www.truesec.com Open in urlscan Pro
76.76.21.61 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Effective URL:
https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Submission: On March 03 via api (March 3rd 2022, 2:01:52 pm UTC) from US — Scanned from DE

Summary HTTP 73 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 15 domains to perform 73 HTTP transactions. The main IP is 76.76.21.61, located in United States and belongs to AMAZON-02, US. The main domain is www.truesec.com.
TLS certificate: Issued by R3 on February 20th 2022. Valid for: 3 months.

This is the only time www.truesec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 31	76.76.21.61 76.76.21.61	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:b849	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2606:4700:20:... 2606:4700:20::681a:8b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5805	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2016	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:fb:... 2a02:26f0:fb:594::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
73	19

31 76.76.21.61 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

blog.truesec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.truesec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b849 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:20::681a:8b5 (United States)

ASN13335 (CLOUDFLARENET, US)

optimise2.assets-servd.host	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5805 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:fb:594::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	truesec.com 2 redirects blog.truesec.com www.truesec.com	490 KB
17	assets-servd.host optimise2.assets-servd.host — Cisco Umbrella Rank: 113208	872 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 88	747 KB
3	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4596 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5392	84 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 static.doubleclick.net — Cisco Umbrella Rank: 310	1 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	33 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90	548 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 101	15 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 107	77 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 214	1 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	14 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	69 KB
1	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4461	2 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6335	145 KB
73	15

	Domain	Requested by
29	www.truesec.com	www.truesec.com
17	optimise2.assets-servd.host	www.truesec.com
9	www.youtube.com	www.truesec.com www.youtube.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	www.google-analytics.com	www.googletagmanager.com
2	consent.cookiebot.com	www.googletagmanager.com consent.cookiebot.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	blog.truesec.com	2 redirects
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	www.googleadservices.com	www.googletagmanager.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.googletagmanager.com	www.truesec.com
1	forms.hsforms.com	js.hsforms.net
1	fonts.gstatic.com	www.youtube.com
1	js.hsforms.net	www.truesec.com
73	19

This site contains links to these domains. Also see Links.

Domain
www.cookiebot.com
policies.google.com
www.linkedin.com
stripe.com
www.hotjar.com
legal.hubspot.com
www.leadfeeder.com
twitter.com
www.facebook.com
www.redditinc.com
live.truesec.com
securitysummit.se
geekweek.truesec.com
checkout.truesec.com
campaign.truesec.com
truesec.com
career.truesec.com
www.huntress.com
doublepulsar.com
blog.truesec.com
github.com
newsroom.truesec.com
press.truesec.se

Subject Issuer	Validity	Valid
www.truesec.com R3	`2022-02-20` - `2022-05-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
consent.cookiebot.com DigiCert ECC Extended Validation Server CA	`2020-06-11` - `2022-06-11`	2 years	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.cookiebot.com DigiCert SHA2 Secure Server CA	`2021-07-05` - `2022-07-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Frame ID: A1771D1B19354A0180539035F6968EFC
Requests: 56 HTTP requests in this frame

Frame: https://www.youtube.com/embed/kKcko4LdeSM
Frame ID: 2DC5113D1F21CFF7CC60C1BB873014F7
Requests: 18 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Frame ID: 5D427114C114026B897545F92261A6A3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kaseya supply chain attack targeting MSPs to deliver REvil ransomware - TruesecPowered by Cookiebot

Page URL History Show full URLs

https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransom... HTTP 308
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransom... HTTP 308
https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware Page URL

Detected technologies

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

73
Requests

99 %
HTTPS

89 %
IPv6

15
Domains

19
Subdomains

19
IPs

2
Countries

2570 kB
Transfer

6293 kB
Size

2
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiebot.com/
Title: Powered by Cookiebot

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/legal/privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://stripe.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.hotjar.com/legal/policies/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://legal.hubspot.com/privacy-policy?_ga=2.196543727.236406244.1529405735-1869930087.1510729546
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.leadfeeder.com/privacy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://twitter.com/en/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policy.php/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://legal.hubspot.com/privacy-policy?_ga=2.250808134.1581177119.1522931914-1869930087.1510729546
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.redditinc.com/policies/privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://live.truesec.com/
Title: live.truesec.com

Search URL Search Domain Scan URL

URL: https://securitysummit.se/
Title: securitysummit.se

Search URL Search Domain Scan URL

URL: https://geekweek.truesec.com/
Title: geekweek.truesec.com

Search URL Search Domain Scan URL

URL: https://checkout.truesec.com/
Title: checkout.truesec.com

Search URL Search Domain Scan URL

URL: https://campaign.truesec.com/
Title: campaign.truesec.com

Search URL Search Domain Scan URL

URL: https://truesec.com/
Title: truesec.com

Search URL Search Domain Scan URL

URL: https://career.truesec.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Kaseya%20VSA,%20a%20product%20commonly%20used%20by%20MSPs%20to%20manage%20their%20clients%20IT%20environments,%20was%20used%20as%20part%20of%20a%20supply%20chain%20attack%20delivering%20REvil%20ransomware%20to%20thousands%20of%20organizations.&url=https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Search URL Search Domain Scan URL

URL: https://www.huntress.com/blog/rapid-response-kaseya-vsa-mass-msp-ransomware-incident
Title: Huntress

Search URL Search Domain Scan URL

URL: https://doublepulsar.com/kaseya-supply-chain-attack-delivers-mass-ransomware-event-to-us-companies-76e4ec6ec64b
Title: Kevin Beaumont

Search URL Search Domain Scan URL

URL: https://blog.truesec.com/2021/07/06/kaseya-vsa-zero-day-exploit/
Title: we published the details of the exploit in a follow-up technical post

Search URL Search Domain Scan URL

URL: https://github.com/Truesec/Kaseya-CheckandMitigate
Title: released a script

Search URL Search Domain Scan URL

URL: https://newsroom.truesec.com/
Title: English Newsroom

Search URL Search Domain Scan URL

URL: https://press.truesec.se/
Title: Swedish Newsroom

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Truesec/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/Truesec
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/truesec/
Title: LinkedIn

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/ HTTP 308
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware HTTP 308
https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

73 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware Show response
www.truesec.com/hub/blog/
Redirect Chain

https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

309 KB
53 KB

248ms
189ms

Document
text/html

76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8346b1f85c2f4558f08014642b4b96cb6455e95ba03b5f7124942a03b6043477

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
content-type: text/html; charset=utf-8
content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
x-matched-path: /hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
access-control-allow-credentials: true
x-content-type-options: nosniff
cache-control: public, max-age=0, must-revalidate
content-disposition: inline
etag: W/"8346b1f85c2f4558f08014642b4b96cb6455e95ba03b5f7124942a03b6043477"
x-vercel-cache: HIT
age: 2147
server: Vercel
x-vercel-id: fra1::vlvld-1646316106256-81d400b954ad
strict-transport-security: max-age=63072000
content-encoding: br

Redirect headers

date: Thu, 03 Mar 2022 14:01:46 GMT
content-type: text/html
location: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-content-type-options: nosniff
refresh: 0;url=https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
server: Vercel
x-vercel-id: fra1::9wsh7-1646316106183-64f5ec07ca8f
strict-transport-security: max-age=63072000
cache-control: public, max-age=0, must-revalidate
x-vercel-cache: MISS

GET
H2 200 8193e33b52acdf83.css
www.truesec.com/_next/static/css/ 95 KB
20 KB 212ms
212ms Stylesheet
text/css 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/css/8193e33b52acdf83.css

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e801be90a126cfe84ebfaf516b60e067e77b91b3d37a8d9f380a12c37b18c165

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 240041
content-disposition: inline; filename="8193e33b52acdf83.css"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/css/8193e33b52acdf83.css
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: text/css; charset=utf-8
x-vercel-id: fra1:fra1::vlvld-1646316106475-1097807d74b4
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"e801be90a126cfe84ebfaf516b60e067e77b91b3d37a8d9f380a12c37b18c165"
content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 567 KB
145 KB 70ms
37ms Script
application/javascript 2606:4700::6811:b849
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b849 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cac3869cf9d408f9057c6bf49be9b0aacef8bb2155ab5c6c870f0a0139476543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
via: 1.1 5e1f849553b1d58615d0d8f7c044078e.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 474
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Feb 2022 09:37:09 UTC
server: cloudflare
etag: W/"8b98ec146d0f34fbe1c1ac0f49357614"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDEbmCsMx7kUhH3Po75Ejtb6mreC2izbyqh4IYqH9xfbzHS7oCO7kTl0pFaXN9NqqO3xNaBXJX0OXt%2FYaBxOvsmIXX8LzqP9WRZxFzcI535%2FvRObPVA5ut%2BLTA1DS%2BH39evN4ekcX9jZGv%2Bn"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: fINz_fE3cgePKaGatg6MbjpzUfdAgLj1
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6e62e7f19e409b80-FRA
x-amz-cf-id: DXqBTp6YfOuZSZNANUvmlxx9qFOO-bDViEQ74uOPHqYuVbzugjF9Ww==
x-hs-target-asset: FormsNext/static-5.453/bundles/project_with_deps.js

GET
H2 200 webpack-cb7634a8b6194820.js Show response
www.truesec.com/_next/static/chunks/ 2 KB
1 KB 212ms
207ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/webpack-cb7634a8b6194820.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

3b54dffddaa2eac539bd5b13d6f80c38da6076ce740db0c587a68e7e4f25c5b6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 500431
content-disposition: inline; filename="webpack-cb7634a8b6194820.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/webpack-cb7634a8b6194820.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::vlvld-1646316106475-c54483e598f2
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"3b54dffddaa2eac539bd5b13d6f80c38da6076ce740db0c587a68e7e4f25c5b6"
content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 framework-91d7f78b5b4003c8.js Show response
www.truesec.com/_next/static/chunks/ 127 KB
43 KB 213ms
207ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/framework-91d7f78b5b4003c8.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ce3783d4091c989beac6560ce4ba0032d52339854010ac19358dfb702f226167

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6184578
content-disposition: inline; filename="framework-91d7f78b5b4003c8.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/framework-91d7f78b5b4003c8.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::vlvld-1646316106475-6cd2bbea8237
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"ce3783d4091c989beac6560ce4ba0032d52339854010ac19358dfb702f226167"
content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 main-ca3f7766e88ae832.js Show response
www.truesec.com/_next/static/chunks/ 97 KB
28 KB 217ms
211ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/main-ca3f7766e88ae832.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

c5acd47ab45498b271f7495c11716d8adba15ec4afb8649457c3aca1dbe6ef56

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 500431
content-disposition: inline; filename="main-ca3f7766e88ae832.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/main-ca3f7766e88ae832.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::vlvld-1646316106475-3825290f78ba
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"c5acd47ab45498b271f7495c11716d8adba15ec4afb8649457c3aca1dbe6ef56"
content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 _app-1e01b277239e9355.js Show response
www.truesec.com/_next/static/chunks/pages/ 201 KB
63 KB 218ms
212ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/pages/_app-1e01b277239e9355.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

62da807428bb62a0d557a312148fd11e40ebc513b50052deb1b94afa44640f84

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 500431
content-disposition: inline; filename="_app-1e01b277239e9355.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/pages/_app-1e01b277239e9355.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::vlvld-1646316106475-af8b82bbf25c
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"62da807428bb62a0d557a312148fd11e40ebc513b50052deb1b94afa44640f84"
content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 970-e23970f384c7e268.js Show response
www.truesec.com/_next/static/chunks/ 8 KB
3 KB 222ms
217ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/970-e23970f384c7e268.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

d47b9c5d7be62ddd3c18b7bda9ae7640bfbd39e0b78fd9c4dad34c25eafcabfb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6184579
content-disposition: inline; filename="970-e23970f384c7e268.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/970-e23970f384c7e268.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::vlvld-1646316106475-01e5d7361144
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"d47b9c5d7be62ddd3c18b7bda9ae7640bfbd39e0b78fd9c4dad34c25eafcabfb"
content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 691-c56c8bc5c3a58988.js Show response
www.truesec.com/_next/static/chunks/ 89 KB
27 KB 223ms
218ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/691-c56c8bc5c3a58988.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4095270bd9e0d892470abd5bf83c212222b8aa8d55734f307bb6b7382cd5af41

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6184578
content-disposition: inline; filename="691-c56c8bc5c3a58988.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/691-c56c8bc5c3a58988.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::vlvld-1646316106475-5992c5154a76
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"4095270bd9e0d892470abd5bf83c212222b8aa8d55734f307bb6b7382cd5af41"
content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 730-4aa6d1770d9f198c.js Show response
www.truesec.com/_next/static/chunks/ 12 KB
3 KB 224ms
219ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/730-4aa6d1770d9f198c.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2466940e9f2f793bef82078165a0b979c59ea7c89c7a5840e9571f4e7eb3f2a1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6184579
content-disposition: inline; filename="730-4aa6d1770d9f198c.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/730-4aa6d1770d9f198c.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::vlvld-1646316106475-6065b0670353
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"2466940e9f2f793bef82078165a0b979c59ea7c89c7a5840e9571f4e7eb3f2a1"
content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 495-e6420bfdde04cc86.js Show response
www.truesec.com/_next/static/chunks/ 20 KB
7 KB 225ms
220ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/495-e6420bfdde04cc86.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7818700448f47ae7a140d396ea7f5c403fc37f6004939ae215b2bf6681d0eb6a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 500431
content-disposition: inline; filename="495-e6420bfdde04cc86.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/495-e6420bfdde04cc86.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::vlvld-1646316106475-a84b4c3bbb4c
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"7818700448f47ae7a140d396ea7f5c403fc37f6004939ae215b2bf6681d0eb6a"
content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 390-a2625faa018a4b73.js Show response
www.truesec.com/_next/static/chunks/ 38 KB
12 KB 226ms
221ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/390-a2625faa018a4b73.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

d1848e6dfd39a9c847aaec616913136849ced423417fbea8c92bcc2d9b99d499

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 500431
content-disposition: inline; filename="390-a2625faa018a4b73.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/390-a2625faa018a4b73.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::vlvld-1646316106475-bf0083b44c76
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"d1848e6dfd39a9c847aaec616913136849ced423417fbea8c92bcc2d9b99d499"
content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 755-3171bcadf67f8a91.js Show response
www.truesec.com/_next/static/chunks/ 18 KB
5 KB 228ms
223ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/755-3171bcadf67f8a91.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5cef697a89f81b5efb5a01bfca698a95fb398e08fee1819105efae855713711b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 240040
content-disposition: inline; filename="755-3171bcadf67f8a91.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/755-3171bcadf67f8a91.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::vlvld-1646316106475-b18aaf6893b6
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"5cef697a89f81b5efb5a01bfca698a95fb398e08fee1819105efae855713711b"
content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 891-893aa8fd916a39c2.js Show response
www.truesec.com/_next/static/chunks/ 21 KB
6 KB 229ms
224ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/891-893aa8fd916a39c2.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a2d44a01a5d432a740a2ee4879cc1d6d7742b10c516a5b0a8b305aa3a8692b3b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 500431
content-disposition: inline; filename="891-893aa8fd916a39c2.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/891-893aa8fd916a39c2.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::vlvld-1646316106475-f8067af92ad7
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"a2d44a01a5d432a740a2ee4879cc1d6d7742b10c516a5b0a8b305aa3a8692b3b"
content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 255-0f3e12b6e58268bf.js Show response
www.truesec.com/_next/static/chunks/ 12 KB
4 KB 229ms
225ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/255-0f3e12b6e58268bf.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

cf445fadad125afbbaac35b45c82072357edd911499f58cd347693943eb2e546

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 500431
content-disposition: inline; filename="255-0f3e12b6e58268bf.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/255-0f3e12b6e58268bf.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::vlvld-1646316106475-b6570df1ab0d
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"cf445fadad125afbbaac35b45c82072357edd911499f58cd347693943eb2e546"
content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 291-7c09401e1bb0d760.js Show response
www.truesec.com/_next/static/chunks/ 42 KB
11 KB 231ms
227ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/291-7c09401e1bb0d760.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f79fb2cabb37fc603ef37cdeb3077cbacbf5b425426d743618497bd2a649e593

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 500431
content-disposition: inline; filename="291-7c09401e1bb0d760.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/291-7c09401e1bb0d760.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::vlvld-1646316106475-c39e4e3e2a41
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"f79fb2cabb37fc603ef37cdeb3077cbacbf5b425426d743618497bd2a649e593"
content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 317-c92f405bbfafc555.js Show response
www.truesec.com/_next/static/chunks/ 15 KB
5 KB 232ms
228ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/317-c92f405bbfafc555.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

c927a5f1acf42675a231d751252ff2d1fd8f8038e6c5b9653f8f2affcea034ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3019296
content-disposition: inline; filename="317-c92f405bbfafc555.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/317-c92f405bbfafc555.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::vlvld-1646316106475-966e99a8e6e9
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"c927a5f1acf42675a231d751252ff2d1fd8f8038e6c5b9653f8f2affcea034ab"
content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 695-560203d4a9c06282.js Show response
www.truesec.com/_next/static/chunks/ 10 KB
4 KB 233ms
229ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/695-560203d4a9c06282.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

27fd607656679f079002b860bcb945334cf2814e34368fc2f4dad33ba72c6903

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 514271
content-disposition: inline; filename="695-560203d4a9c06282.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/695-560203d4a9c06282.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::vlvld-1646316106475-a0ac4590c865
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"27fd607656679f079002b860bcb945334cf2814e34368fc2f4dad33ba72c6903"
content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 %5Bslug%5D-b77b65cd0700adc8.js Show response
www.truesec.com/_next/static/chunks/pages/hub/blog/ 4 KB
2 KB 233ms
229ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/chunks/pages/hub/blog/%5Bslug%5D-b77b65cd0700adc8.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

abf150754f17258ac8a25c581d8786a4189249a640722099f944052be10a1bb9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 514267
content-disposition: inline; filename="[slug]-b77b65cd0700adc8.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/chunks/pages/hub/blog/%5Bslug%5D-b77b65cd0700adc8.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::vlvld-1646316106475-774a3885f3df
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"abf150754f17258ac8a25c581d8786a4189249a640722099f944052be10a1bb9"
content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 _buildManifest.js Show response
www.truesec.com/_next/static/6SPiyzUKaN70aicu9Q80f/ 3 KB
1 KB 234ms
230ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/6SPiyzUKaN70aicu9Q80f/_buildManifest.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

47f1c8d47878f03a37c5d640f854ee0b55a7e35b6911f69da043f56108e5c085

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 890
content-disposition: inline; filename="_buildManifest.js"
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/6SPiyzUKaN70aicu9Q80f/_buildManifest.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::vlvld-1646316106475-7fefa67688ab
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"47f1c8d47878f03a37c5d640f854ee0b55a7e35b6911f69da043f56108e5c085"
content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev

GET
H2 200 _ssgManifest.js Show response
www.truesec.com/_next/static/6SPiyzUKaN70aicu9Q80f/ 614 B
1 KB 259ms
255ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/6SPiyzUKaN70aicu9Q80f/_ssgManifest.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

9ac644220acf19958ba7391edfff320ce14f01485659ad0249093eba472214cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
x-content-type-options: nosniff
age: 104557
content-disposition: inline; filename="_ssgManifest.js"
content-length: 614
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/6SPiyzUKaN70aicu9Q80f/_ssgManifest.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::vlvld-1646316106475-547a507127b1
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"9ac644220acf19958ba7391edfff320ce14f01485659ad0249093eba472214cf"
content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
accept-ranges: bytes

GET
H2 200 _middlewareManifest.js Show response
www.truesec.com/_next/static/6SPiyzUKaN70aicu9Q80f/ 92 B
471 B 234ms
231ms Script
application/javascript 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/_next/static/6SPiyzUKaN70aicu9Q80f/_middlewareManifest.js

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
x-content-type-options: nosniff
age: 6184578
content-disposition: inline; filename="_middlewareManifest.js"
content-length: 92
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /_next/static/6SPiyzUKaN70aicu9Q80f/_middlewareManifest.js
x-vercel-cache: HIT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
x-vercel-id: fra1:fra1::vlvld-1646316106475-cd5cfe7d8366
cache-control: public,max-age=31536000,immutable
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a"
content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
accept-ranges: bytes

GET
H2 200 iStock-1282287699.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 171 KB
171 KB 808ms
778ms Image
image/webp 2606:4700:20::681a:8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Blog/iStock-1282287699.jpg?w=1920&h=1080&auto=compress%2Cformat&fit=clip&dm=1639487607&s=446c3d9cf0a316baa4866b9e05be19b7
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59630935840a38c5b2a1c7191c2bea389e06888dbaf33946fd80c62474a5e8ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servd-from: Cache
date: Thu, 03 Mar 2022 14:01:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKIv%2BURNBfRqI1%2FiiH85i0nMJ3G135e8KkeP%2BRjwo%2F%2BywTImXWg6UDEmoSQTm7UAsAq0WlOHV8xo9NT5JL4KYGeOSsmUYRj63gITg0CQCjoE4IZ6j8iqIX5Mu8Bmw1jVwSIBBZhE%2BsghRJW5d9XTe%2BQrTtUmWEQ0vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: 21f64effaac9323dfdc24b65ec668cad
cf-ray: 6e62e7f1a9709170-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 atom-6-1.png
www.truesec.com/assets/patterns/ 515 B
763 B 259ms
256ms Image
image/png 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.truesec.com/assets/patterns/atom-6-1.png

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f1426c9322621378e362570f4ae1a661cf55a46b073bc83c568c2afe67d169e4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options: nosniff
age: 6184578
content-disposition: inline; filename="atom-6-1.png"
x-vercel-cache: HIT
content-length: 515
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /assets/patterns/atom-6-1.png
date: Thu, 03 Mar 2022 14:01:46 GMT
strict-transport-security: max-age=63072000
content-type: image/png
x-vercel-id: fra1:fra1::vlvld-1646316106475-588822ac0cbe
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"f1426c9322621378e362570f4ae1a661cf55a46b073bc83c568c2afe67d169e4"
accept-ranges: bytes

GET
H2 200 fabio-viggiani-truesec.jpg
optimise2.assets-servd.host/jealous-emu/production/Users/ 5 KB
6 KB 56ms
27ms Image
image/webp 2606:4700:20::681a:8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Users/fabio-viggiani-truesec.jpg?w=300&h=300&auto=compress%2Cformat&fit=crop&fp-x=0.5&fp-y=0.5&dm=1638201165&s=6a21baddfb91fc1f230f598ff08b63d1
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f837149a0a9a2b92a8d7f152da2ef4e69b30f98ed029cddcfcaa76bf9883ffc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servd-from: Cache
date: Thu, 03 Mar 2022 14:01:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtmDITX68IWCTREyqqc3wkGyZs3pbS37KlCpr6jxQngSvgXbocGWYNvbxHpkmfBQsvLSe3c194n9ZJo1Hzhlu4Ccc1jQLfrpw5uredqHT%2FeDX%2FmYVy7%2FZiE6Tae7QEb3TdUz5bPmNbUGsNoDdy%2FwXwHcOaudXBEVMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: 01dbbc299b6a3bcfe550cf81791902dd
cf-ray: 6e62e7f1a9749170-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-overview-2.png
optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/ 62 KB
62 KB 250ms
221ms Image
image/webp 2606:4700:20::681a:8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-overview-2.png?w=2014&auto=compress%2Cformat&fit=crop&fp-x=0.5&fp-y=0.5&dm=1633612810&s=74ba03e439bf59e2dbcf555f41307b68
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ddbeaa61005463a17ff6d9903ff1d73a158e04a10db88ede26fe7f6d7ece989

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servd-from: Cache
date: Thu, 03 Mar 2022 14:01:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tdb81UUqZ1kciHE%2BkRprr4FaXQpQvJdc9V7srGZ0lAwnaJW2tzzV%2FMgy0wZvMasA4K4HNgHyXPO7KmLJjfDy7zkk99JMn3z2v6qP0RkZBnyiuARCu5vfxATpCVpDIenMlhclKIl3OP5hbcY%2BK7db1swuHHS8CXJqEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: 35be1da5b438b0bb06ebefbc9e411acc
cf-ray: 6e62e7f1a9769170-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-chain-3-2048x1115.png
optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/ 67 KB
67 KB 380ms
351ms Image
image/webp 2606:4700:20::681a:8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-chain-3-2048x1115.png?w=2048&auto=compress%2Cformat&fit=crop&fp-x=0.5&fp-y=0.5&dm=1633612968&s=bbfad0c7761341e6cdca77d43cb030e7
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6243f3c77f193612648027475eaab6da009b985f0716acdfc021de263dd6f3c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servd-from: Cache
date: Thu, 03 Mar 2022 14:01:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOT4oBPwJUxzF%2F%2Fwi3Gb5oiwl2PMuQYALE15Vz9rWZACNUVav6yiwEFllKcPEZfEKglGBoV1bpImF59AjCES%2B52ExpprxOYRcUoK0ffg6YdPIc0HDYw0ERKdWleHjzClIVCrgeF3BywG2NpFzJ8nZrgBKzfbA25wuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: f0385ee97599fc62d05b0c062caa14f5
cf-ray: 6e62e7f1a9799170-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-wireshark4-2.png
optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/ 58 KB
58 KB 246ms
218ms Image
image/webp 2606:4700:20::681a:8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-wireshark4-2.png?w=1006&auto=compress%2Cformat&fit=crop&fp-x=0.5&fp-y=0.5&dm=1633613057&s=a08c4cdc750c3ccf77b07e5d70b7b243
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c931e84b0d28fb4eaca2ecf8dfb3d1b2b2537c1c916c0999411d755ce92f269c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servd-from: Cache
date: Thu, 03 Mar 2022 14:01:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVxR3AjGRqrytYJKSpgdNdRnpzVv%2F1zk98yANNtYmuA6uVyqVrxJhssrNMLpVdVw63S4lbFzVOv3Q4%2FSXxjyhmT5UAKbhLXPW5DzV7%2F4aRED6627%2Ba4ZbXCkMTp%2Fld%2Be8VvU4KSEEaR4JI2HiBAH70E2pLfUF6EL%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: 7a43c9fb4ae4aeb91756c22181262cf6
cf-ray: 6e62e7f1a97b9170-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 alex-wong-l5Tzv1alcps-unsplash.jpg
optimise2.assets-servd.host/jealous-emu/production/Abstract/ 158 KB
159 KB 70ms
41ms Image
image/webp 2606:4700:20::681a:8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Abstract/alex-wong-l5Tzv1alcps-unsplash.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633331430&s=542f834fa94c1cbbc7befe5371ede444
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5e896a3f9b16c1ed62fc2874360e9299ce7cfaa2d4cc75877ccd5a46ddd178f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servd-from: Cache
date: Thu, 03 Mar 2022 14:01:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqwQEBu2jfpCHmhxrgbIW%2F0RQeGHex%2BdoiYnaq0gDIPMwj82rG625vviezGJUiKtmJ0b0Kr47%2BXRXYm7bT6CDym8CLTURv6fogznJ8Jw7j2wLp1PWE4%2F9qe0bxnqxgcKzyi%2BzVnr%2FtSlWwvhtaqTIbfaUR%2FLyuaCbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: e7bdea64eed0b979a882a24e228ca4b3
cf-ray: 6e62e7f1a97d9170-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 mattias-wahlen-truesec.jpg
optimise2.assets-servd.host/jealous-emu/production/Users/ 7 KB
8 KB 31ms
29ms Image
image/webp 2606:4700:20::681a:8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Users/mattias-wahlen-truesec.jpg?w=300&h=300&auto=compress%2Cformat&fit=crop&fp-x=0.5&fp-y=0.5&dm=1638201500&s=07b1b7cb2606c7fc28a801479276a0d6
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 080e4e6a3bb5279ae05d16d94e7ff0bf70d9a754bc9595ba104d01cb823bfff0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servd-from: Cache
date: Thu, 03 Mar 2022 14:01:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08buci4rNE5zlN4%2BV%2FZskIMG9ltLtbgH0VfhTaRAiv9nnvwIKnvWz%2FmwGszw96UTKhBto3okl1M%2FBcsFsQdq4xzWFtqrqbmAGCx9%2Bmi2rWZ4aDyqgVMcIcVy4KYTWSQZvaIs9z2fNAm9r4dCtlqiHEKi%2Bvpmh9Au0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: c22f57e2ca0a75a031ed699f69d8fba9
cf-ray: 6e62e7f1c9d59170-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 silhouette-of-man-during-waiting-at-airport-WWUZ7G7-2-TEST.jpg
optimise2.assets-servd.host/jealous-emu/production/Hero/ 18 KB
19 KB 30ms
29ms Image
image/webp 2606:4700:20::681a:8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Hero/silhouette-of-man-during-waiting-at-airport-WWUZ7G7-2-TEST.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633331362&s=8142cbbf24800f083d09465265ce6f61
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41a9b13eb00b9a9e361db7118f4121edce5df098b1f1e8c9d7e68c732c26cfa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servd-from: Cache
date: Thu, 03 Mar 2022 14:01:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNZi1Gy%2FtaUScH9Ncs%2F7TLzaG8FEc%2FSOti%2BICOnhR%2B8Vx754J2CxffzIVw2M9L9y66tJBcoutmFIS5xIjhFeXxtZA%2F4vjcV7F3iDguVtongQsgWdSOZu9xh%2BNhnqkVY4sg3MZdNL42wXyp%2BFsU1vLUSN28MwlmM8hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: cb02bc928f2ddab767ea7793dad2a37e
cf-ray: 6e62e7f1c9d69170-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 iStock-524154022.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 10 KB
10 KB 30ms
29ms Image
image/webp 2606:4700:20::681a:8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Blog/iStock-524154022.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1645126486&s=7df15f2b841768e1470878384f214b07
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff712ff2b433f78559d51464625a77b60171b9204216640e0073332a18c2a17c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servd-from: Cache
date: Thu, 03 Mar 2022 14:01:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CCOVg1HtJdu%2FLKtgZMACvJkrWdBxtIrI8Vf%2BLchzdRwb3uskeZlqqCjIUKw4ukygXKa19gy96MxW4YS%2FHjrpDXe58kFVxLY6oFC8Wm5D1nKgVdylcsrC%2F2f3QFnoSIf%2Bt9IzvAbq%2FPGVGLsPAxvP1cTGT%2FtNZ4LSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: 975ca2ad20b8daec7120560424b06d0a
cf-ray: 6e62e7f1c9dd9170-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 Christoffer-Stromblad-Expert-Truesec.jpg
optimise2.assets-servd.host/jealous-emu/production/Users/ 11 KB
12 KB 33ms
31ms Image
image/webp 2606:4700:20::681a:8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Users/Christoffer-Stromblad-Expert-Truesec.jpg?w=300&h=300&auto=compress%2Cformat&fit=crop&fp-x=0.5&fp-y=0.5&dm=1642085855&s=68855265243ea4501b1b342d464b65ae
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: febc37aac923fba810d8d26c1afa7fc1845701770ebc722d1391e33220830147

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servd-from: Cache
date: Thu, 03 Mar 2022 14:01:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktzWK1fbTMqH01gpzxuLFeV3548M6hNMUAtCrHTNMGUyOpxIJrbvklm5JVfAlLmZcL67NPZriMx1YQyX%2FfsiMhQpXqLUMftowjw%2FeRURkoTjwb1WRoLhHf9kEv8teedW8xotRNYQxlCY23mQg2GF6QCIFxlEslZtww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: 62b69f3252e1904d3f1acf0417db14bc
cf-ray: 6e62e7f1c9df9170-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 sajad-nori-B5knZPjp8SY-unsplash.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 42 KB
43 KB 34ms
33ms Image
image/webp 2606:4700:20::681a:8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Blog/sajad-nori-B5knZPjp8SY-unsplash.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633379677&s=a8d6f548269a064995ee2c2152028dea
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46802a692af6557a560d548bcd048a28966d2b68beb29083974943de82b818a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servd-from: Cache
date: Thu, 03 Mar 2022 14:01:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hASifaDUoudjAKzBSYp7ZE0O0jTab4P5mvrUx%2BdrG772oWtGXj3QTbMJxL1ftWhmwNTU8gGd3YpDq8fBLDIPd9pt2QiggNQwljhqwfMq0RocwUZA2SJ4yFLRflD1YPB812NVCcDyG8q5U4wSBTPWfW6c1xVe6FVEqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: 52b4d5ad0fc96204d3b03a6256af3cb6
cf-ray: 6e62e7f1c9e09170-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 j3-tTwJ7xRQ-TEMP.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 94 KB
95 KB 35ms
33ms Image
image/webp 2606:4700:20::681a:8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Blog/j3-tTwJ7xRQ-TEMP.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633331388&s=d12ed553f5c72d682ee2b1abb5dffc86
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd33bbecf9cd62f171950662a1f7fd70377af80b2a8c6710b8b5f26fb379fa0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servd-from: Cache
date: Thu, 03 Mar 2022 14:01:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euQYQJ6GCxuIuI72Ya3gbUGsTcpGWFfGrIOxUme0EKOMki6LG5LTEPclDBvPV9LhPjw6zsiBxcprUyAkQ13SA%2FnW10sn16tDlsB9D1LRYSLkUvAUUenYgv3ZYo%2BYgrB0XN3D7MgwWXdC9o9gdR98ZX0E%2BBFckCxNdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: 23b5ee3db52d22846df0ff952fa349c6
cf-ray: 6e62e7f1c9e29170-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 dawid-zawila-fiu89zdeTQI-unsplash.jpg
optimise2.assets-servd.host/jealous-emu/production/Techtalk/ 43 KB
44 KB 33ms
32ms Image
image/webp 2606:4700:20::681a:8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Techtalk/dawid-zawila-fiu89zdeTQI-unsplash.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633331446&s=a573c33a7c95d5da15ae4fcb9eb4bb5c
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9171a46ea05b0dc4401c5d7977a8e1979425ed485079803c9c602561dbc887bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servd-from: Cache
date: Thu, 03 Mar 2022 14:01:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NF5R8GcHqprVt9M2gjKh75SgM2y%2Bd%2B4J%2BIqgMJnA5j9y40L%2BjbR%2BjPYVa5fUfMThZS2Ax5mYo9yOwMq1B7P3l3f5x0%2Bug7vje0H5NjAb7x90AMd7aUyjDKxx2TcKaJ52zPJQqvOYNmS1Zt%2FLJOasiiih0JduDPnYgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: 91fe99075562ec71fd51a3aafb08d0c1
cf-ray: 6e62e7f1c9e59170-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 silhouette-of-man-during-waiting-at-airport-WWUZ7G7-1.png
optimise2.assets-servd.host/jealous-emu/production/Blog/ 11 KB
12 KB 31ms
30ms Image
image/webp 2606:4700:20::681a:8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Blog/silhouette-of-man-during-waiting-at-airport-WWUZ7G7-1.png?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633331380&s=33822e3ce30ed792810d15c412dc6aef
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 811d40810a5f80ed0ec016c290779f53b42b38889440630768f8906f381e6963

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servd-from: Cache
date: Thu, 03 Mar 2022 14:01:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZmKN1jmxDLH%2FliRE0RwxaaXWVI%2F6YSDa8caQLc%2F8hFIZyTzKneJXv0zDv0xd8V5H3tY7j9Rvp3qAIvfQR24fy4gLxv8P0yGO75uovS9maGDtuSC0nEpSJ7dA%2BDap9EV40j1kpmx6CIb9x05Xw0oUKrdFaozethcOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: a1992db801f7e71635107495f7d4930c
cf-ray: 6e62e7f1c9e69170-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 iStock-507713928.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 63 KB
64 KB 111ms
110ms Image
image/webp 2606:4700:20::681a:8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Blog/iStock-507713928.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633331381&s=8e444aaa1cbbc6db6da7ac07d7318d66
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91666c893575eb5552c1285bafd9b3c5843e6bdfdff31aa46287e79e752874d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servd-from: Cache
date: Thu, 03 Mar 2022 14:01:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNbGhbZyi4VnspM1R4ZGLuNdC42To9mtSrwwAh476KeK34tRFJlkrtkhgcO5pKUscrC8WbswGXuLGWm0sBijMXUMb9qDCXuu82lyEe%2FKu1BHkQEGuqoz%2BJaogvBfo77z8nH9ygrEnBSkpdTCCl%2ByxxhD5K1prCyDBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: c57f2fe46462bb99948fa662c6fa42ec
cf-ray: 6e62e7f1d9e99170-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 kKcko4LdeSM Show response
www.youtube.com/embed/ Frame 2DC5 60 KB
26 KB 184ms
94ms Document
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/kKcko4LdeSM

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e3365c54ac5d3f67a04faee07b79bdd638c011afbec5a8e361b034dfa053b7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 03 Mar 2022 14:01:46 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 www-player.css
www.youtube.com/s/player/9c1a7c38/ Frame 2DC5 337 KB
46 KB 87ms
39ms Stylesheet
text/css 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9c1a7c38/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45c67371fc975034b335d906590ca4e1e6582c7c1688ae575f42f1f393df438e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/kKcko4LdeSM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:25:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20203
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47097
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 01:15:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 03 Mar 2023 08:25:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2DC5 15 KB
16 KB 124ms
39ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 161705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Mar 2023 17:06:41 GMT

GET
H2 200 font.woff2
www.truesec.com/fonts/NimbusSanReg/ 41 KB
41 KB 58ms
58ms Font
font/woff2 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/fonts/NimbusSanReg/font.woff2

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/8193e33b52acdf83.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0b17da62fb36f7470a36919503a56c697359e2958588c16dfb667bc9891318f9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.truesec.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options: nosniff
age: 6198425
content-disposition: inline; filename="font.woff2"
x-vercel-cache: HIT
content-length: 41772
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /fonts/NimbusSanReg/font.woff2
date: Thu, 03 Mar 2022 14:01:46 GMT
strict-transport-security: max-age=63072000
content-type: font/woff2
x-vercel-id: fra1:fra1::vlvld-1646316106699-575720e0787b
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"0b17da62fb36f7470a36919503a56c697359e2958588c16dfb667bc9891318f9"
accept-ranges: bytes

GET
H2 200 font.woff2
www.truesec.com/fonts/NimbusSanLig/ 41 KB
41 KB 55ms
55ms Font
font/woff2 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/fonts/NimbusSanLig/font.woff2

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/8193e33b52acdf83.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e30ce15e8acb6c3db0edadbc7fb54d04a8101efef317c703884a976c90335fe9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.truesec.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options: nosniff
age: 6198425
content-disposition: inline; filename="font.woff2"
x-vercel-cache: HIT
content-length: 41712
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /fonts/NimbusSanLig/font.woff2
date: Thu, 03 Mar 2022 14:01:46 GMT
strict-transport-security: max-age=63072000
content-type: font/woff2
x-vercel-id: fra1:fra1::vlvld-1646316106699-40cde701360d
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"e30ce15e8acb6c3db0edadbc7fb54d04a8101efef317c703884a976c90335fe9"
accept-ranges: bytes

GET
H3 200 aerial-photographing-with-drone-picture-id1026580092.jpg
optimise2.assets-servd.host/jealous-emu/production/Report/ 27 KB
27 KB 34ms
34ms Image
image/webp 2606:4700:20::681a:8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Report/aerial-photographing-with-drone-picture-id1026580092.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1644237367&s=626bfdc25169022e454c7f34d982ff85
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee0efafd4d3bf456260c4570c1f5f2ebe67af6ff74fcbaec9d0f871abf4b09e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.truesec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servd-from: Cache
date: Thu, 03 Mar 2022 14:01:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dig2onRHIyr3xTjZpmkrT70Q4WXIH%2Fh65CKe1KIATpOtsc1m23Wsdq8Wa%2FZoFIHBRdGVUCkZEwUIt5d3t44R5b0MKfKxCy%2BmSFrrW1OEC1tQ3fD2AsI6tHuAZYGwQrU8ax1kfSrDOMHp4QDxfkVXmw4SQe9Z8e6mow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: 00b3a9236efdd5ef219f531f4f05a51f
cf-ray: 6e62e7f2df0c994e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H3 200 jason-peter-Zkte7MW1j-I-unsplash.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 16 KB
17 KB 41ms
40ms Image
image/webp 2606:4700:20::681a:8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/jealous-emu/production/Blog/jason-peter-Zkte7MW1j-I-unsplash.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633331352&s=8eee768e0555293df650e1d0deb396f9
Requested by: Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20b9d6ea07168a3f04fa08c07013134fa89e5ba2dc89cfda2b33d92e8a52d21f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.truesec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servd-from: Cache
date: Thu, 03 Mar 2022 14:01:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O3dn0cayIbLeaq4R85b3P9kbFqrsdeaz4lYuaMSpOLycoTiTSvyW5gBTwmorGH3xD6kVYRI9xGXuTC%2FwrPxeR0EnD46Uwm8XIANkzEEl8Av9AUngfUijHJXAIhCrliPrqivSgpSin0LepJi7LurA%2FxvHEqFmY11udw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31104000
x-servd-hash: fd547a971e9e0ebc2b3285121e9a964b
cf-ray: 6e62e7f2df0e994e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin

GET
H2 200 slider-next-active.svg
www.truesec.com/assets/slider/ 245 B
459 B 52ms
51ms Image
image/svg+xml 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.truesec.com/assets/slider/slider-next-active.svg

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/8193e33b52acdf83.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5202c7efbe462a95aa34ec4cba8b72b4250884b76e5362ffddc14cec6c82e58e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options: nosniff
age: 6201188
content-disposition: inline; filename="slider-next-active.svg"
x-vercel-cache: HIT
content-length: 245
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /assets/slider/slider-next-active.svg
date: Thu, 03 Mar 2022 14:01:46 GMT
strict-transport-security: max-age=63072000
content-type: image/svg+xml
x-vercel-id: fra1:fra1::vlvld-1646316106699-46a4eece507d
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"5202c7efbe462a95aa34ec4cba8b72b4250884b76e5362ffddc14cec6c82e58e"
accept-ranges: bytes

GET
H2 200 slider-prev-active.svg
www.truesec.com/assets/slider/ 266 B
519 B 52ms
51ms Image
image/svg+xml 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.truesec.com/assets/slider/slider-prev-active.svg

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/8193e33b52acdf83.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5e059d5d50bd7b9859989431b0eb4288e8fddd12d6339e1d919fcae7924e999f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options: nosniff
age: 6201188
content-disposition: inline; filename="slider-prev-active.svg"
x-vercel-cache: HIT
content-length: 266
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /assets/slider/slider-prev-active.svg
date: Thu, 03 Mar 2022 14:01:46 GMT
strict-transport-security: max-age=63072000
content-type: image/svg+xml
x-vercel-id: fra1:fra1::vlvld-1646316106699-42c511ee7663
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"5e059d5d50bd7b9859989431b0eb4288e8fddd12d6339e1d919fcae7924e999f"
accept-ranges: bytes

GET
H2 200 font.woff2
www.truesec.com/fonts/NimbusSanExtReg/ 29 KB
30 KB 49ms
48ms Font
font/woff2 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/fonts/NimbusSanExtReg/font.woff2

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/8193e33b52acdf83.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

273a989952bcaab018a929e31149171f873713cd36caa79a6650a7bdd5b08130

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.truesec.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options: nosniff
age: 6198424
content-disposition: inline; filename="font.woff2"
x-vercel-cache: HIT
content-length: 30036
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /fonts/NimbusSanExtReg/font.woff2
date: Thu, 03 Mar 2022 14:01:46 GMT
strict-transport-security: max-age=63072000
content-type: font/woff2
x-vercel-id: fra1:fra1::vlvld-1646316106724-e129779b4396
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"273a989952bcaab018a929e31149171f873713cd36caa79a6650a7bdd5b08130"
accept-ranges: bytes

GET
H2 200 SourceCodePro-Regular.woff2
www.truesec.com/fonts/SourceCode/ 75 KB
75 KB 50ms
49ms Font
font/woff2 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truesec.com/fonts/SourceCode/SourceCodePro-Regular.woff2

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/8193e33b52acdf83.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8e89e4c4cbc9f5b62d5cc9939383f42998f58fcd22fa2d0f07a15ebcc11be892

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.truesec.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options: nosniff
age: 6201188
content-disposition: inline; filename="SourceCodePro-Regular.woff2"
x-vercel-cache: HIT
content-length: 76848
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /fonts/SourceCode/SourceCodePro-Regular.woff2
date: Thu, 03 Mar 2022 14:01:46 GMT
strict-transport-security: max-age=63072000
content-type: font/woff2
x-vercel-id: fra1:fra1::vlvld-1646316106724-8e0a1dc629ab
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"8e89e4c4cbc9f5b62d5cc9939383f42998f58fcd22fa2d0f07a15ebcc11be892"
accept-ranges: bytes

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/9c1a7c38/www-embed-player.vflset/ Frame 2DC5 280 KB
86 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9c1a7c38/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9af8518816c349312932da9a972ead7bb0dd48f05145e23233cd582626efe1f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/kKcko4LdeSM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 00:37:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88134
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 01:15:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 03 Mar 2023 00:37:38 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/9c1a7c38/player_ias.vflset/de_DE/ Frame 2DC5 2 MB
541 KB 86ms
85ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9c1a7c38/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de0bf06234ea3226284d918b2f19d4f1a4f325bfb54c0094c6df44b072924a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/kKcko4LdeSM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 15:52:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 252561
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553551
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 01:15:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Feb 2023 15:52:25 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/9c1a7c38/fetch-polyfill.vflset/ Frame 2DC5 10 KB
3 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9c1a7c38/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/kKcko4LdeSM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 15:52:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 252540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3338
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 01:15:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Feb 2023 15:52:46 GMT

GET
H2 200 e3a542f3-ccea-4df6-b5e3-a9481f7b233b Show response
forms.hsforms.com/embed/v3/form/5907437/ 5 KB
2 KB 190ms
155ms Script
application/javascript 2606:4700::6810:5805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/5907437/e3a542f3-ccea-4df6-b5e3-a9481f7b233b?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a748ef7614ebeb393f28334b3b18028120e71138793819db6d2455a02301ae8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 3c58fbbf-8ebf-4f6d-bdaa-bdf8c98b614e
cf-ray: 6e62e7f3cbf78ffb-FRA
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B888114285F3382CE13305DD9927C561653DD6E5E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 195 KB
69 KB 160ms
69ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K2VMF8D&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c6969d05c2bc1501ad8e2d78d5d670f9579979369461931690ed67dd11b4c0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69790
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Mar 2022 14:01:46 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 2DC5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

93ms
46ms

XHR
application/json

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM

Protocol

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

671735c7643396617e0d995c625c648e215ce64e3a0fab39fa68989ff51ddbb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 03 Mar 2022 14:01:47 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 2DC5 29 B
588 B 123ms
36ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9c1a7c38/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 13:48:50 GMT
x-content-type-options: nosniff
age: 777
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Mar 2022 14:03:50 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/9c1a7c38/player_ias.vflset/de_DE/ Frame 2DC5 119 KB
37 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9c1a7c38/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9c1a7c38/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6523081ad9b956d098ff13f4f23f768f76fea93c03ae416eb43130c37ccb251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/kKcko4LdeSM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 15:52:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 252562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37842
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 01:15:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Feb 2023 15:52:25 GMT

GET
H2 200 tIUIwdUPEtL_C5LN5MYveDYToWXcmQEgBpSkxCkbSn8.js Show response
www.google.com/js/th/ Frame 2DC5 35 KB
14 KB 126ms
43ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/tIUIwdUPEtL_C5LN5MYveDYToWXcmQEgBpSkxCkbSn8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9c1a7c38/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b48508c1d50f12d2ff0b92cde4c62f783613a165dc9901200694a4c4291b4a7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 12:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13626
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 12:44:27 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/9c1a7c38/player_ias.vflset/de_DE/ Frame 2DC5 26 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9c1a7c38/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9c1a7c38/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0003d0aca20ab445178f9d1345807132b6370ae300aef6408e26ebd606acbda0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/kKcko4LdeSM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 15:53:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 252501
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7820
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 01:15:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Feb 2023 15:53:26 GMT

GET
DATA 200
OK truncated
/ Frame 2DC5 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 zhvy3_ZaC9Fllc_FZVQZpBSnm1b8plAtnKLDVX2VgAP-WOrgyQ5YNCQLf_G_jkHn6zk_zit2BVw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 2DC5 1 KB
1 KB 135ms
48ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/zhvy3_ZaC9Fllc_FZVQZpBSnm1b8plAtnKLDVX2VgAP-WOrgyQ5YNCQLf_G_jkHn6zk_zit2BVw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a463f197a33375cdbbe0b8aaa383f9219afbb4b6caba412fc7a642d146aeb9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 13:59:56 GMT
x-content-type-options: nosniff
age: 111
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1134
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 13 Feb 2022 07:19:24 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/kKcko4LdeSM/ Frame 2DC5 77 KB
77 KB 163ms
76ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/kKcko4LdeSM/maxresdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eccab74b9739bef8ec0f81f6e8be004093244e1981268e09ef9fdc413cd7ee19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:47 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78758
x-xss-protection: 0
server: sffe
etag: "1625489413"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 03 Mar 2022 16:01:47 GMT

GET
H2 200 submit-arrow.svg
www.truesec.com/assets/form/ 243 B
463 B 14ms
13ms Image
image/svg+xml 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.truesec.com/assets/form/submit-arrow.svg

Requested by

Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/8193e33b52acdf83.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

b12368d3c5dba872ff52f51d990122bb48b276fc7e21e4a12bf4bdcd52f33daa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options: nosniff
age: 6184578
content-disposition: inline; filename="submit-arrow.svg"
x-vercel-cache: HIT
content-length: 243
x-xss-protection: 1; mode=block
access-control-allow-origin: https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy: no-referrer
server: Vercel
x-matched-path: /assets/form/submit-arrow.svg
date: Thu, 03 Mar 2022 14:01:47 GMT
strict-transport-security: max-age=63072000
content-type: image/svg+xml
x-vercel-id: fra1:fra1::vlvld-1646316107121-981d3217e26f
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag: W/"b12368d3c5dba872ff52f51d990122bb48b276fc7e21e4a12bf4bdcd52f33daa"
accept-ranges: bytes

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 91 KB
28 KB 50ms
11ms Script
application/javascript 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js?cbid=fb174c59-0016-4d4c-8f79-2c133cf6c3fc
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2VMF8D&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8d21dcd4801573edce931aa643b2293ca9ca1ad8664feb497bbfa146c3c881b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:47 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 09:16:20 GMT
etag: "0ca3658df2ed81:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=1037
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges: bytes
content-length: 27986
expires: Thu, 03 Mar 2022 14:19:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 128ms
38ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2VMF8D&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1614
date: Thu, 03 Mar 2022 13:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 03 Mar 2022 15:34:53 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 162ms
73ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2VMF8D&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Mar 2022 14:01:47 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 2DC5 4 KB
3 KB 133ms
47ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9c1a7c38/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Mar 2022 14:01:47 GMT

GET
H2 200 bc-v3.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame 5D42 2 KB
1 KB 30ms
8ms Document
text/html 2a02:26f0:fb:594::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=fb174c59-0016-4d4c-8f79-2c133cf6c3fc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:594::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-type: text/html
etag: "b10de1f5f615a79259ac9e34f470ce1d:1615283706.572935"
last-modified: Tue, 09 Mar 2021 09:55:06 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=28258968
expires: Tue, 24 Jan 2023 15:44:35 GMT
date: Thu, 03 Mar 2022 14:01:47 GMT
content-length: 895
server-timing: cdn-cache; desc=HIT edge; dur=1

GET
H3 204 generate_204
www.youtube.com/ Frame 2DC5 0
9 B 39ms
39ms Image
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?gkuCXg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/kKcko4LdeSM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/99/ Frame 2DC5 53 KB
15 KB 86ms
39ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/99/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c31dcc878ab2e52cea5f38b4c3f1d1cfec4dbae070da4e460b336b3705bc423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 13:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15479
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 16:05:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 04 Mar 2022 13:31:06 GMT

GET
H2 200 cc.js Show response
consent.cookiebot.com/fb174c59-0016-4d4c-8f79-2c133cf6c3fc/ 246 KB
55 KB 134ms
134ms Script
application/x-javascript 2a02:26f0:6c00::210:ba79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/fb174c59-0016-4d4c-8f79-2c133cf6c3fc/cc.js?renew=false&referer=www.truesec.com&dnt=false&forceshow=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=fb174c59-0016-4d4c-8f79-2c133cf6c3fc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 18d64267915d72dac2cb43d8c2b8b882fc7ed6c750d628e6b66cf98e19bf17d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:01:47 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 14:01:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=1200
content-length: 56314
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
DATA 200
OK truncated
/ 293 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
548 B 131ms
47ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=844018432.1646316109&url=https%3A%2F%2Fwww.truesec.com%2Fhub%2Fblog%2Fkaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware&gtm=2wg2s0K2VMF8D

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2VMF8D&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 14:01:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 80ms
36ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1568345740&t=pageview&_s=1&dl=https%3A%2F%2Fwww.truesec.com%2Fhub%2Fblog%2Fkaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware&ul=en-us&de=UTF-8&dt=Kaseya%20supply%20chain%20attack%20targeting%20MSPs%20to%20deliver%20REvil%20ransomware%20-%20Truesec&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEAAAAABE~&cid=1797142179.1646316109&tid=UA-10378001-38&_gid=1883595864.1646316109&gtm=2wg2s0K2VMF8D&gcs=G100&z=1068376583

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Mar 2022 16:29:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77528
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 2DC5 28 B
54 B 55ms
55ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9c1a7c38/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/kKcko4LdeSM
X-YouTube-Client-Version: 1.20220227.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgtlb2tuUkpEN3RTMCjKlIORBg%3D%3D
X-YouTube-Ad-Signals: dt=1646316106891&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C675%2C446&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 03 Mar 2022 14:01:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 03 Mar 2022 14:01:49 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: FLuQv2VWz5E
			.youtube.com/	1970-01-20 05:37:48	Name: VISITOR_INFO1_LIVE Value: eoknRJD7tS0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.truesec.com
consent.cookiebot.com
consentcdn.cookiebot.com
fonts.gstatic.com
forms.hsforms.com
googleads.g.doubleclick.net
i.ytimg.com
js.hsforms.net
optimise2.assets-servd.host
pagead2.googlesyndication.com
static.doubleclick.net
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.truesec.com
www.youtube.com
yt3.ggpht.com
142.250.186.66
2606:4700:20::681a:8b5
2606:4700::6810:5805
2606:4700::6811:b849
2a00:1450:4001:803::2003
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:827::2006
2a00:1450:4001:830::2016
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a02:26f0:6c00::210:ba79
2a02:26f0:fb:594::f09
76.76.21.61
0003d0aca20ab445178f9d1345807132b6370ae300aef6408e26ebd606acbda0
0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75
080e4e6a3bb5279ae05d16d94e7ff0bf70d9a754bc9595ba104d01cb823bfff0
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
0b17da62fb36f7470a36919503a56c697359e2958588c16dfb667bc9891318f9
18d64267915d72dac2cb43d8c2b8b882fc7ed6c750d628e6b66cf98e19bf17d4
1c6969d05c2bc1501ad8e2d78d5d670f9579979369461931690ed67dd11b4c0b
20b9d6ea07168a3f04fa08c07013134fa89e5ba2dc89cfda2b33d92e8a52d21f
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
2466940e9f2f793bef82078165a0b979c59ea7c89c7a5840e9571f4e7eb3f2a1
273a989952bcaab018a929e31149171f873713cd36caa79a6650a7bdd5b08130
27fd607656679f079002b860bcb945334cf2814e34368fc2f4dad33ba72c6903
2e3365c54ac5d3f67a04faee07b79bdd638c011afbec5a8e361b034dfa053b7d
3b54dffddaa2eac539bd5b13d6f80c38da6076ce740db0c587a68e7e4f25c5b6
3ddbeaa61005463a17ff6d9903ff1d73a158e04a10db88ede26fe7f6d7ece989
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4095270bd9e0d892470abd5bf83c212222b8aa8d55734f307bb6b7382cd5af41
41a9b13eb00b9a9e361db7118f4121edce5df098b1f1e8c9d7e68c732c26cfa0
45c67371fc975034b335d906590ca4e1e6582c7c1688ae575f42f1f393df438e
46802a692af6557a560d548bcd048a28966d2b68beb29083974943de82b818a3
47f1c8d47878f03a37c5d640f854ee0b55a7e35b6911f69da043f56108e5c085
5202c7efbe462a95aa34ec4cba8b72b4250884b76e5362ffddc14cec6c82e58e
59630935840a38c5b2a1c7191c2bea389e06888dbaf33946fd80c62474a5e8ae
5cef697a89f81b5efb5a01bfca698a95fb398e08fee1819105efae855713711b
5e059d5d50bd7b9859989431b0eb4288e8fddd12d6339e1d919fcae7924e999f
6243f3c77f193612648027475eaab6da009b985f0716acdfc021de263dd6f3c9
62da807428bb62a0d557a312148fd11e40ebc513b50052deb1b94afa44640f84
671735c7643396617e0d995c625c648e215ce64e3a0fab39fa68989ff51ddbb5
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6c31dcc878ab2e52cea5f38b4c3f1d1cfec4dbae070da4e460b336b3705bc423
7818700448f47ae7a140d396ea7f5c403fc37f6004939ae215b2bf6681d0eb6a
811d40810a5f80ed0ec016c290779f53b42b38889440630768f8906f381e6963
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8346b1f85c2f4558f08014642b4b96cb6455e95ba03b5f7124942a03b6043477
8d21dcd4801573edce931aa643b2293ca9ca1ad8664feb497bbfa146c3c881b4
8e89e4c4cbc9f5b62d5cc9939383f42998f58fcd22fa2d0f07a15ebcc11be892
91666c893575eb5552c1285bafd9b3c5843e6bdfdff31aa46287e79e752874d5
9171a46ea05b0dc4401c5d7977a8e1979425ed485079803c9c602561dbc887bf
9ac644220acf19958ba7391edfff320ce14f01485659ad0249093eba472214cf
9af8518816c349312932da9a972ead7bb0dd48f05145e23233cd582626efe1f8
9de0bf06234ea3226284d918b2f19d4f1a4f325bfb54c0094c6df44b072924a0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2d44a01a5d432a740a2ee4879cc1d6d7742b10c516a5b0a8b305aa3a8692b3b
a463f197a33375cdbbe0b8aaa383f9219afbb4b6caba412fc7a642d146aeb9ef
a748ef7614ebeb393f28334b3b18028120e71138793819db6d2455a02301ae8d
abf150754f17258ac8a25c581d8786a4189249a640722099f944052be10a1bb9
b12368d3c5dba872ff52f51d990122bb48b276fc7e21e4a12bf4bdcd52f33daa
b48508c1d50f12d2ff0b92cde4c62f783613a165dc9901200694a4c4291b4a7f
c5acd47ab45498b271f7495c11716d8adba15ec4afb8649457c3aca1dbe6ef56
c5e896a3f9b16c1ed62fc2874360e9299ce7cfaa2d4cc75877ccd5a46ddd178f
c927a5f1acf42675a231d751252ff2d1fd8f8038e6c5b9653f8f2affcea034ab
c931e84b0d28fb4eaca2ecf8dfb3d1b2b2537c1c916c0999411d755ce92f269c
cac3869cf9d408f9057c6bf49be9b0aacef8bb2155ab5c6c870f0a0139476543
ce3783d4091c989beac6560ce4ba0032d52339854010ac19358dfb702f226167
cf445fadad125afbbaac35b45c82072357edd911499f58cd347693943eb2e546
d1848e6dfd39a9c847aaec616913136849ced423417fbea8c92bcc2d9b99d499
d47b9c5d7be62ddd3c18b7bda9ae7640bfbd39e0b78fd9c4dad34c25eafcabfb
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e30ce15e8acb6c3db0edadbc7fb54d04a8101efef317c703884a976c90335fe9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e801be90a126cfe84ebfaf516b60e067e77b91b3d37a8d9f380a12c37b18c165
eccab74b9739bef8ec0f81f6e8be004093244e1981268e09ef9fdc413cd7ee19
ee0efafd4d3bf456260c4570c1f5f2ebe67af6ff74fcbaec9d0f871abf4b09e1
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1426c9322621378e362570f4ae1a661cf55a46b073bc83c568c2afe67d169e4
f6523081ad9b956d098ff13f4f23f768f76fea93c03ae416eb43130c37ccb251
f79fb2cabb37fc603ef37cdeb3077cbacbf5b425426d743618497bd2a649e593
f837149a0a9a2b92a8d7f152da2ef4e69b30f98ed029cddcfcaa76bf9883ffc1
fd33bbecf9cd62f171950662a1f7fd70377af80b2a8c6710b8b5f26fb379fa0a
febc37aac923fba810d8d26c1afa7fc1845701770ebc722d1391e33220830147
ff712ff2b433f78559d51464625a77b60171b9204216640e0073332a18c2a17c

www.truesec.com Open in urlscan Pro 76.76.21.61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

99 %HTTPS

89 %IPv6

15 Domains

19 Subdomains

19 IPs

2 Countries

2570 kBTransfer

6293 kBSize

2 Cookies

30 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.truesec.com Open in urlscan Pro
76.76.21.61 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

99 %
HTTPS

89 %
IPv6

15
Domains

19
Subdomains

19
IPs

2
Countries

2570 kB
Transfer

6293 kB
Size

2
Cookies

73 HTTP transactions
2 data transactions