urlscan.io logo urlscan.io
SecurityTrails logo

blog.truesec.com Open in urlscan Pro
104.199.113.171  Public Scan

Go To Rescan Add Verdict Report
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Submission: On August 18 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 48 HTTP transactions. The main IP is 104.199.113.171, located in The Dalles, United States and belongs to GOOGLE, US. The main domain is blog.truesec.com.
TLS certificate: Issued by R3 on August 6th 2021. Valid for: 3 months.
This is the only time blog.truesec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

36    104.199.113.171 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 171.113.199.104.bc.googleusercontent.com
blog.truesec.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:2156:3e00:1f:f723:6fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sc.lfeeder.com
Domain Requested by
36 blog.truesec.com blog.truesec.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com blog.truesec.com
2 maxcdn.bootstrapcdn.com blog.truesec.com
1 sc.lfeeder.com blog.truesec.com
1 www.googletagmanager.com blog.truesec.com
1 cdnjs.cloudflare.com blog.truesec.com
1 code.jquery.com blog.truesec.com
48 9
Subject Issuer Validity Valid
blog.truesec.com
R3		 2021-08-06 -
2021-11-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.lfeeder.com
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Frame ID: 2308145CDC973C24492222B5DA6BFF3E
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

48
Requests

100 %
HTTPS

89 %
IPv6

9
Domains

9
Subdomains

10
IPs

3
Countries

1189 kB
Transfer

2071 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/ 		64 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
421295fe0f85dce7569d0c867f5c7db92ee68a9b7281e70903f963f95a5c920e

Request headers

:method
GET
:authority
blog.truesec.com
:scheme
https
:path
/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Wed, 18 Aug 2021 14:40:54 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-pingback
https://blog.truesec.com/xmlrpc.php
link
<https://blog.truesec.com/wp-json/>; rel="https://api.w.org/" <https://blog.truesec.com/wp-json/wp/v2/posts/1356>; rel="alternate"; type="application/json" <https://blog.truesec.com?p=1356>; rel=shortlink
x-powered-by
WP Engine
x-cacheable
SHORT
cache-control
max-age=600, must-revalidate
x-cache
HIT: 1
x-cache-group
normal
content-encoding
br
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://blog.truesec.com
Referer
https://blog.truesec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
10312263
cdn-cachedat
2021-04-21 07:51:34
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
c8378dedb93211bdbf16f3a44cec136b
cf-ray
680be667c9f74e6d-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
jquery-3.2.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Origin
https://blog.truesec.com
Referer
https://blog.truesec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2017 19:01:15 GMT
server
nginx
etag
W/"58d026fb-10fdd"
vary
Accept-Encoding
x-hw
1629297655.dop056.fr8.t,1629297655.cds238.fr8.hc,1629297655.cds257.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
23856
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://blog.truesec.com
Referer
https://blog.truesec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1191921
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6157
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4af4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E06E8yZJ68fROYY1BqzuRrRoT%2BETXRn3tUUgOSg4asVy5%2FvjDjYF5Qw%2Fx5vLsLohyFROJm3lJMXhPQWygN39Z8fckvk1UU8U3r8jOVMcKVDM8SvX0q5V%2F5lmLC5SO0emi7R4oh%2Bo1hVNMhxmnKmPaRpW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
680be667acf0d729-FRA
expires
Mon, 08 Aug 2022 14:40:54 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://blog.truesec.com
Referer
https://blog.truesec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
10128285
cdn-cachedat
2021-04-23 10:46:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
32039775f596d9d76dddf8e9887aa7b5
cf-ray
680be667c9fa4e6d-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
quicklatex-format.css
blog.truesec.com/wp-content/plugins/wp-quicklatex/css/ 		2 KB
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-content/plugins/wp-quicklatex/css/quicklatex-format.css?ver=5.7.2
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
4063f3cf2ee2dcc8f7bfda33ca4d43c43b6acbc5b6d52c5352ef6791b3d5ef02

Request headers

:path
/wp-content/plugins/wp-quicklatex/css/quicklatex-format.css?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Wed, 27 Nov 2019 08:53:50 GMT
server
nginx
etag
W/"5dde399e-883"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
all.min.css
blog.truesec.com/wp-content/plugins/atomic-blocks/dist/assets/fontawesome/css/ 		46 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-content/plugins/atomic-blocks/dist/assets/fontawesome/css/all.min.css?ver=1604933574
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

:path
/wp-content/plugins/atomic-blocks/dist/assets/fontawesome/css/all.min.css?ver=1604933574
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Mon, 09 Nov 2020 14:52:54 GMT
server
nginx
etag
W/"5fa957c6-b752"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
blog.truesec.com/wp-includes/css/dist/block-library/ 		57 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Tue, 06 Apr 2021 23:50:28 GMT
server
nginx
etag
W/"606cf3c4-e33b"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
blocks.style.build.css
blog.truesec.com/wp-content/plugins/atomic-blocks/dist/ 		44 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-content/plugins/atomic-blocks/dist/blocks.style.build.css?ver=1604933574
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
7aea74fa8de4d5a91fd7de7396b304a6e180d6395b8662e2932092d7138a40ed

Request headers

:path
/wp-content/plugins/atomic-blocks/dist/blocks.style.build.css?ver=1604933574
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Mon, 09 Nov 2020 14:52:54 GMT
server
nginx
etag
W/"5fa957c6-af72"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
blocks.style.build.css
blog.truesec.com/wp-content/plugins/metronet-profile-picture/dist/ 		27 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css?ver=2.6.0
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
cd00c79e4bbf06794b0851af6b891c002601933c8b9d0cef5bf18427c62c699c

Request headers

:path
/wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css?ver=2.6.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Wed, 30 Jun 2021 11:18:23 GMT
server
nginx
etag
W/"60dc52ff-6c70"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
sfsi-style.css
blog.truesec.com/wp-content/plugins/Ultimate-Premium-Plugin/css/ 		93 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-content/plugins/Ultimate-Premium-Plugin/css/sfsi-style.css?ver=5.7.2
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5940e4319dfebdb10c4ddbed233722577beabecf6090a327402980dcd5e20265

Request headers

:path
/wp-content/plugins/Ultimate-Premium-Plugin/css/sfsi-style.css?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Fri, 02 Jul 2021 08:48:05 GMT
server
nginx
etag
W/"60ded2c5-1738a"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
blocks.style.build.min.css
blog.truesec.com/wp-content/plugins/wp-codemirror-block/assets/blocks/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-content/plugins/wp-codemirror-block/assets/blocks/blocks.style.build.min.css?ver=1586168403
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
4977e892ec278eac9b3d1820edbda8b9b3c2c2de73181f657097ebf89e65b804

Request headers

:path
/wp-content/plugins/wp-codemirror-block/assets/blocks/blocks.style.build.min.css?ver=1586168403
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Mon, 06 Apr 2020 10:20:03 GMT
server
nginx
etag
W/"5e8b0253-26e7"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
blog.truesec.com/wp-content/themes/twentytwenty/ 		124 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-content/themes/twentytwenty/style.css?ver=5.7.2
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e7bd72a704bfd5821e9006a496b971af6d41738c06d58fb90d206d46cd95ddea

Request headers

:path
/wp-content/themes/twentytwenty/style.css?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Mon, 06 Apr 2020 09:22:25 GMT
server
nginx
etag
W/"5e8af4d1-1f084"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
blog.truesec.com/wp-content/themes/twentytwenty-child/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-content/themes/twentytwenty-child/style.css?ver=1.0.0
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
a716372d21cd29a7859299821e3c24707ac260bcafc24328f3bc5af7674311d5

Request headers

:path
/wp-content/themes/twentytwenty-child/style.css?ver=1.0.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Wed, 20 May 2020 12:51:37 GMT
server
nginx
etag
W/"5ec527d9-1f3d"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js
blog.truesec.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Wed, 07 Oct 2020 16:33:25 GMT
server
nginx
etag
W/"5f7dedd5-15d98"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-migrate.min.js
blog.truesec.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
etag
W/"5fb4e3fe-2bd8"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
gtm4wp-form-move-tracker.js
blog.truesec.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 		2 KB
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.13.1
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
dfbdff6c9f2de2d75edb5ae49d26a9c0af81801b17de08739e32b738ef23058e

Request headers

:path
/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.13.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Thu, 29 Jul 2021 09:51:27 GMT
server
nginx
etag
W/"61027a1f-600"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
index.js
blog.truesec.com/wp-content/themes/twentytwenty/assets/js/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-content/themes/twentytwenty/assets/js/index.js?ver=1.0.0
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
d8c5d7e0d56720864abaa8eca08063553ccf883774f999ab9cfe24fde5650389

Request headers

:path
/wp-content/themes/twentytwenty/assets/js/index.js?ver=1.0.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Mon, 06 Apr 2020 09:22:25 GMT
server
nginx
etag
W/"5e8af4d1-6236"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-quicklatex-frontend.js
blog.truesec.com/wp-content/plugins/wp-quicklatex/js/ 		619 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-content/plugins/wp-quicklatex/js/wp-quicklatex-frontend.js?ver=1.0
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e7b9e73338554c8f9cc6dc934fc765f21b7f12b42c3908b07347dfb5fb90f165

Request headers

:path
/wp-content/plugins/wp-quicklatex/js/wp-quicklatex-frontend.js?ver=1.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Wed, 27 Nov 2019 08:53:50 GMT
server
nginx
etag
W/"5dde399e-26b"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
TRUESEC_logo_blog.png
blog.truesec.com/wp-content/uploads/2021/05/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.truesec.com/wp-content/uploads/2021/05/TRUESEC_logo_blog.png
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
4cc8ca906a40312c92787fe981121171563e43dce2cd5f162202764cb1609ee4

Request headers

:path
/wp-content/uploads/2021/05/TRUESEC_logo_blog.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
last-modified
Thu, 27 May 2021 09:32:43 GMT
server
nginx
etag
"60af673b-2a51"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10833
DSC2140-Copy-96x96.jpg
blog.truesec.com/wp-content/uploads/2020/02/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.truesec.com/wp-content/uploads/2020/02/DSC2140-Copy-96x96.jpg
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
f86ddfc98ddfaacfe279163aabb76c504aee1cfd13508665f6ea99c8e5a32cb2

Request headers

:path
/wp-content/uploads/2020/02/DSC2140-Copy-96x96.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
last-modified
Sat, 02 May 2020 22:40:27 GMT
server
nginx
etag
"5eadf6db-430a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
17162
flat_fb.png
blog.truesec.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/flat/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.truesec.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/flat/flat_fb.png
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5f8455356bb6a6bafbae2afd220fdf2782dc10fd5f89a40aafe44286feda2106

Request headers

:path
/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/flat/flat_fb.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
last-modified
Fri, 02 Jul 2021 08:48:05 GMT
server
nginx
etag
"60ded2c5-66d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1645
flat_twitter.png
blog.truesec.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/flat/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.truesec.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/flat/flat_twitter.png
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
27ba034e023fef42aaa5acc8a4fa8106d68e245b3037e809f8200cd6121976f4

Request headers

:path
/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/flat/flat_twitter.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
last-modified
Fri, 02 Jul 2021 08:48:05 GMT
server
nginx
etag
"60ded2c5-66b"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1643
flat_linkedin.png
blog.truesec.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/flat/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.truesec.com/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/flat/flat_linkedin.png
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
0a0b552e836f6929eef730e52b468f7c59db0b1dff72adacc03e7a05ce984479

Request headers

:path
/wp-content/plugins/Ultimate-Premium-Plugin/images/icons_theme/flat/flat_linkedin.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
last-modified
Fri, 02 Jul 2021 08:48:05 GMT
server
nginx
etag
"60ded2c5-720"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1824
truesec-logo-white.png
blog.truesec.com/wp-content/themes/twentytwenty-child/assets/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.truesec.com/wp-content/themes/twentytwenty-child/assets/images/truesec-logo-white.png
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
13fca066ac881b1b4d4b82a54f8916e4f0c5149130d9c017e41a792d88c442c7

Request headers

:path
/wp-content/themes/twentytwenty-child/assets/images/truesec-logo-white.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
last-modified
Thu, 27 May 2021 09:34:34 GMT
server
nginx
etag
"60af67aa-19b8"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
6584
wp-emoji-release.min.js
blog.truesec.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
etag
W/"5ff5d754-3795"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
print.css
blog.truesec.com/wp-content/themes/twentytwenty/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-content/themes/twentytwenty/print.css?ver=1.0.0
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
2193af07e37734d3adce890f316c5b226dae4f270d274107287748d40fb4a84b

Request headers

:path
/wp-content/themes/twentytwenty/print.css?ver=1.0.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Mon, 06 Apr 2020 09:22:25 GMT
server
nginx
etag
W/"5e8af4d1-ab3"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
mpp-frontend.js
blog.truesec.com/wp-content/plugins/metronet-profile-picture/js/ 		331 B
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.6.0
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
b695f4e09490004246d228e02338f9d3c4591273e1f35bb0ebe63607c860e608

Request headers

:path
/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.6.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Wed, 30 Jun 2021 11:18:23 GMT
server
nginx
etag
W/"60dc52ff-14b"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
core.min.js
blog.truesec.com/wp-includes/js/jquery/ui/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

:path
/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Thu, 25 Mar 2021 20:02:19 GMT
server
nginx
etag
W/"605cec4b-5133"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
modernizr.custom.min.js
blog.truesec.com/wp-content/plugins/Ultimate-Premium-Plugin/js/shuffle/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-content/plugins/Ultimate-Premium-Plugin/js/shuffle/modernizr.custom.min.js?ver=5.7.2
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
27d5fb7155f99ca0f201d48485fba200c34c6ecd333d89a2f80f399efad21eb5

Request headers

:path
/wp-content/plugins/Ultimate-Premium-Plugin/js/shuffle/modernizr.custom.min.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Fri, 02 Jul 2021 08:48:05 GMT
server
nginx
etag
W/"60ded2c5-c0f"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.shuffle.min.js
blog.truesec.com/wp-content/plugins/Ultimate-Premium-Plugin/js/shuffle/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-content/plugins/Ultimate-Premium-Plugin/js/shuffle/jquery.shuffle.min.js?ver=5.7.2
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
2051ec367c1be61480b94686061b4ecfe4365aa872b41f80cd208afb2602945a

Request headers

:path
/wp-content/plugins/Ultimate-Premium-Plugin/js/shuffle/jquery.shuffle.min.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Fri, 02 Jul 2021 08:48:05 GMT
server
nginx
etag
W/"60ded2c5-2f6d"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
random-shuffle-min.js
blog.truesec.com/wp-content/plugins/Ultimate-Premium-Plugin/js/shuffle/ 		1 KB
928 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-content/plugins/Ultimate-Premium-Plugin/js/shuffle/random-shuffle-min.js?ver=5.7.2
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
30aa763639b91cec13bafb4649a956320321316e82f39205a9e948a6392cf8de

Request headers

:path
/wp-content/plugins/Ultimate-Premium-Plugin/js/shuffle/random-shuffle-min.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Fri, 02 Jul 2021 08:48:05 GMT
server
nginx
etag
W/"60ded2c5-5e3"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
custom.js
blog.truesec.com/wp-content/plugins/Ultimate-Premium-Plugin/js/ 		84 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-content/plugins/Ultimate-Premium-Plugin/js/custom.js?ver=5.7.2
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
b5ae2d03397cd6815c56c712a503b4a34da53f8d675310d327ea5a0faafbf467

Request headers

:path
/wp-content/plugins/Ultimate-Premium-Plugin/js/custom.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Fri, 02 Jul 2021 08:48:05 GMT
server
nginx
etag
W/"60ded2c5-14f51"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
dismiss.js
blog.truesec.com/wp-content/plugins/atomic-blocks/dist/assets/js/ 		923 B
662 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-content/plugins/atomic-blocks/dist/assets/js/dismiss.js?ver=1604933574
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
91690ac97c038313496895a305a808da41d7702f5568ebc6b34a4c3cdd549961

Request headers

:path
/wp-content/plugins/atomic-blocks/dist/assets/js/dismiss.js?ver=1604933574
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Mon, 09 Nov 2020 14:52:54 GMT
server
nginx
etag
W/"5fa957c6-39b"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-embed.min.js
blog.truesec.com/wp-includes/js/ 		1 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-includes/js/wp-embed.min.js?ver=5.7.2
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
etag
W/"5ff5d754-592"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		8 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:300,400,500,600,700&display=swap
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/wp-content/themes/twentytwenty-child/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
be2485c255f536a3de23ee51df7d32cf4677ba4303f53e6f76e2acdf9146fea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blog.truesec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 14:40:55 GMT
server
ESF
date
Wed, 18 Aug 2021 14:40:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Aug 2021 14:40:55 GMT
css
fonts.googleapis.com/ 		5 KB
558 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli:300,400,500,600,700&display=swap
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/wp-content/themes/twentytwenty-child/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c05e6d7abb45cd66e5086de2e13ac8968944a0ff4e0b4fee94bba41b22d79c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blog.truesec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 14:40:55 GMT
server
ESF
date
Wed, 18 Aug 2021 14:40:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Aug 2021 14:40:55 GMT
gtm.js
www.googletagmanager.com/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M5HQP86
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4637bff376d230e2bdfe46ceb4cc470778921446c28201d2a25262dd8fe9b072
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://blog.truesec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36871
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 18 Aug 2021 14:40:55 GMT
AdobeStock_263959295-1-1200x826.jpeg
blog.truesec.com/wp-content/uploads/2021/07/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.truesec.com/wp-content/uploads/2021/07/AdobeStock_263959295-1-1200x826.jpeg
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
2f12912697e61e868fff10b2e2ea33277192a38b8a3eec4cdd1fdb0e71f04f78

Request headers

:path
/wp-content/uploads/2021/07/AdobeStock_263959295-1-1200x826.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
last-modified
Mon, 05 Jul 2021 14:37:52 GMT
server
nginx
etag
"60e31940-29839"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
170041
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:300,400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://blog.truesec.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 13:52:14 GMT
x-content-type-options
nosniff
age
89321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31120
x-xss-protection
0
last-modified
Wed, 15 Jul 2020 20:50:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 13:52:14 GMT
Inter-upright-var.woff2
blog.truesec.com/wp-content/themes/twentytwenty/assets/fonts/inter/ 		219 KB
219 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blog.truesec.com/wp-content/themes/twentytwenty/assets/fonts/inter/Inter-upright-var.woff2
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/wp-content/themes/twentytwenty/style.css?ver=5.7.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e03c2df7ef439d2708bbc168a21c0a00da63e5664d286120c994c39644addd03

Request headers

:path
/wp-content/themes/twentytwenty/assets/fonts/inter/Inter-upright-var.woff2
pragma
no-cache
origin
https://blog.truesec.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
blog.truesec.com
referer
https://blog.truesec.com/wp-content/themes/twentytwenty/style.css?ver=5.7.2
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://blog.truesec.com
Referer
https://blog.truesec.com/wp-content/themes/twentytwenty/style.css?ver=5.7.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
last-modified
Mon, 06 Apr 2020 09:22:25 GMT
server
nginx
etag
"5e8af4d1-36a94"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
223892
truncated
/ 		808 B
808 B 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e82505b30144c1df925f9e2b41576a1126a9168e5a2d7f4913f6304763dcdc8

Request headers

Origin
https://blog.truesec.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-overview-2-1024x537.png
blog.truesec.com/wp-content/uploads/2021/07/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.truesec.com/wp-content/uploads/2021/07/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-overview-2-1024x537.png
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
d0967eef041cb10536fef0e7f0ce9451025489a1010b63c4262ac71db33ef2c1

Request headers

:path
/wp-content/uploads/2021/07/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-overview-2-1024x537.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
last-modified
Thu, 08 Jul 2021 13:15:24 GMT
server
nginx
etag
"60e6fa6c-1b7bf"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
112575
kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-chain-3-1024x557.png
blog.truesec.com/wp-content/uploads/2021/07/ 		160 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.truesec.com/wp-content/uploads/2021/07/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-chain-3-1024x557.png
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
48e0170c39f711d1c78180fa186176c373049b2b5fd4d919532d1351d1979136

Request headers

:path
/wp-content/uploads/2021/07/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-chain-3-1024x557.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
last-modified
Thu, 08 Jul 2021 13:14:39 GMT
server
nginx
etag
"60e6fa3f-28159"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
164185
kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-wireshark4-2.png
blog.truesec.com/wp-content/uploads/2021/07/ 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.truesec.com/wp-content/uploads/2021/07/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-wireshark4-2.png
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.113.171 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.113.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
912b5fe302f9b30f77d29727345f787a6fccd08f7abb8883503d4749d056cbb8

Request headers

:path
/wp-content/uploads/2021/07/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-wireshark4-2.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blog.truesec.com
referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 14:40:55 GMT
last-modified
Thu, 08 Jul 2021 13:13:52 GMT
server
nginx
etag
"60e6fa10-1be48"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
114248
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,500,600,700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://blog.truesec.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 01:45:28 GMT
x-content-type-options
nosniff
age
132927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:40:30 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 01:45:28 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5HQP86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.truesec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3861
date
Wed, 18 Aug 2021 13:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 18 Aug 2021 15:36:34 GMT
lftracker_v1_bElvO73RJyK8ZMqj.js
sc.lfeeder.com/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.lfeeder.com/lftracker_v1_bElvO73RJyK8ZMqj.js
Requested by
Host: blog.truesec.com
URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3e00:1f:f723:6fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c88cc228e7504af3e6d8b2a371b28a68bc47024537bc6f58925e29cbf82d4cc7

Request headers

Referer
https://blog.truesec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
rXJt8l9XNjJ7laQW4liJ1Ebjl4CE75WB
content-encoding
gzip
last-modified
Fri, 25 Jun 2021 09:50:10 GMT
server
AmazonS3
age
1949
etag
W/"8c7ae8df4efe8571e7e35aa40d0b72c6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Wed, 18 Aug 2021 14:08:27 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
LrnywCeDN6ZMDZe7vLIlBMT8d8gm3n3PJtJAkHYNEulHnhn7AvcrfQ==
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1503196336&t=pageview&_s=1&dl=https%3A%2F%2Fblog.truesec.com%2F2021%2F07%2F04%2Fkaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware%2F&ul=en-us&de=UTF-8&dt=Kaseya%20supply%20chain%20attack%20targeting%20MSPs%20to%20deliver%20REvil%20ransomware%20-%20TRUESEC%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=845439228&gjid=102164188&cid=409009781.1629297656&tid=UA-10378001-53&_gid=431111699.1629297656&_r=1&gtm=2wg8g0M5HQP86&z=480176476
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.truesec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 14:40:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.truesec.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
186069134d483966274921a88b225458ba56902314f389b82e27a65735650cf1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| Popper object| bootstrap string| gtm4wp_datalayer_name object| dataLayer object| _wpemojiSettings object| dataLayer_content function| sfsi_plus_align_icons_center_orientation function| sfsi_plus_processfurther string| __limit function| sfsi_plus_setCookie function| sfsi_plus_getCookie function| sfsi_plus_eraseCookie function| sfsi_plusGetCurrentUTCTimestamp function| sfsi_plusGetCurrentTimestamp function| sfsi_plus_is_null_or_undefined number| __popTime function| sfsi_plusShallShowPopup function| sfsi_plus_hidemypopup function| atomicBlocksShare object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| ldfdr object| gaplugins object| gaGlobal object| gaData object| sfsi_premium_Modernizr function| Manipulator object| sfsi_premium_ajax_object object| twentytwenty function| twentytwentyDomReady function| twentytwentyToggleAttribute function| twentytwentyMenuToggle function| twentytwentyFindParents boolean| __discoverInitialized function| SFSI function| sfsi_premium_getUrlVars function| sfsiplus_showErrorSuc function| sfsiplus_beForeLoad function| sfsi_plus_make_popBox function| sfsi_plus_stick_widget function| sfsi_plus_float_widget function| sfsi_plus_shuffle function| sfsi_plus_shuffle_new function| sfsiplus_Shuffle function| sfsi_plus_hideFooter number| global_error function| sfsi_plus_update_iconcount function| sfsi_plus_changeIconWidth function| sfsi_plus_new_window_popup object| sfsiplus_initTop function| sfsi_hover_icon_handler function| force_initialize_fb_icons function| sfsi_premium_wechat_follow function| close_overlay function| sfsi_premium_wechat_share function| sfsi_premium_wechat_share_mobile function| sfsi_copy_text_parent_input function| sfsi_premium_fitText function| sfsi_premium_resize_icons_container function| escapeDoubleQuotes function| sfsi_premium_pinterest_modal_images function| sfsi_premium_pinterest_modal function| sfsi_premium_pinterest_absolute boolean| sfsi_premium_fittext_shouldDisplay object| wp object| twemoji

3 Cookies

Domain/Path Name / Value
.truesec.com/ Name: _gid
Value: GA1.2.431111699.1629297656
.truesec.com/ Name: _gat_UA-10378001-53
Value: 1
.truesec.com/ Name: _ga
Value: GA1.2.409009781.1629297656

2 Console Messages

Source Level URL
Text
console-api log URL: https://blog.truesec.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://blog.truesec.com/wp-content/plugins/Ultimate-Premium-Plugin/js/shuffle/random-shuffle-min.js?ver=5.7.2(Line 1)
Message:
random premium

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.truesec.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
sc.lfeeder.com
www.google-analytics.com
www.googletagmanager.com
104.199.113.171
2001:4de0:ac18::1:a:1b
2600:9000:2156:3e00:1f:f723:6fc0:93a1
2606:4700::6810:125e
2606:4700::6812:acf
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:828::2008
2a00:1450:4001:829::200a
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0a0b552e836f6929eef730e52b468f7c59db0b1dff72adacc03e7a05ce984479
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0e82505b30144c1df925f9e2b41576a1126a9168e5a2d7f4913f6304763dcdc8
13fca066ac881b1b4d4b82a54f8916e4f0c5149130d9c017e41a792d88c442c7
186069134d483966274921a88b225458ba56902314f389b82e27a65735650cf1
1c05e6d7abb45cd66e5086de2e13ac8968944a0ff4e0b4fee94bba41b22d79c5
2051ec367c1be61480b94686061b4ecfe4365aa872b41f80cd208afb2602945a
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
2193af07e37734d3adce890f316c5b226dae4f270d274107287748d40fb4a84b
27ba034e023fef42aaa5acc8a4fa8106d68e245b3037e809f8200cd6121976f4
27d5fb7155f99ca0f201d48485fba200c34c6ecd333d89a2f80f399efad21eb5
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2f12912697e61e868fff10b2e2ea33277192a38b8a3eec4cdd1fdb0e71f04f78
30aa763639b91cec13bafb4649a956320321316e82f39205a9e948a6392cf8de
4063f3cf2ee2dcc8f7bfda33ca4d43c43b6acbc5b6d52c5352ef6791b3d5ef02
421295fe0f85dce7569d0c867f5c7db92ee68a9b7281e70903f963f95a5c920e
4637bff376d230e2bdfe46ceb4cc470778921446c28201d2a25262dd8fe9b072
48e0170c39f711d1c78180fa186176c373049b2b5fd4d919532d1351d1979136
4977e892ec278eac9b3d1820edbda8b9b3c2c2de73181f657097ebf89e65b804
4cc8ca906a40312c92787fe981121171563e43dce2cd5f162202764cb1609ee4
5940e4319dfebdb10c4ddbed233722577beabecf6090a327402980dcd5e20265
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5f8455356bb6a6bafbae2afd220fdf2782dc10fd5f89a40aafe44286feda2106
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7aea74fa8de4d5a91fd7de7396b304a6e180d6395b8662e2932092d7138a40ed
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
912b5fe302f9b30f77d29727345f787a6fccd08f7abb8883503d4749d056cbb8
91690ac97c038313496895a305a808da41d7702f5568ebc6b34a4c3cdd549961
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a716372d21cd29a7859299821e3c24707ac260bcafc24328f3bc5af7674311d5
b5ae2d03397cd6815c56c712a503b4a34da53f8d675310d327ea5a0faafbf467
b695f4e09490004246d228e02338f9d3c4591273e1f35bb0ebe63607c860e608
be2485c255f536a3de23ee51df7d32cf4677ba4303f53e6f76e2acdf9146fea7
c88cc228e7504af3e6d8b2a371b28a68bc47024537bc6f58925e29cbf82d4cc7
cd00c79e4bbf06794b0851af6b891c002601933c8b9d0cef5bf18427c62c699c
d0967eef041cb10536fef0e7f0ce9451025489a1010b63c4262ac71db33ef2c1
d8c5d7e0d56720864abaa8eca08063553ccf883774f999ab9cfe24fde5650389
dfbdff6c9f2de2d75edb5ae49d26a9c0af81801b17de08739e32b738ef23058e
e03c2df7ef439d2708bbc168a21c0a00da63e5664d286120c994c39644addd03
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e7b9e73338554c8f9cc6dc934fc765f21b7f12b42c3908b07347dfb5fb90f165
e7bd72a704bfd5821e9006a496b971af6d41738c06d58fb90d206d46cd95ddea
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f86ddfc98ddfaacfe279163aabb76c504aee1cfd13508665f6ea99c8e5a32cb2