blog.aquasec.com Open in urlscan Pro
2606:2c40::c73c:671c  Public Scan

46 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

• https://api-na1.hubapi.com/video/v1/public/124377039151/poster?portalId=1665891 HTTP 307
• https://1665891.fs1.hubspotusercontent-na1.net/hub/1665891/hubfs/custom-video-thumbnails/TeamTNT-1-thumb.jpeg?length=1920

Request Chain 105

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45226&time=1689300678667&url=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45226&time=1689300678667&url=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D45226%26time%3D1689300678667%26url%3Dhttps%253A%252F%252Fblog.aquasec.com%252Fteamtnt-reemerged-with-new-aggressive-cloud-campaign%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45226&time=1689300678667&url=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45226&time=1689300678667&url=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&cookiesTest=true&liSync=true&e_ipv6=AQJzPfYXaYbnAgAAAYlSKrp5mxEQiUtSyaQchqb2qdXqSNb_kmhApYHtIRX1AdjfN_dtCHEWUUC3P837GN47dOlxwuEq9w

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request teamtnt-reemerged-with-new-aggressive-cloud-campaign Show response blog.aquasec.com/	147 KB 28 KB	117ms 44ms	Document text/html	2606:2c40::c73c:671c CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 065fb703227a5a856a3769cac410eb68efb5368a040be63500244c60abc542d2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials false age 387 alt-svc h3=":443"; ma=86400 cache-control s-maxage=7200,max-age=5 cache-tag CT-123745878136,CG-3657573699,P-1665891,L-18586815967,L-7511165832,L-7516015189,CW-106188107884,CW-6158268125,DB-5940642,E-108051130136,E-7511165868,E-7511165869,PGS-ALL,SW-4,GC-32602450653,GC-41471622868 cf-cache-status HIT cf-ray 7e663bf08aae30d0-FRA content-encoding br content-security-policy upgrade-insecure-requests content-type text/html;charset=utf-8 date Fri, 14 Jul 2023 02:11:17 GMT edge-cache-tag CT-123745878136,CG-3657573699,P-1665891,L-18586815967,L-7511165832,L-7516015189,CW-106188107884,CW-6158268125,DB-5940642,E-108051130136,E-7511165868,E-7511165869,PGS-ALL,SW-4,GC-32602450653,GC-41471622868 last-modified Thu, 13 Jul 2023 23:24:41 GMT link </hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js>; rel=preload; as=script, </hs/hsstatic/AsyncSupport/static-1.122/js/comment_listing_asset.js>; rel=preload; as=script, </hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script, </hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js>; rel=preload; as=script, </_hcms/forms/v2.js>; rel=preload; as=script nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} referrer-policy no-referrer-when-downgrade report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PsSAgqu9G4XhdXEWBhuELeJUXZXSwueS6J3fh7Frv1yazCX%2FYbDzvSwtXQgVEuR94AwOuOKfEQ5KuXdFITMPwIKeDTfai1bjBIk%2BqhItAYXxlh7E8APUQR41thiBdfodLkXRtnpIgHybA%2Fxm%2BVg%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000 vary origin, Accept-Encoding x-envoy-upstream-service-time 168 x-evy-trace-listener listener_https x-evy-trace-route-configuration listener_https/all x-evy-trace-route-service-name envoyset-translator x-evy-trace-served-by-pod iad02/cms-40-49-td/envoy-proxy-7966c868f8-qfc5k x-evy-trace-virtual-host all x-hs-cache-config BrowserCache-5s-EdgeCache-7200s x-hs-content-id 123745878136 x-hs-https-only worker x-hs-hub-id 1665891 x-hubspot-correlation-id 344c7379-e723-4c7b-bf3f-798fcd307926 x-request-id 344c7379-e723-4c7b-bf3f-798fcd307926 x-trace 2B4AC7A8E2FC34D0CE90B07CDFC960C990968C6E65C53ADBD8852C69FC01
GET H2	200	index.js Show response blog.aquasec.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/	11 KB 5 KB	34ms 31ms	Script application/javascript	2606:2c40::c73c:671c CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://blog.aquasec.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT strict-transport-security max-age=31536000 via 1.1 a355d8f903a0cf5525893c863fcdf216.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests age 7209966 x-amz-cf-pop CDG52-P4 x-amz-server-side-encryption AES256 x-amz-version-id inhS2tX2f2C4tITR3p2haS.uhsvA9eGz content-encoding br x-cache Hit from cloudfront x-amz-replication-status COMPLETED x-hs-https-only worker alt-svc h3=":443"; ma=86400 last-modified Fri, 21 Apr 2023 15:17:56 GMT server cloudflare etag W/"0bbd63c0750f141fd5cec04a9393647e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txswx9AkcYFFyJrJMg%2BC1qqP3Q6GcD1N1Qi36pgGYjLQI0vrn%2FniFBapS5CIOtrVgMRt9oUOtkcyHbewkfDur5ChUFU2JPCwBMwAxJo1fRXUiEkbsWXcfjTOAiFIAupcdYtAlTxqcOnFxq8SBik%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 7e663bf0eaca30d0-FRA x-amz-cf-id TYHgsp09grVKpYA9dxiozj2UAW4tlG6PoALJeeeJ-H2x7PoACqsm6Q== expires Sat, 13 Jul 2024 02:11:17 GMT
GET H2	200	comment_listing_asset.js Show response blog.aquasec.com/hs/hsstatic/AsyncSupport/static-1.122/js/	8 KB 3 KB	35ms 33ms	Script application/javascript	2606:2c40::c73c:671c CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://blog.aquasec.com/hs/hsstatic/AsyncSupport/static-1.122/js/comment_listing_asset.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 043cfebfa4ec302e0368eadbae54853a5b6caff633b3d1e02a32f2cd2f71e1fd Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT strict-transport-security max-age=31536000 via 1.1 d2a765f1074cbe4a82f40c5927183e80.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests age 6643297 x-amz-cf-pop MXP63-P3 x-amz-server-side-encryption AES256 x-amz-version-id 4D3b_.jtdSCbU1XTktruWk73HT0wxWk7 content-encoding br x-cache RefreshHit from cloudfront x-amz-replication-status COMPLETED x-hs-https-only worker alt-svc h3=":443"; ma=86400 last-modified Fri, 17 Dec 2021 15:26:09 GMT server cloudflare etag W/"2455723721db341ff86a4f64384a9c0d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JlF%2FgNXzqIGgQCkziJ9%2FFftjkfz21y0bPHqHWOO5AxdKB8dXtfMz%2FITaRfeb3oAN2VhouOTnoVlSO%2BsesyotF3fTrX6tlhDhH3wM4IoJelT4x5mV%2FJpu9mXWYIfxRWCqDH%2BrHhyLMfT79IwCck%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 7e663bf0eacb30d0-FRA x-amz-cf-id DXbOx7GN-63PDW3P-J34iO3DpXZB_RFNzVatnY4ocZ-RPVHbaEfJMA== expires Sat, 13 Jul 2024 02:11:17 GMT
GET H2	200	project.js Show response blog.aquasec.com/hs/hsstatic/cos-i18n/static-1.53/bundles/	1 KB 1017 B	36ms 34ms	Script application/javascript	2606:2c40::c73c:671c CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://blog.aquasec.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT strict-transport-security max-age=31536000 via 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests age 6643393 x-amz-cf-pop FRA56-P2 x-amz-server-side-encryption AES256 x-amz-version-id P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO content-encoding br x-cache Hit from cloudfront x-amz-replication-status COMPLETED x-hs-https-only worker alt-svc h3=":443"; ma=86400 last-modified Tue, 09 Nov 2021 16:12:42 GMT server cloudflare etag W/"61ca66de658cab9587e4636894680d5d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OivSX2cHA%2BF33wFpdXEo4IhYN%2FYho0lAxN%2FuopuiVAM38KE0Yj8zwmzNIGuaY2Irp7IJgZvQ2tw23l%2B5KgbRKKTs%2FklICoY4H71riwjY3mtpppz3kGOqOH6PyyRIqE%2FKb%2BY3iZOILU733qjAB4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 7e663bf0eacc30d0-FRA x-amz-cf-id npDRtHLjVqh8zeihJtuF2gyuTq3Qaqk2QrNbNCcHimg8EpZG5wWqkA== expires Sat, 13 Jul 2024 02:11:17 GMT
GET H2	200	post_listing_asset.js Show response blog.aquasec.com/hs/hsstatic/AsyncSupport/static-1.122/js/	3 KB 2 KB	49ms 49ms	Script application/javascript	2606:2c40::c73c:671c CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://blog.aquasec.com/hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 8e7902d12bed414b23fd30c7019fc0fe08d03b14984beb21e486aaa59135f803 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT strict-transport-security max-age=31536000 via 1.1 2e87071abfb43f80383677f0ef761e82.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests age 14660912 x-amz-cf-pop JFK51-C1 x-amz-server-side-encryption AES256 x-amz-version-id nC1hzr07YsutChb9rCwKsMoiyxip8lR7 content-encoding br x-cache Miss from cloudfront x-amz-replication-status COMPLETED x-hs-https-only worker alt-svc h3=":443"; ma=86400 last-modified Fri, 17 Dec 2021 15:26:10 GMT server cloudflare etag W/"d95d7dafd49a1edc76a47120c287b579" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTPCsxOpcX%2BK3evB6%2BBfxHv80vl5vcwZGMG3%2F7X7nk%2BtKq7P7mfjAA2IWebIW1YuMh%2FJfvGEqp5cyWw%2BFxwaweGeHA%2Fmd454kJEK2X59HMWKeOf6jlP9l6nEZs5FBFqUH56WeyzJcNcNgQb0XrI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 7e663bf0eacd30d0-FRA x-amz-cf-id PvHzarWNdMzvqvqhYfheEwajX8c1HBFkozi-L4pdBW9smuCpAz4vBA== expires Sat, 13 Jul 2024 02:11:17 GMT
GET H2	200	v2.js Show response blog.aquasec.com/_hcms/forms/	527 KB 172 KB	31ms 31ms	Script application/javascript	2606:2c40::c73c:671c CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://blog.aquasec.com/_hcms/forms/v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash aad18b84e34e15f9dddf39cc08a040e557bce50512b8689f3f7faae963f1429f Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests content-encoding br age 524 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3372/bundles/project-v2.js&cfRay=7e662f25303592a2-FRA x-amz-replication-status COMPLETED x-hs-https-only worker x-evy-trace-listener listener_https etag W/"df557d754a89ef0210bd93ff6301921d" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control s-maxage=600, max-age=300 x-hs-target-asset forms-embed/static-1.3372/bundles/project-v2.js date Fri, 14 Jul 2023 02:11:17 GMT strict-transport-security max-age=31536000 via 1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-version-id r0RDqVAx5nyXFjVas4brXORZ1.2QDi7x x-amz-cf-pop IAD12-P3 x-hubspot-correlation-id 59dd5f8d-5946-4f10-94fe-bab50285fada x-cache Hit from cloudfront cache-tag staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod x-envoy-upstream-service-time 2 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 59dd5f8d-5946-4f10-94fe-bab50285fada last-modified Tue, 27 Jun 2023 09:59:09 UTC server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rdxp7VhiW%2FyYwyXwQQhHd1m5kNqyBSG5BkSS3ygPqFq68SZH%2FjnA0CpUOxsJeSeOFw%2B5Fo4OYauBL1keowWKrabEXjBZQNOGhUpAAIcLtjYD6ANzrnwsGgnHFpht20%2F7dBdS8Wm9WTl6xNmHfy4%3D"}],"group":"cf-nel","max_age":604800} x-hs-cache-status HIT x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-57ff77fcd-h6thn cf-ray 7e663bf0eace30d0-FRA x-amz-cf-id 8Qpty1im5C0zV91cAm7dZUwfAvdbfm50SZBNiSfqqB87wA6UA9UG6g==
GET H2	200	jquery-1.7.1.js Show response blog.aquasec.com/hs/hsstatic/jquery-libs/static-1.1/jquery/	92 KB 34 KB	37ms 36ms	Script application/javascript	2606:2c40::c73c:671c CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://blog.aquasec.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT strict-transport-security max-age=31536000 via 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests age 15459739 x-amz-cf-pop FRA56-P2 x-amz-version-id null content-encoding br x-cache Hit from cloudfront x-hs-https-only worker alt-svc h3=":443"; ma=86400 last-modified Tue, 25 Nov 2014 17:03:30 GMT server cloudflare etag W/"ddb84c1587287b2df08966081ef063bf" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DydPFzfzf3GpzmLmbtpmcT%2Fd1M4WvIgXMPH6%2F8A5h6dYNb6xEe84EmmL9cfSrTlm1VAfShHvAlXSwrr%2Fa4VhUulY5MLCR9%2FT02gh8gVQtl3o8UOchZb%2BNPRjan9%2FDPyfVym9o3XCxzB9tKiKG98%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 7e663bf0ead330d0-FRA x-amz-cf-id Op4bOuiN9rNrDPkreMNbBQFoZGO-EcpnIl-ziirAysQHecCv5Ga9Hg== expires Sat, 13 Jul 2024 02:11:17 GMT
GET H2	200	comments_listing_asset.css blog.aquasec.com/hs/hsstatic/AsyncSupport/static-1.122/sass/	1 KB 1019 B	93ms 92ms	Stylesheet text/css	2606:2c40::c73c:671c CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://blog.aquasec.com/hs/hsstatic/AsyncSupport/static-1.122/sass/comments_listing_asset.css Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash ed92c951c39983af4f5fac78a5bab4c390b3faf7c46e2a35256ee38f5443ffa2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT strict-transport-security max-age=31536000 via 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests age 6643297 x-amz-cf-pop FRA56-P2 x-amz-server-side-encryption AES256 x-amz-version-id LQgaE1SSZjkxZtePb5jE9vLc6kDw7LTx content-encoding br x-cache Hit from cloudfront x-amz-replication-status COMPLETED x-hs-https-only worker alt-svc h3=":443"; ma=86400 last-modified Fri, 17 Dec 2021 15:26:10 GMT server cloudflare etag W/"6b1d31d121f4c84e5ee3b7d7446495d8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6DbV7shEgjzp3LbDEwwjVvrFWvYu2M%2F843z7%2Fr%2FTk7rRCjpM3cOrhU9j0hrm%2FN3Rk0xPVhQwsirmrxstpLXgcxeIFMgexXWB1GxeK75w%2FhS8FMIYf%2FlkrFUrE18cO9kkW7GW6mxCq%2FWibBxkm4%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=31536000 cf-ray 7e663bf0ead030d0-FRA x-amz-cf-id K1JFek2eFPFUdsBPlHy-fdv487XSw6vYgNMRnxbA9DAUIIlcuzUeBQ== expires Sat, 13 Jul 2024 02:11:17 GMT
GET H2	200	rss_post_listing.css blog.aquasec.com/hs/hsstatic/AsyncSupport/static-1.122/sass/	910 B 847 B	32ms 31ms	Stylesheet text/css	2606:2c40::c73c:671c CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://blog.aquasec.com/hs/hsstatic/AsyncSupport/static-1.122/sass/rss_post_listing.css Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 723fbf8d73cd4e75f64f7d21558585aa1658b11332e87bd288f6987e398ecfb4 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT strict-transport-security max-age=31536000 via 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests age 6643304 x-amz-cf-pop FRA56-P2 x-amz-server-side-encryption AES256 x-amz-version-id YluxiXaQWSQWC28IUPv3NXYXDi68ylxl content-encoding br x-cache RefreshHit from cloudfront x-amz-replication-status COMPLETED x-hs-https-only worker alt-svc h3=":443"; ma=86400 last-modified Fri, 17 Dec 2021 15:26:10 GMT server cloudflare etag W/"e1b521ec14a912d6d385c21388ec7d79" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qI5AFwPwnYPuFwxwvdDax3f03w2%2BzHAcQvvZTFBr6S4AqDLIBU2kLk%2B2cD79e%2FrMQz73CXEmawYKtToH3tcHS0R6hyKeEzqnHBGL%2BqNWbOoN5mTL8%2FOkr2Kar24esXU%2Bls8nccjvccX5rQv6sw%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=31536000 cf-ray 7e663bf0ead230d0-FRA x-amz-cf-id WOb-BPWIZjS7c3k6vJinYnu8ERqo5xPHhDC6PRsdQIy2YfEcgnac1A== expires Sat, 13 Jul 2024 02:11:17 GMT
GET H2	200	layout.min.css cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1689270480281/hubspot/hubspot_default/shared/responsive/	4 KB 2 KB	57ms 20ms	Stylesheet text/css	2606:4700::6812:d0c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1689270480281/hubspot/hubspot_default/shared/responsive/layout.min.css Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:d0c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers content-encoding br age 30100 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-amz-replication-status PENDING x-hs-cf-lambda us-east-1.enforceAclForReadsProd 20 x-evy-trace-listener listener_https etag W/"94daf62e7e6df83595c6251fb0c7c055" vary Accept-Encoding access-control-allow-methods GET content-type text/css access-control-allow-origin * x-amz-meta-created-unix-time-millis 1689270480980 cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 x-evy-trace-virtual-host all x-hs-cf-lambda-enforce us-east-1.enforceAclForReadsProd 20 date Fri, 14 Jul 2023 02:11:17 GMT cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop IAD66-C1 x-hs-alternate-content-type text/plain x-hubspot-correlation-id f0d0a5e2-ca68-481f-a58f-b4c692747c7b x-amz-storage-class INTELLIGENT_TIERING x-envoy-upstream-service-time 95 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id f0d0a5e2-ca68-481f-a58f-b4c692747c7b last-modified Thu, 13 Jul 2023 17:48:01 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rr2B8ChzkiZfNc3ZmpBuVWiMg0MjS0Ic2lNj3CpNIn%2BOnAT07%2F8iJ5gtWl6eqCyd2TTNaiRjeYgoQ28YtB%2FxKAa1eGc4AEcPpAND%2BcNlv6RXJPnzXwAuONQa5XRtay49gZX0aW8n0zfSekKs%2BkY%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-hml5r cf-ray 7e663bf11a1269a3-FRA
GET H2	200	aqua_theme_2019_styles.css blog.aquasec.com/hs-fs/hub/1665891/hub_generated/template_assets/7511165869/1686823327504/Coded_files/Custom/page/Aqua_Theme_2019/	109 KB 25 KB	36ms 35ms	Stylesheet text/css	2606:2c40::c73c:671c CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://blog.aquasec.com/hs-fs/hub/1665891/hub_generated/template_assets/7511165869/1686823327504/Coded_files/Custom/page/Aqua_Theme_2019/aqua_theme_2019_styles.css Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash b854ab0289192ff9253ba6293fe9e80a8ad87af73fc448ce781f7330462ffaba Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests content-encoding br age 3315 x-amz-request-id JNM7AXAEK250HJZ5 x-amz-server-side-encryption AES256 x-evy-trace-route-service-name envoyset-translator x-amz-replication-status PENDING x-hs-https-only worker x-hs-cf-lambda us-east-1.enforceAclForReadsProd 20 x-evy-trace-listener listener_https etag W/"b4264719550b2a631ef3ecb8cc44e4ac" vary origin, Accept-Encoding x-amz-meta-created-unix-time-millis 1686823327504 content-type text/css x-evy-trace-virtual-host all cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000 x-hs-cf-lambda-enforce us-east-1.enforceAclForReadsProd 20 date Fri, 14 Jul 2023 02:11:17 GMT strict-transport-security max-age=31536000 via 1.1 98b2021a1a69853671ec2390cb8757f0.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-version-id 3Qf2k3k3ffBMZ6ocIg31kF1ACli.qGoU x-amz-cf-pop IAD12-P2 x-hs-alternate-content-type text/plain x-cache RefreshHit from cloudfront x-amz-storage-class INTELLIGENT_TIERING x-envoy-upstream-service-time 129 alt-svc h3=":443"; ma=86400 x-amz-id-2 FFjsdy96aIcxzOJvkH3X6s/ZGTxZwZQ03KHNwKfcsB90OJu3DYbFlqt0W/kQUyrHE+8YbhKoF6Q= x-evy-trace-route-configuration listener_https/all x-request-id cef18c42-f4cb-4bce-bce4-06e8c4de729c last-modified Thu, 15 Jun 2023 10:02:08 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvTV%2Fh%2BZiIovfTdChTLUbfe1LrkjhzK7kfhUFcPZyIeZGAazOqjUj8tm8XJrHazjvsHhcyBSUlmhpxowYOn8QGkDO9uFndSM79cyxjJligNAvM7sM%2F%2FOODrKpr0UTAKKM5fEM%2BEZGVL3dffPV90%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-fhfns access-control-allow-credentials false cf-ray 7e663bf0ead430d0-FRA x-amz-cf-id IbAnrgbbO6y4JhcN58WQeTlrOYnhmEPoL6X4R0uMnooDKzj3WmXw_w==
GET H2	200	Blog-Image--TeamTNT-1.jpg 1665891.fs1.hubspotusercontent-na1.net/hub/1665891/hubfs/	31 KB 31 KB	756ms 719ms	Image image/webp	2606:4700::6812:f0f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1665891.fs1.hubspotusercontent-na1.net/hub/1665891/hubfs/Blog-Image--TeamTNT-1.jpg?width=870&name=Blog-Image--TeamTNT-1.jpg Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f2a1cd1d757aa889d5742173fac65c66cf0f559f8d5c423baa82b648320547e Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT via 1.1 b4346add631a498bf6cdbf88cbc5ff12.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' cache-tag F-124451736754,P-1665891,FLS-ALL content-length 31284 cf-resized internal=ok/m q=0 n=165+0 c=4+57 v=2023.7.2 l=31284 last-modified Thu, 13 Jul 2023 01:29:02 GMT cf-bgj imgq:86,h2pri server cloudflare etag "cfs4MlBxN5x5ZnA7IaRJD5UblV9Z0BzdmqJ_ULo1G_DQ:bb6674c2db89a1e4a7b99a415f524422" vary Accept, Accept-Encoding content-type image/webp access-control-allow-origin * cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 accept-ranges bytes cf-ray 7e663bf1def22c1e-FRA
GET H2	200	Ofek-Itach_SQ.jpg 1665891.fs1.hubspotusercontent-na1.net/hub/1665891/hubfs/Aqua%20People/	828 B 1 KB	238ms 201ms	Image image/webp	2606:4700::6812:f0f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1665891.fs1.hubspotusercontent-na1.net/hub/1665891/hubfs/Aqua%20People/Ofek-Itach_SQ.jpg?width=48&height=48&name=Ofek-Itach_SQ.jpg Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af7f66a88467d69b1264d11bb4a988c6e7f7589d47e1b2b22b69fef30344aa70 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT via 1.1 9c6666844f92bfc6b8685747b641abc6.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' cache-tag F-76134155906,FD-7522622900,P-1665891,FLS-ALL content-length 828 cf-resized internal=ok/m q=0 n=245+0 c=1+1 v=2023.6.4 l=828 last-modified Mon, 13 Jun 2022 10:57:27 GMT cf-bgj imgq:86,h2pri server cloudflare etag "cfFVIAKyixFy3IUjbUyHpoBbJ8KxSBlmMBbhedHTfFDQ:700866d580351087ed06187aa9f7d4bd" vary Accept, Accept-Encoding content-type image/webp access-control-allow-origin * cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 accept-ranges bytes cf-ray 7e663bf1def32c1e-FRA
GET H2	200	Assaf%20M%20300x300.jpg 1665891.fs1.hubspotusercontent-na1.net/hub/1665891/hubfs/Imported%20sitepage%20images/	828 B 1 KB	239ms 202ms	Image image/webp	2606:4700::6812:f0f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1665891.fs1.hubspotusercontent-na1.net/hub/1665891/hubfs/Imported%20sitepage%20images/Assaf%20M%20300x300.jpg?width=48&height=48&name=Assaf%20M%20300x300.jpg Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e67f6aacc88c8b3acf98f74772db7dd2f29557146a3fc9aa74602ea7c94b8ec1 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT via 1.1 1d4079b9c92abe0dba6581682966e934.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' cache-tag F-97329473928,FD-42703647798,P-1665891,FLS-ALL content-length 828 cf-resized internal=ok/m q=0 n=183+0 c=1+5 v=2023.5.0 l=828 last-modified Wed, 04 Jan 2023 12:38:02 GMT cf-bgj imgq:86,h2pri server cloudflare etag "cf1zM0XKenPQu5gookC4EYBHUAKxSBlmMBbhedHTfFDQ:12b60e0644c5c87150805225f7db3e83" vary Accept, Accept-Encoding content-type image/webp access-control-allow-origin * cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 accept-ranges bytes cf-ray 7e663bf1def52c1e-FRA
GET H2	200	made_with_flourish.svg public.flourish.studio/resources/	7 KB 3 KB	67ms 12ms	Image image/svg+xml	108.138.36.27 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://public.flourish.studio/resources/made_with_flourish.svg Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-27.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash ce277bd81ffb51103836b75131ef16c03690269e767420517cbf310b4fe9b24e Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-amz-version-id j8.1FRYnJH7gSl_m_F2.cP0cQfK1cpxY content-encoding gzip via 1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront) date Thu, 13 Jul 2023 04:01:00 GMT x-amz-cf-pop MUC50-P2 age 84853 x-cache Hit from cloudfront last-modified Wed, 11 Nov 2020 12:02:50 GMT server AmazonS3 etag W/"c19a2cc9f10c2ce7e30272550502097c" access-control-max-age 3000 access-control-allow-methods GET, HEAD, POST content-type image/svg+xml access-control-allow-origin * cache-control max-age=86400 vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-id a5RxIFv-hTs7NM9ji2OVCyHW38hc6ZWbM4Bg87RCy7ufF0f6bGajNQ==
GET H2	200	TeamTNT-1-thumb.jpeg 1665891.fs1.hubspotusercontent-na1.net/hub/1665891/hubfs/custom-video-thumbnails/ Redirect Chain https://api-na1.hubapi.com/video/v1/public/124377039151/poster?portalId=1665891 https://1665891.fs1.hubspotusercontent-na1.net/hub/1665891/hubfs/custom-video-thumbnails/TeamTNT-1-thumb.jpeg?length=1920	34 KB 35 KB	22ms 22ms	Image image/webp	2606:4700::6812:f0f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1665891.fs1.hubspotusercontent-na1.net/hub/1665891/hubfs/custom-video-thumbnails/TeamTNT-1-thumb.jpeg?length=1920 Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Server 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce6f862e8093670596e5b397640fecff406674cc67f372409b013d206ca6ccbf Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT via 1.1 a251e31740a6e166e8fdccf296c41644.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' cache-tag F-124379746313,FD-9460320918,P-1665891,FLS-ALL content-length 35292 cf-resized internal=ok/h q=0 n=90+0 c=11+127 v=2023.7.2 l=35292 last-modified Wed, 12 Jul 2023 20:09:41 GMT cf-bgj imgq:86,h2pri server cloudflare etag "cfKNGDh-Il_1eJDw-UMTdyHlrswnSDvw7ZAbX8WcieDQ:bb26b097c5d56da0596a1a043dec610c" vary Accept, Accept-Encoding content-type image/webp access-control-allow-origin * cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 accept-ranges bytes cf-ray 7e663bf498632c1e-FRA Redirect headers date Fri, 14 Jul 2023 02:11:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id af16b9a6-cd2f-4d9e-9d91-4f9f72e08950 x-envoy-upstream-service-time 4 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id af16b9a6-cd2f-4d9e-9d91-4f9f72e08950 server cloudflare x-trace 2B1057D5797858686E0FDD30D26BB369E1C44F8077000000000000000000 vary origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6foOmZI4hEXZYKVsJdzv%2FbGxUY8EHkAFImt9npj1th8b1%2F%2FMWCyNFnE3c8KKSCBJ7sSGKdbCec3Ozq%2FFTz1kTU9nBYkd85ACmVOZzRywfIoJQgbX0UDbqGs6%2F1SrpyWhrDIvkqB5rDfZFb4OHBszA%3D%3D"}],"group":"cf-nel","max_age":604800} location https://1665891.fs1.hubspotusercontent-na1.net/hub/1665891/hubfs/custom-video-thumbnails/TeamTNT-1-thumb.jpeg?length=1920 x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-598c95b5b7-lp48s access-control-allow-credentials false cf-ray 7e663bf1cbee3829-FRA
GET H2	200	Ofek-Itach_SQ.jpg 1665891.fs1.hubspotusercontent-na1.net/hub/1665891/hubfs/Aqua%20People/	3 KB 3 KB	240ms 204ms	Image image/webp	2606:4700::6812:f0f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1665891.fs1.hubspotusercontent-na1.net/hub/1665891/hubfs/Aqua%20People/Ofek-Itach_SQ.jpg?width=120&height=120&name=Ofek-Itach_SQ.jpg Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 52e281fb46a631df87587fa6388f5df4e576b543d7c7c387bae676434381e462 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT via 1.1 5195de19cbc5ce842ac6538e9a6850ca.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' cache-tag F-76134155906,FD-7522622900,P-1665891,FLS-ALL content-length 2844 cf-resized internal=ok/m q=0 n=209+0 c=1+4 v=2023.6.4 l=2844 last-modified Mon, 13 Jun 2022 10:57:27 GMT cf-bgj imgq:86,h2pri server cloudflare etag "cfFVIAKyixFy3IUjbUyHpoBbJ8CkG96azlf-Tapd0KDQ:700866d580351087ed06187aa9f7d4bd" vary Accept, Accept-Encoding content-type image/webp access-control-allow-origin * cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 accept-ranges bytes cf-ray 7e663bf1def62c1e-FRA
GET H2	200	Assaf%20M%20300x300.jpg 1665891.fs1.hubspotusercontent-na1.net/hub/1665891/hubfs/Imported%20sitepage%20images/	3 KB 3 KB	236ms 200ms	Image image/webp	2606:4700::6812:f0f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1665891.fs1.hubspotusercontent-na1.net/hub/1665891/hubfs/Imported%20sitepage%20images/Assaf%20M%20300x300.jpg?width=120&height=120&name=Assaf%20M%20300x300.jpg Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c75856e66054adbda0310e749edbdec273f207923321b97a3f8bf012b4d28b80 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT via 1.1 7f7e359e1c06a914d3d305785359b84c.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' cache-tag F-97329473928,FD-42703647798,P-1665891,FLS-ALL content-length 3080 cf-resized internal=ok/m q=0 n=233+0 c=1+7 v=2023.6.4 l=3080 last-modified Wed, 04 Jan 2023 12:38:02 GMT cf-bgj imgq:86,h2pri server cloudflare etag "cf1zM0XKenPQu5gookC4EYBHUACkG96azlf-Tapd0KDQ:12b60e0644c5c87150805225f7db3e83" vary Accept, Accept-Encoding content-type image/webp access-control-allow-origin * cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 accept-ranges bytes cf-ray 7e663bf1def72c1e-FRA
GET H2	200	embed.js Show response static.hsappstatic.net/content-cwv-embed/static-1.240/	11 KB 5 KB	44ms 18ms	Script application/javascript	2606:4700::6812:8f65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/content-cwv-embed/static-1.240/embed.js Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8f65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7944796ddd5fcfea5a16d0a01e0179972a31c071aa2fda7ba986323a6790752 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT x-amz-version-id 2PIZat4k7iqlwfOTJtCspFj5G31rDKpK via 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA56-P2 age 193225 x-amz-server-side-encryption AES256 content-encoding br x-cache Hit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 last-modified Mon, 15 May 2023 19:59:44 GMT server cloudflare etag W/"bf8f264c31eb93db41268dd04256be85" vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Gj3sqHJKPKqoaXG75GGqBdKdI6PjGG848fAbzaX0Nb%2BK2nX4wY%2FEurpHn8hBATdheaM02ItSDg78jzGhY1k0u9RC7Lca2%2Bjo2%2BkJ4VckevOg1AMGuS6czsfMDZ24hk7Wwe8M0vOHN2v4rr2VwRX8%2BxkHCA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 7e663bf1ce2f2bb0-FRA x-amz-cf-id SKXtZwAAETvmtg2bhQzg4IeLXZCqlP_PkgOS936pk-E9K3QyFnYCVg== expires Sat, 13 Jul 2024 02:11:17 GMT
GET H3	200	aqua_theme_2019_scripts.js Show response blog.aquasec.com/hs-fs/hub/1665891/hub_generated/template_assets/7511165868/1575250830489/Coded_files/Custom/page/Aqua_Theme_2019/	5 KB 3 KB	30ms 29ms	Script application/javascript	2606:2c40::c73c:671c CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://blog.aquasec.com/hs-fs/hub/1665891/hub_generated/template_assets/7511165868/1575250830489/Coded_files/Custom/page/Aqua_Theme_2019/aqua_theme_2019_scripts.js Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 4f9a3cacca516b6343c46d79e9c02a0eea2497cd7b0726359b8bb9120375559e Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests content-encoding br age 1602 x-amz-request-id 7XVWG2FTEXHHTWCE x-evy-trace-route-service-name envoyset-translator x-hs-https-only worker x-hs-cf-lambda us-east-1.enforceAclForReadsProd 20 x-evy-trace-listener listener_https etag W/"de4d6e1461004a14ecb30b8ea579d084" vary origin, Accept-Encoding content-type application/javascript; charset=utf-8 x-evy-trace-virtual-host all cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000 x-hs-cf-lambda-enforce us-east-1.enforceAclForReadsProd 20 date Fri, 14 Jul 2023 02:11:17 GMT strict-transport-security max-age=31536000 via 1.1 2e50d9b1ee017f302768660f02b7418e.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-version-id 9AKBnGYi3T4hDaPO1On7lahtX4teQ0Wk x-amz-cf-pop IAD89-C1 x-cache RefreshHit from cloudfront x-envoy-upstream-service-time 147 alt-svc h3=":443"; ma=86400 x-amz-id-2 9sDp4d5JRRSL7DXS4toRjgoYTy+79Igt0dXTyXQilwI+gDtOTLpSsl6i1ofe9isQLmF3yyfCv+PWdKxq64JUkg== x-request-id f223f3f2-b4f8-4fad-ac87-e3fb307fcff1 x-evy-trace-route-configuration listener_https/all last-modified Mon, 02 Dec 2019 01:40:31 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUbd6cL2ZRiMi6z39BzgIeS4V5z146pnyMrzXYY%2FtvQ1rBRaWEDpZbgXyJbF%2BkNSKptKKo9MlDd5Iy%2BI%2Fo9Achu0kw2k3nOKtkAU%2FdpF63p1l9HfgGFzqu86FODZbmfqZRejZKrYKtqJ5KlLwWQ%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/cms-hubfs-td/envoy-proxy-55b7d448b-fwhk5 access-control-allow-credentials false cf-ray 7e663bf16dd91994-FRA x-amz-cf-id H0gosGqThR9XDt8HlV1nVxVf4O6Y20K1YfL_6AX8Yn5oSYe1Jglg0A==
GET H2	200	loader.js Show response static.hsappstatic.net/video-embed/ex/	35 KB 13 KB	52ms 27ms	Script application/javascript	2606:4700::6812:8f65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/video-embed/ex/loader.js Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8f65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3bad8a093a13096aaa04a847ec1a058bfe892868051f39a1ab21d8be9430bf28 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT x-amz-version-id XgBFFj1pFc1nCU2jggx5GYu.sSKzqXfZ via 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront) cf-cache-status REVALIDATED nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA56-P2 x-amz-server-side-encryption AES256 content-encoding br x-cache Hit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 last-modified Tue, 11 Jul 2023 17:16:02 GMT server cloudflare etag W/"009238802c8673fb7ee21ad8e238a0cb" vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9quqGqqoobWZbtCGcwntx2A7vdAXpwAj3GI0ZeRawAIKozVWsEITjyzXOIUnS4k5Kk5GUYM%2BAgXBHj%2BVfo%2FsCSIXBtyY9sShBlYAAPJWUNWZB7z4HXl%2FoGwb8%2BtXemNZjq7ZR702h05UrPe65kqS0OHDJpg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=60 cf-ray 7e663bf1ce302bb0-FRA x-amz-cf-id CSqdMSweZWS-aMwOCrAHCPukF69DQkXQVR415NknwzOam0Z-09xPNA== expires Fri, 14 Jul 2023 02:12:17 GMT
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/	87 KB 28 KB	34ms 15ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 4520653 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27938 last-modified Tue, 02 Mar 2021 18:58:36 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "603e8adc-15d9d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B91i5HRilWlPdxKZ5VC39UY4rCu2afeVrbtSl6zNVJiFOmNvhq91oxmU0E%2B5%2Fnwhnjcg1YOu%2BGEfhQ%2BuigWDe2TCe3ICaJg3ApwY6a4NslaC69IuSbYKxfZ0hpvKs6it4jigP2xIzEUQZnUJ9uEjVz5%2F"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7e663bf198f7902a-FRA expires Wed, 03 Jul 2024 02:11:17 GMT
GET H2	200	jquery-migrate.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/	11 KB 4 KB	18ms 15ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/jquery-migrate.min.js Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 32832 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 3718 last-modified Wed, 18 Nov 2020 00:51:42 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5fb4701e-2c03" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=unzvkfd7fRl335EzTooI8AA%2FhveMjpvglponJTLCs7CiO1KiCvrQKljK1mnyJH6yCzYSVydpkZvRpWg2NXJ6duX6Ro%2Bk3A3MuOIRWpELupCadSGfxNsnYjeg5EeTch%2BpnnnP60XnSSl8m%2F15%2F5MA%2FOiT"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7e663bf198f9902a-FRA expires Wed, 03 Jul 2024 02:11:17 GMT
GET H3	200	1665891.js Show response blog.aquasec.com/hs/scriptloader/	2 KB 1 KB	131ms 130ms	Script application/javascript	2606:2c40::c73c:671c CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://blog.aquasec.com/hs/scriptloader/1665891.js Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 716bb4fdb5f0e19847dd2096813b8af216cb147ae9d37b97efd89afbec8c2b02 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id b4c4574d-514c-469c-bfaa-57037c508b12 x-envoy-upstream-service-time 5 x-hs-https-only worker alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id b4c4574d-514c-469c-bfaa-57037c508b12 last-modified Fri, 14 Jul 2023 02:05:37 GMT server cloudflare x-trace 2BCE80880779FA3C8ABB77489B582D4DE3D3080D1E000000000000000000 vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://blog.aquasec.com x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-598c95b5b7-5grng cache-control public, max-age=60 access-control-allow-credentials true x-evy-trace-virtual-host all report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7NWd0NiLz%2BD3YNB1yRUbcvXNT9oKtKI63s5%2F%2BGpp%2BADRsohmFqN7d3ri%2FqLGXrqNcArDAh8WynhiyAj9rxCxnz7LxoT8uCPf46e1gKrD857tjHdYTUTjWmzX%2BKqgcdDdoHT4xcUwGwG4E4LmzA%3D"}],"group":"cf-nel","max_age":604800} cf-ray 7e663bf19dfa1994-FRA expires Fri, 14 Jul 2023 02:12:17 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	285 KB 92 KB	46ms 24ms	Script application/javascript	2a00:1450:4001:803::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5N9T3H Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 41ee131f034ee742789066537b7bbbd6637b5a8ed9b21bd64ee239552161ff67 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 93671 x-xss-protection 0 last-modified Fri, 14 Jul 2023 00:05:43 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 14 Jul 2023 02:11:17 GMT
GET H2	200	css2 fonts.googleapis.com/	7 KB 1 KB	42ms 18ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@400;600;700&display=swap Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/hs-fs/hub/1665891/hub_generated/template_assets/7511165869/1686823327504/Coded_files/Custom/page/Aqua_Theme_2019/aqua_theme_2019_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash af1a469d92bfcb0a43a47a53cafabdf04d540b95294d155def3ff6693c1fc538 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/hs-fs/hub/1665891/hub_generated/template_assets/7511165869/1686823327504/Coded_files/Custom/page/Aqua_Theme_2019/aqua_theme_2019_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 14 Jul 2023 02:11:17 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 14 Jul 2023 01:18:35 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 14 Jul 2023 02:11:17 GMT
GET H2	200	animation.css 1665891.fs1.hubspotusercontent-na1.net/hubfs/1665891/Scalock_Jan2016/	27 KB 3 KB	222ms 182ms	Stylesheet text/css	2606:4700::6812:f0f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1665891.fs1.hubspotusercontent-na1.net/hubfs/1665891/Scalock_Jan2016/animation.css Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/hs-fs/hub/1665891/hub_generated/template_assets/7511165869/1686823327504/Coded_files/Custom/page/Aqua_Theme_2019/aqua_theme_2019_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee6eb03a528bb02a6a0aaac0adcdcfaeb3275b2596b08df6efd12ceca93df7e9 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/hs-fs/hub/1665891/hub_generated/template_assets/7511165869/1686823327504/Coded_files/Custom/page/Aqua_Theme_2019/aqua_theme_2019_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT via 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT x-amz-meta-cache-tag F-3686461719,P-1665891,FLS-ALL x-amz-version-id s0c7rvHNJDMTrAJplCdVbtTcnNRAmnNF age 221670 x-amz-cf-pop FRA56-P7 x-amz-request-id 2EAD5KSM8BKJVZEQ edge-cache-tag F-3686461719,P-1665891,FLS-ALL cache-tag F-3686461719,P-1665891,FLS-ALL x-cache Miss from cloudfront x-hs-cf-lambda us-east-1.enforceAclForReadsProd 20 x-amz-id-2 9WNgIebeLP/cFmng0Fl5Y0mifSTCny52KcVruHV37DmFTu/q+rTjIEGy5fhKWDywPkugZdhCh3GifKjTCRAGw0X8yO8V52B0 last-modified Sun, 08 Oct 2017 05:05:55 GMT server cloudflare etag W/"edfd447adba05bffefacddd7cf793b7d" vary Accept-Encoding access-control-allow-methods GET content-type text/css access-control-allow-origin * cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 cf-ray 7e663bf1def02c1e-FRA x-amz-cf-id A4WFX-hZxeCj1fMhuxOB0QKHTnScEa4yCq6GckI7RLSzX650H4yw5A== x-hs-cf-lambda-enforce us-east-1.enforceAclForReadsProd 20
GET H2	200	embed Show response flo.uri.sh/visualisation/14395339/ Frame 3ADE	150 KB 49 KB	48ms 23ms	Document text/html	2606:4700:20::ac43:4aa0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://flo.uri.sh/visualisation/14395339/embed Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c067a4f3828f4b9e6aa0ee521aafb4b300e2db659ebd5d7383c014007c47cc0 Request headers Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 60082 cache-control max-age=0 cf-cache-status HIT cf-ray 7e663bf1c9d44d62-FRA content-encoding br content-type text/html; charset=utf-8 date Fri, 14 Jul 2023 02:11:17 GMT last-modified Wed, 12 Jul 2023 14:41:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XyESW1yGS%2FJIX5f%2FZ2vnClOOpSP3JELOAR3%2BBK8EGnkFDEPhB7wn7ujKJvLPCwXIqHrf8afxp4PdB4K5UMYA0qNPII36%2FVoTaaIU9faMngDiksyOrrTU%2B4oRuuU5nDzmeShxR%2BuYxL0%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-amz-id-2 eQiwULz3vZ2D+yraqRJh1CUsL4RelyoXWS/02HXSXnkVR7kCi8/7KbIfu+Z2EjW2d6heucULLNs= x-amz-request-id CGNKM72K3ECT517T x-amz-version-id Ra3xueeS5HWS_6TRTyL30KxKu.3i1pmu
GET H2	200	g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a Show response www.virustotal.com/graph/embed/ Frame 3752	5 KB 2 KB	205ms 130ms	Document text/html	74.125.34.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.34.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS ghs-vip-any-c46.ghs-ssl.googlehosted.com Software Google Frontend / Resource Hash 1fdf2d38ea776b3b355bf1a44eadc76e7c08c11ead4d49b423693af526f2e180 Request headers Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache content-encoding gzip content-length 1578 content-type text/html; charset=utf-8 date Fri, 14 Jul 2023 02:11:17 GMT server Google Frontend vary Accept-Encoding x-cloud-trace-context e7f96c579f1a59a8153356de2b379424
GET H2	200	embed Show response flo.uri.sh/visualisation/14363779/ Frame A07B	2 MB 504 KB	33ms 14ms	Document text/html	2606:4700:20::ac43:4aa0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://flo.uri.sh/visualisation/14363779/embed Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af71e712b85014d7b3e62e32a13af4dc6c83f97948b44179cb0a01c84b1ca25e Request headers Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 59854 cache-control max-age=0 cf-cache-status HIT cf-ray 7e663bf1c9d54d62-FRA content-encoding br content-type text/html; charset=utf-8 date Fri, 14 Jul 2023 02:11:17 GMT last-modified Thu, 13 Jul 2023 09:33:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSGuFl89zvQPLlrZQtZHDXibf%2BynPIxuC2iTeVMEG7teXUToLxuX44ms1Ecjmt3hDa5fZ19FBF0w9vQBguqzqeMhy6mqYnJiTPojVxDaPvklNnA6aPaqH%2BxVfw0jiIfyJcoFkkiCn%2FU%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-amz-id-2 04mUqyAlQoX34dPvXvi+n2NSGeRGtrrcxAWOzB5P2opPhn8SH3aJVhJnXyZKi4cdmgjeGquMsUs= x-amz-request-id 93FGMN31SRCAAM2D x-amz-version-id Kx.rYAA2WuS1UOTVoajspU2efDjFuLJc
GET H2	200	css fonts.googleapis.com/ Frame A07B	5 KB 756 B	19ms 14ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700 Requested by Host: flo.uri.sh URL: https://flo.uri.sh/visualisation/14363779/embed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash cbd72c9f40a8903d4eb22dd875d21dcb4e604b01c9b57c5847cd9c5ee1ee6af9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://flo.uri.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 14 Jul 2023 02:11:17 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 14 Jul 2023 01:17:08 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 14 Jul 2023 02:11:17 GMT
GET H2	200	bundle.css flo.uri.sh/template/16768/v7/static/ Frame A07B	39 KB 6 KB	26ms 21ms	Stylesheet text/css	2606:4700:20::ac43:4aa0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://flo.uri.sh/template/16768/v7/static/bundle.css Requested by Host: flo.uri.sh URL: https://flo.uri.sh/visualisation/14363779/embed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c878908161b3baf40d8e5fad66988248fa10be2d6b66a0d1f3f2fc0fdbd0a565 Request headers accept-language de-DE,de;q=0.9 Referer https://flo.uri.sh/visualisation/14363779/embed User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT x-amz-version-id X6awin4ik8Q_DWUtnCpji6rQ7.XOQ1K8 content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id AW1YDSN1PBRV9KCR age 335712 x-amz-id-2 vgIJsmFoWnaVAoUpuODXxB6f9gBlYVaWkfh6WxZ8l/V8GCN6RkD8YkgZNQd1dRy8KOaSoIrDr5o= last-modified Thu, 06 Jul 2023 14:16:28 GMT server cloudflare etag W/"faf952a27170190894d03a4fbdd80cc3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIRp8S3VWCCkDBZfwpMwH21HW9VFR21H8X5JMQkA%2BfJE2QUM0cB0sWqi0A313KdObLUqB6NztSx6wNZ6TSQ3MVmvjOMfscaCIf%2BET6hlhILk3OaTIdporY%2BX5UycLL9tGilwciameho%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000, immutable cf-ray 7e663bf1f9ec4d62-FRA
GET H2	200	fa-solid-900.woff2 flo.uri.sh/template/16768/v7/static/webfonts/ Frame A07B	73 KB 73 KB	20ms 15ms	Font font/woff2	2606:4700:20::ac43:4aa0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://flo.uri.sh/template/16768/v7/static/webfonts/fa-solid-900.woff2 Requested by Host: flo.uri.sh URL: https://flo.uri.sh/visualisation/14363779/embed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe Request headers accept-language de-DE,de;q=0.9 Referer https://flo.uri.sh/visualisation/14363779/embed User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT x-amz-version-id bWspCAvFmTPhgT9pBzXS28FOql9HWV_b cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id AW1PABPG3CPTXP14 age 335712 content-length 74256 x-amz-id-2 70etLwaiydbiwaC1A53PCOzif//vf01YEVRAtI537I2glL/sv3vEKa6SpwpJ7KXDNLEp1pkXvNM= last-modified Thu, 06 Jul 2023 14:16:28 GMT server cloudflare etag "418dad87601f9c8abd0e5798c0dc1feb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ks2HVxWQMtNA4tmq4r3P4RlQURAFVR%2FdSm5I506XGK4Oz6JfaVAzp%2FhSqGAhn5%2FLyRZCoKybtNe87nOnijCBVKk0Ie6lQw5eSIjYgNiWl4JJ2tDksvDwuVAzB7D%2Bme7CTwOWLeHFieo%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=31536000, immutable accept-ranges bytes cf-ray 7e663bf1f9ed4d62-FRA
GET H2	200	style.css flo.uri.sh/template/12954/v3/static/ Frame 3ADE	548 B 697 B	19ms 16ms	Stylesheet text/css	2606:4700:20::ac43:4aa0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://flo.uri.sh/template/12954/v3/static/style.css Requested by Host: flo.uri.sh URL: https://flo.uri.sh/visualisation/14395339/embed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3384e8badd6606689c119ccea5a5141d73db77228d227950262d0930aa06460 Request headers accept-language de-DE,de;q=0.9 Referer https://flo.uri.sh/visualisation/14395339/embed User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT x-amz-version-id r6nWiwi0JM7ORAJwlt2qQ.Sm4ZNmcMa1 content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 32W9QZ1EZHSCER80 age 66061 x-amz-id-2 xlJG1ZbevWXMH5B2gxkJD6hOtUJD1hJKDaZc3O0TpKQpA+08QPDUazwuqKJh0o1STpCW+b4J94w= last-modified Mon, 10 Jul 2023 16:33:54 GMT server cloudflare etag W/"4dc84163ea55146b696ee921d2536794" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFx5geToUy3X%2FARuXc2XId%2FHX0CqNWfAmEn7fgJNSbH0s3PH%2BKkx59v8NjArrMOwDqCTPidiT3zzcs92njHcIR0b7IFkV7NLyy0cC22JfMfTI98zRjCmfFMBewpOW1lKRB5U%2B6cmVtY%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000, immutable cf-ray 7e663bf1f9f24d62-FRA
GET H2	200	embedded.js Show response public.flourish.studio/resources/v3/ Frame 3ADE	11 KB 4 KB	14ms 12ms	Script application/javascript	108.138.36.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://public.flourish.studio/resources/v3/embedded.js Requested by Host: flo.uri.sh URL: https://flo.uri.sh/visualisation/14395339/embed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-27.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 3f80d5f9ce4e4273e3dbdc43f418d37328216b79195165c14e65cc1c6ec34127 Request headers accept-language de-DE,de;q=0.9 Referer https://flo.uri.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-amz-version-id 5JBkJ5yHwPU9uXJxuk.oM8vXR3yq7pLt content-encoding gzip via 1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront) date Fri, 14 Jul 2023 02:10:11 GMT x-amz-cf-pop MUC50-P2 age 66 x-cache Hit from cloudfront last-modified Thu, 06 Jul 2023 09:04:12 GMT server AmazonS3 etag W/"dc19950f0ddddd9b7a5691ed2ee57cb9" access-control-max-age 3000 access-control-allow-methods GET, HEAD, POST content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-id ZdDGXVvKczsNovwqL8tM9lkryLPFeoiKm5FHXBh8s2Z34422fqFebA==
GET DATA	200 OK	truncated / Frame A07B	38 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated / Frame A07B	68 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/png
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/881756472/	3 KB 2 KB	57ms 36ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/881756472/?random=1689300677879&cv=11&fst=1689300677879&bg=ffffff&guid=ON&async=1&gtm=45He37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&hn=www.googleadservices.com&frm=0&tiba=TeamTNT%20Reemerged%20with%20New%20Aggressive%20Cloud%20Campaign&auid=387248433.1689300678&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N9T3H Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c60aa11ddc46386b2f3d24a9939d897aa41692ca9b343400bdd4cd6f893a403b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jul 2023 02:11:17 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1346 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	1 KB 703 B	51ms 7ms	Script application/x-javascript	2a02:26f0:3100::1735:28a8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N9T3H Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3100::1735:28a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash a224dfc1e1af0259dd16f2fbc3033f2d43c30eb02ce760a3333d86c01dc1e942 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:17 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 13 Jul 2023 13:42:35 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=41550 accept-ranges bytes content-length 491
GET H2	200	9110.js Show response script.crazyegg.com/pages/scripts/0082/	6 KB 2 KB	442ms 399ms	Script text/javascript	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/scripts/0082/9110.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N9T3H Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7ee12725456527413f4eb38618cb36834b3e0f843f48e73ca1b7d609054a3ac Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT content-encoding gzip cf-cache-status MISS last-modified Fri, 14 Jul 2023 02:11:18 GMT server cloudflare vary Accept-Encoding content-type text/javascript ce-version 11.5.104 access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes timing-allow-origin * cf-ray 7e663bf51bfd68fe-FRA content-length 2203
GET H2	200	bat.js Show response bat.bing.com/	40 KB 12 KB	47ms 30ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N9T3H Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Fri, 14 Jul 2023 02:11:17 GMT last-modified Thu, 11 May 2023 18:08:27 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 3D409D96886E4775ABE0C76F8961DEE0 Ref B: FRA31EDGE0607 Ref C: 2023-07-14T02:11:17Z etag "80df77953384d91:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 12183
GET H2	200	1665891.js Show response js.hs-scripts.com/	2 KB 1 KB	389ms 372ms	Script application/javascript	2606:4700::6812:863b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/1665891.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N9T3H Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:863b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a05e3a206ccfb81bf4a7376cd4696e3f54a329a808b106c55a5f7d00e52f85b4 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT content-encoding br cf-cache-status EXPIRED x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 627f3262-9280-487e-b441-69d9c660963d x-envoy-upstream-service-time 3 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 627f3262-9280-487e-b441-69d9c660963d last-modified Fri, 14 Jul 2023 01:48:34 GMT server cloudflare x-trace 2B06F47F97DED4298D40B44D3BB698B27A527C7C21000000000000000000 vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://blog.aquasec.com x-evy-trace-virtual-host all cache-control public, max-age=60 access-control-allow-credentials true x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-598c95b5b7-gm8dw cf-ray 7e663bf4e95818b9-FRA expires Fri, 14 Jul 2023 02:12:18 GMT
GET H2	200	pixel.bundle.js Show response pixel.dealtale.io/	37 KB 12 KB	67ms 13ms	Script application/javascript	18.173.154.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.dealtale.io/pixel.bundle.js Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.154.98 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-154-98.muc50.r.cloudfront.net Software / Resource Hash ec8619de75666bd9a353974ae36aad73b668b51ea6e84c5ddc374a58fb55f705 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 01:57:34 GMT content-encoding gzip via 1.1 03d32b94cb61a4fdb1e546e888f089e4.cloudfront.net (CloudFront) last-modified Wed, 12 Jul 2023 10:39:48 GMT x-amz-cf-pop MUC50-P3 age 1034 etag W/"923c-18949af8920" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1800 accept-ranges bytes x-amz-cf-id F5ruj5CCgbFss3e43AB4Mzw7xbPROTZlcoj2e1hUWpfEFr2a7J__MQ==
GET H2	200	6si.min.js Show response j.6sc.co/	35 KB 11 KB	38ms 7ms	Script application/javascript	95.101.111.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://j.6sc.co/6si.min.js Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 4aec96eddab69454e554bb60664da2e5043c363ebef6921644f619523e7274d7 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jul 2023 02:11:17 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 17 May 2023 00:27:16 GMT server nginx/1.14.0 (Ubuntu) etag "64641f64-8a3f" vary Accept-Encoding content-type application/javascript cache-control private, no-cache, proxy-revalidate accept-ranges bytes content-length 11052 expires Fri, 14 Jul 2023 02:11:17 GMT
GET H2	200	data-layer-events.js Show response info.aquasec.com/hubfs/	11 KB 4 KB	891ms 855ms	Script application/javascript	2606:2c40::c73c:671c CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://info.aquasec.com/hubfs/data-layer-events.js?v=1689301277889 Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 396f95fe76847ae1beacf9c523d2b852b3fc31ce9beedbde4df6b7f8ba6901ec Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests content-encoding br x-amz-meta-cache-tag F-77926488921,P-1665891,FLS-ALL x-amz-request-id 73D7XCDJG4HVG36B x-amz-server-side-encryption AES256 edge-cache-tag F-77926488921,P-1665891,FLS-ALL x-amz-replication-status COMPLETED x-hs-https-only worker x-hs-cf-lambda us-east-1.enforceAclForReadsProd 20 etag W/"b492d523ec97a31b53add8896e2baeca" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * x-amz-meta-created-unix-time-millis 1656583869290 cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 x-robots-tag all x-hs-cf-lambda-enforce us-east-1.enforceAclForReadsProd 20 date Fri, 14 Jul 2023 02:11:18 GMT strict-transport-security max-age=31536000 via 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-version-id XcRlKoDF..T4fG.0Cjjm9Tr4D9UFP3Rp x-amz-cf-pop FRA56-P7 x-hs-alternate-content-type text/plain x-cache Miss from cloudfront cache-tag F-77926488921,P-1665891,FLS-ALL x-amz-meta-index-tag all x-amz-storage-class INTELLIGENT_TIERING alt-svc h3=":443"; ma=86400 x-amz-id-2 gWlIZFm74ipZoixJjZt1rF2X+ngMYGq+9vjPg/I3wLF3LP28XML9aOyitjeDdTOcR/2JHcu9Et4= last-modified Thu, 30 Jun 2022 10:11:10 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7vsw4MKV%2Bju1Vm3yax46M2uBFsVAiYPeZGXFpBWWlViST2JbHg4FKEXdxWpQv315vKgI%2F2W78IguFru3AbWZHrxtJPKfpoW1HEdfDTwDpfJ2jGx3mcpOiXZ4T%2FqF46SofWtoRFxkyDPWZMjS7g%3D"}],"group":"cf-nel","max_age":604800} cf-ray 7e663bf5094c1942-FRA x-amz-cf-id TFY6hsSRrANHBwwfdbWEKbty0cwSXxBT73R9PSUoRbw9DytmDHP42w==
GET H2	200	webcomponent-polyfill.js Show response www.virustotal.com/graph/assets/js/ Frame 3752	107 KB 38 KB	20ms 19ms	Script application/javascript	74.125.34.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.virustotal.com/graph/assets/js/webcomponent-polyfill.js Requested by Host: www.virustotal.com URL: https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.34.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS ghs-vip-any-c46.ghs-ssl.googlehosted.com Software Google Frontend / Resource Hash 078441b8767fe10f5817e9d15f7d72a0b5960e8f243fb4b87713275e8f30a530 Request headers accept-language de-DE,de;q=0.9 Referer https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 19:50:05 GMT content-encoding gzip server Google Frontend age 22872 etag "jWBcvg" content-type application/javascript x-cloud-trace-context c98869f003129dd04b3aa035a8122cd7 cache-control public, max-age=2592000 content-length 39000 expires Sat, 12 Aug 2023 19:50:05 GMT
GET H2	200	reset.css www.virustotal.com/graph/assets/ Frame 3752	1 KB 894 B	19ms 19ms	Stylesheet text/css	74.125.34.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.virustotal.com/graph/assets/reset.css Requested by Host: www.virustotal.com URL: https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.34.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS ghs-vip-any-c46.ghs-ssl.googlehosted.com Software Google Frontend / Resource Hash 3f34c60739933355936b8697d7ffe230215934677bf088acf4ec1dda74cc7321 Request headers accept-language de-DE,de;q=0.9 Referer https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 11 Jul 2023 19:00:30 GMT content-encoding gzip server Google Frontend age 198647 etag "jWBcvg" content-type text/css x-cloud-trace-context 891d34d2b3bb16b265e83429b078b2c5 cache-control public, max-age=2592000 content-length 740 expires Thu, 10 Aug 2023 19:00:30 GMT
GET H2	404	logo.png www.virustotal.com/graph/assets//images/ Frame 3752	306 B 306 B	128ms 127ms	Image text/html	74.125.34.46 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.virustotal.com/graph/assets//images/logo.png Requested by Host: www.virustotal.com URL: https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.34.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS ghs-vip-any-c46.ghs-ssl.googlehosted.com Software Google Frontend / Resource Hash 130761f1957a81a406a02cc09c1d15ec539fa727d1eefad8141759974308f5a7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-cloud-trace-context 92e2e0290ec7f77773cf1c51381e5025 date Fri, 14 Jul 2023 02:11:18 GMT server Google Frontend content-length 306 content-type text/html; charset=UTF-8
GET H2	200	11.main.bundle.4da6364c74094b0e015f.js Show response www.virustotal.com/graph/assets/ Frame 3752	153 KB 48 KB	23ms 23ms	Script application/javascript	74.125.34.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.virustotal.com/graph/assets/11.main.bundle.4da6364c74094b0e015f.js Requested by Host: www.virustotal.com URL: https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.34.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS ghs-vip-any-c46.ghs-ssl.googlehosted.com Software Google Frontend / Resource Hash 02112900829af5918d45422a14f90ba9f6b15c52834250eab6d10cf4d6fcaddf Request headers accept-language de-DE,de;q=0.9 Referer https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 19:05:23 GMT content-encoding gzip server Google Frontend age 111955 etag "jWBcvg" content-type application/javascript x-cloud-trace-context 755f7ede49bf92fe5857ca93eae307d3 cache-control public, max-age=2592000 content-length 49160 expires Fri, 11 Aug 2023 19:05:23 GMT
GET H2	200	main.bundle.da2b5fdac9fb24ec8937.js Show response www.virustotal.com/graph/assets/ Frame 3752	73 KB 18 KB	19ms 19ms	Script application/javascript	74.125.34.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.virustotal.com/graph/assets/main.bundle.da2b5fdac9fb24ec8937.js Requested by Host: www.virustotal.com URL: https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.34.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS ghs-vip-any-c46.ghs-ssl.googlehosted.com Software Google Frontend / Resource Hash 71074f844ef031c88b6ea9cc217d10e23a8e2e299989c513a52e0081cbfd0c66 Request headers accept-language de-DE,de;q=0.9 Referer https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 08 Jul 2023 01:49:31 GMT content-encoding gzip server Google Frontend age 519707 etag "jWBcvg" content-type application/javascript x-cloud-trace-context e6e0bea684048a2bb3262683a016c665 cache-control public, max-age=2592000 content-length 18228 expires Mon, 07 Aug 2023 01:49:31 GMT
GET H2	200	logo_aqua_2020.svg 1665891.fs1.hubspotusercontent-na1.net/hubfs/1665891/Misc_images/blog/	2 KB 2 KB	22ms 22ms	Image image/svg+xml	2606:4700::6812:f0f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1665891.fs1.hubspotusercontent-na1.net/hubfs/1665891/Misc_images/blog/logo_aqua_2020.svg Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/hs-fs/hub/1665891/hub_generated/template_assets/7511165869/1686823327504/Coded_files/Custom/page/Aqua_Theme_2019/aqua_theme_2019_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b8eb8a7898d7f65f3407008af621d906d14d1f0d0ff3f03a70da78cc1e471ea0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT via 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT x-amz-meta-cache-tag F-33469653384,FD-6262692448,P-1665891,FLS-ALL x-amz-version-id Gbe7iAG8CWjdzqvIjTwC5N1NHh.QA.MM age 920460 x-amz-cf-pop FRA56-P7 x-amz-server-side-encryption AES256 x-amz-request-id 9RCZ7FDPBXNDGYHK edge-cache-tag F-33469653384,FD-6262692448,P-1665891,FLS-ALL cache-tag F-33469653384,FD-6262692448,P-1665891,FLS-ALL x-amz-meta-index-tag all x-amz-storage-class INTELLIGENT_TIERING x-cache RefreshHit from cloudfront x-amz-replication-status COMPLETED x-hs-cf-lambda us-east-1.enforceAclForReadsProd 20 x-amz-id-2 oC+/qXChyCdqAzVBMLlDyYhpZE6jzHJXe+/QT29lJ9PtInQbns6Bx8JJfijhyfDgxr+vjUbgHEw= last-modified Mon, 20 Jun 2022 10:03:45 GMT server cloudflare etag W/"1aec447da87d1627fad6c89bc560eecc" vary Accept-Encoding access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * x-amz-meta-created-unix-time-millis 1597095993170 cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 cf-ray 7e663bf568c62c1e-FRA x-robots-tag all x-amz-cf-id b9Ni6jW7sonLDiAQly0-9JbWWXit34J1Q1yawdpYt0Q_8EDAjCQIUA== x-hs-cf-lambda-enforce us-east-1.enforceAclForReadsProd 20
GET H2	200	icon_search_2020b.png 1665891.fs1.hubspotusercontent-na1.net/hubfs/1665891/Misc_images/blog/	212 B 793 B	23ms 23ms	Image image/webp	2606:4700::6812:f0f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1665891.fs1.hubspotusercontent-na1.net/hubfs/1665891/Misc_images/blog/icon_search_2020b.png Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/hs-fs/hub/1665891/hub_generated/template_assets/7511165869/1686823327504/Coded_files/Custom/page/Aqua_Theme_2019/aqua_theme_2019_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ae9b1771bf14db70ab8b7f15a98a88e78307a6b498182268a4de1ff393d88bb Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-amz-meta-cache-tag F-33469350916,FD-6262692448,P-1665891,FLS-ALL age 408988 x-amz-request-id DP0TG447SMPN8KD2 x-amz-server-side-encryption AES256 edge-cache-tag F-33469350916,FD-6262692448,P-1665891,FLS-ALL x-amz-replication-status COMPLETED content-disposition inline; filename="icon_search_2020b.webp" x-hs-cf-lambda us-east-1.enforceAclForReadsProd 20 cf-bgj imgq:85,h2pri etag "c9a08b827cc52adbe146a1519a312a5d" vary Accept, Accept-Encoding access-control-allow-methods GET content-type image/webp access-control-allow-origin * x-amz-meta-created-unix-time-millis 1597096538277 cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 x-robots-tag all x-hs-cf-lambda-enforce us-east-1.enforceAclForReadsProd 20 date Fri, 14 Jul 2023 02:11:18 GMT via 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-version-id iY4foo3ISi96BxM2rLVgv9iuf8FE_L6A x-amz-cf-pop FRA56-P7 cf-polished origFmt=png, origSize=346 x-cache RefreshHit from cloudfront cache-tag F-33469350916,FD-6262692448,P-1665891,FLS-ALL x-amz-meta-index-tag all content-length 212 x-amz-id-2 AE4nWYcEx/Ipcr//NDzMzEUCHJB9KnPALioGJgYUHCSNPGgs5m4+qxqB8LTWVz08MgyFpOhsyBDn/2d9nqMetA== last-modified Mon, 10 Aug 2020 21:55:39 GMT server cloudflare accept-ranges bytes cf-ray 7e663bf568c72c1e-FRA x-amz-cf-id TOcopDnPTTOUDI0eIDvs2T4FzXKgT87yJYIzij8xffVSTFbT-xSrfA==
GET H2	200	UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 fonts.gstatic.com/s/inter/v12/	37 KB 38 KB	30ms 6ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://blog.aquasec.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 17:13:14 GMT x-content-type-options nosniff age 118684 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37924 x-xss-protection 0 last-modified Mon, 11 Jul 2022 20:54:46 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 11 Jul 2024 17:13:14 GMT
GET H2	200	fiord-color.json Show response tiles.flourish.studio/styles/ Frame A07B	32 KB 4 KB	66ms 13ms	XHR application/json	99.84.88.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tiles.flourish.studio/styles/fiord-color.json Requested by Host: flo.uri.sh URL: https://flo.uri.sh/visualisation/14363779/embed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.88.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-88-3.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 70e4fb69113cede98c6140e0e204042a6f8c3ef01463ab04450c81d5a7dd8422 Request headers Accept application/json Referer https://flo.uri.sh/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-amz-version-id null content-encoding gzip via 1.1 c7cdb483c2afdb721f3c8ba14cd43e86.cloudfront.net (CloudFront) date Thu, 13 Jul 2023 03:43:59 GMT x-amz-cf-pop MUC50-C1 age 80840 x-cache Hit from cloudfront last-modified Thu, 09 Jul 2020 02:30:55 GMT server AmazonS3 etag W/"59402310b286c4782bfacbba3934d23f" access-control-max-age 3000 access-control-allow-methods GET content-type application/json access-control-allow-origin * cache-control max-age=86400 vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-id VbiQzjFPoQuoEQ69Rete47zaFq8jBiATj1Wg65U-MO2Lb_1CNQth4g==
GET H3	200	newplot-(33)-2.jpg blog.aquasec.com/hs-fs/hubfs/	11 KB 12 KB	27ms 27ms	Image image/webp	2606:2c40::c73c:671c CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://blog.aquasec.com/hs-fs/hubfs/newplot-(33)-2.jpg?width=830&height=449&name=newplot-(33)-2.jpg Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash c0e26709a2e2bec79634b7a2231a9b5fef8c1650435c089007f5ec9d0c5e3452 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT strict-transport-security max-age=31536000 via 1.1 8e8540d018f18b8833babc5ff23ec2c6.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-content-type-options nosniff content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests cache-tag F-124407471223,P-1665891,FLS-ALL x-hs-https-only worker alt-svc h3=":443"; ma=86400 content-length 11044 cf-resized internal=ok/m q=0 n=886+0 c=7+38 v=2023.7.2 l=11044 last-modified Wed, 12 Jul 2023 23:51:00 GMT cf-bgj imgq:86,h2pri server cloudflare etag "cfBa1YozaxTr7l4GcuKDx_D7U75nl-4lgH3OIjXaDKDQ:0e5d689596050795d3a3f94dd64379d2" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXbELFjh6%2BR76h6JGABQC%2Fpl7QlT75LsVQnrTuJPqlfmZms%2FrFtk%2B9v3SU7s6Qn2DGwv1byuzP19SVaiDgLsL29%2Frv%2BCA1beaDRPYPTIXIzT%2FvzzfnwBpGE7Ou6JJ0gvxklmuuWfRp6S6yeZZds%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 accept-ranges bytes cf-ray 7e663bf5b8891994-FRA
GET BLOB	200 OK	d645832b-df60-46f9-9f2b-7385f1e3bb55 https://flo.uri.sh/ Frame A07B	379 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://flo.uri.sh/d645832b-df60-46f9-9f2b-7385f1e3bb55 Requested by Host: flo.uri.sh URL: https://flo.uri.sh/visualisation/14363779/embed Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b7cb08c169779ada855ef4a377e6811703f8efcbf5a2776bf01a926c7854eb40 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Length 388096 Content-Type text/javascript
GET BLOB	200 OK	d645832b-df60-46f9-9f2b-7385f1e3bb55 https://flo.uri.sh/ Frame A07B	379 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://flo.uri.sh/d645832b-df60-46f9-9f2b-7385f1e3bb55 Requested by Host: flo.uri.sh URL: https://flo.uri.sh/visualisation/14363779/embed Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b7cb08c169779ada855ef4a377e6811703f8efcbf5a2776bf01a926c7854eb40 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Length 388096 Content-Type text/javascript
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame A07B	254 KB 86 KB	16ms 15ms	Script application/javascript	2a00:1450:4001:803::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-KW52XHYN9H Requested by Host: flo.uri.sh URL: https://flo.uri.sh/visualisation/14363779/embed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0b56ecc72a67c4feabe518d13e6a315180b4bfca80952819ae88aacaabe7313d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://flo.uri.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 87770 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 14 Jul 2023 02:11:18 GMT
GET H2	200	embedded.js Show response public.flourish.studio/resources/v3/ Frame A07B	11 KB 4 KB	12ms 11ms	Script application/javascript	108.138.36.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://public.flourish.studio/resources/v3/embedded.js Requested by Host: flo.uri.sh URL: https://flo.uri.sh/visualisation/14363779/embed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-27.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 3f80d5f9ce4e4273e3dbdc43f418d37328216b79195165c14e65cc1c6ec34127 Request headers accept-language de-DE,de;q=0.9 Referer https://flo.uri.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-amz-version-id 5JBkJ5yHwPU9uXJxuk.oM8vXR3yq7pLt content-encoding gzip via 1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront) date Fri, 14 Jul 2023 02:10:11 GMT x-amz-cf-pop MUC50-P2 age 67 x-cache Hit from cloudfront last-modified Thu, 06 Jul 2023 09:04:12 GMT server AmazonS3 etag W/"dc19950f0ddddd9b7a5691ed2ee57cb9" access-control-max-age 3000 access-control-allow-methods GET, HEAD, POST content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-id ItbbaiEpfPaThdqnfDveCiz5ur2ufSTc6PGuT1RJ-MtuMSAKGJMtAA==
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 3ADE	254 KB 86 KB	23ms 23ms	Script application/javascript	2a00:1450:4001:803::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-KW52XHYN9H Requested by Host: flo.uri.sh URL: https://flo.uri.sh/visualisation/14395339/embed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d6f10ebd5e39df2e6044cf7b2dd57e8f4ffdb860fa83150adea8b1baaf7395b4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://flo.uri.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 87770 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 14 Jul 2023 02:11:18 GMT
GET H3	200	css fonts.googleapis.com/ Frame 3ADE	5 KB 683 B	17ms 17ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700 Requested by Host: flo.uri.sh URL: https://flo.uri.sh/visualisation/14395339/embed Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash cbd72c9f40a8903d4eb22dd875d21dcb4e604b01c9b57c5847cd9c5ee1ee6af9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://flo.uri.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 14 Jul 2023 02:11:18 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 14 Jul 2023 01:26:35 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 14 Jul 2023 02:11:18 GMT
GET H2	200	logo_aqua_dark_2020.svg 1665891.fs1.hubspotusercontent-na1.net/hubfs/1665891/Misc_images/blog/	2 KB 2 KB	24ms 22ms	Image image/svg+xml	2606:4700::6812:f0f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1665891.fs1.hubspotusercontent-na1.net/hubfs/1665891/Misc_images/blog/logo_aqua_dark_2020.svg Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/hs-fs/hub/1665891/hub_generated/template_assets/7511165869/1686823327504/Coded_files/Custom/page/Aqua_Theme_2019/aqua_theme_2019_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 32046089ccace81843cbfbf1e80ec224e591a3a6441753dd62e0bcf4cf33c6d6 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT via 1.1 53f1fabf09e106b6477c73343225c058.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT x-amz-meta-cache-tag F-32606658374,FD-6262692448,P-1665891,FLS-ALL x-amz-version-id cGIgv._m7NnLCO.CteoU4AWXKa3.JYOI age 920460 x-amz-cf-pop CDG52-P1 x-amz-server-side-encryption AES256 x-amz-request-id 9RCJCA41RRE569QZ edge-cache-tag F-32606658374,FD-6262692448,P-1665891,FLS-ALL cache-tag F-32606658374,FD-6262692448,P-1665891,FLS-ALL x-amz-meta-index-tag all x-amz-storage-class INTELLIGENT_TIERING x-cache RefreshHit from cloudfront x-amz-replication-status COMPLETED x-hs-cf-lambda us-east-1.enforceAclForReadsProd 20 x-amz-id-2 LKqRvKjRIM8CUOVPTCaGaN4KfZwUszWLRJ7ipBZiwH9M0JwjMW6ouKFjYr1qcBoYJtgbt+t/bKo= last-modified Mon, 20 Jun 2022 10:04:44 GMT server cloudflare etag W/"fb3dc48473ed7d00d95c696406bb2aa0" vary Accept-Encoding access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * x-amz-meta-created-unix-time-millis 1595279826387 cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 cf-ray 7e663bf679552c1e-FRA x-robots-tag all x-amz-cf-id zU99N8NTYPgwFnUbJEyPAtjI7RWezYUkJGotrfmc2Vo9b6tI4av7pg== x-hs-cf-lambda-enforce us-east-1.enforceAclForReadsProd 20
GET H2	200	facebook.svg 1665891.fs1.hubspotusercontent-na1.net/hubfs/1665891/Misc_images/blog/	779 B 1008 B	27ms 26ms	Image image/svg+xml	2606:4700::6812:f0f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1665891.fs1.hubspotusercontent-na1.net/hubfs/1665891/Misc_images/blog/facebook.svg Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/hs-fs/hub/1665891/hub_generated/template_assets/7511165869/1686823327504/Coded_files/Custom/page/Aqua_Theme_2019/aqua_theme_2019_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c777fc478672e659838faae4c55cf7a8e32c688431ee4d0cd268cf14f645b673 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT via 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT x-amz-meta-cache-tag F-7582432823,FD-6262692448,P-1665891,FLS-ALL x-amz-version-id SiJr2kD481BGRTq56gO1daBOEbOHUvM_ age 408987 x-amz-cf-pop FRA56-P7 x-amz-request-id 2A0BDMQYB2ARF61T edge-cache-tag F-7582432823,FD-6262692448,P-1665891,FLS-ALL cache-tag F-7582432823,FD-6262692448,P-1665891,FLS-ALL x-cache RefreshHit from cloudfront x-hs-cf-lambda us-east-1.enforceAclForReadsProd 20 x-amz-id-2 hd64BBrSYfZVTo3zzK/JTa782tx0mFFqYiJI9654iOL2rwpkLyvC+de28yc2xAgBvGexxImlFkI= last-modified Wed, 13 Feb 2019 23:42:59 GMT server cloudflare etag W/"19749026ef152d226e9257455bec9ed7" vary Accept-Encoding access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 cf-ray 7e663bf679572c1e-FRA x-amz-cf-id 0tpuJxk435c2tNWA0xm_bXs_udid_X0u-uvc4s4WfW-U9KcTeV_X_A== x-hs-cf-lambda-enforce us-east-1.enforceAclForReadsProd 20
GET H2	200	twitter.svg 1665891.fs1.hubspotusercontent-na1.net/hubfs/1665891/Misc_images/blog/	1 KB 1 KB	25ms 24ms	Image image/svg+xml	2606:4700::6812:f0f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1665891.fs1.hubspotusercontent-na1.net/hubfs/1665891/Misc_images/blog/twitter.svg Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/hs-fs/hub/1665891/hub_generated/template_assets/7511165869/1686823327504/Coded_files/Custom/page/Aqua_Theme_2019/aqua_theme_2019_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7138c5a544f4668dd59e8f9d96aaa87bcfd0066948ea309f2db6460bd3b81041 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT via 1.1 be8ca88bcfbe9f1ac2e2b6bb9e74f1d6.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT x-amz-meta-cache-tag F-7582014199,FD-6262692448,P-1665891,FLS-ALL x-amz-version-id mVTFNpptaHocM.LV.q7AdmUpV3QrCcWF age 456613 x-amz-cf-pop MXP64-C2 x-amz-request-id C7TQWCZAVJ82EY9J edge-cache-tag F-7582014199,FD-6262692448,P-1665891,FLS-ALL cache-tag F-7582014199,FD-6262692448,P-1665891,FLS-ALL x-cache RefreshHit from cloudfront x-hs-cf-lambda us-east-1.enforceAclForReadsProd 20 x-amz-id-2 SJmYtx2PrWcKN6sY/DhTRXJGlAVd3aGAHHR60CRNm7quQutJQArSTzl0vrK5Qlf9w6ILMulY2J8= last-modified Wed, 13 Feb 2019 23:42:59 GMT server cloudflare etag W/"c4fcf938ebe664dd424c0a6a5e4b03fc" vary Accept-Encoding access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 cf-ray 7e663bf679592c1e-FRA x-amz-cf-id Y5k5hGJOvhIxxq5ZaGwzF6_ryfmS5k4jEZzJvY9Syu8ubxVmnHjiVg== x-hs-cf-lambda-enforce us-east-1.enforceAclForReadsProd 20
GET H2	200	linkedin.svg 1665891.fs1.hubspotusercontent-na1.net/hubfs/1665891/Misc_images/blog/	602 B 960 B	21ms 21ms	Image image/svg+xml	2606:4700::6812:f0f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1665891.fs1.hubspotusercontent-na1.net/hubfs/1665891/Misc_images/blog/linkedin.svg Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/hs-fs/hub/1665891/hub_generated/template_assets/7511165869/1686823327504/Coded_files/Custom/page/Aqua_Theme_2019/aqua_theme_2019_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 73b8cc55f2871f64c632b3fe73f36a7b8aaf40ee2a138695573bdc976e1942a9 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT via 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT x-amz-meta-cache-tag F-7582436500,FD-6262692448,P-1665891,FLS-ALL x-amz-version-id nffArO3nn88qKY3dclKx6aF8R_YTTHRu age 408987 x-amz-cf-pop FRA56-P7 x-amz-request-id D5EPYP5M99Z1C9KC edge-cache-tag F-7582436500,FD-6262692448,P-1665891,FLS-ALL cache-tag F-7582436500,FD-6262692448,P-1665891,FLS-ALL x-cache RefreshHit from cloudfront x-hs-cf-lambda us-east-1.enforceAclForReadsProd 20 x-amz-id-2 rjS4WtAqLgr9VJbc17JuQOcTMQ0AZSWsfLLrgaLQWjJPy1AMkZWVnhBVcHurYOzFOBSbFxiuEE372bRkzCqVD6r8DPm+Upw1SduZovbrpbQ= last-modified Wed, 13 Feb 2019 23:42:59 GMT server cloudflare etag W/"ea3d9adf55e5ce658c6a105df641d667" vary Accept-Encoding access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 cf-ray 7e663bf6795a2c1e-FRA x-amz-cf-id cAaggk7f8tuD-H_-BZr7kY86YiecmM_0qnFKRMGZk4AA7OXjHbTyaw== x-hs-cf-lambda-enforce us-east-1.enforceAclForReadsProd 20
GET H2	200	youtube.svg 1665891.fs1.hubspotusercontent-na1.net/hubfs/1665891/Misc_images/blog/	746 B 835 B	27ms 26ms	Image image/svg+xml	2606:4700::6812:f0f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1665891.fs1.hubspotusercontent-na1.net/hubfs/1665891/Misc_images/blog/youtube.svg Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/hs-fs/hub/1665891/hub_generated/template_assets/7511165869/1686823327504/Coded_files/Custom/page/Aqua_Theme_2019/aqua_theme_2019_styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a0cd9e51e9d88fdebfc2389a7fb0864a4cb6f1900262caa68f69c4c21c54eb7 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT via 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT x-amz-meta-cache-tag F-7580107715,FD-6262692448,P-1665891,FLS-ALL x-amz-version-id Q4TWafakBa5dIfTqtAoQ9ZM_q.TqNNL7 age 408986 x-amz-cf-pop FRA56-P7 x-amz-request-id C7TSRPY1FNF7SAFV edge-cache-tag F-7580107715,FD-6262692448,P-1665891,FLS-ALL cache-tag F-7580107715,FD-6262692448,P-1665891,FLS-ALL x-cache RefreshHit from cloudfront x-hs-cf-lambda us-east-1.enforceAclForReadsProd 20 x-amz-id-2 jofkKagXUU8zYM8UN+Jq8afTSnYuicfB3ORpj/lN16HbX1W0CZo70EiZE72ijyCbRZ+uJvAwJFg= last-modified Wed, 13 Feb 2019 23:42:59 GMT server cloudflare etag W/"bd569f0d9e19f95b6e7f98bdb5f7374b" vary Accept-Encoding access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 cf-ray 7e663bf6795b2c1e-FRA x-amz-cf-id K_f3MgtOga9myHtkrzNtFEVhveVmdhqZefNpTqqs_nTxBcvPpoUrSQ== x-hs-cf-lambda-enforce us-east-1.enforceAclForReadsProd 20
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v22/ Frame 3ADE	15 KB 15 KB	15ms 15ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://flo.uri.sh accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 10 Jul 2023 18:50:39 GMT x-content-type-options nosniff age 285639 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14892 x-xss-protection 0 last-modified Thu, 01 Jun 2023 22:52:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 09 Jul 2024 18:50:39 GMT
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v22/ Frame 3ADE	14 KB 14 KB	15ms 14ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://flo.uri.sh accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 10:36:55 GMT x-content-type-options nosniff age 56063 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14712 x-xss-protection 0 last-modified Thu, 01 Jun 2023 22:52:57 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 12 Jul 2024 10:36:55 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/881756472/	42 B 455 B	42ms 20ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/881756472/?random=1689300677879&cv=11&fst=1689300000000&bg=ffffff&guid=ON&async=1&gtm=45He37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&frm=0&tiba=TeamTNT%20Reemerged%20with%20New%20Aggressive%20Cloud%20Campaign&fmt=3&is_vtc=1&random=4259782339&rmt_tld=0&ipr=y Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jul 2023 02:11:18 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/881756472/	42 B 455 B	43ms 20ms	Image image/gif	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/881756472/?random=1689300677879&cv=11&fst=1689300000000&bg=ffffff&guid=ON&async=1&gtm=45He37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&frm=0&tiba=TeamTNT%20Reemerged%20with%20New%20Aggressive%20Cloud%20Campaign&fmt=3&is_vtc=1&random=4259782339&rmt_tld=1&ipr=y Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jul 2023 02:11:18 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	json Show response blog.aquasec.com/_hcms/forms/embed/v3/form/1665891/bcc43e1c-30ef-4ea4-9582-44bff8d5ad4c/	23 KB 5 KB	138ms 138ms	XHR application/json	2606:2c40::c73c:671c CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://blog.aquasec.com/_hcms/forms/embed/v3/form/1665891/bcc43e1c-30ef-4ea4-9582-44bff8d5ad4c/json?hs_static_app=forms-embed&hs_static_app_version=1.3372&X-HubSpot-Static-App-Info=forms-embed-1.3372 Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/_hcms/forms/v2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 8fa7102df1241b72dea7a954c563da7c42f332a7dbca68790660746d2ec433a7 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers Accept application/json, text/plain, */* Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-origin-hublet na1 date Fri, 14 Jul 2023 02:11:18 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id f90fbe89-d806-4250-b3fa-5a507db42015 x-envoy-upstream-service-time 14 x-hs-https-only worker alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id f90fbe89-d806-4250-b3fa-5a507db42015 server cloudflare x-trace 2B4F0CA6D81FE07F38C518DCE51676A230ED9C3AF7000000000000000000 vary origin, Accept-Encoding access-control-allow-methods OPTIONS, GET content-type application/json;charset=utf-8 access-control-max-age 180 x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-759c64d45c-dfxrz access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false x-evy-trace-virtual-host all report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kxW8rbGZhIytT%2BLuOqWivN8I2CEskHJ6ls7E0kbwxC8ywGaszFA5PbhZDkQBntN4QCYwjQUYhEwHU99Zn4nRVn8UEidrGcdRbA00YXUcNoX8r%2F0psw7aTNE0KrAVFj6LPj%2BMIZ2PxuqvDA4pLg%3D"}],"group":"cf-nel","max_age":604800} cf-ray 7e663bf6c9541994-FRA access-control-allow-headers * x-robots-tag none
GET H3	200	json Show response blog.aquasec.com/_hcms/forms/embed/v3/form/1665891/fc3a461b-474b-4bd2-b409-c41d4ec09d8a/	6 KB 2 KB	130ms 130ms	XHR application/json	2606:2c40::c73c:671c CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://blog.aquasec.com/_hcms/forms/embed/v3/form/1665891/fc3a461b-474b-4bd2-b409-c41d4ec09d8a/json?hs_static_app=forms-embed&hs_static_app_version=1.3372&X-HubSpot-Static-App-Info=forms-embed-1.3372 Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/_hcms/forms/v2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 5583681cee0b2430ddf27a4ac0faf206078cce9694df9cdbfe929bf178b091da Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers Accept application/json, text/plain, */* Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-origin-hublet na1 date Fri, 14 Jul 2023 02:11:18 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 51f7ddb4-3794-4e26-8e83-27421768b169 x-envoy-upstream-service-time 8 x-hs-https-only worker alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 51f7ddb4-3794-4e26-8e83-27421768b169 server cloudflare x-trace 2B8BBF6CC193D082D7CE789385A66B45C59726813C000000000000000000 vary origin, Accept-Encoding access-control-allow-methods OPTIONS, GET content-type application/json;charset=utf-8 access-control-max-age 180 x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-759c64d45c-g2zls access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false x-evy-trace-virtual-host all report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZQYrG8SgKdm74ZgIOl6%2FypbTtQgVIovsoMw8VvWItYDZu7Yy8T8uuxlJqvrF0uRzFZtC3ij2axBDD1yfuMs6aoNuEorxM79cHl4C4M5xFATzCAwZta%2Bi0lan7VnTzazCvBB%2Fvymjnk0slXiitc%3D"}],"group":"cf-nel","max_age":604800} cf-ray 7e663bf6c9561994-FRA access-control-allow-headers * x-robots-tag none
GET BLOB	200 OK	d645832b-df60-46f9-9f2b-7385f1e3bb55 https://flo.uri.sh/ Frame A07B	379 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://flo.uri.sh/d645832b-df60-46f9-9f2b-7385f1e3bb55 Requested by Host: flo.uri.sh URL: https://flo.uri.sh/visualisation/14363779/embed Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b7cb08c169779ada855ef4a377e6811703f8efcbf5a2776bf01a926c7854eb40 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Length 388096 Content-Type text/javascript
GET BLOB	200 OK	d645832b-df60-46f9-9f2b-7385f1e3bb55 https://flo.uri.sh/ Frame A07B	379 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://flo.uri.sh/d645832b-df60-46f9-9f2b-7385f1e3bb55 Requested by Host: flo.uri.sh URL: https://flo.uri.sh/visualisation/14363779/embed Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b7cb08c169779ada855ef4a377e6811703f8efcbf5a2776bf01a926c7854eb40 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Length 388096 Content-Type text/javascript
POST H2	401	signin Show response www.virustotal.com/ui/ Frame 3752	113 B 390 B	197ms 197ms	Fetch application/json	74.125.34.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.virustotal.com/ui/signin Requested by Host: www.virustotal.com URL: https://www.virustotal.com/graph/assets/main.bundle.da2b5fdac9fb24ec8937.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.34.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS ghs-vip-any-c46.ghs-ssl.googlehosted.com Software Google Frontend / Resource Hash cd65bb5700e28845e01bf3997019c23f532ab8f0e239dd4674a1e44591e38285 Request headers X-Tool graph-ui accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 content-type application/json accept application/json Referer https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light accept-Ianguage en-US,en;q=0.9,es;q=0.8 X-VT-Anti-Abuse-Header MTgxMjg1MTY2MjAtWkc5dWRDQmlaU0JsZG1scy0xNjg5MzAwNjc4LjI3Mw== Response headers date Fri, 14 Jul 2023 02:11:18 GMT content-encoding gzip server Google Frontend vary Accept-Encoding content-type application/json x-cloud-trace-context c071407da4eea05c710aeea799c7999c cache-control private content-length 106
GET H2	200	insight.old.min.js Show response snap.licdn.com/li.lms-analytics/	13 KB 5 KB	7ms 7ms	Script application/x-javascript	2a02:26f0:3100::1735:28a8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.old.min.js Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3100::1735:28a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 11 Jul 2023 13:00:15 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=85537 accept-ranges bytes content-length 4807
POST H/1.1	200 OK	et app.dealtale.com/	0 145 B	99ms 44ms	Ping text/plain	15.197.244.31 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.dealtale.com/et?lid=738f8bff-f3f3-4018-a21b-bdf7af3764c9&sid=a9c0b504-eb5a-43cd-8552-7e663c4a3e76&orgId=5fb0eb0ba8b8c0001139d936 Requested by Host: pixel.dealtale.io URL: https://pixel.dealtale.io/pixel.bundle.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.244.31 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ad3b208e15c6d832e.awsglobalaccelerator.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin * Date Fri, 14 Jul 2023 02:11:18 GMT Connection keep-alive Transfer-Encoding chunked
GET H2	200	1665891.js Show response js.hs-banner.com/	70 KB 16 KB	401ms 379ms	Script text/javascript	2606:4700::6812:18c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/1665891.js Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/hs/scriptloader/1665891.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 551c3bab6074c132e311a10ce2c984ce0f5c6cd8b96c311601d22fa820c2e37f Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT x-amz-version-id 3WxyryV_hrhWsTuzsUyuhG.3cPW93U.m content-encoding br cf-cache-status REVALIDATED x-amz-request-id G9CPMP2ATDG3TY31 x-amz-server-side-encryption AES256 x-amz-id-2 ZDwG6x9F2JC9l942SND+CDD2CtzvexeXJvRPl7nvq4WaAMtn3mjvVqS8uITnQ/Rh0seIyFdUDF8= last-modified Mon, 17 Apr 2023 15:00:41 GMT server cloudflare etag W/"6cf7f2cf5165c221ff409e9ccf5132cf" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://www.aquasec.com access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300, public access-control-allow-credentials true vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 7e663bf78eeabbc8-FRA expires Fri, 14 Jul 2023 02:16:18 GMT
GET H2	200	1665891.js Show response js.hs-analytics.net/analytics/1689300600000/	66 KB 21 KB	175ms 153ms	Script text/javascript	2606:4700::6810:8bce CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1689300600000/1665891.js Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/hs/scriptloader/1665891.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8bce , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6266f7d27c37e9b77ae166f9337e430531c88df57281f7d03544b906ecbbcd1f Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT x-amz-version-id null content-encoding br cf-cache-status MISS x-amz-request-id 73D3VDWGHAGG2N0P x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 1b2daa85-201b-4d7e-bc21-9b40f541d6e7 x-envoy-upstream-service-time 21 x-amz-id-2 0cXK5I2ahWEGGd39YfKaBaV4I7U4dctqsCZCzEFs/EyaAw2CBPs9na4OY2ra77qx30nwxi/WucyZjSgOP/ZIXA== x-evy-trace-listener listener_https x-request-id 1b2daa85-201b-4d7e-bc21-9b40f541d6e7 x-evy-trace-route-configuration listener_https/all last-modified Thu, 15 Jun 2023 14:40:48 GMT server cloudflare etag W/"fd4f5bfdebe9c4a447ebb7b99c1aeeb7" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-9vnjb cache-control max-age=300,public access-control-allow-credentials false cf-ray 7e663bf78d46929b-FRA expires Fri, 14 Jul 2023 02:16:18 GMT
GET H2	200	conversations-embed.js Show response js.usemessages.com/	75 KB 22 KB	46ms 17ms	Script application/javascript	2606:4700::6811:62ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.usemessages.com/conversations-embed.js Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/hs/scriptloader/1665891.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:62ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b8a3bf9331b6769ac6ddaa2ded1a399ced056e7a2ff193778531edc4d10d05a Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT x-amz-version-id gDvG.URIEoJ7e2dBkzs54TdZPKs8aKAu via 1.1 caafbc8a9aa04b09dd564a3ddef60622.cloudfront.net (CloudFront) cf-cache-status HIT content-encoding br x-amz-cf-pop IAD12-P3 age 338 x-amz-server-side-encryption AES256 x-evy-trace-route-service-name envoyset-translator content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.13554/bundles/project.js&cfRay=7e6633b52f8c1903-FRA x-cache Hit from cloudfront x-hubspot-correlation-id df9da2b6-0122-49ee-8aee-961aad2bbab7 cache-tag staticjsapp-conversations-embed-web-prod,staticjsapp-prod x-envoy-upstream-service-time 2 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id df9da2b6-0122-49ee-8aee-961aad2bbab7 last-modified Tue, 11 Jul 2023 06:19:42 UTC server cloudflare etag W/"24fdfb0865d86d3f1a3d6eec939331e8" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-hs-cache-status HIT x-evy-trace-virtual-host all cache-control max-age=600 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-57ff77fcd-nnm64 cf-ray 7e663bf78ebe35e1-FRA x-amz-cf-id nrbu9mFFOJJhM2sd9X9qJ4STvXQBjyZHguglNC6N-0qgWRvxBwX2bQ== x-hs-target-asset conversations-embed/static-1.13554/bundles/project.js
GET H2	200	web-interactives-embed.js Show response js.hubspot.com/	62 KB 19 KB	159ms 123ms	Script application/javascript	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hubspot.com/web-interactives-embed.js Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/hs/scriptloader/1665891.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51fe677461fb52fe2ea462f79f6ec89f1c180b0ef4c784708f916dfcae443cc4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Origin https://blog.aquasec.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers content-encoding br x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.367/bundles/project.js&cfRay=7e663bf79a74922f-FRA x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"1278d099c4dab6fb3a19f92d17339e7c" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control max-age=600 x-hs-target-asset web-interactives-embed/static-2.367/bundles/project.js date Fri, 14 Jul 2023 02:11:18 GMT x-amz-version-id pbxBKlJjorxV0DMAmVxry6dIZ2YynMIw via 1.1 872e43fac89d80c9557000efb9c31650.cloudfront.net (CloudFront) cf-cache-status EXPIRED nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD12-P3 x-hubspot-correlation-id 377465fb-1410-4fa1-875e-6d973ed01ff6 x-cache Hit from cloudfront cache-tag staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod x-envoy-upstream-service-time 3 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 377465fb-1410-4fa1-875e-6d973ed01ff6 last-modified Thu, 29 Jun 2023 01:40:22 UTC server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QkOXerEMHovyCxUcDi%2FJXEr3OzkYotLHROY%2FowXyEdEv79VfIly1nSridwUOOcVZqO%2FeZsQommwolZ7gbcJY%2FL94tJllXazeXnUg4pt4%2BhhF3hpMevW5QP6VNnmsOS5n27UWM2FpoR%2Fl656"}],"group":"cf-nel","max_age":604800} x-hs-cache-status HIT x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-57ff77fcd-s8xd8 cf-ray 7e663bf79a74922f-FRA x-amz-cf-id xBRTLP_fhMtBiQ_L48BLypMkYDIgAAoqmYhMS1GV2Uu-R8O9lvSUdg==
GET H2	204	has-permission Show response app.hubspot.com/content-tools-menu/api/v1/tools-menu/	0 977 B	208ms 177ms	Script text/plain	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=1665891&callback=jsonpHandler Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC x-hs-worker-debug-mode false x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 88647984-682b-47bc-a8f0-4a2297d7a03a x-envoy-upstream-service-time 3 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all reporting-endpoints default="https://send.hsbrowserreports.com/csp/reports?cfRay=7e663bf799561ac5&resource=unknown" x-evy-trace-listener listener_https x-request-id 88647984-682b-47bc-a8f0-4a2297d7a03a server cloudflare x-trace 2B7C9696CF99D81A2C0F46782515A79CE99081EE10000000000000000000 vary origin, Accept-Encoding access-control-allow-methods GET report-to {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]} x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-57ff77fcd-nnm64 x-evy-trace-virtual-host all cache-control max-age=0 access-control-allow-credentials true cf-ray 7e663bf799561ac5-FRA
GET H2	200	public Show response api-na1.hubapi.com/comments/v3/comments/thread/	75 B 553 B	122ms 121ms	Script application/javascript	2606:4700::6811:cccc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-na1.hubapi.com/comments/v3/comments/thread/public?portalId=1665891&offset=0&limit=1000&contentId=123745878136&collectionId=3657573699&callback=jsonp_1689300678310_70856 Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/hs/hsstatic/AsyncSupport/static-1.122/js/comment_listing_asset.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ebb9cfca62d0d9c9b102814a492c0d0f331b8218aea11d5279c5ce72a3a6719 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 5c4bffda-9b31-44b0-80cc-502ee4dab102 x-envoy-upstream-service-time 4 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 5c4bffda-9b31-44b0-80cc-502ee4dab102 server cloudflare x-trace 2B3426AE8785722DB7829E60FD1D9E131767501D0C000000000000000000 vary origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pm6DOmOXIzwIOwH7nW12WKPToad3%2BRsl9Dk6Fji5A17OK6MSqrw8lF0lB56v9Lz6h6tZXhht303s1KWtORcUTpUR74dyw4jfQgMLcj8CMYiCbX1Jo08%2FdeqVNrGIilULhzk9mW2RlKyvDEmQnp5bNg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-598c95b5b7-ds89m access-control-allow-credentials false cf-ray 7e663bf77f3b3829-FRA
GET H3	200	postlisting Show response blog.aquasec.com/_hcms/	2 KB 1 KB	33ms 30ms	XHR application/json	2606:2c40::c73c:671c CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://blog.aquasec.com/_hcms/postlisting?blogId=3657573699&maxLinks=5&listingType=popular_all_time&orderByViews=true&hs-expires=1720826681&hs-version=2&hs-signature=AJ2IBuE4rEjZXxjSkA-5WU7MwHqGKD7CMQ&currentUrl=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 9d9ba83164ada1fbe735c1276a1384ae7d75fa42ae2123925fa5d3fbb11341b5 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id ebb06330-e18a-4249-a02f-b3c9e5913692 x-envoy-upstream-service-time 28 x-hs-https-only worker alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id ebb06330-e18a-4249-a02f-b3c9e5913692 last-modified Fri, 14 Jul 2023 00:26:29 GMT server cloudflare x-trace 2B67CE354E99F5861E5C44A6D17DDE0378A7007D10000000000000000000 vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbjDp0UgF2ZbeexDoCIHPN7%2BLMOSkSzWawoixMn1kH4XW4qFnLZS8ir%2BMlr%2BuEHCJdtp6zBya8NvjujGHGEmu1ektdyxLs1x%2BI0ZzvGwb82L5h6Wmfxo0275m0erZBZI8uhQhWbRxnoHDPmOeDw%3D"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=utf-8 x-evy-trace-served-by-pod iad02/cms-40-49-td/envoy-proxy-7966c868f8-ff8jh x-evy-trace-virtual-host all access-control-allow-credentials false cf-ray 7e663bf799c51994-FRA x-robots-tag none
GET DATA	200 OK	truncated / Frame A07B	296 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4c7f9f605ce1a8b6aca951aa3bee0ed0737e0e2fb0700c2a73d8028b7d330409 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated / Frame A07B	198 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6a333122c9340d84cc6c57c1ee67b126e1f88aad44f9de88c54945f6811c8b08 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	custom-palette-v2.json Show response tiles.flourish.studio/styles/ Frame A07B	8 KB 2 KB	15ms 15ms	XHR application/json	99.84.88.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tiles.flourish.studio/styles/custom-palette-v2.json Requested by Host: flo.uri.sh URL: https://flo.uri.sh/visualisation/14363779/embed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.88.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-88-3.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 703878dc95ed84f46da22ed7a0c1e9ea0550ab6e706fd6d6dc0ac00460c71060 Request headers Accept application/json Referer https://flo.uri.sh/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-amz-version-id null content-encoding gzip via 1.1 c7cdb483c2afdb721f3c8ba14cd43e86.cloudfront.net (CloudFront) date Thu, 13 Jul 2023 05:05:43 GMT x-amz-cf-pop MUC50-C1 age 77739 x-cache Hit from cloudfront last-modified Wed, 03 Feb 2021 01:45:54 GMT server AmazonS3 etag W/"bd093fabc063ea336ce208aec5906dd4" access-control-max-age 3000 access-control-allow-methods GET content-type application/json access-control-allow-origin * cache-control max-age=86400 vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-id sI-BrnArcuyadcQwCZxYBuNL76b3btgXZVGX59z6icjS_e9skaEYRA==
GET H2	200	97ce68dbffbdceb1da88.worker.js www.virustotal.com/graph/assets/ Frame 3752	509 KB 143 KB	19ms 19ms	Other application/javascript	74.125.34.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.virustotal.com/graph/assets/97ce68dbffbdceb1da88.worker.js Requested by Host: www.virustotal.com URL: https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.34.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS ghs-vip-any-c46.ghs-ssl.googlehosted.com Software Google Frontend / Resource Hash af8728cce3bf3e6c3877493fec43e961b4508f5ed855039961381565a0323760 Request headers accept-language de-DE,de;q=0.9 Referer https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 11 Jul 2023 11:09:10 GMT content-encoding gzip server Google Frontend age 226928 etag "jWBcvg" content-type application/javascript x-cloud-trace-context b2b130775051df042ffe37f2645041c6 cache-control public, max-age=2592000 content-length 146253 expires Thu, 10 Aug 2023 11:09:10 GMT
GET H2	200	Alerts_New_Risks.png raw.githubusercontent.com/aquasecurity/cloudsec-icons/main/png/ Frame 3ADE	1 KB 1 KB	187ms 116ms	Image image/png	2606:50c0:8003::154 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://raw.githubusercontent.com/aquasecurity/cloudsec-icons/main/png/Alerts_New_Risks.png Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8003::154 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cb5edc50b260151d7a8090dc172e51335e9124aed7b363675a4dbcd27d2c633e Security Headers Name Value Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://flo.uri.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-fastly-request-id 66b96852b1c21156985c1f17fecc9f02daa946f7 content-security-policy default-src 'none'; style-src 'unsafe-inline'; sandbox strict-transport-security max-age=31536000 x-content-type-options nosniff date Fri, 14 Jul 2023 02:11:18 GMT via 1.1 varnish x-cache-hits 0 x-cache MISS cross-origin-resource-policy cross-origin content-length 1312 x-xss-protection 1; mode=block x-served-by cache-fra-eddf8230099-FRA x-github-request-id 84E8:6263:21B1E5E:2309098:64B0AEC6 x-timer S1689300679.530661,VS0,VE103 etag W/"d342f72ab04e16d6afc4e40a10b1db94293af07b87cf8ff34f35ac3b84197864" source-age 0 x-frame-options deny vary Authorization,Accept-Encoding,Origin content-type image/png access-control-allow-origin * cache-control max-age=300 accept-ranges bytes expires Fri, 14 Jul 2023 02:16:18 GMT
GET H2	200	Hacker.png raw.githubusercontent.com/aquasecurity/cloudsec-icons/main/png/ Frame 3ADE	2 KB 2 KB	177ms 107ms	Image image/png	2606:50c0:8003::154 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://raw.githubusercontent.com/aquasecurity/cloudsec-icons/main/png/Hacker.png Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8003::154 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 56bba59c1e7adb2be9d22c11c998e9791336db734994db8dc74347f968c8d5b6 Security Headers Name Value Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://flo.uri.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-fastly-request-id f95cfc97cab52e3d1e0087eb069f7a582fe8506b content-security-policy default-src 'none'; style-src 'unsafe-inline'; sandbox strict-transport-security max-age=31536000 x-content-type-options nosniff date Fri, 14 Jul 2023 02:11:18 GMT via 1.1 varnish x-cache-hits 0 x-cache MISS cross-origin-resource-policy cross-origin content-length 2044 x-xss-protection 1; mode=block x-served-by cache-fra-eddf8230099-FRA x-github-request-id 5EE0:71D2:22B1865:2408AF5:64B0AEC6 x-timer S1689300679.530980,VS0,VE93 etag W/"1bdd843d7c234c3f4f9d0cf2fb65af60ed7728d90ae464852ed5e59d56f34534" source-age 0 x-frame-options deny vary Authorization,Accept-Encoding,Origin content-type image/png access-control-allow-origin * cache-control max-age=300 accept-ranges bytes expires Fri, 14 Jul 2023 02:16:18 GMT
GET H2	200	Network_Connection_WWW.png raw.githubusercontent.com/aquasecurity/cloudsec-icons/main/png/ Frame 3ADE	2 KB 3 KB	231ms 161ms	Image image/png	2606:50c0:8003::154 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://raw.githubusercontent.com/aquasecurity/cloudsec-icons/main/png/Network_Connection_WWW.png Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8003::154 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash bcc1bbc2c76729f92a4e6cebcf1eca567d92de585d9d9c8e0d4bcc382d8132a2 Security Headers Name Value Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://flo.uri.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-fastly-request-id fa7af258b8e6928c46988870145b6d360317bcf3 content-security-policy default-src 'none'; style-src 'unsafe-inline'; sandbox strict-transport-security max-age=31536000 x-content-type-options nosniff date Fri, 14 Jul 2023 02:11:18 GMT via 1.1 varnish x-cache-hits 0 x-cache MISS cross-origin-resource-policy cross-origin content-length 2425 x-xss-protection 1; mode=block x-served-by cache-fra-eddf8230099-FRA x-github-request-id FE22:11F88:A30F6A:A8DC1E:64B0AEC5 x-timer S1689300679.530970,VS0,VE155 etag W/"02c3b1292c87c3a102174b2b8a90c58905ddc62075dc976bf0b34e72a49acbb5" source-age 0 x-frame-options deny vary Authorization,Accept-Encoding,Origin content-type image/png access-control-allow-origin * cache-control max-age=300 accept-ranges bytes expires Fri, 14 Jul 2023 02:16:18 GMT
GET H2	200	Tird_Party.png raw.githubusercontent.com/aquasecurity/cloudsec-icons/main/png/ Frame 3ADE	2 KB 3 KB	217ms 146ms	Image image/png	2606:50c0:8003::154 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://raw.githubusercontent.com/aquasecurity/cloudsec-icons/main/png/Tird_Party.png Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8003::154 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 92f48fb49724e1e8813392c985acde7d2b1a8fe400b4a48490c21623e3bde7b6 Security Headers Name Value Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://flo.uri.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-fastly-request-id dcd5cd42c26b214e5c78b447cc1acd8d97b146db content-security-policy default-src 'none'; style-src 'unsafe-inline'; sandbox strict-transport-security max-age=31536000 x-content-type-options nosniff date Fri, 14 Jul 2023 02:11:18 GMT via 1.1 varnish x-cache-hits 0 x-cache MISS cross-origin-resource-policy cross-origin content-length 2161 x-xss-protection 1; mode=block x-served-by cache-fra-eddf8230099-FRA x-github-request-id 60AA:2710:328A3A:34C686:64B0AEC5 x-timer S1689300679.530963,VS0,VE140 etag W/"2a552bceec0660317b788051528422c8ea0855dd42ae73efe2e82e678f1b0754" source-age 0 x-frame-options deny vary Authorization,Accept-Encoding,Origin content-type image/png access-control-allow-origin * cache-control max-age=300 accept-ranges bytes expires Fri, 14 Jul 2023 02:16:18 GMT
GET H2	200	File.png raw.githubusercontent.com/aquasecurity/cloudsec-icons/main/png/ Frame 3ADE	931 B 1 KB	161ms 91ms	Image image/png	2606:50c0:8003::154 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://raw.githubusercontent.com/aquasecurity/cloudsec-icons/main/png/File.png Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8003::154 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4d4ad1830e598853d4b573e1885df276b07a054f5a3ef8de320760c28c6bda74 Security Headers Name Value Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://flo.uri.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-fastly-request-id d60b2a6b798d59323bbd2074416d52402be1244a content-security-policy default-src 'none'; style-src 'unsafe-inline'; sandbox strict-transport-security max-age=31536000 x-content-type-options nosniff date Fri, 14 Jul 2023 02:11:18 GMT via 1.1 varnish x-cache-hits 0 x-cache MISS cross-origin-resource-policy cross-origin content-length 931 x-xss-protection 1; mode=block x-served-by cache-fra-eddf8230099-FRA x-github-request-id 793A:F7B5:22EC284:244350E:64B0AEC6 x-timer S1689300679.531162,VS0,VE85 etag W/"1854d3453a17b1f934b3cc2eafa1eba013801305bda141179eb27ff7d90d8780" source-age 0 x-frame-options deny vary Authorization,Accept-Encoding,Origin content-type image/png access-control-allow-origin * cache-control max-age=300 accept-ranges bytes expires Fri, 14 Jul 2023 02:16:18 GMT
GET H2	200	Goal.png raw.githubusercontent.com/aquasecurity/cloudsec-icons/main/png/ Frame 3ADE	1 KB 2 KB	186ms 116ms	Image image/png	2606:50c0:8003::154 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://raw.githubusercontent.com/aquasecurity/cloudsec-icons/main/png/Goal.png Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8003::154 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 8db16a8cac0a468d6cdffabee185e2bedd661d3553f46c2600a79adaef086dc1 Security Headers Name Value Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://flo.uri.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-fastly-request-id e96bb254dfa0dce0e4e595c48d4424a8f339df21 content-security-policy default-src 'none'; style-src 'unsafe-inline'; sandbox strict-transport-security max-age=31536000 x-content-type-options nosniff date Fri, 14 Jul 2023 02:11:18 GMT via 1.1 varnish x-cache-hits 0 x-cache MISS cross-origin-resource-policy cross-origin content-length 1439 x-xss-protection 1; mode=block x-served-by cache-fra-eddf8230099-FRA x-github-request-id 159E:E712:5B3F6F:5EB5EE:64B0AEC6 x-timer S1689300679.531117,VS0,VE105 etag W/"61332f03830cad40696f4661c82030cb708782232aa8bf0b6d86deb63b511bd1" source-age 0 x-frame-options deny vary Authorization,Accept-Encoding,Origin content-type image/png access-control-allow-origin * cache-control max-age=300 accept-ranges bytes expires Fri, 14 Jul 2023 02:16:18 GMT
GET H2	204	25111106.js Show response bat.bing.com/p/action/	0 118 B	102ms 101ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/25111106.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Fri, 14 Jul 2023 02:11:18 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 03D327C161024BC5BB069D07DC6F1025 Ref B: FRA31EDGE0607 Ref C: 2023-07-14T02:11:18Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 287 B	40ms 40ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=25111106&tm=gtm002&Ver=2&mid=bbcc1214-2001-4238-b55b-ec6f3794ff05&sid=b817775021eb11eeab43b7c30707fde5&vid=b817824021eb11eea5c03711c5be0ec0&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=TeamTNT%20Reemerged%20with%20New%20Aggressive%20Cloud%20Campaign&p=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&r=&lt=1198&evt=pageLoad&sv=1&rn=97694 Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 14 Jul 2023 02:11:18 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 7AE76C2F7A5E41BB8B9F30C167335AE9 Ref B: FRA31EDGE0607 Ref C: 2023-07-14T02:11:18Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	63ms 6ms	Script text/javascript	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N9T3H Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 14 Jul 2023 01:04:37 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 4001 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Fri, 14 Jul 2023 03:04:37 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	238 KB 82 KB	34ms 33ms	Script application/javascript	2a00:1450:4001:803::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-D2G99SQ9HG&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N9T3H Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 06a22b2fa2756d9dde9daf1305062883c3bb1620c8620503b802cd1a83ae7713 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 83910 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 14 Jul 2023 02:11:18 GMT
GET H/1.1	200 OK	counters.gif forms.hsforms.com/embed/v3/	35 B 983 B	158ms 122ms	Image image/gif	2606:4700::6811:d4f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1 Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:d4f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Fri, 14 Jul 2023 02:11:18 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload CF-Cache-Status DYNAMIC x-evy-trace-route-service-name envoyset-translator X-HubSpot-Correlation-Id fbf3eb7f-f8cd-4c94-ae2c-fa413c51e1e4 x-envoy-upstream-service-time 1 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id fbf3eb7f-f8cd-4c94-ae2c-fa413c51e1e4 Server cloudflare X-Trace 2BFD866D789E99D71A60DAF4C74CB4905DD53A4A3A000000000000000000 Vary origin Content-Type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-759c64d45c-jkmcj Access-Control-Expose-Headers X-Origin-Hublet Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials false X-Robots-Tag none CF-RAY 7e663bf8ee6a4d40-FRA
GET H/1.1	200 OK	counters.gif forms-na1.hsforms.com/embed/v3/	35 B 983 B	160ms 125ms	Image image/gif	2606:4700::6811:d5f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1 Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:d5f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Fri, 14 Jul 2023 02:11:18 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload CF-Cache-Status DYNAMIC x-evy-trace-route-service-name envoyset-translator X-HubSpot-Correlation-Id 7c219ed1-6d38-4c16-a255-98a57cc187b9 x-envoy-upstream-service-time 2 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 7c219ed1-6d38-4c16-a255-98a57cc187b9 Server cloudflare X-Trace 2B0BA24E305C6F4A2DACAB7043E3408B4D180D336D000000000000000000 Vary origin Content-Type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-759c64d45c-cxrpn Access-Control-Expose-Headers X-Origin-Hublet Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials false X-Robots-Tag none CF-RAY 7e663bf91cd39256-FRA
POST H2	204	collect region1.google-analytics.com/g/ Frame 3ADE	0 250 B	38ms 14ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-KW52XHYN9H&gtm=45je37c0&_p=408718249&gcs=G100&cid=1551117033.1689300679&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=1&sid=1689300678&sct=1&seg=0&dl=https%3A%2F%2Fflo.uri.sh%2Fvisualisation%2F14395339%2Fembed&dr=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&dt=Attack%20v2&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-KW52XHYN9H Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://flo.uri.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jul 2023 02:11:18 GMT server Golfe2 content-type text/plain access-control-allow-origin https://flo.uri.sh cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET BLOB	200 OK	d645832b-df60-46f9-9f2b-7385f1e3bb55 https://flo.uri.sh/ Frame A07B	379 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://flo.uri.sh/d645832b-df60-46f9-9f2b-7385f1e3bb55 Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b7cb08c169779ada855ef4a377e6811703f8efcbf5a2776bf01a926c7854eb40 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Length 388096 Content-Type text/javascript
GET BLOB	200 OK	d645832b-df60-46f9-9f2b-7385f1e3bb55 https://flo.uri.sh/ Frame A07B	379 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://flo.uri.sh/d645832b-df60-46f9-9f2b-7385f1e3bb55 Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b7cb08c169779ada855ef4a377e6811703f8efcbf5a2776bf01a926c7854eb40 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Length 388096 Content-Type text/javascript
POST H2	204	collect region1.google-analytics.com/g/ Frame A07B	0 54 B	16ms 16ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-KW52XHYN9H&gtm=45je37c0&_p=1164828721&gcs=G100&cid=1297227990.1689300679&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=1&sid=1689300678&sct=1&seg=0&dl=https%3A%2F%2Fflo.uri.sh%2Fvisualisation%2F14363779%2Fembed&dr=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&dt=vic&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-KW52XHYN9H Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://flo.uri.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jul 2023 02:11:18 GMT server Golfe2 content-type text/plain access-control-allow-origin https://flo.uri.sh cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	blog.aquasec.com.json Show response script.crazyegg.com/pages/data-scripts/0082/9110/site/	21 KB 7 KB	155ms 129ms	XHR application/json	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/data-scripts/0082/9110/site/blog.aquasec.com.json?t=1 Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0082/9110.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2948f8e407265f3c23fd3e55be54b5e1ae2f1617089675fdb0a67c918db14b04 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT content-encoding gzip cf-cache-status MISS last-modified Fri, 14 Jul 2023 02:11:18 GMT server cloudflare vary Accept-Encoding content-type application/json ce-version 11.5.104 access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes timing-allow-origin * cf-ray 7e663bf9abc39bb6-FRA content-length 7214
GET H2	200	token Show response cdn.linkedin.oribi.io/partner/45226/domain/blog.aquasec.com/	36 B 369 B	225ms 157ms	XHR application/json	2600:9000:20eb:7200:2:53b2:240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.linkedin.oribi.io/partner/45226/domain/blog.aquasec.com/token Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:7200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89 Request headers Accept * Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT content-encoding gzip via 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 vary accept-encoding x-cache Miss from cloudfront content-type application/json access-control-allow-origin * cache-control public, max-age=3600 x-amz-cf-id ux7NwMWoVud7OVrbAfRZz4YkCdkDv81GDcTnmXcugQ3jRNEmohkvBg==
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45226&time=1689300678667&url=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45226&time=1689300678667&url=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&cookiesTest=true https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D45226%26time%3D1689300678667%26url%3Dhttps%253A%252F%252Fblog.aquasec.com%252Ftea... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45226&time=1689300678667&url=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&cookiesTest=true&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45226&time=1689300678667&url=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&cookiesTest=true&liSync=true&e...	0 266 B	259ms 154ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45226&time=1689300678667&url=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&cookiesTest=true&liSync=true&e_ipv6=AQJzPfYXaYbnAgAAAYlSKrp5mxEQiUtSyaQchqb2qdXqSNb_kmhApYHtIRX1AdjfN_dtCHEWUUC3P837GN47dOlxwuEq9w Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:19 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: DAB39D8B41F94732A6B0C06CA0752ACE Ref B: DUS30EDGE0716 Ref C: 2023-07-14T02:11:19Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-ltx1 x-li-proto http/2 content-length 0 x-li-uuid AAYAaPbsOZUpkeSuITBsjw== Redirect headers date Fri, 14 Jul 2023 02:11:18 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: CD8B9B34870F4976AA3565C62F2AE028 Ref B: FRAEDGE1707 Ref C: 2023-07-14T02:11:19Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45226&time=1689300678667&url=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&cookiesTest=true&liSync=true&e_ipv6=AQJzPfYXaYbnAgAAAYlSKrp5mxEQiUtSyaQchqb2qdXqSNb_kmhApYHtIRX1AdjfN_dtCHEWUUC3P837GN47dOlxwuEq9w x-li-proto http/2 content-length 0 x-li-uuid AAYAaPboTcyWZRjgYR0Oig==
GET H2	200	12.main.bundle.c5849fa7c96d0795f3bf.js Show response www.virustotal.com/graph/assets/ Frame 3752	494 KB 166 KB	19ms 19ms	Script application/javascript	74.125.34.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.virustotal.com/graph/assets/12.main.bundle.c5849fa7c96d0795f3bf.js Requested by Host: www.virustotal.com URL: https://www.virustotal.com/graph/assets/main.bundle.da2b5fdac9fb24ec8937.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.34.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS ghs-vip-any-c46.ghs-ssl.googlehosted.com Software Google Frontend / Resource Hash 1e10faa2203a704216efd190152a915d45249d8d6cbf9aa63d1d69e463336ee3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 11 Jul 2023 22:32:25 GMT content-encoding gzip server Google Frontend age 185933 etag "jWBcvg" content-type application/javascript x-cloud-trace-context 07a06344ade5e12d774c0b0dbb124c3c cache-control public, max-age=2592000 content-length 169898 expires Thu, 10 Aug 2023 22:32:25 GMT
GET H2	200	8.main.bundle.25b58339010e41af5187.js Show response www.virustotal.com/graph/assets/ Frame 3752	279 KB 69 KB	22ms 22ms	Script application/javascript	74.125.34.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.virustotal.com/graph/assets/8.main.bundle.25b58339010e41af5187.js Requested by Host: www.virustotal.com URL: https://www.virustotal.com/graph/assets/main.bundle.da2b5fdac9fb24ec8937.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.34.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS ghs-vip-any-c46.ghs-ssl.googlehosted.com Software Google Frontend / Resource Hash a11a39c2ada7ee203a6fbef734440dc2add5988a1e4f049c65e45c5f929e0c01 Request headers accept-language de-DE,de;q=0.9 Referer https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 20:28:01 GMT content-encoding gzip server Google Frontend age 20597 etag "jWBcvg" content-type application/javascript x-cloud-trace-context f94a78240c701bb1a763631a214085d1;o=1 cache-control public, max-age=2592000 content-length 69975 expires Sat, 12 Aug 2023 20:28:01 GMT
GET H3	200	widget Show response blog.aquasec.com/_hcms/livechat/	311 B 1 KB	152ms 151ms	XHR application/json	2606:2c40::c73c:671c CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://blog.aquasec.com/_hcms/livechat/widget?portalId=1665891&conversations-embed=static-1.13554&mobile=false&messagesUtk=9da16a6af11745b1a8f0da986ebfa12f&traceId=9da16a6af11745b1a8f0da986ebfa12f Requested by Host: js.usemessages.com URL: https://js.usemessages.com/conversations-embed.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 2f4ff6bb189a4fa428c410a26be91d9260ddbb5d4f39a9568aceed57c33254b6 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign accept-language de-DE,de;q=0.9 X-HubSpot-Messages-Uri https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT strict-transport-security max-age=31536000 cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id ba522b82-5a9e-4c15-93f7-a38384775735 x-envoy-upstream-service-time 11 x-hs-https-only worker alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id ba522b82-5a9e-4c15-93f7-a38384775735 server cloudflare x-trace 2B735F3EAE5EE3311AE4F34C7A089D8173FFB95F5D000000000000000000 vary origin, Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-598c95b5b7-lh7ht x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform, must-revalidate, max-age=0 access-control-allow-credentials false report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8zmMLh09oWOTbwE1pM%2BvrR%2B%2B8Okym7uFJxDYQlpIQpul929Km35TiIVW48LctDpGcuiTFGgJTSWp9GYKfVzdiD8ibvFSJPABPRdjjT8DndM0Kwh8V0UpLaGVZjIKSsQnKPHqOGDJrlCOf5aYb0%3D"}],"group":"cf-nel","max_age":604800} cf-ray 7e663bf9eb431994-FRA access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
GET H2	200	combinedConfigs Show response cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/	101 B 981 B	137ms 122ms	Fetch application/json	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=1665891&currentUrl=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&contentId=123745878136 Requested by Host: js.hubspot.com URL: https://js.hubspot.com/web-interactives-embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b921e3c739d1f8385be95d4ea71ad99d47b994a5e7107d6050fedabfd2f7342f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 92c37a35-b65f-42da-af88-e962c36678b0 x-envoy-upstream-service-time 6 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 92c37a35-b65f-42da-af88-e962c36678b0 server cloudflare access-control-max-age 180 vary origin access-control-allow-methods OPTIONS, GET access-control-allow-origin https://blog.aquasec.com x-evy-trace-virtual-host all content-type application/json;charset=utf-8 cache-control max-age=0, no-cache, no-store access-control-allow-credentials true x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-759c64d45c-jkmcj report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPcN2mBEnxL%2Bggu7Bwtxuqcv3HR8JTSK%2F%2F40%2Byy8O4hrdCIEDytGvZ7%2FwZGMDTcfsxN1BxvaAApOlhkVrPTMJjnc9AxUMmO70JaGpF2P6Ky1FxB31VQuZiH5okqFo3pEZyf9Ws4UaCuY%2FEYf17s8yHELV4PldeLQD1U%3D"}],"group":"cf-nel","max_age":604800} x-robots-tag noindex, follow access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent cf-ray 7e663bfa1b6e922f-FRA
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 209 B	14ms 14ms	XHR text/plain	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=31009308&t=pageview&_s=1&dl=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&ul=en-us&de=UTF-8&dt=TeamTNT%20Reemerged%20with%20New%20Aggressive%20Cloud%20Campaign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=1660332309&gjid=410012407&cid=1700989597.1689300679&tid=UA-63272154-1&_gid=1766273135.1689300679&_r=1&_slc=1&gtm=45He37c0n715N9T3H&cg1=Blog&z=1016633193 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 14 Jul 2023 02:11:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://blog.aquasec.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 72 B	14ms 14ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-D2G99SQ9HG&gtm=45je37c0&_p=31009308&_gaz=1&cid=1700989597.1689300679&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1689300678&sct=1&seg=0&dl=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&dt=TeamTNT%20Reemerged%20with%20New%20Aggressive%20Cloud%20Campaign&en=page_view&_fv=1&_ss=1&ep.content_group=Blog Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-D2G99SQ9HG&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jul 2023 02:11:18 GMT server Golfe2 content-type text/plain access-control-allow-origin https://blog.aquasec.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 47 B	54ms 18ms	Ping text/plain	2a00:1450:400c:c0a::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-D2G99SQ9HG&cid=1700989597.1689300679&gtm=45je37c0&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-D2G99SQ9HG&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jul 2023 02:11:18 GMT server Golfe2 content-type text/plain access-control-allow-origin https://blog.aquasec.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	20ms 19ms	Image image/gif	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D2G99SQ9HG&cid=1700989597.1689300679&gtm=45je37c0&aip=1&z=515087035 Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jul 2023 02:11:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	200	view js.hs-banner.com/cookie-banner-public/v1/activity/ Frame	0 0	124ms 109ms	Preflight application/octet-stream	2606:4700::6812:18c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/cookie-banner-public/v1/activity/view Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://blog.aquasec.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD access-control-allow-origin https://blog.aquasec.com access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing access-control-max-age 604800 cf-cache-status DYNAMIC cf-ray 7e663bfa89299a05-FRA content-length 0 content-type application/octet-stream date Fri, 14 Jul 2023 02:11:18 GMT server cloudflare timing-allow-origin * vary origin x-envoy-upstream-service-time 1 x-evy-trace-listener listener_https x-evy-trace-route-configuration listener_https/all x-evy-trace-route-service-name envoyset-translator x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-v9vn7 x-evy-trace-virtual-host all x-hubspot-correlation-id 172bde66-2e62-4ae2-ad4e-d8399ac46000 x-request-id 172bde66-2e62-4ae2-ad4e-d8399ac46000
POST H2	204	view Show response js.hs-banner.com/cookie-banner-public/v1/activity/	0 174 B	122ms 122ms	XHR text/plain	2606:4700::6812:18c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/cookie-banner-public/v1/activity/view Requested by Host: js.hs-banner.com URL: https://js.hs-banner.com/1665891.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json Response headers date Fri, 14 Jul 2023 02:11:19 GMT cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 3ee22255-cecf-4146-8b7e-fc61157ef442 x-envoy-upstream-service-time 18 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 3ee22255-cecf-4146-8b7e-fc61157ef442 server cloudflare access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD access-control-allow-origin https://blog.aquasec.com x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing vary origin access-control-allow-credentials true x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-9vnjb timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 7e663bfb39699a05-FRA
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 349 B	37ms 17ms	XHR text/plain	2a00:1450:400c:c0a::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-63272154-1&cid=1700989597.1689300679&jid=1660332309&gjid=410012407&_gid=1766273135.1689300679&_u=YGBACEAABAAAACAAI~&z=227646958 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Fri, 14 Jul 2023 02:11:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://blog.aquasec.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	analytics.js Show response www.google-analytics.com/ Frame 3752	52 KB 21 KB	15ms 15ms	Script text/javascript	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.virustotal.com URL: https://www.virustotal.com/graph/assets/main.bundle.da2b5fdac9fb24ec8937.js Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.virustotal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 14 Jul 2023 00:35:19 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 5759 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Fri, 14 Jul 2023 02:35:19 GMT
GET H2	200	1.main.bundle.ea987a0b29925f8ad586.js Show response www.virustotal.com/graph/assets/ Frame 3752	191 KB 66 KB	20ms 19ms	Script application/javascript	74.125.34.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.virustotal.com/graph/assets/1.main.bundle.ea987a0b29925f8ad586.js Requested by Host: www.virustotal.com URL: https://www.virustotal.com/graph/assets/main.bundle.da2b5fdac9fb24ec8937.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.34.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS ghs-vip-any-c46.ghs-ssl.googlehosted.com Software Google Frontend / Resource Hash bbb07795d11cb52f256ee14163fcf478f37de14ce3a5f0bdffe45af7c8156adc Request headers accept-language de-DE,de;q=0.9 Referer https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 20:34:11 GMT content-encoding gzip server Google Frontend age 20227 etag "jWBcvg" content-type application/javascript x-cloud-trace-context 73ce78593a32081c54bb71d4b5e20566 cache-control public, max-age=2592000 content-length 67044 expires Sat, 12 Aug 2023 20:34:11 GMT
GET H2	200	2.main.bundle.8499b3d1d7cbc135514c.js Show response www.virustotal.com/graph/assets/ Frame 3752	48 KB 15 KB	21ms 20ms	Script application/javascript	74.125.34.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.virustotal.com/graph/assets/2.main.bundle.8499b3d1d7cbc135514c.js Requested by Host: www.virustotal.com URL: https://www.virustotal.com/graph/assets/main.bundle.da2b5fdac9fb24ec8937.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.34.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS ghs-vip-any-c46.ghs-ssl.googlehosted.com Software Google Frontend / Resource Hash 32ef3f6f990d64af28afd4d2093cfacde2857f9e1896af501e4e6834576d2877 Request headers accept-language de-DE,de;q=0.9 Referer https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 22:09:28 GMT content-encoding gzip server Google Frontend age 14510 etag "jWBcvg" content-type application/javascript x-cloud-trace-context 2483ccc8cc7ccc456c1519f93733c95e cache-control public, max-age=2592000 content-length 15584 expires Sat, 12 Aug 2023 22:09:28 GMT
GET H2	200	17.main.bundle.934bc1cce72de27b3b35.js Show response www.virustotal.com/graph/assets/ Frame 3752	14 KB 5 KB	23ms 23ms	Script application/javascript	74.125.34.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.virustotal.com/graph/assets/17.main.bundle.934bc1cce72de27b3b35.js Requested by Host: www.virustotal.com URL: https://www.virustotal.com/graph/assets/main.bundle.da2b5fdac9fb24ec8937.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.34.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS ghs-vip-any-c46.ghs-ssl.googlehosted.com Software Google Frontend / Resource Hash 27ab660e5a17c7845b585745e03d0df579447e0b04617b266a46dacc1c241e71 Request headers accept-language de-DE,de;q=0.9 Referer https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 20:25:54 GMT content-encoding gzip server Google Frontend age 20724 etag "jWBcvg" content-type application/javascript x-cloud-trace-context 71dce06ed88bf3e75e2e3074eec1aa47 cache-control public, max-age=2592000 content-length 5077 expires Sat, 12 Aug 2023 20:25:54 GMT
GET H2	200	a9d28e31db3146cc210973bb67fcf615.js Show response script.crazyegg.com/pages/versioned/commontransformations-scripts/	117 KB 40 KB	16ms 15ms	Script text/javascript	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/versioned/commontransformations-scripts/a9d28e31db3146cc210973bb67fcf615.js Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0082/9110.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 05e4812b68ceabce665dae0f0d70b3343dac163c1e8a130e613d47f3f5ae33e5 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:18 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 06 Jul 2023 16:31:55 GMT server cloudflare age 120894 vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=31536000 accept-ranges bytes timing-allow-origin * cf-ray 7e663bfacdb968fe-FRA content-length 40966
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	22ms 18ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-63272154-1&cid=1700989597.1689300679&jid=1660332309&_u=YGBACEAABAAAACAAI~&z=1108594607 Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jul 2023 02:11:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	24ms 20ms	Image image/gif	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-63272154-1&cid=1700989597.1689300679&jid=1660332309&_u=YGBACEAABAAAACAAI~&z=1108594607 Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jul 2023 02:11:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	counters.gif perf-na1.hsforms.com/embed/v3/	35 B 1 KB	154ms 120ms	Image image/gif	2606:4700::6811:d4f3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1 Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:d4f3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Fri, 14 Jul 2023 02:11:19 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload CF-Cache-Status MISS x-evy-trace-route-service-name envoyset-translator X-HubSpot-Correlation-Id e30b5a7c-344c-447d-bbc8-c5266d0af10e x-envoy-upstream-service-time 1 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id e30b5a7c-344c-447d-bbc8-c5266d0af10e Last-Modified Fri, 14 Jul 2023 02:11:19 GMT Server cloudflare X-Trace 2BE798E83652609DA43981B45F02DB097E2B3734C4000000000000000000 Vary origin, Accept-Encoding Content-Type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-759c64d45c-zlsgj Access-Control-Expose-Headers X-Origin-Hublet Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials false Accept-Ranges bytes X-Robots-Tag none CF-RAY 7e663bfb6cd21e60-FRA
GET H2	200	blog.aquasec.com.json Show response script.crazyegg.com/pages/data-scripts/0082/9110/sampling/	158 B 259 B	136ms 136ms	XHR application/json	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/data-scripts/0082/9110/sampling/blog.aquasec.com.json?t=469250 Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/a9d28e31db3146cc210973bb67fcf615.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a74664419af65bb983699709d78de7c62722e0e6966dc92f5aa074009c53f15 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:19 GMT content-encoding gzip cf-cache-status MISS last-modified Fri, 14 Jul 2023 02:11:19 GMT server cloudflare vary Accept-Encoding content-type application/json ce-version 11.5.104 access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes timing-allow-origin * cf-ray 7e663bfb5cb49bb6-FRA content-length 149
GET H2	200	light-detected-domain.png www.virustotal.com/graph/assets/images/entities/ Frame 3752	4 KB 4 KB	30ms 29ms	Image image/png	74.125.34.46 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.virustotal.com/graph/assets/images/entities/light-detected-domain.png Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.34.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS ghs-vip-any-c46.ghs-ssl.googlehosted.com Software Google Frontend / Resource Hash 234ff025143a33e758f7927985ebb39aa955307146c9245d3423a5c1f70bc827 Request headers Referer https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light Origin https://www.virustotal.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 06:41:17 GMT server Google Frontend age 156601 etag "jWBcvg" content-type image/png x-cloud-trace-context a0ba9136ce64a2a92a7fd54906be168a;o=1 cache-control public, max-age=2592000 content-length 3756 expires Fri, 11 Aug 2023 06:41:17 GMT
GET H2	200	dark-detected-domain.png www.virustotal.com/graph/assets/images/entities/ Frame 3752	4 KB 4 KB	31ms 29ms	Image image/png	74.125.34.46 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.virustotal.com/graph/assets/images/entities/dark-detected-domain.png Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.34.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS ghs-vip-any-c46.ghs-ssl.googlehosted.com Software Google Frontend / Resource Hash 86dd65588c71fac83afd2f8e3156a2867c1a287cf5e45d2b1ae559bb317d725b Request headers Referer https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light Origin https://www.virustotal.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 06:15:56 GMT server Google Frontend age 158122 etag "jWBcvg" content-type image/png x-cloud-trace-context 9dcfbdfff49c6cfbf50e1ddad4982f91 cache-control public, max-age=2592000 content-length 4319 expires Fri, 11 Aug 2023 06:15:56 GMT
GET H2	200	light-selected-domain.png www.virustotal.com/graph/assets/images/entities/ Frame 3752	4 KB 4 KB	33ms 32ms	Image image/png	74.125.34.46 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.virustotal.com/graph/assets/images/entities/light-selected-domain.png Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.34.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS ghs-vip-any-c46.ghs-ssl.googlehosted.com Software Google Frontend / Resource Hash 520d58c30761f7582c48f71c9e6747a8eff684ba8aab5f7e27487ef22003ea50 Request headers Referer https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light Origin https://www.virustotal.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 20:24:48 GMT server Google Frontend age 20790 etag "jWBcvg" content-type image/png x-cloud-trace-context f6c0a4ebeeaea2ed2ff70e78d38d357f cache-control public, max-age=2592000 content-length 3721 expires Sat, 12 Aug 2023 20:24:48 GMT
GET H2	200	dark-selected-domain.png www.virustotal.com/graph/assets/images/entities/ Frame 3752	4 KB 4 KB	32ms 31ms	Image image/png	74.125.34.46 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.virustotal.com/graph/assets/images/entities/dark-selected-domain.png Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.34.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS ghs-vip-any-c46.ghs-ssl.googlehosted.com Software Google Frontend / Resource Hash 94fa276891d9fbae5704afbdfbaef3aaf94c1737bff40eb255ac322d8394499f Request headers Referer https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light Origin https://www.virustotal.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 05:40:23 GMT server Google Frontend age 73855 etag "jWBcvg" content-type image/png x-cloud-trace-context cb2e6dd5aaee71517d50189fa8f85107 cache-control public, max-age=2592000 content-length 4422 expires Sat, 12 Aug 2023 05:40:23 GMT
GET H2	200	light-default-domain.png www.virustotal.com/graph/assets/images/entities/ Frame 3752	4 KB 4 KB	31ms 30ms	Image image/png	74.125.34.46 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.virustotal.com/graph/assets/images/entities/light-default-domain.png Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.34.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS ghs-vip-any-c46.ghs-ssl.googlehosted.com Software Google Frontend / Resource Hash 4a3ddcf83f007e6229c988d14b2324bebdec6797564712f4c42ea40896871834 Request headers Referer https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light Origin https://www.virustotal.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 18:33:24 GMT server Google Frontend age 27474 etag "jWBcvg" content-type image/png x-cloud-trace-context 4897fe75a8cc5173f1b7ebb4839f7548 cache-control public, max-age=2592000 content-length 3758 expires Sat, 12 Aug 2023 18:33:24 GMT
GET H2	200	dark-default-domain.png www.virustotal.com/graph/assets/images/entities/ Frame 3752	4 KB 5 KB	140ms 139ms	Image image/png	74.125.34.46 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.virustotal.com/graph/assets/images/entities/dark-default-domain.png Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.34.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS ghs-vip-any-c46.ghs-ssl.googlehosted.com Software Google Frontend / Resource Hash b501de10b1ca63e1db6380a64321aa35ba52ad3befaddb3d71b6e6020109c8bb Request headers Referer https://www.virustotal.com/graph/embed/g249a2d9eae78403ab3cfb9fedc000bc8700cbf8546fb4d4082cfb505f0f0893a?theme=light Origin https://www.virustotal.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers expires Sun, 13 Aug 2023 02:11:19 GMT date Fri, 14 Jul 2023 02:11:19 GMT cache-control public, max-age=2592000 x-cloud-trace-context 517f3c65bd060458a9fc2e558d0e1839 server Google Frontend etag "jWBcvg" content-type image/png
GET H2	200	healthcheck Show response pagestates-tracking.crazyegg.com/	19 B 461 B	61ms 11ms	XHR application/json	18.173.154.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pagestates-tracking.crazyegg.com/healthcheck Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/a9d28e31db3146cc210973bb67fcf615.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.154.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-154-120.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 28 Jun 2023 01:42:51 GMT via 1.1 ca623c10f2a669c8a9af30362937ebac.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P3 age 1384109 x-cache Hit from cloudfront content-length 19 last-modified Fri, 08 Jul 2022 22:25:51 GMT server AmazonS3 etag "d06f04fccf68d0b228a5923187ce1afd" access-control-max-age 31536000 access-control-allow-methods GET, HEAD content-type application/json access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin accept-ranges bytes x-amz-cf-id _Z8r2WaZ4lMzFBFnd04APmgIUKmUvIwGIppxIFqFZm0wLk7LKu__xA==
GET H2	200	healthcheck Show response assets-tracking.crazyegg.com/	19 B 388 B	59ms 7ms	XHR application/json	18.66.122.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-tracking.crazyegg.com/healthcheck Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/a9d28e31db3146cc210973bb67fcf615.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-45.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 05 Nov 2022 03:10:02 GMT via 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront) last-modified Fri, 08 Jul 2022 22:25:51 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 age 21682878 etag "d06f04fccf68d0b228a5923187ce1afd" x-cache Hit from cloudfront content-type application/json access-control-allow-origin * access-control-expose-headers * accept-ranges bytes content-length 19 x-amz-cf-id qaLduMMH1r8bkqZkcvOsylSKXi3S4LqmNuswKt2Lt61jIBzqqt8hGw==
GET BLOB	200 OK	ca52e14f-07e4-4bf9-83fc-b8796b029f43 https://blog.aquasec.com/	45 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://blog.aquasec.com/ca52e14f-07e4-4bf9-83fc-b8796b029f43 Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e8f74416e7bc7051dbd2c0b2dec8cdb9a5ba4b36f88ba1b65c3e7dd7447b4090 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Length 45 Content-Type text/javascript
GET H2	200	clock Show response tracking.crazyegg.com/	30 B 137 B	161ms 87ms	XHR text/plain	52.48.6.190 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tracking.crazyegg.com/clock?t=1689300679149&tk=7275d2dfbee8b83b8cd904fd3328187b&s=328806&p=%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&u=829110&v=5f4de3142a7cb1a9c6ede4cb604feea25304fdff&f=blog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&ul=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/a9d28e31db3146cc210973bb67fcf615.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.48.6.190 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-48-6-190.eu-west-1.compute.amazonaws.com Software awselb/2.0 / Resource Hash 5033b04252192d6ad4d81bb349925e6390ac31f6bf35c5af69bd80a36b73ede1 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers access-control-allow-origin * date Fri, 14 Jul 2023 02:11:19 GMT cache-control no-store server awselb/2.0 content-length 30 content-type text/plain
GET BLOB	200 OK	ec151736-4a63-4c9d-9795-9dd4913d126b https://blog.aquasec.com/	256 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://blog.aquasec.com/ec151736-4a63-4c9d-9795-9dd4913d126b Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 938ad9d4eb5d61d4f10ab3974d2bb56aa6fc12f5d73b375f9c603f6d4d98d378 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Length 256 Content-Type text/javascript
GET H2	200	/ Show response c.6sc.co/	7 B 193 B	9ms 7ms	XHR text/html	95.101.111.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://c.6sc.co/ Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-184.deploy.static.akamaitechnologies.com Software / Resource Hash fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:19 GMT access-control-max-age 86400 access-control-allow-methods GET,POST content-type text/html access-control-allow-origin https://blog.aquasec.com access-control-allow-credentials true access-control-allow-headers * content-length 7
GET H2	200	/ Show response ipv6.6sc.co/	36 B 330 B	44ms 7ms	XHR text/html	2a02:26f0:7100::210:180 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ipv6.6sc.co/ Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::210:180 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 1f3a5bf8ca8e9ef8a1122e5958443043f50e9cf3994d2b1d0ff32e3d9307b47c Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jul 2023 02:11:19 GMT vary Origin content-type text/html access-control-allow-origin https://blog.aquasec.com cache-control max-age=0, no-cache, no-store 6si-ipv6 2a02:6ea0:c71b:0:1011:6de9:db66:3849 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469250_34603388_1450387833_42_750_5_0_-";dur=1 content-length 36 expires Fri, 14 Jul 2023 02:11:19 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 484 B	223ms 205ms	Image image/gif	95.101.111.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=b5b19d05dd2f4d2bdb579c1a77a6b1bd&svisitor=null&visitor=3fba2d42-53a5-439f-83b5-30f7c1370aa0&session=cf016985-2f59-4525-808d-068182c1e566&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Fri%2C%2014%20Jul%202023%2002%3A11%3A18%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2014%20Jul%202023%2002%3A11%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22b5b19d05dd2f4d2bdb579c1a77a6b1bd%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2014%20Jul%202023%2002%3A11%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2014%20Jul%202023%2002%3A11%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20botnet%20run%20by%20TeamTNT%20has%20set%20its%20sights%20on%20Docker%20and%20Kubernetes%20environments%2C%20Redis%20servers%2C%20Postgres%20databases%2C%20Hadoop%20clusters%2C%20Tomcat%20and%20others.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22TeamTNT%20Reemerged%20with%20New%20Aggressive%20Cloud%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&pageViewId=cb3fc86b-91e6-4afd-88bd-236623260354 Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:19 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 00:49:36 GMT server nginx/1.14.0 (Ubuntu) etag "63f020a0-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	__ptq.gif track.hubspot.com/	45 B 601 B	126ms 125ms	Image image/gif	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2241961375&v=1.1&a=1665891&pi=123745878136&ct=blog-post&ccu=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&cpi=123745878136&cgi=3657573699&lpi=123745878136&lvi=123745878136&lvc=en-us&pu=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&t=TeamTNT+Reemerged+with+New+Aggressive+Cloud+Campaign&cts=1689300679632&vi=94ae0fce3f9d515dcb04a18b2cfacff9&nc=true&ce=false&pt=1&cc=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id ce6afdc4-04c8-4642-93b4-a4ef45c72255 p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 3 alt-svc h3=":443"; ma=86400 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id ce6afdc4-04c8-4642-93b4-a4ef45c72255 server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HH7%2F61ygekaeZwiDkQ%2Bp1jwLFMdnR9sAunfY2SkykV1ol2%2BHTWJGt51R5wmGHdmk8oj3XIu%2Fp6%2Bkmq3u69F6IfM0mfjrQYMCALaQjb1RB2ydLlOHqtpBr2Pc49p9IwkAGd0rcMj4laXO6ut0HGtz"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-5f6448c676-2c4rt x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 7e663bffce4b1ac5-FRA x-robots-tag none
GET H2	200	__ptq.gif track.hubspot.com/	45 B 433 B	124ms 123ms	Image image/gif	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=15&fi=fc3a461b-474b-4bd2-b409-c41d4ec09d8a&fci=5628a5b7-e0aa-4338-b634-4067be893eb4&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2241961375&v=1.1&a=1665891&pi=123745878136&ct=blog-post&ccu=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&cpi=123745878136&cgi=3657573699&lpi=123745878136&lvi=123745878136&lvc=en-us&pu=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&t=TeamTNT+Reemerged+with+New+Aggressive+Cloud+Campaign&cts=1689300679634&vi=94ae0fce3f9d515dcb04a18b2cfacff9&nc=true&ce=false&pt=1&cc=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id fa115ad2-c03c-4ca8-9d6f-2dcf9fc99173 p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 3 alt-svc h3=":443"; ma=86400 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id fa115ad2-c03c-4ca8-9d6f-2dcf9fc99173 server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTECg3n%2FyYF7nCPRIMJUFCmWnvHTta6%2FShcDW4BK2WEmxWHXX3SBBkbOmsb8At53zcAyUXmkfZrnccw%2FhrRvyG64FNc7RvFREcV9auCODa2oaeePD9oPqc81M47UBd8voUr4z61BpIS2cP4z9jga"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-5f6448c676-pwxm2 x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 7e663bffce501ac5-FRA x-robots-tag none
GET H2	200	__ptq.gif track.hubspot.com/	45 B 553 B	144ms 143ms	Image image/gif	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=17&fi=fc3a461b-474b-4bd2-b409-c41d4ec09d8a&fci=5628a5b7-e0aa-4338-b634-4067be893eb4&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2241961375&v=1.1&a=1665891&pi=123745878136&ct=blog-post&ccu=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&cpi=123745878136&cgi=3657573699&lpi=123745878136&lvi=123745878136&lvc=en-us&pu=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&t=TeamTNT+Reemerged+with+New+Aggressive+Cloud+Campaign&cts=1689300679634&vi=94ae0fce3f9d515dcb04a18b2cfacff9&nc=true&ce=false&pt=1&cc=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id acf01dd2-779a-47af-a169-dcc14f6c3cbf p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 6 alt-svc h3=":443"; ma=86400 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id acf01dd2-779a-47af-a169-dcc14f6c3cbf server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LieHkLLrjXzL4uo%2BJjY0B6xWAclIcwzK7E%2FKQC68qhVa5wFAy8%2Bco4j0xt1%2FTr6f5z0gCIDuHFpMwI2yNuY9IgEiSoDT0aD2nSMGTw4pcU%2Fl5khonvP89KI6Tkw%2BA6YkrsxRMnG9bk2yYARsFEk0"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-5f6448c676-2c4rt x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 7e663bffce511ac5-FRA x-robots-tag none
GET H2	200	__ptq.gif track.hubspot.com/	45 B 512 B	128ms 127ms	Image image/gif	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=15&fi=bcc43e1c-30ef-4ea4-9582-44bff8d5ad4c&fci=5effc711-9ba3-4d2d-8952-8bff30006758&ft=4&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2241961375&v=1.1&a=1665891&pi=123745878136&ct=blog-post&ccu=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&cpi=123745878136&cgi=3657573699&lpi=123745878136&lvi=123745878136&lvc=en-us&pu=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&t=TeamTNT+Reemerged+with+New+Aggressive+Cloud+Campaign&cts=1689300679635&vi=94ae0fce3f9d515dcb04a18b2cfacff9&nc=true&ce=false&pt=1&cc=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 24f6a837-de00-49a7-b51a-945073e113b3 p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 5 alt-svc h3=":443"; ma=86400 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 24f6a837-de00-49a7-b51a-945073e113b3 server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0QH58ywJug1HI8zaw1I8xpg8P6Yhh9401fpfSYxBhsZCjRSjXdFH%2FheCOajociKdMvpn5JmUJDs%2BoBX9%2F3G%2Fnj53TzW65yYerDJttKDy7KQN%2FKQQHLVCApQKbOFv5YaaEm61%2FMMVX83%2BC2gvKBG"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-5f6448c676-zkwrk x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 7e663bffde551ac5-FRA x-robots-tag none
GET H2	200	__ptq.gif track.hubspot.com/	45 B 435 B	124ms 123ms	Image image/gif	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=17&fi=bcc43e1c-30ef-4ea4-9582-44bff8d5ad4c&fci=5effc711-9ba3-4d2d-8952-8bff30006758&ft=4&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2241961375&v=1.1&a=1665891&pi=123745878136&ct=blog-post&ccu=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&cpi=123745878136&cgi=3657573699&lpi=123745878136&lvi=123745878136&lvc=en-us&pu=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&t=TeamTNT+Reemerged+with+New+Aggressive+Cloud+Campaign&cts=1689300679637&vi=94ae0fce3f9d515dcb04a18b2cfacff9&nc=true&ce=false&pt=1&cc=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id c4c6a87a-2bd8-4436-bde9-c934050fd43e p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 3 alt-svc h3=":443"; ma=86400 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id c4c6a87a-2bd8-4436-bde9-c934050fd43e server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkXbnZLhKkA6kO72Pjs0M68D7WO6Nx9Fp7IWBlupiBQOAh65U1ChIzcMse7gQ9OcU3b%2F11qR%2BtbD%2BAZfkra47aQ3a06zaoAjBXeM0iKyxeXAi3ArxjyvQYF7ZGzn3IS2vNQ0q5L%2BFXEZABZlmi5k"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-5f6448c676-kn6mk x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 7e663bffde561ac5-FRA x-robots-tag none
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 485 B	199ms 199ms	Image image/gif	95.101.111.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=b5b19d05dd2f4d2bdb579c1a77a6b1bd&svisitor=null&visitor=3fba2d42-53a5-439f-83b5-30f7c1370aa0&session=cf016985-2f59-4525-808d-068182c1e566&event=ipv6&q=%7B%22address%22%3A%222a02%3A6ea0%3Ac71b%3A0%3A1011%3A6de9%3Adb66%3A3849%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20botnet%20run%20by%20TeamTNT%20has%20set%20its%20sights%20on%20Docker%20and%20Kubernetes%20environments%2C%20Redis%20servers%2C%20Postgres%20databases%2C%20Hadoop%20clusters%2C%20Tomcat%20and%20others.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22TeamTNT%20Reemerged%20with%20New%20Aggressive%20Cloud%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&pageViewId=cb3fc86b-91e6-4afd-88bd-236623260354 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:19 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 01:45:17 GMT server nginx/1.14.0 (Ubuntu) etag "63f02dad-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	trends.min.js Show response assets.trendemon.com/tag/	253 KB 49 KB	62ms 8ms	Script application/javascript	2600:9000:223c:c000:2:7dc7:8f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.trendemon.com/tag/trends.min.js Requested by Host: blog.aquasec.com URL: https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:c000:2:7dc7:8f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bc17b7bdf4156cd6dbbc5af329e52b5089ef38649d96fd23f6e6bb565400318d Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 11:27:04 GMT content-encoding gzip via 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront) last-modified Mon, 10 Jul 2023 13:37:55 GMT server AmazonS3 x-amz-cf-pop FRA56-P2 age 63331 x-amz-server-side-encryption AES256 etag "16056665b882a5fd80a47272c57b0664" x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 49947 x-amz-cf-id -FF2aEiNPLTqqPcp_nAfUGZBn5kxtVr1cEQiEvBhhRTHEcYfblmiLQ==
GET H2	200	1810 Show response trackingapi.trendemon.com/api/settings/	744 B 883 B	315ms 95ms	Script application/x-javascript	44.209.35.252 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trackingapi.trendemon.com/api/settings/1810?callback=jsonp783139&vid= Requested by Host: assets.trendemon.com URL: https://assets.trendemon.com/tag/trends.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.209.35.252 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-209-35-252.compute-1.amazonaws.com Software Kestrel / Resource Hash fc071b84e6a05c33142747733adf3bb020a62f91c34bc9fb7e0313a6ea47bc73 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jul 2023 02:11:20 GMT cache-control no-store,no-cache server Kestrel content-length 744 content-type application/x-javascript; charset=UTF-8
GET H2	200	identity.min.js Show response assets.trendemon.com/global/	18 KB 6 KB	8ms 8ms	Script application/javascript	2600:9000:223c:c000:2:7dc7:8f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.trendemon.com/global/identity.min.js Requested by Host: assets.trendemon.com URL: https://assets.trendemon.com/tag/trends.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:c000:2:7dc7:8f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1220bdf087a7b3b0f068e1dc2422c361ef11cf999ff8ea343573d9e5a7c19bdc Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 05:12:47 GMT content-encoding br via 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront) last-modified Mon, 10 Jul 2023 13:37:59 GMT server AmazonS3 x-amz-cf-pop FRA56-P2 age 75523 x-amz-server-side-encryption AES256 etag W/"3f44b799c727cbac65d90f0779b8eb4e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id u9QEbcQ1vHn8yZOxsGwTIAfSQsrcxw_rn62yPUZXfxQ74-_4yvxEVA==
GET H2	200	me Show response trackingapi.trendemon.com/api/Identity/	94 B 507 B	101ms 101ms	Script application/x-javascript	44.209.35.252 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trackingapi.trendemon.com/api/Identity/me?accountId=1810&DomainCookie=16893006802809513&fingerPrint=b1dff9881504dfb64524f993e0281838&callback=jsonp856169&vid= Requested by Host: assets.trendemon.com URL: https://assets.trendemon.com/tag/trends.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.209.35.252 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-209-35-252.compute-1.amazonaws.com Software Kestrel / Resource Hash 177235e1d5e12430e5eedb3458b70f5560ced8c85f3565469fae923c7bf600a7 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jul 2023 02:11:20 GMT cache-control no-store,no-cache server Kestrel content-length 94 content-type application/x-javascript; charset=UTF-8
GET H2	200	pageview trackingapi.trendemon.com/api/events/	43 B 234 B	196ms 196ms	Image image/gif	44.209.35.252 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://trackingapi.trendemon.com/api/events/pageview?accountId=1810&url=aHR0cHM6Ly9ibG9nLmFxdWFzZWMuY29tL3RlYW10bnQtcmVlbWVyZ2VkLXdpdGgtbmV3LWFnZ3Jlc3NpdmUtY2xvdWQtY2FtcGFpZ24%3D&cookie=16893006802809513&referral=&variant=&otwId=&otwItemId=&streamId=&streamContentId=&vid=1810:16893006802809513&r=1689300680503 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.209.35.252 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-209-35-252.compute-1.amazonaws.com Software Kestrel / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Fri, 14 Jul 2023 02:11:20 GMT server Kestrel age 1691358 content-type image/gif cache-control no-cache, no-store, must-revalidate content-length 43 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 484 B	198ms 197ms	Image image/gif	95.101.111.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=b5b19d05dd2f4d2bdb579c1a77a6b1bd&svisitor=null&visitor=3fba2d42-53a5-439f-83b5-30f7c1370aa0&session=cf016985-2f59-4525-808d-068182c1e566&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2014%20Jul%202023%2002%3A11%3A20%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2014%20Jul%202023%2002%3A11%3A18%20GMT%22%2C%22timeSpent%22%3A%222338%22%2C%22totalTimeSpent%22%3A%222338%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20botnet%20run%20by%20TeamTNT%20has%20set%20its%20sights%20on%20Docker%20and%20Kubernetes%20environments%2C%20Redis%20servers%2C%20Postgres%20databases%2C%20Hadoop%20clusters%2C%20Tomcat%20and%20others.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22TeamTNT%20Reemerged%20with%20New%20Aggressive%20Cloud%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&pageViewId=cb3fc86b-91e6-4afd-88bd-236623260354 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:20 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Fri, 21 Feb 2020 18:57:20 GMT server nginx/1.14.0 (Ubuntu) etag "5e502810-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	personal Show response trackingapi.trendemon.com/api/experience/	3 KB 4 KB	100ms 100ms	Script application/x-javascript	44.209.35.252 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trackingapi.trendemon.com/api/experience/personal?AccountId=1810&ClientUrl=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&MarketingAutomationCookie=&ExcludeUnitsJson=%5B%5D&streamId=&callback=jsonp458184&vid=1810:16893006802809513 Requested by Host: assets.trendemon.com URL: https://assets.trendemon.com/tag/trends.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.209.35.252 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-209-35-252.compute-1.amazonaws.com Software Kestrel / Resource Hash 7c3049ad2ebf33286072ec6c2b8479c865b2f8f3ad781c06c867ea9b9d51cca1 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:21 GMT server Kestrel content-length 3501 content-type application/x-javascript; charset=UTF-8
GET H/1.1	200 OK	closex.png pic.trendemon.com/images/	386 B 848 B	103ms 8ms	Image image/png	65.9.66.118 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pic.trendemon.com/images/closex.png Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 65.9.66.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-118.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash c3a58e45ccfffece1df8e470fd853a81321e4f78f6af8d22e78310da1380f7d5 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Thu, 13 Jul 2023 03:22:01 GMT Via 1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront) Last-Modified Tue, 16 Apr 2019 23:23:30 GMT Server AmazonS3 X-Amz-Cf-Pop FRA56-C1 Age 82213 ETag "7da2ae17c3b671047838f7b78687a56f" X-Cache Hit from cloudfront Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 386 X-Amz-Cf-Id z-3SKPdB15WW8pTDsqTKeEay5uIdLM_I3-KtCOIEM51_pSKL4wLjgg==
GET H/1.1	200 OK	300x300.png pic.trendemon.com/units-graphics/	75 KB 76 KB	104ms 9ms	Image image/png	65.9.66.118 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pic.trendemon.com/units-graphics/300x300.png Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 65.9.66.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-118.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 0058bf8f19f46d2afec3c7baec803c4582f7e8a43c192ffe575b901f3d6c31b2 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Thu, 13 Jul 2023 23:05:07 GMT Via 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront) Last-Modified Tue, 06 Oct 2020 12:06:07 GMT Server AmazonS3 X-Amz-Cf-Pop FRA56-C1 Age 11175 ETag "855430e5357d2c1eef6fbe9853480bca" X-Cache Hit from cloudfront Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 76979 X-Amz-Cf-Id uXvnr1AwQ__au_ZsaxYIw0wlO2ThypuVbCJo-eVPJR1o2UWkgF-mvA==
GET H2	200	personal-embedded Show response trackingapi.trendemon.com/api/experience/	3 KB 3 KB	111ms 109ms	Script application/x-javascript	44.209.35.252 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trackingapi.trendemon.com/api/experience/personal-embedded?AccountId=1810&ClientUrl=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&MarketingAutomationCookie=&Ids=%5B%5D&Groups=%5B%22recommend%22%5D&StreamId=&callback=jsonp838223&vid=1810:16893006802809513 Requested by Host: assets.trendemon.com URL: https://assets.trendemon.com/tag/trends.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.209.35.252 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-209-35-252.compute-1.amazonaws.com Software Kestrel / Resource Hash 2aac5f539228a7932c522ca92c92ed863c099f7ff6dc1079c6fb354e15315467 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:21 GMT server Kestrel content-length 3423 content-type application/x-javascript; charset=UTF-8
GET H/1.1	200 OK	closex.png pic.trendemon.com/images/	386 B 848 B	10ms 10ms	Image image/png	65.9.66.118 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pic.trendemon.com/images/closex.png Requested by Host: assets.trendemon.com URL: https://assets.trendemon.com/tag/trends.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 65.9.66.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-118.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash c3a58e45ccfffece1df8e470fd853a81321e4f78f6af8d22e78310da1380f7d5 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Thu, 13 Jul 2023 03:22:01 GMT Via 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront) Last-Modified Tue, 16 Apr 2019 23:23:30 GMT Server AmazonS3 X-Amz-Cf-Pop FRA56-C1 Age 82213 ETag "7da2ae17c3b671047838f7b78687a56f" X-Cache Hit from cloudfront Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 386 X-Amz-Cf-Id KzAkfhJ3rhS6qwTFTXQG5uBY_W8uuewtNSv2cpM0YO-dGhJ6XMGrrg==
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 484 B	205ms 205ms	Image image/gif	95.101.111.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=b5b19d05dd2f4d2bdb579c1a77a6b1bd&svisitor=null&visitor=3fba2d42-53a5-439f-83b5-30f7c1370aa0&session=cf016985-2f59-4525-808d-068182c1e566&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2014%20Jul%202023%2002%3A11%3A21%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2014%20Jul%202023%2002%3A11%3A20%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223339%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20botnet%20run%20by%20TeamTNT%20has%20set%20its%20sights%20on%20Docker%20and%20Kubernetes%20environments%2C%20Redis%20servers%2C%20Postgres%20databases%2C%20Hadoop%20clusters%2C%20Tomcat%20and%20others.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22TeamTNT%20Reemerged%20with%20New%20Aggressive%20Cloud%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&pageViewId=cb3fc86b-91e6-4afd-88bd-236623260354 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:21 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Tue, 05 Oct 2021 22:17:52 GMT server nginx/1.14.0 (Ubuntu) etag "615ccf10-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 484 B	205ms 204ms	Image image/gif	95.101.111.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=b5b19d05dd2f4d2bdb579c1a77a6b1bd&svisitor=null&visitor=3fba2d42-53a5-439f-83b5-30f7c1370aa0&session=cf016985-2f59-4525-808d-068182c1e566&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2014%20Jul%202023%2002%3A11%3A22%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2014%20Jul%202023%2002%3A11%3A21%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%224341%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20botnet%20run%20by%20TeamTNT%20has%20set%20its%20sights%20on%20Docker%20and%20Kubernetes%20environments%2C%20Redis%20servers%2C%20Postgres%20databases%2C%20Hadoop%20clusters%2C%20Tomcat%20and%20others.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22TeamTNT%20Reemerged%20with%20New%20Aggressive%20Cloud%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&pageViewId=cb3fc86b-91e6-4afd-88bd-236623260354 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:22 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Tue, 05 Oct 2021 22:17:52 GMT server nginx/1.14.0 (Ubuntu) etag "615ccf10-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 485 B	205ms 204ms	Image image/gif	95.101.111.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=b5b19d05dd2f4d2bdb579c1a77a6b1bd&svisitor=null&visitor=3fba2d42-53a5-439f-83b5-30f7c1370aa0&session=cf016985-2f59-4525-808d-068182c1e566&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2014%20Jul%202023%2002%3A11%3A23%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2014%20Jul%202023%2002%3A11%3A22%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225342%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20botnet%20run%20by%20TeamTNT%20has%20set%20its%20sights%20on%20Docker%20and%20Kubernetes%20environments%2C%20Redis%20servers%2C%20Postgres%20databases%2C%20Hadoop%20clusters%2C%20Tomcat%20and%20others.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22TeamTNT%20Reemerged%20with%20New%20Aggressive%20Cloud%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&pageViewId=cb3fc86b-91e6-4afd-88bd-236623260354 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.aquasec.com/teamtnt-reemerged-with-new-aggressive-cloud-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 02:11:23 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 01:45:17 GMT server nginx/1.14.0 (Ubuntu) etag "63f02dad-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET		img.gif b.6sc.co/v1/beacon/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

b.6sc.co

URL

https://b.6sc.co/v1/beacon/img.gif?token=b5b19d05dd2f4d2bdb579c1a77a6b1bd&svisitor=null&visitor=3fba2d42-53a5-439f-83b5-30f7c1370aa0&session=cf016985-2f59-4525-808d-068182c1e566&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2014%20Jul%202023%2002%3A11%3A24%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2014%20Jul%202023%2002%3A11%3A23%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226343%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20botnet%20run%20by%20TeamTNT%20has%20set%20its%20sights%20on%20Docker%20and%20Kubernetes%20environments%2C%20Redis%20servers%2C%20Postgres%20databases%2C%20Hadoop%20clusters%2C%20Tomcat%20and%20others.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22TeamTNT%20Reemerged%20with%20New%20Aggressive%20Cloud%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblog.aquasec.com%2Fteamtnt-reemerged-with-new-aggressive-cloud-campaign&pageViewId=cb3fc86b-91e6-4afd-88bd-236623260354