFH83zx45kzkcCaINoDLrjqxtP0bITIMlJ3.SbxjQh2hpzFojddUhAIWsTdjGyBFPyhFjEUdS.BQ
.trendmicro.com/	1970-01-21 04:52:51	Name: _ga_93585RYGPB Value: GS1.2.1711011154.1.0.1711011154.0.0.0
.trendmicro.com/	1970-01-21 04:52:51	Name: _ga_9QHD3P38EF Value: GS1.2.1711011154.1.0.1711011154.0.0.0
.trendmicro.com/	1970-01-21 04:52:51	Name: _ga_HSS3WREM8Z Value: GS1.2.1711011154.1.0.1711011154.0.0.0
.trendmicro.com/	1970-01-21 04:52:51	Name: _ga_8NK5WKVH4J Value: GS1.2.1711011154.1.0.1711011154.0.0.0
.adnxs.com/	1970-01-21 04:52:51	Name: receive-cookie-deprecation Value: 1
.trendmicro.com/	1970-01-21 04:52:51	Name: _ga_Q8079E61JF Value: GS1.2.1711011154.1.0.1711011154.0.0.0
.trendmicro.com/	1970-01-21 04:52:51	Name: _ga_J3BCDGQ9EV Value: GS1.2.1711011154.1.0.1711011154.0.0.0
.trendmicro.com/	1970-01-21 04:52:51	Name: _ga_B6B5TMPL5M Value: GS1.2.1711011154.1.0.1711011154.0.0.0
.trendmicro.com/	1970-01-21 04:52:51	Name: _ga_GBTVB6FHY4 Value: GS1.2.1711011154.1.0.1711011154.60.0.0
www.trendmicro.com/	1970-01-20 19:26:55	Name: _an_uid Value: 0
www.trendmicro.com/	1970-01-21 04:52:51	Name: _gd_visitor Value: e55146e6-5efb-4461-8606-c47f548269b3
www.trendmicro.com/	1970-01-20 19:17:05	Name: _gd_session Value: b8bd12ac-1a4c-4f03-8876-b53874b7a2f2
.trendmicro.com/	1970-01-20 20:00:03	Name: channelflow Value: Direct\|other\|1713603154629
.t.co/	1970-01-21 04:52:51	Name: muc_ads Value: 71c2807a-1ccf-4f33-9872-71f151e994ac
.trendmicro.com/	1970-01-20 19:16:52	Name: _otpe Value: https%3A%2F%2Fwww.trendmicro.com%2Ffr_fr%2Fresearch%2F24%2Fc%2Fteamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html
.trendmicro.com/	1970-01-21 04:52:51	Name: _mkto_trk Value: id:945-CXD-062&token:_mch-trendmicro.com-1711011154696-25413
.trendmicro.com/	1970-01-21 04:52:51	Name: _ga_PCCSVH5M9H Value: GS1.1.1711011154.1.1.1711011154.0.0.0
.6sc.co/	1970-01-21 04:52:51	Name: 6suuid Value: b5931102b9a5030052f5fb655903000006750700
.trendmicro.com/	1970-01-20 21:26:27	Name: _fbp Value: fb.1.1711011154911.419446950
.trendmicro.com/	1970-01-20 19:16:52	Name: _ots Value: 4.1711011154445.1711011154860.1711011154859
.trendmicro.com/	1970-01-21 04:52:51	Name: _otui Value: 2040846486.1711011154445.1711011154445.1711011154445.1.4.414
.linkedin.com/	1970-01-20 21:26:27	Name: li_sugr Value: 44018b3c-b8dc-440e-9e2e-a758cd05558e
.linkedin.com/	1970-01-21 04:02:27	Name: bcookie Value: "v=2&0e0b66d6-f31d-4866-804f-347a6c3bb792"
.linkedin.com/	1970-01-20 19:18:17	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3192:u=1:x=1:i=1711011155:t=1711097555:v=2:sig=AQFU63S3NprZwSwS8GCiVhtBIfPNrV8S"
.linkedin.com/	1970-01-20 20:00:03	Name: UserMatchHistory Value: AQLv4CwtaKp0HAAAAY5gNk3CU1L3q82MeKNjEmspvTIFD2mCM7SsvHgqfbb1DXW2-fXyMNdV_FIwXA
.linkedin.com/	1970-01-20 20:00:03	Name: AnalyticsSyncHistory Value: AQJe-BfHyuMw5AAAAY5gNk3C80c0Ma8po9raEG17J_p1aaBJ_a1Xa7YPcyTvAS7py7wgbfFvocuiBMLTG-X-fA
.www.linkedin.com/	1970-01-21 04:02:27	Name: bscookie Value: "v=1&2024032108523527588c8e-aa5e-4d1a-879d-84bd9ff3f59bAQGTUdEYipS3lv_kpFTSPYJF274-CFp_"
.linkedin.com/	1970-01-20 23:36:03	Name: li_gc Value: MTswOzE3MTEwMTExNTU7MjswMjEoEGXDyyOvSJr4GV0N6AhIw4DPa+Yr1FUU6k+h3j2AeA==
www.trendmicro.com/	1970-01-20 19:16:52	Name: drift_campaign_refresh Value: 1fc4b499-1040-4a97-8f47-d7153e674bf4
www.trendmicro.com/	1970-01-20 19:16:52	Name: gtm_page_view Value: 1
.www.trendmicro.com/	1970-01-20 19:26:55	Name: RT Value: "z=1&dm=www.trendmicro.com&si=29b2d24f-d338-4a96-9e90-c2a8a1e69ca5&ss=lu0zv1u2&sl=1&tt=3ol&bcn=%2F%2F02179915.akstat.io%2F&ld=3oy"
.trendmicro.com/	1970-01-21 04:02:27	Name: utag_main Value: v_id:018e603645c10000fbc91523a40d03074006d06c00b08$_sn:1$_ss:undefined$_st:1711012956708$ses_id:1711011156708%3Bexp-session$_pn:undefined%3Bexp-session
www.trendmicro.com/	1970-01-21 04:02:27	Name: __smToken Value: XC7TmjujYK1ctAUbjw5htEUw
www.trendmicro.com/	1970-01-21 04:52:51	Name: drift_aid Value: 716f55bc-25b5-48af-90e6-23e8b9d8bd71
www.trendmicro.com/	1970-01-21 04:52:51	Name: driftt_aid Value: 716f55bc-25b5-48af-90e6-23e8b9d8bd71
.trendmicro.com/	1970-01-21 04:52:51	Name: _ga_4502MK3B94 Value: GS1.1.1711011159.1.0.1711011159.0.0.0
.trendmicro.com/	1970-01-21 04:52:51	Name: _ga Value: GA1.1.327041742.1711011154

74 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.sync.js(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.bc0a.com/autopilot/f00000000017219/autopilot_sdk.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tags.tiqcdn.com/utag/trendmicro/europe/prod/utag.sync.js(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.bc0a.com/autopilot/f00000000017219/autopilot_sdk.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.trendmicro.com/libs/granite/csrf/token.json Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html(Line 4689) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html(Line 4689) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html(Line 4689) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/3617363145015639?v=2.9.150&r=stable&domain=www.trendmicro.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101(Line 107) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://js.driftt.com/include/1711011300000/sv2uuh4gw3ms.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.trendmicro.com/fr_fr/research/24/c/teamcity-vulnerability-exploits-lead-to-jasmin-ransomware.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' http: https: data: blob: wss: mediastream: android-webview-video-poster: ms-appx-web: gsa: endlesspic: ms-browser-extension chrome-extension asset * ; frame-ancestors 'self' https://*.trendmicro.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02179915.akstat.io
6240125.fls.doubleclick.net
945-cxd-062.mktoresp.com
analytics.google.com
analytics.twitter.com
api.equally.ai
assets.adoberesources.net
b.6sc.co
bootstrap.driftapi.com
c.6sc.co
c.go-mpulse.net
cdn.bc0a.com
cdn.cookielaw.org
cm.g.doubleclick.net
connect.facebook.net
customer.cludo.com
datacloud.tealiumiq.com
driftt.imgix.net
epsilon.6sense.com
event.api.drift.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
hummingbirdwebsocket-va7.cloud.adobe.io
ipv6.6sc.co
ixfd2-api.bc0a.com
j.6sc.co
js.driftt.com
load.sumome.com
log.leadboxer.com
log.opentracker.net
metrics.api.drift.com
munchkin.marketo.net
px.ads.linkedin.com
resources.trendmicro.com
s.go-mpulse.net
script.opentracker.net
secure.adnxs.com
snap.licdn.com
sp.analytics.yahoo.com
static.addtoany.com
static.ads-twitter.com
stats.g.doubleclick.net
sumome.com
t.co
tags.tiqcdn.com
targeting.api.drift.com
trendmicro.scene7.com
widget.equally.ai
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.linkedin.com
www.trendmicro.com
www.youtube.com
6240125.fls.doubleclick.net
analytics.twitter.com
104.17.70.206
104.18.32.137
104.19.178.52
104.22.28.96
104.22.71.197
104.244.42.5
104.64.124.188
13.107.42.14
13.224.115.61
142.250.185.162
142.250.185.194
142.250.185.68
142.250.186.110
142.250.186.74
151.101.66.208
157.240.0.35
157.240.0.6
169.150.247.38
172.104.128.166
172.104.139.173
172.104.239.35
172.217.18.8
18.67.240.89
185.89.210.180
192.28.144.124
193.108.153.10
199.232.188.157
2.17.147.185
2.19.216.164
2.19.216.168
2.21.20.144
20.186.185.227
212.82.100.181
216.239.38.181
216.58.206.67
23.35.236.237
3.94.218.138
34.111.194.12
35.201.125.192
52.20.143.177
52.29.113.114
52.84.66.103
54.192.95.63
54.244.4.179
74.125.206.156
76.223.9.105
01f7a1c10421a3d2b9299e0cb674457eddfdfb976fdc326cd047c35386ac1efb
028722cf7a6b732c492d0810e85286172433a8487c5fc2361af0b13f4f78580d
0349f91a0cbc1774e8ca090e6102f9e041f6f5b29cd317a632c0b8a70f8eeeb0
0743ce78cab3838059e4e6e8fd56b26e126b47ad59a4e0beeefb935d751775b7
081e53bb08c0bf2511fb81eda72d5917a78316d54735b57de6976957419c160e
0a305f7a3044062f80e65bf0b312932776f71e4c603653fed82694a52d501f6b
0d04d9eadc49c5514881c1c3f7c465a10a37ead378bc5e61cf96fdfcb3599e54
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
0d86756671757b1622e49e7b1405334d749dc18b0377b422fa0b8a0c493d9dc6
0e468297705e8272bd97f922625167980fdedd95e6dfce99a1faa960c1be3c68
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10a3c276043d1d096cad8f445089b095712d22d0718d9e9e546e77ef8424d635
1203817a41844d7b3fb01f6ebdef78975b98e96e09719b60fecc368afde2fc6e
12ffe3ad71f763d9057baf43e0f1c1482bb9a0372602020554c4d52f52b37981
13b36e3ed76d8e00bbb541da922af895344bb8921edb34fac45ab5afe4186f71
14c7ed6b9b540b42d3ec969bbe0cb8d4ea30965c15f5669b4fffddd405c0b3c7
14e4c9011085a1a1aca567703fe6b22b4a506a6b9f0d4cbe6dc77bcdeb367ad3
1563e2beb0447a3ee8637fc14ac597cfadd130094320deb3655adf5ffdf90543
16270c15435abfbd1e22c9a06378d29d8823f68d61216d61422d1b0b0643e776
179eb991060face02477e0406b1a413ac50ec26fe9f397e07e4ee95f7e6a5298
17e70f90def9a1c940d3058eb5a92e799cce54b564b5c170eeb829810574fbb3
18f1cfebeef3939fa5e6ce5629c502a660f2338d4ad898e251c72bcb9412b85e
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
1b973667ceb759e49f2982721f36e4d20a2f8b5dce8c47ccf3039d6ab748143e
1bf3c2bc7a61528d088ad564a9ce1138491498bffc1988c38051be666b6e0c3c
1c580985c46f2d69e9d251c3275a031da27d8219e702677f7285ddad9134c562
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d7c3fc0594c8fb856d9fd0a13a752dfaf8643c8b073582909c88be24e7e416f
1ed544b374d4c02027cc0a0e43a8fee0e216939384efdc5f1e0b1ede30366f77
1ee59d4aeecaef2771f6bf21e5f1fa814171ec96615a372ef082167874e0871a
219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0
21b4b5ff7892c77646bc393bfc752994256c973b941efa1aec36293a69fd2f44
21e2885d41a3c2cebe9123cf9859052d95d35442fc49d9e602ebf401f2bfc3a5
2282dbd646a0e093b6315a3692cb2ab6c9bca68d46c01f7c6fba2f1ae924a953
22c3fd46dc28317aef90042c0753148aa68707737146640e11165d6df6c02178
24d596c782e011293b276ab997281a729085cc5cb72aae7686c4a179f7e9a12b
24e22507b02ff38435d5956214b14ded35c87d005d700975d099baa23cffe31d
257cbdcb36feb3ef9bc1c5bdb9c777af5ae08f0834ece8a4ce5d74fbfeb7ea0d
26326196e5083389665b95a2a6c859464aa25e3601dc062b01d6279095f2f25d
26ac6c3878c853adc0ab94127403b3b5b8fa18d1869ca285564338d92a75e020
27202323ae9cd982c9e1dc8fe8ff60b7d72d424c2bf475214644426e00253feb
274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad
290932922734f12d9845a1deb845664413c2ea63d5bb49447c94fe82533f2b2a
293ceaa480bda1594e9f61f6a52858999cd0aad1ef4f5d3eafe7cc559727e41d
2a6798144639128186f875d40209d2974025f20d7e11247a15ae93a943fbc5a3
2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428
2f1872ca675850da33a82c31c6f2c573bc2a8a7c4634c21ed0370638193975b0
2f57f5b4ec3968d3127d25c1ba8973b593df0bfa8171a12d7c9f399a038ca071
2f8847dddd520cab371dd2e596ea27f647fbf18dcda0dadc2e7a8ec6af7614ab
3005a54fc57fc2d8c70cc41e4ca7fcaaed7514b03f28581082c454e6a2d11f3b
305a8b631d2a635350a9821b47ef992134f3613115b2d207e8586ae547d38c18
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32ac58e9211746f23be43c1a08e9fd2ea1e70894c9b346ceb2ec5b6a4d2e855c
33bc1e4cb0149bcd78b51946dd003707ffa7ecfce57fc898f60a2ca39538cfbf
35e785339e19d1ec1987cb9c3d8e66fc97f29a287db0b0b590b8dfdd96d4766b
3a3abfe7b0630828bff7d1f3a6e29c316f1a432e1909877d8c713abf14e43c3e
3ad235cfa11b9acda282b80197f937f38319b70d8a822b93c9e711e54210ddb9
3beaf2aa05abc754a560f723315ba58156356abc654d952382c6e6bb60cfb7f2
3c455a838efdbb611b38e5727139ab7b298aa9e6d7b9229e70e0026182c59acb
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cfb3d15a79010b9427845e8f3f1ac5b740ff60f7c0f28d241420fad9275d51a
3d3f389ef362eb1f034dd5fecadf89e7d5ff85cae3c2c3fdf7ca1fc23f590e09
3d5cbfbc5846630e246bd68b2be476b29ec7e8412cc10eb2d21cce8f7d282495
3dc5d7f667c6a793c6a56b96afffa81664350fdb10c7544112ea9057e563dc6f
3edf1b20cd75d920dcaaa7e8e0afa8c202082439c4ae73c727520bf262226dfb
3f95c868390ea2426ee26d756867a51141df402ab30ccc73404c16450fc10f4b
41d196c42c4f9465f14f1b766f862d839badfb0098cb09d79ade62f0c1aca995
429d40e370103a47cb2fa03e143136308ce0ad387fc05acfff349d40406440a2
42f2a22d45c6f2d8ba1ebc17ed8b417762baeed4f314c68deb39d8534b8f8ab0
442240b6d0d4290a8a5bf289beae6d52665dc71f7cb529034682c8fdcf313bb1
443746c308fe991b78c8f840b5e110cc95bb7e0f4a3964cc9484496e413f3d59
4502d90d4891f41f40dd7cbeac4587e4f86fb594523a8955ad12ec24591ad768
46de57c6df31c44a1643554ab0f35c98726915610e15cfdc96e16f8b7bad1aef
48525ad3a15cfb854852bc4f8dfe22d07bbd11d3daf48faafa6a80f1f18810fa
49effd3bbbb1dddb200fbd1272f0e7df5af38625de89f6c8c1f226013ec477e1
4a7f7e246fb61ccc3f57cd38061bbbdd4ada9768649d9d3e3362ec46be278bf5
4c38452d4117e2bb77829601aca27ac6584ebdf4d42ce505c0f7b1ae0f933147
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
4e098a9d431d9fc4e4cb77057760ff506fd0cbbcfbfce59f1c30d88f8fa01be0
50c22b5e697df683124649676d06ae96bc0b2929b26ee990aa5ba12d55a2ce6a
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
522b0302b75093a1679534b376a50b1a7638c1bdbdc2555fab353596ac8b167f
523e8e412693994fe6b7c57035ee70d6d0981da58428747101852ac0710fbded
557804ca07c2ab312bddc4c711c548563a1302a25eeebbff8dae19cbd4cc5e3a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57293ad5df2d14ab26b26a0340de794783f3aab77314462d5267b7da9cc3a983
58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f
59ab9a69534e7f922327cac4bb2bf4dad6f9f54b1a1b25d507caf924d4875c4e
59ba65218d8060b232c4bd7b39cb47a009eb6ba014839e411742325b1f34251f
5a9c8a96b2d409c2295838d5e7c6182170f35aba3ec747dc2a818b96d8e8b23d
5b0f599f1ef2f78b1ed26ddb28471be656d48a48fbf4d13a47ff6109979201dc
5bb22e81453d6b69b10d640ba35b9a6ff3cc402d23e8b034bb3a1f1cee362084
5c30d00dbb97ec4c05d6b41e850ea8ffab1c1623692de4193bcb235639be1d8d
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5ff339328cb5e32fa877b8d5fd4b6d68a3fbd942472a11a1a02cff0d62cfab7e
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
608e5ed6a0820b02ac00e5ee7457a9822b5e5c1be9cba69d17c5a3e9ca4a4377
63c035e2f43180086b19ec08f35c8deee82b2b804ddfcf92f7f0e6d835957bfe
645f75dbf15f9931d4c25509f2d3b55e8be7d97209957535382ecfd96658d7b2
64aaaebe719f5b40769347c1614638fe3920e36b34cf72f7f014acb4f0ca4591
652efd827c7d4bdbc5062da31da261ea6aff861b1735ab640eb5aea11e52deda
659f693fbd2abaae1b91cef6d973fec486e1bee1f23aaf97a7d13f02667f0c34
676e66eeb5e721df2e68029d518067cece19d56d7e0b4a1c9a2e3c449a232bca
6787627c7d9403ba2a6293cfaa5e2df91ccd7e95934b5cdea9856fdcaffe08ae
68c21f3bfefc064bc07808b48bba6165dfc210d152ba4a6a35a567ed49151877
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
68f1240ba52184709373d35d3a259f9a4d3971e89b0c8f2e7c5e475d0abca472
6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679
69b3cd1e2bcd07c1b1c5dd565ea94af512e10601717a3515b89917ebcea8d582
6b5a887764fa7bc3e9cea74cf4694e7920555bac72c82cfc310c2356cff1f60e
6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca
6dba583880106c1d132324a73e774c64efc449671a5dbc701130713a31dca708
7236ba4d18121d1c1e55329fd2110eb585b49ded5d66b2fe461f15369c7d3dda
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
74f5da663574c88f8694494adf45161949674fcfff783f3306b0644dc2a84adb
75fdf57b7ecfa013bcc9a4cf30302323c42faee9913f99fadbf1807a31fb14d0
7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b
7647014de1c328cc183c3cec3d1f996673787d574c4ded0030600ab0d91bd390
765fe57b204048f057b2ec41b9ccd659a95cb6812069909809a200f0c324f3d6
7849ba1748f8188749df28e9d59ca4e570a8495684353d8df4715fa70a81e787
796519ebc8d7edbcb37a42b98be60ed304998eabdf8d26fa2f60b41331d0a627
799cb15a25ed2fa78bdba496d1afbc68f033a3a5dd9ead12f4eaac4e0a93236d
7c40f6479cd773da323b1a305a7428ddb729d6dd4be2f3cff692c9e0ab8a3696
7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b
7e6a1b9a1a05ec49ca33a212091a043809f8ff3b4538c7782a2275db878eefdc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838f4b697deefb701f31eb892e6dde74a92dd7c65d4d56f967bb79c17a66d79e
83a1088237eb2a988a69f8db6a56993c1d49b151f51b557f9e0474781e574382
841125fda41a157eed81cf8206376a6bb78d640ea02fa6856eb576e3799461d3
84f657435e631a1442815def2faa66eb24833b1047908ebd71275bfbef9690ed
85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
86cce2a11b19e83087b4ea15be2c293563f8dc90df958488174c2194e2adac07
88d1d0dd8730d866219619561304b3b5c22e3999a59dab5f70b88384312eff0f
8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df
8c1781ec4483c6fb3bd9ad005d312800eaf24e232c12976624bff84f8ab908b3
8c405da852de09620661dca52797287f678e666e4e1f5835b327285ee8621f31
8d65e7caa301734c3ce94cff66d9450615b86422c96b78314604483b01361bc1
8dc3ae7b3048c6650ce35b4258f8e6486d181292ce9a851ba91e9a8cedc8c992
8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae
8f165f985e320dc59f197fbbb490da7c547d89887457ad09dfe75599c950bc7f
8f9dbd5fe4abbb87986d718a3b84515680dde4a6ca64d98949443715a458d845
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
90b024f2bb6ac5bf0a8a77160406044bc6e6549fbf7717a88af8e82023d9fa62
9373a860524d692ce81c1f8f266b511cd597a7f1dbb9fb674c57a303101c21bb
957e9a4df26f0b04aefe60516d59611a52bee32540d8d822f49de466fd13cdcd
985a85728ad37064b2b77bf64f50abedc823aee1f9f85918aa1adbb54e6af176
98a2259789a3127ef95143618f275587a8402a19928447439794e05e675850bf
98fce16653a4c67641a5c23f23ec479cdd529512ded6082de51fccaa8a3a6151
9d8c14e18e56b348754805de8ad9cea81f0b3d93c99cff02e5af0e6638833583
9dcb7df984f468cee4f41f0e76ea672a02601350aefe9bccffa7bd0120782941
9e67f35914cc53cf840305d670c5690088c0da3154278cebc65f40bed4316ea8
9f0f8b97bbedd536c657c8509450f8dbcc3618032ee7b22577d6d6f00f6a0e47
a03b854d10519fd5be9cdcbc78fad3927c1a3de9e84fa74353c8a19cc20d0501
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a317d0c413b8d00f74e5778405d2d72eaae5a9dbc6cec47ec320e21759584d65
a3b11be6a6c186ced8dc022a1c23ddd094d95dcbcc39117be374523b22d6567f
a4328c78cf1b5cc23e5b78142d563d1f2a92eac3ca9d0e0d68c86c4a2084db10
a5c2eee915ed72695afcc7898018bf57c41e62c9b7b964e8de8bbbec9e895d2d
a71bcb7e97223bdca2ff6105c4e261e96eaed1009d6326c404abe20011ed7dad
a76488e4ba6a708ac7f62edd5e5cf8c88cc3d5658da0a779c57a3e0e19c854e4
a8b719965d947ab374c07d0da488c475e73334fc9ca9f2c970f0c176ea609f0c
a8f57ae36e7533f330d488d78955b84759053d8890dbc12a940f5f16c0169c47
a971914079ce7633667c84ad7c4a2ed0f5da99cb54689159b1113576f9038dbc
aa306e3f9d8088342bd9b2782ae2d5aec86d705fbe6582d7f162f7258672fbef
aa4fda18694f1e60c937933eebd752cc3ed0701652f0dfca84677c3267b26db9
ab916d8025c8264d98271dcbaa2ef31e46761358c01bf1b17eca6737a1caead0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad514bcb3f2e982a190a5e963a29655f37824683a85f6b9ebe942ebd735e18ae
afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1
b0320c6cf482b927eed1b60c209708227cefae4b49cb87518f87bba744f333ed
b096ead789f3f6692260d6ccabd7f7250ed9a2fa17c17ab64860b6f26576b04d
b0b36326e3e5b74624ee8b5de8273ea00f7bbe9b5ba0da6250cbe7b3c637505e
b1812ee96bab043e7581a6ace51e4451be5665542ee7d7b168a872d47fae58d2
b35729fbd7b15d7dc7ee79950ed13a0446ca2f0324d8b8f78dc22429e58de7e7
b7431a06942519f1e9aaac2822856ef1c372797c26c2e5d4aaf823623557201a
b781a271d23f8fcb33421408a4ab099770b32368548f88c651c0fd1c15cb2a0e
b7990c63262d3478523ce40c36629e6af6f33b4f96c942f7a38d995d90024a6f
b7bbdc3129ae37c086f065965812e8cdbf25a78eac9895319e6845e947f239b9
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
b9e78be0f5224e190705834d95672a44d55bc8f81a20c4f1c5d00d0a5aacd4d4
ba7a3f8927ab919125c2f79685818256635c2410240e66a04a5f2e588e5ab9bc
bc6e1ea2c2ddcb591413f7bd88178f4563bd3dbbb5726fa86ad11777f99d5bf4
be5961e267b1d1c503355c8e716be39139f9671ebc7d6a58719e1aaf9e82025f
be971140ab0a1717adb1a00cc77b30392799132f9493fa12e3ae6125c4474397
beb4690cf911f555766083248e81809736077be198a40edad9868c9e4469ca65
bf06f41bb3a1429115fa2dcfbee9986234d6d319da3597648e4e980340d52027
c0bb47b69b5ee22057a3c661e95661c72aff43895a545655c818884c341a989f
c1e3e039c51364c1f9c32ba63773a244a96fd289f08eb702411e1a6e9704084a
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
c74e34addf46cea3b85748da4b1043413882219c2b5cc2b31881c86b33d0b77f
c7aac34bc3071b83b84411c4601ec24f897843379955000ebb1a542279419f14
c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6
c986afd07a4082d65befeef18869a4cd5e00f3ac6e8228d49658802c7453a1b8
cd1eef6ba8780ec4e408014498fe98f8691792cc00168d4b115f1500d502a3fc
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d2992931db929f1541337b2427833930743899025888d5df0cd8359179c3a6eb
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d50a796a476b1fcf5c96954fd3576ff056c278490683dce6f1504a9ded73edc1
d51896f359c81dc33404803c3865908779ff90223b398beb21594a00ff739451
d51a4c1c5d8e010e04d9eb59e04242c20557bc928bc36e401c157a05c0171788
d5f14381258973e1a93167d8b3486ae1b2665ea072feb622e1ec0a446facc400
d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296
d791dcf4eb9ff2966314c72ecfb1aeb36a30185d494b700e7e837e589a431885
d8366292b6413e815888abbc34c7800df0b1d8101bff22e1f3ca1f34170a73b3
d85e4dcb52ce714c7136eb95a32765325205a4aabdb51932bd9024c400be665d
d8b02bb2295510fac147295e78168e3b7c08f499946ec7d5561bd38d5e5937df
da316d75d41c92dac17387c6c4e18d457cbbecb0587ed53081bb21afcb4e0e10
da8c4697d246d5dde073b87ff33798d3fc46c4a3c5ca37626292b8efc7c3de99
db05d4267dfa54efcffce5353b6b16959137d2387075f61974be55c6d3d6413c
dc4827058fb343b6fa6383fb5e3471f4ab744a82d0f6ec9d895e8ce5d2a969ff
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
ddb3a051562457ce3d69a677341ad2cccad3a6c7dc6ca563c3a0c7a69ea181e7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df3b4f7ee9b54dc67162d74792e3906d8888a0a83068b490fb6830cc6954d5c4
e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d
e12a301591d014a6efb09c31c2811b608370cabcc8260d1d3eee04ae71430d7b
e1faacf7c2ec09c34520a4d332a407f5604effd3ce60705f334dbf747bb44753
e223abdb13c475b827e74fa29a44a98e26675402fb46513eadc875faca72305e
e2b6b69e884b97b64d32ec79daaae0c8a743a198e1b972ef97e154f5d5f86f3a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d85ea6dbd284d131f55a919eccaf1eb6bc6b8b57804859ee984bc57bb931a1
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11
e833b1b7985a4d05ae0fc5e7a9414f3faf83686d39113ebcf7caf305e7950aaa
e8dc09e4ddc3c326ef6341498e7e8e70af3a848713429b909be53c947b43da10
e935a8d1a20e5b651a2bb6e6ea0542e85e25700fc38681f9868e07462cdc948b
e977378fc763940e16a1785f5a7270ad54cff08c6f929d88e3b050ec2a84a580
ea05ad76e8d224961ca5fd4a3b7d0d00eb2c2322346ce81bc0c0112beb001594
ea3e3c17cfd414a403313ddc73a62a264cbc205d962214e272321566e0d78ce8
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ec8fa72ac5292e4c3a7aed1cac6784de56eb8ef02bf843ad198276e6f950e87b
ec9132d0a36ed2d9037fcf30d99f00e8fd935484c60ce22f3df052c54564b06c
ecd619e1013f1de98ab10d4693d8d17ff1924494c099aaef02b0700636b51339
ecef26458daba9305e06e4fc90cfcbb3b584c99d76c050cdbc1159f91e32c5ec
ecf05e61b777f6259e5eee9a1f8e2e0b8c0ee517e5bc68397bc33b954a0f6984
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a27a760c37b6a154ebcffada85ee428f16ed95a9d505bb7be5a1f6ae453240
f374ef673fd02575d09d87b9788aab1b150e1d3817100bdb40970e07873a0d45
f3d804706c6ccb7955d146f5b9a86c200ee5788031e0c8601a0d758da2ce6e54
f64a06f7949a0dabe65e7683ade627d29301122d68a4bc3239b161ec00697e66
f8b2beb661f2060ad9acfc574d17fb9b51d984c3ec4559defc2360a1192ba667
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fa4cf15573934177ab93dc306116372c05316ec80a6fd1e43fb73ce7b578cfe4
fb6cb25374114366c08bdbb2ff0d5c2b4a2b7a56ea6422b06397e25d26879ad5
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fec6e7c36c69095d38ed7ec24d0e3c27e42a45e60470a977029dff2e18fab316
ff8f406b684c6674dbd3705d3f6d2cd10b5eedbc2c67a7773f235d69ef122d04

www.trendmicro.com Open in urlscan Pro 2.19.216.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

358 Requests

97 %HTTPS

0 %IPv6

41 Domains

57 Subdomains

46 IPs

5 Countries

6581 kBTransfer

17266 kBSize

57 Cookies

31 Outgoing links

Redirected requests

358 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.trendmicro.com Open in urlscan Pro
2.19.216.164 Public Scan

Screenshot
Live screenshot

Full Image

358
Requests

97 %
HTTPS

0 %
IPv6

41
Domains

57
Subdomains

46
IPs

5
Countries

6581 kB
Transfer

17266 kB
Size

57
Cookies

358 HTTP transactions
0 data transactions