urlscan.io logo urlscan.io
SecurityTrails logo

blog.isms.support Open in urlscan Pro
2a00:1450:4001:829::2013  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://defense-inside.outlookers.com/
Effective URL: https://blog.isms.support/2023/05/defense-inside.html
Submission: On May 06 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 40 HTTP transactions. The main IP is 2a00:1450:4001:829::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is blog.isms.support.
TLS certificate: Issued by GTS CA 1D4 on May 1st 2023. Valid for: 3 months.
This is the only time blog.isms.support was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

7    2a00:1450:4001:829::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
defense-inside.outlookers.com
blog.isms.support
4    2a00:1450:4001:80e::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
dzinebloggertemplate.disqus.com
5    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    151.101.0.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
7    2600:9000:2057:1c00:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.disquscdn.com
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    18.155.145.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-145-88.ham50.r.cloudfront.net
cdn.viglink.com
1    199.232.192.134 (United States)

ASN54113 (FASTLY, US)
referrer.disqus.com
3    199.232.196.64 (United States)

ASN54113 (FASTLY, US)
links.services.disqus.com
Apex Domain
Subdomains		 Transfer
8 disqus.com
dzinebloggertemplate.disqus.com
disqus.com — Cisco Umbrella Rank: 1150
referrer.disqus.com — Cisco Umbrella Rank: 7271
links.services.disqus.com — Cisco Umbrella Rank: 14245
53 KB
7 disquscdn.com
c.disquscdn.com — Cisco Umbrella Rank: 5038
283 KB
6 isms.support
blog.isms.support
131 KB
5 gstatic.com
fonts.gstatic.com
125 KB
4 blogger.com
www.blogger.com — Cisco Umbrella Rank: 9522
162 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
ajax.googleapis.com — Cisco Umbrella Rank: 328
36 KB
2 viglink.com
cdn.viglink.com — Cisco Umbrella Rank: 9031
794 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 150
88 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 793
70 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
1 outlookers.com
defense-inside.outlookers.com
148 B
40 11
Domain Requested by
7 c.disquscdn.com disqus.com
c.disquscdn.com
dzinebloggertemplate.disqus.com
6 blog.isms.support blog.isms.support
ajax.googleapis.com
5 fonts.gstatic.com fonts.googleapis.com
4 www.blogger.com blog.isms.support
3 links.services.disqus.com c.disquscdn.com
3 disqus.com dzinebloggertemplate.disqus.com
c.disquscdn.com
2 cdn.viglink.com
2 connect.facebook.net blog.isms.support
connect.facebook.net
2 maxcdn.bootstrapcdn.com blog.isms.support
maxcdn.bootstrapcdn.com
2 fonts.googleapis.com blog.isms.support
client
1 referrer.disqus.com
1 www.facebook.com connect.facebook.net
1 dzinebloggertemplate.disqus.com blog.isms.support
1 ajax.googleapis.com blog.isms.support
1 defense-inside.outlookers.com 1 redirects
40 15

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.soratemplates.com
www.blogger.com
Subject Issuer Validity Valid
blog.isms.support
GTS CA 1D4		 2023-05-01 -
2023-07-30		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-12 -
2023-05-13		 3 months crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-13 -
2024-04-20		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
a.disquscdn.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-10-29		 8 months crt.sh
viglink.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-11-11		 9 months crt.sh
*.services.disqus.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-04 -
2023-12-06		 a year crt.sh

This page contains 5 frames:

Primary Page: https://blog.isms.support/2023/05/defense-inside.html
Frame ID: 99FDF23FCB6A590C4233157F790F3750
Requests: 28 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=dzinebloggertemplate&t_u=https%3A%2F%2Fblog.isms.support%2F2023%2F05%2Fdefense-inside.html&t_d=%EA%B5%AD%EB%82%B4%20%EC%A0%95%EC%B9%98%2C%EC%96%B8%EB%A1%A0%20%EB%93%B1%20-%20%EA%B8%B0%EC%97%85%20%EB%B3%B4%EC%95%88%20Know-Where&t_t=%EA%B5%AD%EB%82%B4%20%EC%A0%95%EC%B9%98%2C%EC%96%B8%EB%A1%A0%20%EB%93%B1%20-%20%EA%B8%B0%EC%97%85%20%EB%B3%B4%EC%95%88%20Know-Where&s_o=default
Frame ID: 33FCF5A2DD4FCD77262E2D96F664422E
Requests: 10 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2600c63b7e1df4%26domain%3Dblog.isms.support%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.isms.support%252Ff3da7f124a3a224%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=https%3A%2F%2Fblog.isms.support%2F2023%2F05%2Fdefense-inside.html&locale=en_US&numposts=5&sdk=joey&version=v2.0&width=
Frame ID: FB51FC1FCAEE0D557E366D8EF28585E2
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: 191D0137C32A6C9250E15C709B4B74F2
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: 627BBDB28FDEFC53E3D045DC99F0F1B5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

국내 정치,언론 등 - 기업 보안 Know-Where

Page URL History Show full URLs

  1. https://defense-inside.outlookers.com/ HTTP 302
    https://blog.isms.support/2023/05/defense-inside.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

100 %
HTTPS

64 %
IPv6

11
Domains

15
Subdomains

15
IPs

2
Countries

949 kB
Transfer

2862 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://defense-inside.outlookers.com/ HTTP 302
    https://blog.isms.support/2023/05/defense-inside.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request defense-inside.html
blog.isms.support/2023/05/
Redirect Chain
  • https://defense-inside.outlookers.com/
  • https://blog.isms.support/2023/05/defense-inside.html
265 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blog.isms.support/2023/05/defense-inside.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c623b598e9a1316aaeffef583ec66acb68a22c904912a9c13c17034b858e040b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
39198
content-type
text/html; charset=UTF-8
date
Sat, 06 May 2023 02:11:28 GMT
etag
W/"5596915330ddbdd43a64d028f252448b6287e344cf390495d8b9d31c338d9985"
expires
Sat, 06 May 2023 02:11:28 GMT
last-modified
Sat, 06 May 2023 02:11:05 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

content-length
250
content-type
text/html; charset=UTF-8
date
Sat, 06 May 2023 02:11:28 GMT
location
https://blog.isms.support/2023/05/defense-inside.html
server
ghs
x-frame-options
SAMEORIGIN
x-xss-protection
0
3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
Requested by
Host: blog.isms.support
URL: https://blog.isms.support/2023/05/defense-inside.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.isms.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 10:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54803
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7756
x-xss-protection
0
last-modified
Thu, 04 May 2023 20:52:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sat, 04 May 2024 10:58:06 GMT
css
fonts.googleapis.com/ 		27 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:400,700,500,700italic,500italic,400italic|Open+Sans:400,700,700italic,400italic
Requested by
Host: blog.isms.support
URL: https://blog.isms.support/2023/05/defense-inside.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6d31c2c635d9600a46bdfa72d76b500153fb464278c8464d074e343526a67b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.isms.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 May 2023 02:11:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 May 2023 02:11:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 May 2023 02:11:28 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Requested by
Host: blog.isms.support
URL: https://blog.isms.support/2023/05/defense-inside.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.isms.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 02:11:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
718
age
9788526
cdn-cachedat
11/29/2022 01:44:14
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"0831cba6a670e405168b84aa20798347"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
ef9ffecc01e87d0916e00062c24f9f3b
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7c2db15a3cb42c36-FRA
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: blog.isms.support
URL: https://blog.isms.support/2023/05/defense-inside.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.isms.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 14:40:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
559838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33576
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 14:40:50 GMT
cookienotice.js
blog.isms.support/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.isms.support/js/cookienotice.js
Requested by
Host: blog.isms.support
URL: https://blog.isms.support/2023/05/defense-inside.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.isms.support/2023/05/defense-inside.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 02:11:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 May 2023 11:52:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sat, 13 May 2023 02:11:29 GMT
3104864162-widgets.js
www.blogger.com/static/v1/widgets/ 		153 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3104864162-widgets.js
Requested by
Host: blog.isms.support
URL: https://blog.isms.support/2023/05/defense-inside.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3516a89cf06a22f1a3709b993862119a469fc4937b2d4dfa7e7700394780ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.isms.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 23:06:23 GMT
x-content-type-options
nosniff
age
183906
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
156895
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 20:56:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 02 May 2024 23:06:23 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=907467164578436294&zx=f0bd0155-959b-426c-851d-44efcae44f80
Requested by
Host: blog.isms.support
URL: https://blog.isms.support/2023/05/defense-inside.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.isms.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Sat, 06 May 2023 02:11:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 06 May 2023 02:11:29 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: blog.isms.support
URL: https://blog.isms.support/2023/05/defense-inside.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
501dba1d890959ed8b3cfb8816a2dd4cbc9fc99e04ba6dc4db01bdce5a605abd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.isms.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 06 May 2023 02:11:29 GMT
content-md5
pafRF2qVhsBZWbdjWrjYQg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
8ad02Wk+ntUbng73zCrtVIuA/FbMXYY5UPcBq/dcQ/vjsmoyOnMeLCyZ19FS4/w3U1XqSK6evMRFqpFE6d6rtw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
1e567f9fe9da25dc99467580e6a3d2f7
cross-origin-opener-policy
same-origin-allow-popups
etag
"e93b92e167c8d64cc0600ea11afd38bd"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Sat, 06 May 2023 02:17:23 GMT
embed.js
dzinebloggertemplate.disqus.com/ 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dzinebloggertemplate.disqus.com/embed.js
Requested by
Host: blog.isms.support
URL: https://blog.isms.support/2023/05/defense-inside.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
003a6b752a8c2a6a3e7dcfb87bd78511c2d0a4878b09cb2fc714fb7f24fa0f6e
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.isms.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sat, 06 May 2023 02:11:29 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=300; includeSubdomains
Server
openresty
Age
64
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
25396
Defense
blog.isms.support/feeds/posts/default/-/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blog.isms.support/feeds/posts/default/-/Defense?alt=json-in-script&max-results=3&callback=jQuery1110032499306457519683_1683339089090&_=1683339089091
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
215a45e622fcb87b561c7d7baeecf491ee0e67faba388077e8d7b3be81998a91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://blog.isms.support/2023/05/defense-inside.html
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 02:11:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 06 May 2023 02:11:05 GMT
server
blogger-renderd
etag
W/"fe5fe78e7f983e35f79241bf5893fdc85af1f66fc651ad8bfe1441abaab9d9a5"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
1334
x-xss-protection
0
expires
Sat, 06 May 2023 02:11:30 GMT
none
blog.isms.support/2023/05/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.isms.support/2023/05/none
Requested by
Host: blog.isms.support
URL: https://blog.isms.support/2023/05/defense-inside.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
38f98b8a551d3ad9cda63b36f9f97ad541d2eda26f38d4fb7e4f1b989f1ac9fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.isms.support/2023/05/defense-inside.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 May 2023 02:11:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
38749
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:400,700,500,700italic,500italic,400italic|Open+Sans:400,700,700italic,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.isms.support
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 17:26:02 GMT
x-content-type-options
nosniff
age
290727
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 May 2024 17:26:02 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:400,700,500,700italic,500italic,400italic|Open+Sans:400,700,700italic,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.isms.support
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 18:31:37 GMT
x-content-type-options
nosniff
age
545992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 18:31:37 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:400,700,500,700italic,500italic,400italic|Open+Sans:400,700,700italic,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.isms.support
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 18:58:23 GMT
x-content-type-options
nosniff
age
544386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 18:58:23 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin
https://blog.isms.support
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 02:11:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
1047
cdn-cachedat
05/03/2023 13:34:35
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64464
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
"4b5a84aaf1c9485e060c503a0ff8cadb"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
e1ecbe349da1d0a87bfd799fcc70afa1
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7c2db15b5de35c6e-FRA
cdn-requestpullsuccess
True
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:400,700,500,700italic,500italic,400italic|Open+Sans:400,700,700italic,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.isms.support
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:10:15 GMT
x-content-type-options
nosniff
age
590474
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 06:10:15 GMT
defense-inside.html
blog.isms.support/2023/05/ 		265 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blog.isms.support/2023/05/defense-inside.html
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c623b598e9a1316aaeffef583ec66acb68a22c904912a9c13c17034b858e040b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
https://blog.isms.support/2023/05/defense-inside.html
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 02:11:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 06 May 2023 02:11:05 GMT
server
GSE
etag
W/"5596915330ddbdd43a64d028f252448b6287e344cf390495d8b9d31c338d9985"
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0
content-length
39198
x-xss-protection
1; mode=block
expires
Sat, 06 May 2023 02:11:29 GMT
defense-outside.html
blog.isms.support/2023/05/ 		266 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blog.isms.support/2023/05/defense-outside.html
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5af1cf2c128b3970da967a4466da6b504e226e67f92dd3f8c70ef083fd2d43b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
https://blog.isms.support/2023/05/defense-inside.html
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 02:11:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 06 May 2023 02:11:05 GMT
server
GSE
etag
W/"5596915330ddbdd43a64d028f252448b6287e344cf390495d8b9d31c338d9985"
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0
content-length
39187
x-xss-protection
1; mode=block
expires
Sat, 06 May 2023 02:11:29 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Roboto:400,700,500,700italic,500italic,400italic|Open+Sans:400,700,700italic,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.isms.support
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:22:44 GMT
x-content-type-options
nosniff
age
589725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 06:22:44 GMT
sdk.js
connect.facebook.net/en_US/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=9738396a97a706651dab2aa1d4a0dd4f
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a6da7901c48b63163c72d62cb98c07e6ed3f9f45dad4d06f4c3b66971896ac2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://blog.isms.support/
Origin
https://blog.isms.support
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 06 May 2023 02:11:29 GMT
content-md5
i61zib/5OgUN9C88iq7S7A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87182
x-fb-rlafr
0
x-fb-debug
+N+DBkyXPswRxyoX6JVH5E9Cf8ze6+SjU/DUhmfpIN/SWB3FT16MeZnEmtbLLomyUjv91/gfrrSwBN1lJ1RnAA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
dbd69d7b638e48a0cf2b1f6ff591929f
cross-origin-opener-policy
same-origin-allow-popups
etag
"9db02c7ddbf332ce090cf43c9c3b5ad6"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sat, 04 May 2024 23:27:43 GMT
/
disqus.com/embed/comments/ Frame 33FC 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/embed/comments/?base=default&f=dzinebloggertemplate&t_u=https%3A%2F%2Fblog.isms.support%2F2023%2F05%2Fdefense-inside.html&t_d=%EA%B5%AD%EB%82%B4%20%EC%A0%95%EC%B9%98%2C%EC%96%B8%EB%A1%A0%20%EB%93%B1%20-%20%EA%B8%B0%EC%97%85%20%EB%B3%B4%EC%95%88%20Know-Where&t_t=%EA%B5%AD%EB%82%B4%20%EC%A0%95%EC%B9%98%2C%EC%96%B8%EB%A1%A0%20%EB%93%B1%20-%20%EA%B8%B0%EC%97%85%20%EB%B3%B4%EC%95%88%20Know-Where&s_o=default
Requested by
Host: dzinebloggertemplate.disqus.com
URL: https://dzinebloggertemplate.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3b65c66c53f912b05ad0a451f332956d2d77e5de04cca30e06e9094425bdd822
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blog.isms.support/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2729
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Sat, 06 May 2023 02:11:29 GMT
ETag
W/"lounge:view:9685323801.6b81b991bcaf84ef1de0ea8b8b63b375.2"
Last-Modified
Sat, 06 May 2023 01:36:20 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
lounge.load.73cb1b48d567a22ee9e1f31979287652.js
c.disquscdn.com/next/embed/ Frame 33FC 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.load.73cb1b48d567a22ee9e1f31979287652.js
Requested by
Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=dzinebloggertemplate&t_u=https%3A%2F%2Fblog.isms.support%2F2023%2F05%2Fdefense-inside.html&t_d=%EA%B5%AD%EB%82%B4%20%EC%A0%95%EC%B9%98%2C%EC%96%B8%EB%A1%A0%20%EB%93%B1%20-%20%EA%B8%B0%EC%97%85%20%EB%B3%B4%EC%95%88%20Know-Where&t_t=%EA%B5%AD%EB%82%B4%20%EC%A0%95%EC%B9%98%2C%EC%96%B8%EB%A1%A0%20%EB%93%B1%20-%20%EA%B8%B0%EC%97%85%20%EB%B3%B4%EC%95%88%20Know-Where&s_o=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dda9fe8ab25b512d6eef7ca8f2e51ded142d5ec1052e82dbc35d10ef6ed983ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=dzinebloggertemplate&t_u=https%3A%2F%2Fblog.isms.support%2F2023%2F05%2Fdefense-inside.html&t_d=%EA%B5%AD%EB%82%B4%20%EC%A0%95%EC%B9%98%2C%EC%96%B8%EB%A1%A0%20%EB%93%B1%20-%20%EA%B8%B0%EC%97%85%20%EB%B3%B4%EC%95%88%20Know-Where&t_t=%EA%B5%AD%EB%82%B4%20%EC%A0%95%EC%B9%98%2C%EC%96%B8%EB%A1%A0%20%EB%93%B1%20-%20%EA%B8%B0%EC%97%85%20%EB%B3%B4%EC%95%88%20Know-Where&s_o=default
Origin
https://disqus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 05 May 2023 08:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
63627
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
625
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Fri, 05 May 2023 08:10:52 GMT
server
nginx
etag
"6454ba0c-271"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
y_UiG5mJo9a8t5G9nUjCQizA_sSsLpiIYaEW_0i-p3DCX7A-i-XE9Q==
expires
Sat, 04 May 2024 08:31:01 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=907467164578436294&zx=f0bd0155-959b-426c-851d-44efcae44f80
Requested by
Host: blog.isms.support
URL: https://blog.isms.support/2023/05/defense-inside.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.isms.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Sat, 06 May 2023 02:11:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 06 May 2023 02:11:29 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
common.bundle.6719fe9dbe70a5a047052a905ea1cbc5.js
c.disquscdn.com/next/embed/ Frame 33FC 		280 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.6719fe9dbe70a5a047052a905ea1cbc5.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.73cb1b48d567a22ee9e1f31979287652.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cd3179714cc77f87b3275aecc5901867606b239d2f8d7f6a287c1a9800ff0021
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=dzinebloggertemplate&t_u=https%3A%2F%2Fblog.isms.support%2F2023%2F05%2Fdefense-inside.html&t_d=%EA%B5%AD%EB%82%B4%20%EC%A0%95%EC%B9%98%2C%EC%96%B8%EB%A1%A0%20%EB%93%B1%20-%20%EA%B8%B0%EC%97%85%20%EB%B3%B4%EC%95%88%20Know-Where&t_t=%EA%B5%AD%EB%82%B4%20%EC%A0%95%EC%B9%98%2C%EC%96%B8%EB%A1%A0%20%EB%93%B1%20-%20%EA%B8%B0%EC%97%85%20%EB%B3%B4%EC%95%88%20Know-Where&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 27 Mar 2023 21:48:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3385360
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94181
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Mon, 27 Mar 2023 21:43:49 GMT
server
nginx
etag
"64220e15-16fe5"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
4hAreJ0Jui2J2GYQczA4MmxpubPLXqELK3CUs9vYJXu0JsdhXALpvw==
expires
Tue, 26 Mar 2024 21:48:49 GMT
comments.php
www.facebook.com/v2.0/plugins/ Frame FB51 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2600c63b7e1df4%26domain%3Dblog.isms.support%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fblog.isms.support%252Ff3da7f124a3a224%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=https%3A%2F%2Fblog.isms.support%2F2023%2F05%2Fdefense-inside.html&locale=en_US&numposts=5&sdk=joey&version=v2.0&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=9738396a97a706651dab2aa1d4a0dd4f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://blog.isms.support/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 06 May 2023 02:11:30 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
LLQDbfPYqQz+aCUQMH8zzrhI2yIka7XD0v9coK4Fvq0UaNuk6CxLEW/5I76oM3f3RyAeId4Xst7VAjf8Up3obQ==
x-frame-options
DENY
x-xss-protection
0
lounge.cef06fba9afb581ee691b2d4ff616400.css
c.disquscdn.com/next/embed/styles/ Frame 33FC 		233 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.6719fe9dbe70a5a047052a905ea1cbc5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
410648e2f3fdc08aab90de8ce3fffcc71d7d41c5b6c61aae829e6d93c6d69127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=dzinebloggertemplate&t_u=https%3A%2F%2Fblog.isms.support%2F2023%2F05%2Fdefense-inside.html&t_d=%EA%B5%AD%EB%82%B4%20%EC%A0%95%EC%B9%98%2C%EC%96%B8%EB%A1%A0%20%EB%93%B1%20-%20%EA%B8%B0%EC%97%85%20%EB%B3%B4%EC%95%88%20Know-Where&t_t=%EA%B5%AD%EB%82%B4%20%EC%A0%95%EC%B9%98%2C%EC%96%B8%EB%A1%A0%20%EB%93%B1%20-%20%EA%B8%B0%EC%97%85%20%EB%B3%B4%EC%95%88%20Know-Where&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 16 Apr 2023 21:59:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1656693
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
33266
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Fri, 14 Apr 2023 12:47:55 GMT
server
nginx
etag
"64394b7b-81f2"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
vt1VAP4wsH-xiMAf41dUw9exd_V4wRKIvoHk872VnW1ZhYvCGyfEYA==
expires
Mon, 15 Apr 2024 21:59:57 GMT
lounge.bundle.0436674491fd6f1af312aa8b5c0dbc1b.js
c.disquscdn.com/next/embed/ Frame 33FC 		508 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.0436674491fd6f1af312aa8b5c0dbc1b.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.6719fe9dbe70a5a047052a905ea1cbc5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
30248bce67efcd4bcb70aaa7ae81aa7fb87fb1df31b5621e9ac366ea002c4ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=dzinebloggertemplate&t_u=https%3A%2F%2Fblog.isms.support%2F2023%2F05%2Fdefense-inside.html&t_d=%EA%B5%AD%EB%82%B4%20%EC%A0%95%EC%B9%98%2C%EC%96%B8%EB%A1%A0%20%EB%93%B1%20-%20%EA%B8%B0%EC%97%85%20%EB%B3%B4%EC%95%88%20Know-Where&t_t=%EA%B5%AD%EB%82%B4%20%EC%A0%95%EC%B9%98%2C%EC%96%B8%EB%A1%A0%20%EB%93%B1%20-%20%EA%B8%B0%EC%97%85%20%EB%B3%B4%EC%95%88%20Know-Where&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 05 May 2023 08:31:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
63627
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
129946
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Fri, 05 May 2023 08:10:53 GMT
server
nginx
etag
"6454ba0d-1fb9a"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
PGY_DywQfL4RuF2J3Cvgdy8B5cdvSrxAjuF-z-8x8A3yAgAY5I9IQQ==
expires
Sat, 04 May 2024 08:31:03 GMT
config.js
disqus.com/next/ Frame 33FC 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.6719fe9dbe70a5a047052a905ea1cbc5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f6eb5ef4c0396d414989f07f743d2b5d4bd434e9c3d70d74c9639098b81a492c
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=dzinebloggertemplate&t_u=https%3A%2F%2Fblog.isms.support%2F2023%2F05%2Fdefense-inside.html&t_d=%EA%B5%AD%EB%82%B4%20%EC%A0%95%EC%B9%98%2C%EC%96%B8%EB%A1%A0%20%EB%93%B1%20-%20%EA%B8%B0%EC%97%85%20%EB%B3%B4%EC%95%88%20Know-Where&t_t=%EA%B5%AD%EB%82%B4%20%EC%A0%95%EC%B9%98%2C%EC%96%B8%EB%A1%A0%20%EB%93%B1%20-%20%EA%B8%B0%EC%97%85%20%EB%B3%B4%EC%95%88%20Know-Where&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sat, 06 May 2023 02:11:30 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
25
X-Frame-Options
SAMEORIGIN
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
18229
X-XSS-Protection
1; mode=block
details
disqus.com/api/3.0/forums/ Frame 33FC 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=dzinebloggertemplate&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.6719fe9dbe70a5a047052a905ea1cbc5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
568552d8b833899aa9da62e5ce3d52d4532963824ce5905fb91287cbe402c4e9
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/embed/comments/?base=default&f=dzinebloggertemplate&t_u=https%3A%2F%2Fblog.isms.support%2F2023%2F05%2Fdefense-inside.html&t_d=%EA%B5%AD%EB%82%B4%20%EC%A0%95%EC%B9%98%2C%EC%96%B8%EB%A1%A0%20%EB%93%B1%20-%20%EA%B8%B0%EC%97%85%20%EB%B3%B4%EC%95%88%20Know-Where&t_t=%EA%B5%AD%EB%82%B4%20%EC%A0%95%EC%B9%98%2C%EC%96%B8%EB%A1%A0%20%EB%93%B1%20-%20%EA%B8%B0%EC%97%85%20%EB%B3%B4%EC%95%88%20Know-Where&s_o=default
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sat, 06 May 2023 02:11:30 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Vary
Origin, Cookie
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/json
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
3121
X-XSS-Protection
1; mode=block
css2
fonts.googleapis.com/ Frame 33FC 		11 KB
970 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4dbc45bd7ed8caf2aeeae8de34e519d874987d5285c79b5b4a93a1d670a929c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=dzinebloggertemplate&t_u=https%3A%2F%2Fblog.isms.support%2F2023%2F05%2Fdefense-inside.html&t_d=%EA%B5%AD%EB%82%B4%20%EC%A0%95%EC%B9%98%2C%EC%96%B8%EB%A1%A0%20%EB%93%B1%20-%20%EA%B8%B0%EC%97%85%20%EB%B3%B4%EC%95%88%20Know-Where&t_t=%EA%B5%AD%EB%82%B4%20%EC%A0%95%EC%B9%98%2C%EC%96%B8%EB%A1%A0%20%EB%93%B1%20-%20%EA%B8%B0%EC%97%85%20%EB%B3%B4%EC%95%88%20Know-Where&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 May 2023 02:11:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 May 2023 00:35:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 May 2023 02:11:30 GMT
truncated
/ Frame 33FC 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/gif
alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
c.disquscdn.com/next/embed/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Requested by
Host: dzinebloggertemplate.disqus.com
URL: https://dzinebloggertemplate.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.isms.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 16 Mar 2023 10:51:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
4375181
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
26578
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Thu, 02 Mar 2023 09:36:57 GMT
server
nginx
etag
"64006e39-67d2"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
2nTy-kzVldFLRCEREOLHwka_DdObSxPWB0WVtmYDR7wPrYuEsI4BDg==
expires
Fri, 15 Mar 2024 10:51:49 GMT
realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 191D 		337 B
838 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Requested by
Host: dzinebloggertemplate.disqus.com
URL: https://dzinebloggertemplate.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.isms.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 22 Apr 2023 01:26:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1212329
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Fri, 21 Apr 2023 16:09:03 GMT
server
nginx
etag
"6442b51f-f4"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
yIn5q7eymCpeIPlBc9XQNozo32R2yd8x_ynKyLV3Dy15roiZz3mV9w==
expires
Sun, 21 Apr 2024 01:26:01 GMT
realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 627B 		337 B
838 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Requested by
Host: dzinebloggertemplate.disqus.com
URL: https://dzinebloggertemplate.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.isms.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 22 Apr 2023 01:26:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1212329
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Fri, 21 Apr 2023 16:09:03 GMT
server
nginx
etag
"6442b51f-f4"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
dmQ-4F9AmEISCpyoKh_mvXcSilr3VskNddC_jiBhf93BDDfnB5AzNg==
expires
Sun, 21 Apr 2024 01:26:01 GMT
pixel.gif
cdn.viglink.com/images/ 		43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=1&rn=8.829670380188546
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.145.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-145-88.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.isms.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 02:11:30 GMT
via
1.1 8856fedb63df7336fbe33f5df12fe4d6.cloudfront.net (CloudFront)
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
AmazonS3
x-amz-cf-pop
HAM50-P1
age
6
etag
"221d8352905f2c38b3cb2bd191d630b0"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=15, must-revalidate
accept-ranges
bytes
content-length
43
x-amz-cf-id
X6-MmmFUgGUiYsGztZo_An3a89MztHd5A11xWeEwE_V2H9g9-Gx0sA==
pixel.gif
cdn.viglink.com/images/ 		43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=2&rn=8.829670380188546
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.145.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-145-88.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.isms.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 02:11:30 GMT
via
1.1 8856fedb63df7336fbe33f5df12fe4d6.cloudfront.net (CloudFront)
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
AmazonS3
x-amz-cf-pop
HAM50-P1
age
6
etag
"221d8352905f2c38b3cb2bd191d630b0"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=15, must-revalidate
accept-ranges
bytes
content-length
43
x-amz-cf-id
PSTPogJwqdOSxsOo840IQdmocNB4_vqeXkCU7Q_p13saR4YY25OHbw==
event.gif
referrer.disqus.com/juggler/ Frame 33FC 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?abe=1&embed_hidden=1&load_time=244&event=init_embed&thread=9685323801&forum=dzinebloggertemplate&forum_id=3897282&imp=322k8s31gopq8k&thread_slug=know_where_06&user_type=anon&referrer=https%3A%2F%2Fblog.isms.support%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=dzinebloggertemplate&t_u=https%3A%2F%2Fblog.isms.support%2F2023%2F05%2Fdefense-inside.html&t_d=%EA%B5%AD%EB%82%B4%20%EC%A0%95%EC%B9%98%2C%EC%96%B8%EB%A1%A0%20%EB%93%B1%20-%20%EA%B8%B0%EC%97%85%20%EB%B3%B4%EC%95%88%20Know-Where&t_t=%EA%B5%AD%EB%82%B4%20%EC%A0%95%EC%B9%98%2C%EC%96%B8%EB%A1%A0%20%EB%93%B1%20-%20%EA%B8%B0%EC%97%85%20%EB%B3%B4%EC%95%88%20Know-Where&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sat, 06 May 2023 02:11:30 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
ping
links.services.disqus.com/api/ 		316 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/ping
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
77fc67eb0cb4fbb683f9c3490d1defa7347109ce1d200e3970f5bea6fa05237e

Request headers

Referer
https://blog.isms.support/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sat, 06 May 2023 02:11:31 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://blog.isms.support
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
316
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync.gif
links.services.disqus.com/api/ 		43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.isms.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 May 2023 02:11:31 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Content-Type
image/gif;charset=UTF-8
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
domains
links.services.disqus.com/api/ 		58 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/domains
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
295dc564ddbd1286f7969ded8e5e6c3fc8af684f317936b939b42a18238ef6b5

Request headers

Referer
https://blog.isms.support/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sat, 06 May 2023 02:11:31 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://blog.isms.support
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
58
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 boolean| credentialless function| $ function| jQuery object| text_month string| no_image_url number| related_number object| adsbygoogle number| recentposts_number number| randomposts_number number| recentcomments_number number| postperpage object| jQuery1110032499306457519683 string| disqus_shortname object| _0x8cfc function| selectnav object| _0x4af1 function| _0x503b function| _0x4c185b function| _0x23fd98 undefined| jQuery1110032499306457519683_1683339089090 number| numshowpage string| upPageWord string| downPageWord string| urlactivepage string| home_page function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt object| cookieChoices object| FB function| disqus_config object| DISQUS object| __buffer boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16833390903726 object| vglnk undefined| vglnk_16833390908747 undefined| vglnk_16833390910919

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://blog.isms.support/2023/05/none
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
blog.isms.support
c.disquscdn.com
cdn.viglink.com
connect.facebook.net
defense-inside.outlookers.com
disqus.com
dzinebloggertemplate.disqus.com
fonts.googleapis.com
fonts.gstatic.com
links.services.disqus.com
maxcdn.bootstrapcdn.com
referrer.disqus.com
www.blogger.com
www.facebook.com
151.101.0.134
18.155.145.88
199.232.192.134
199.232.196.134
199.232.196.64
2600:9000:2057:1c00:6:8656:f5c0:93a1
2606:4700::6812:acf
2a00:1450:4001:80e::2009
2a00:1450:4001:810::200a
2a00:1450:4001:829::2013
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
003a6b752a8c2a6a3e7dcfb87bd78511c2d0a4878b09cb2fc714fb7f24fa0f6e
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
215a45e622fcb87b561c7d7baeecf491ee0e67faba388077e8d7b3be81998a91
295dc564ddbd1286f7969ded8e5e6c3fc8af684f317936b939b42a18238ef6b5
30248bce67efcd4bcb70aaa7ae81aa7fb87fb1df31b5621e9ac366ea002c4ebc
3516a89cf06a22f1a3709b993862119a469fc4937b2d4dfa7e7700394780ffd0
38f98b8a551d3ad9cda63b36f9f97ad541d2eda26f38d4fb7e4f1b989f1ac9fb
3b65c66c53f912b05ad0a451f332956d2d77e5de04cca30e06e9094425bdd822
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
410648e2f3fdc08aab90de8ce3fffcc71d7d41c5b6c61aae829e6d93c6d69127
4dbc45bd7ed8caf2aeeae8de34e519d874987d5285c79b5b4a93a1d670a929c4
501dba1d890959ed8b3cfb8816a2dd4cbc9fc99e04ba6dc4db01bdce5a605abd
568552d8b833899aa9da62e5ce3d52d4532963824ce5905fb91287cbe402c4e9
5af1cf2c128b3970da967a4466da6b504e226e67f92dd3f8c70ef083fd2d43b9
77fc67eb0cb4fbb683f9c3490d1defa7347109ce1d200e3970f5bea6fa05237e
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
a6da7901c48b63163c72d62cb98c07e6ed3f9f45dad4d06f4c3b66971896ac2f
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c623b598e9a1316aaeffef583ec66acb68a22c904912a9c13c17034b858e040b
cd3179714cc77f87b3275aecc5901867606b239d2f8d7f6a287c1a9800ff0021
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dda9fe8ab25b512d6eef7ca8f2e51ded142d5ec1052e82dbc35d10ef6ed983ba
e6d31c2c635d9600a46bdfa72d76b500153fb464278c8464d074e343526a67b7
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6eb5ef4c0396d414989f07f743d2b5d4bd434e9c3d70d74c9639098b81a492c