urlscan.io logo urlscan.io
SecurityTrails logo

www.truesec.com Open in urlscan Pro
76.76.21.21  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Submission: On September 26 via manual from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 7 domains to perform 106 HTTP transactions. The main IP is 76.76.21.21, located in Charlotte, United States and belongs to AMAZON-02, US. The main domain is www.truesec.com.
TLS certificate: Issued by R3 on September 4th 2023. Valid for: 3 months.
This is the only time www.truesec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
30 76.76.21.21 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
60 2606:4700:20:... 13335 (CLOUDFLAR...)
2 34.203.171.51 14618 (AMAZON-AES)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 172.65.232.43 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
3 2400:52e0:1e0... 200325 (BUNNYCDN)
3 18.198.21.96 16509 (AMAZON-02)
106 12
30    76.76.21.21 (Charlotte, United States)

ASN16509 (AMAZON-02, US)
www.truesec.com
1    2606:4700::6810:8ace (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsforms.net
60    2606:4700:20::681a:8b5 (United States)

ASN13335 (CLOUDFLARENET, US)
optimise2.assets-servd.host
2    34.203.171.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-171-51.compute-1.amazonaws.com
trinitymedia.ai
2    2606:4700::6812:a07d (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
2    172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)
forms-eu1.hsforms.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a02:26f0:480:d::210:f150 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com
1    2a02:26f0:7100:8a0::f09 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
3    2400:52e0:1e00::1080:1 (None, )

ASN200325 (BUNNYCDN, SI)
vd.trinitymedia.ai
3    18.198.21.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-21-96.eu-central-1.compute.amazonaws.com
depart.trinitymedia.ai
Apex Domain
Subdomains		 Transfer
60 assets-servd.host
optimise2.assets-servd.host — Cisco Umbrella Rank: 215753
2 MB
30 truesec.com
www.truesec.com
765 KB
8 trinitymedia.ai
trinitymedia.ai — Cisco Umbrella Rank: 20189
vd.trinitymedia.ai — Cisco Umbrella Rank: 30200
depart.trinitymedia.ai — Cisco Umbrella Rank: 23471
507 KB
4 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 8688
forms-eu1.hsforms.com — Cisco Umbrella Rank: 48666
6 KB
3 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 5755
consentcdn.cookiebot.com — Cisco Umbrella Rank: 6470
99 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
89 KB
1 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 14267
175 KB
106 7
Domain Requested by
60 optimise2.assets-servd.host www.truesec.com
vd.trinitymedia.ai
30 www.truesec.com www.truesec.com
vd.trinitymedia.ai
3 depart.trinitymedia.ai vd.trinitymedia.ai
3 vd.trinitymedia.ai trinitymedia.ai
2 consent.cookiebot.com www.googletagmanager.com
consent.cookiebot.com
2 forms-eu1.hsforms.com
2 forms.hsforms.com 1 redirects
2 trinitymedia.ai www.truesec.com
vd.trinitymedia.ai
1 consentcdn.cookiebot.com consent.cookiebot.com
1 www.googletagmanager.com www.truesec.com
1 js.hsforms.net www.truesec.com
106 11
Subject Issuer Validity Valid
www.truesec.com
R3		 2023-09-04 -
2023-12-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-16 -
2024-05-15		 a year crt.sh
*.trinitymedia.ai
Amazon RSA 2048 M01		 2022-12-08 -
2024-01-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-06 -
2024-04-06		 a year crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-17 -
2024-04-17		 a year crt.sh
vd.trinitymedia.ai
R3		 2023-08-28 -
2023-11-26		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Frame ID: 2539FD48E784FD8837158FA238FAEF72
Requests: 100 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: E5F4D1D1BA1D82596AFE09AE64F78B06
Requests: 1 HTTP requests in this frame

Frame: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.truesec.com%2Fhub%2Fblog%2Fdarkgate-loader-delivered-via-teams&unitId=2900007345&userId=c3a1d908-285b-4964-9958-1f37953ee482&isLegacyBrowser=false&version=20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93&useBunnyCDN=0&themeId=140
Frame ID: C24E25E51D4A7C6E5179E8000A429A99
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Title: DarkGate Loader delivered via Teams - TruesecPowered by Cookiebot

Detected technologies

Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

106
Requests

99 %
HTTPS

64 %
IPv6

7
Domains

11
Subdomains

12
IPs

4
Countries

3689 kB
Transfer

7404 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://forms.hsforms.com/embed/v3/form/26747823/e1ba94bb-d3e2-4b25-8d09-84d5380c8036/json?hs_static_app=forms-embed&hs_static_app_version=1.3812&X-HubSpot-Static-App-Info=forms-embed-1.3812 HTTP 307
  • https://forms-eu1.hsforms.com/embed/v3/form/26747823/e1ba94bb-d3e2-4b25-8d09-84d5380c8036/json?hs_static_app=forms-embed&hs_static_app_version=1.3812&X-HubSpot-Static-App-Info=forms-embed-1.3812

106 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request darkgate-loader-delivered-via-teams
www.truesec.com/hub/blog/ 		568 KB
100 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ac6587b8c64d2e6cfafc52b0c08823c5a756a45a4ed15f79751333310f15da01
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
age
5839
cache-control
public, max-age=0, must-revalidate
content-disposition
inline
content-encoding
br
content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-type
text/html; charset=utf-8
date
Tue, 26 Sep 2023 08:42:51 GMT
etag
W/"b923bdeff80cd711f7885a661e960083"
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy
no-referrer
server
Vercel
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
x-matched-path
/hub/blog/darkgate-loader-delivered-via-teams
x-vercel-cache
HIT
x-vercel-id
fra1::s464z-1695717771463-118b7bfcb720
x-xss-protection
1; mode=block
386cb8578eab9566.css
www.truesec.com/_next/static/css/ 		114 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/css/386cb8578eab9566.css
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
1c9ea062dfaf7950144ab12c13de6d5d56d1e79da506ba915271e8d898169a49
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Sep 2023 08:42:51 GMT
strict-transport-security
max-age=63072000
age
5881
content-disposition
inline; filename="386cb8578eab9566.css"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::xw6vj-1695717771484-d397b1d803a1
x-matched-path
/_next/static/css/386cb8578eab9566.css
etag
W/"b5062f0fd11cf792df032ed087fd77a6"
x-vercel-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
v2.js
js.hsforms.net/forms/ 		549 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsforms.net/forms/v2.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a24e66d830ef814bbcc4553b662e0c2afe733f8f30fb4a86be6df577d146bec2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-encoding
br
age
166
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3812/bundles/project-v2.js&cfRay=80ca3338eb6f9214-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"84d6c03b19ba72ee08ca8c27dee147c2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.3812/bundles/project-v2.js
date
Tue, 26 Sep 2023 08:42:51 GMT
x-amz-version-id
4b09e6_AhU37WJHx62r2StyRWH0KMlOF
via
1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
274886ec-098d-4283-81dc-64306a2419b3
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
6
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
274886ec-098d-4283-81dc-64306a2419b3
last-modified
Fri, 22 Sep 2023 08:13:06 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wmhINStAxGdTyUsv7HWyHrXbD4I0XYA5Lx8DNT4DRMDBUeRQz9hXb1IPRHu99HY0%2BMoxk01HrqSZX2VXjP2WdjlqugeKRHDSMp2WwlBD9V9SCPTM1QEe8nqq0SwdIwmHXXMgwzncXfiKhcw"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-6b76d5df99-x2blk
cf-ray
80ca3747df879225-FRA
x-amz-cf-id
b6jSb6AYJRlp7qDXNwk0QuGgN91IhqbW2rplkb4X76hK1XtnUkC1WA==
webpack-cb7634a8b6194820.js
www.truesec.com/_next/static/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/webpack-cb7634a8b6194820.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
3b54dffddaa2eac539bd5b13d6f80c38da6076ce740db0c587a68e7e4f25c5b6
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Sep 2023 08:42:51 GMT
strict-transport-security
max-age=63072000
age
5881
content-disposition
inline; filename="webpack-cb7634a8b6194820.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::s464z-1695717771491-2d9d90fc6df2
x-matched-path
/_next/static/chunks/webpack-cb7634a8b6194820.js
etag
W/"1fd72a66e4bc2658bbca0754def47fc5"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
framework-81da43a8dcd978d9.js
www.truesec.com/_next/static/chunks/ 		137 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/framework-81da43a8dcd978d9.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
7dbe027dec63d7c8577996e7a12839d9093a3385fe4b6b0d024a7e8734a9af69
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Sep 2023 08:42:51 GMT
strict-transport-security
max-age=63072000
age
5881
content-disposition
inline; filename="framework-81da43a8dcd978d9.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::fjzr2-1695717771492-abe4fa5e6dff
x-matched-path
/_next/static/chunks/framework-81da43a8dcd978d9.js
etag
W/"586fe86475ac869ab424789869893863"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
main-84decff6cc7d59ee.js
www.truesec.com/_next/static/chunks/ 		101 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/main-84decff6cc7d59ee.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
05e942b5355a69109b588f650d9fa373048ec2bd052b57fc3ee917edaa1fab08
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Sep 2023 08:42:51 GMT
strict-transport-security
max-age=63072000
age
5881
content-disposition
inline; filename="main-84decff6cc7d59ee.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::j9pfm-1695717771492-c0baa3d953c3
x-matched-path
/_next/static/chunks/main-84decff6cc7d59ee.js
etag
W/"a72d6a7f905dec6ade4ec04dd7824222"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
_app-534518dd555325bd.js
www.truesec.com/_next/static/chunks/pages/ 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/pages/_app-534518dd555325bd.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
abd886b4986fccee2b3a90517fb3e23561e863f4ad4dac9e77f5aeeaaac933c1
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Sep 2023 08:42:51 GMT
strict-transport-security
max-age=63072000
age
5880
content-disposition
inline; filename="_app-534518dd555325bd.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::8wggx-1695717771495-23761d401250
x-matched-path
/_next/static/chunks/pages/_app-534518dd555325bd.js
etag
W/"f1700d35963c7b0d8776726dcacd035e"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
970-2289913181c48a8e.js
www.truesec.com/_next/static/chunks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/970-2289913181c48a8e.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
8108e60f47602e67e6c9c978dd2b3cec824efaf297873ea9a7aeef5a1327e6be
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Sep 2023 08:42:51 GMT
strict-transport-security
max-age=63072000
age
5880
content-disposition
inline; filename="970-2289913181c48a8e.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::qt49r-1695717771493-9095d79948d6
x-matched-path
/_next/static/chunks/970-2289913181c48a8e.js
etag
W/"8b73f83ec324497b1f4aaafc22a24a76"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
691-3b8a138618316012.js
www.truesec.com/_next/static/chunks/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/691-3b8a138618316012.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
aa966e68cdedc8e26549f20c4cc5fc652f01da4382a112ad958ff497133eb5cf
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Sep 2023 08:42:51 GMT
strict-transport-security
max-age=63072000
age
5880
content-disposition
inline; filename="691-3b8a138618316012.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::5j7kc-1695717771493-fbf2dcf10667
x-matched-path
/_next/static/chunks/691-3b8a138618316012.js
etag
W/"be10ac90dfd63c43ea9e1895465859fb"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
730-88310ee013b02dc1.js
www.truesec.com/_next/static/chunks/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/730-88310ee013b02dc1.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
6ecf97ddcde4ca1fd32079c5aaf17668865953f4f354462318209cbe8cdae0f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Sep 2023 08:42:51 GMT
strict-transport-security
max-age=63072000
age
5880
content-disposition
inline; filename="730-88310ee013b02dc1.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::9z4xx-1695717771492-bfb425582707
x-matched-path
/_next/static/chunks/730-88310ee013b02dc1.js
etag
W/"4749a219cecf5edd2d6fefe56910ff2c"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
495-1f9d6c6549e4fbdd.js
www.truesec.com/_next/static/chunks/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/495-1f9d6c6549e4fbdd.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
e3c315e23621def3913ebaf4526f08be50f72117ff32fe8126b74f44b6216da8
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Sep 2023 08:42:51 GMT
strict-transport-security
max-age=63072000
age
5880
content-disposition
inline; filename="495-1f9d6c6549e4fbdd.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::ds5mg-1695717771492-b7d84a2ed5d1
x-matched-path
/_next/static/chunks/495-1f9d6c6549e4fbdd.js
etag
W/"80a8a1de04db5dc777806feb7d90327c"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
637-9aa4f41777021ed2.js
www.truesec.com/_next/static/chunks/ 		1011 KB
294 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/637-9aa4f41777021ed2.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
4dcba62e131ca99eef51fcd87910cd06078c5cc07646781d90c00abf4d0f7a15
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Sep 2023 08:42:51 GMT
strict-transport-security
max-age=63072000
age
5731
content-disposition
inline; filename="637-9aa4f41777021ed2.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::rtnsv-1695717771493-da05cdd787b3
x-matched-path
/_next/static/chunks/637-9aa4f41777021ed2.js
etag
W/"b0d74ff4c4e74517ea39de2029e312c0"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
883-0a79894e73455858.js
www.truesec.com/_next/static/chunks/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/883-0a79894e73455858.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
c67c9ebb2902667753b0ee6f7fb1a3d96ba9756a5a773908fa18ae3ba0310dac
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Sep 2023 08:42:51 GMT
strict-transport-security
max-age=63072000
age
5880
content-disposition
inline; filename="883-0a79894e73455858.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::nv5z9-1695717771492-7f38b4e9a567
x-matched-path
/_next/static/chunks/883-0a79894e73455858.js
etag
W/"63e59df5535b3ac4318f4ed5006e0fb0"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
634-2ec27f8fbd09a8dc.js
www.truesec.com/_next/static/chunks/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/634-2ec27f8fbd09a8dc.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
0816d592fc5f1053871e7068875fb7b77ce9c1cb2207412377833a1c754bca27
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Sep 2023 08:42:51 GMT
strict-transport-security
max-age=63072000
age
5880
content-disposition
inline; filename="634-2ec27f8fbd09a8dc.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::d622h-1695717771498-a44aea3f6c41
x-matched-path
/_next/static/chunks/634-2ec27f8fbd09a8dc.js
etag
W/"90b9cf2d38c21fcb0b2addce473c65cd"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
752-33d94f2b8b7a3828.js
www.truesec.com/_next/static/chunks/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/752-33d94f2b8b7a3828.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
0d863b2b45f901c1e969cb2322cf0e8ca92a6c8f9114db87ff5575f70540879c
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Sep 2023 08:42:51 GMT
strict-transport-security
max-age=63072000
age
5880
content-disposition
inline; filename="752-33d94f2b8b7a3828.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::42547-1695717771498-3c085c94d8c0
x-matched-path
/_next/static/chunks/752-33d94f2b8b7a3828.js
etag
W/"d12aab46a676c1c80d7a99efa433b8a2"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
479-5aa04becb06d6349.js
www.truesec.com/_next/static/chunks/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/479-5aa04becb06d6349.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ba9aaa9781bcf6a336d00f3a299b1a4a0bcd5e72750f0f67f42dc8ba87c25948
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Sep 2023 08:42:51 GMT
strict-transport-security
max-age=63072000
age
5880
content-disposition
inline; filename="479-5aa04becb06d6349.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::wgk7v-1695717771498-1153e4431967
x-matched-path
/_next/static/chunks/479-5aa04becb06d6349.js
etag
W/"14374e1845c11c070c3b9c38705ba527"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
204-bc1e7c5d164fd039.js
www.truesec.com/_next/static/chunks/ 		43 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/204-bc1e7c5d164fd039.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
686488945a9723698678b0b26098a507f0241238995f1f11cf0bf6aff67eda7b
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Sep 2023 08:42:51 GMT
strict-transport-security
max-age=63072000
age
5880
content-disposition
inline; filename="204-bc1e7c5d164fd039.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::s464z-1695717771498-497512497a48
x-matched-path
/_next/static/chunks/204-bc1e7c5d164fd039.js
etag
W/"9b3387ca1ae1e80c53e995a5bbf7fd62"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
330-b7a668b4ac5e2467.js
www.truesec.com/_next/static/chunks/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/330-b7a668b4ac5e2467.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
68cafb4ced99f1149bfe5c037fd60dba028bfff075be7ab7311244d92fa8abcc
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Sep 2023 08:42:51 GMT
strict-transport-security
max-age=63072000
age
5880
content-disposition
inline; filename="330-b7a668b4ac5e2467.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::8wk5s-1695717771500-e0294ca4f7ee
x-matched-path
/_next/static/chunks/330-b7a668b4ac5e2467.js
etag
W/"9d2cb5a5e34246f77d1bed6d76d5a98f"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
992-ca93483616017817.js
www.truesec.com/_next/static/chunks/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/992-ca93483616017817.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
fac5469e2cca28f7a533005edefbe714e5ceb2e3020a8616f0bdadc02ac36791
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Sep 2023 08:42:51 GMT
strict-transport-security
max-age=63072000
age
5731
content-disposition
inline; filename="992-ca93483616017817.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::rdrb9-1695717771501-4b9c6e0afd03
x-matched-path
/_next/static/chunks/992-ca93483616017817.js
etag
W/"75c50cf674d40150a8b0156d2f9b3353"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
%5Bslug%5D-cc721b1e4348b76e.js
www.truesec.com/_next/static/chunks/pages/hub/blog/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/pages/hub/blog/%5Bslug%5D-cc721b1e4348b76e.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
8bb1d2cc8994196f0ebebcdb7540d71a756161d36f65a62d5171f595a20eaafc
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Sep 2023 08:42:51 GMT
strict-transport-security
max-age=63072000
age
5731
content-disposition
inline; filename="[slug]-cc721b1e4348b76e.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::nsx48-1695717771498-9999b8507bf3
x-matched-path
/_next/static/chunks/pages/hub/blog/%5Bslug%5D-cc721b1e4348b76e.js
etag
W/"164594cea50084621abe9d83fa466dac"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
_buildManifest.js
www.truesec.com/_next/static/9SPcQ3CMhb0W62kcFZYZ5/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/9SPcQ3CMhb0W62kcFZYZ5/_buildManifest.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
24f265ab754ebc79e7e78a2687c44260f5e97a6022983e6b8307eaf094c246d1
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Sep 2023 08:42:51 GMT
strict-transport-security
max-age=63072000
age
5879
content-disposition
inline; filename="_buildManifest.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::gkr2w-1695717771500-abf721a153bf
x-matched-path
/_next/static/9SPcQ3CMhb0W62kcFZYZ5/_buildManifest.js
etag
W/"fddac5645d0aa322ef88a2b3e0195da2"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
_ssgManifest.js
www.truesec.com/_next/static/9SPcQ3CMhb0W62kcFZYZ5/ 		564 B
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/9SPcQ3CMhb0W62kcFZYZ5/_ssgManifest.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
5383e85d3594f2e5d3c01a6f685b7d18b5875b745ca72d9776a8322db3bac929
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
date
Tue, 26 Sep 2023 08:42:51 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
age
5879
content-disposition
inline; filename="_ssgManifest.js"
content-length
564
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::46zg9-1695717771498-520475379edd
x-matched-path
/_next/static/9SPcQ3CMhb0W62kcFZYZ5/_ssgManifest.js
etag
"b4aa934863086e0026c13e14e4ee384e"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
_middlewareManifest.js
www.truesec.com/_next/static/9SPcQ3CMhb0W62kcFZYZ5/ 		92 B
277 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/9SPcQ3CMhb0W62kcFZYZ5/_middlewareManifest.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
date
Tue, 26 Sep 2023 08:42:51 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
age
5879
content-disposition
inline; filename="_middlewareManifest.js"
content-length
92
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::pxhz2-1695717771498-874ba2b60031
x-matched-path
/_next/static/9SPcQ3CMhb0W62kcFZYZ5/_middlewareManifest.js
etag
"7c3f7e060745668041278118c0bb3d6d"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
thoughtful-businessman-working-late-on-a-computer-in-the-office-picture-id1160562587.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/thoughtful-businessman-working-late-on-a-computer-in-the-office-picture-id1160562587.jpg?w=1920&h=1080&auto=compress%2Cformat&fit=clip&dm=1694003846&s=e5f9adab91419062d4c32f2282059665
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc66ad7045bdbd9baaa49bc6d270edb9b49b8a0c1b9c18643cb2637e097c836b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmJejvOXuzeXeVe5%2BOTjUVgxUPIfUX1UGUQMp%2BMZGu%2FNlCFykw6rix1TcdDQVCllQ%2Bdxwa8EbQAkvNTY7KMTAI2jY%2FM9kB6wuMNsa%2BhOS4QeL%2FGGkmIjBdPYQKnTGOecY8g2digRj3A2Tlj5oLQmDVQ0YEe1W0zl1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
52a0b76ced12d578fd8dd15b20a0235e
cf-ray
80ca3748184e1c2e-FRA
alt-svc
h3=":443"; ma=86400
atom-6-1.png
www.truesec.com/assets/patterns/ 		515 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truesec.com/assets/patterns/atom-6-1.png
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
f1426c9322621378e362570f4ae1a661cf55a46b073bc83c568c2afe67d169e4
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
date
Tue, 26 Sep 2023 08:42:51 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
age
5879
content-disposition
inline; filename="atom-6-1.png"
content-length
515
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::n525z-1695717771498-4289e536c8b1
x-matched-path
/assets/patterns/atom-6-1.png
etag
"6c972d066621be03b01c6e6ccf542b21"
x-vercel-cache
HIT
content-type
image/png
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
IMG_1403_small.JPG
optimise2.assets-servd.host/jealous-emu/production/General/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/General/IMG_1403_small.JPG?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1693989399&s=e3f5a02658affa00601c892dd4f15a87
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f2d6a1e2457e16a7a39bff7654eee5ebfe725f418b7a0636c0c8e5a94f3fcdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWbVAql%2BpYWLZEx%2Fe%2FVra3qzT59yReR6eQCtN4Wlb7%2FgpKJSc1SkuLnqh8ceFYjrp1hT%2FWiEYVrkhRbwu1cJHrY160bDx7B4AVhsc3hpHxHQsRF43tZ6dboebTxBpX4FUjZfYHUnIq3%2FLQD7mOoxlu48ThPn%2Bv6gog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
45318a338f0475f72436fc9a955fe6c0
cf-ray
80ca374818531c2e-FRA
alt-svc
h3=":443"; ma=86400
AAD1.png
optimise2.assets-servd.host/jealous-emu/production/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/AAD1.png?w=691&auto=compress%2Cformat&fit=crop&dm=1693999075&s=f54f81701c8394971bce1c0e41234ca1
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98b490054e866a6af63800293fed4cb6fbe4d71bae9ea9a2d4dfb535feb2c03a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKRwiXDTkkQhL1Yrjpu%2FKDyBmTQB2fg94Zwn8ZqcRl97mV3sljhuaIidywHgwEjS2eN7%2FVSTVYqL7z9IJDqiYIOCe1UajHQc9rVQggh6snXZ5dNKgnimiSLv1x506rH%2FgJzXThcrYWyYYRo9F1fiytcIbGotTXoO6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
8dc5bb5eade54457280cc9208d79deae
cf-ray
80ca374818511c2e-FRA
alt-svc
h3=":443"; ma=86400
AAD2.png
optimise2.assets-servd.host/jealous-emu/production/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/AAD2.png?w=688&auto=compress%2Cformat&fit=crop&dm=1693999078&s=704d7baa4ccae3ffb0740ef29cd76e7d
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3279f531006280e00c9e2360be2a97963de80364943b6c8171bf711274a4a18

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALHYFiVb53Qtqs3Q7p9sOdzzGkMf%2BAlb%2Fb0Toyo%2FJbVi4GpqB3ziX8JLffnFNDra9ndBRVhyoMq%2BX0p6mKxGN%2BcmSxu4Lp9jBhE6iECzyD9tv%2Fq1N1Qn4dJ37B6%2F%2FjjXRCz6roWC%2F1I%2Fulzd6Z0hGeuEPOJTcqdc3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
a1f74a3cc5bd20c57ea38773e0492f6a
cf-ray
80ca374818501c2e-FRA
alt-svc
h3=":443"; ma=86400
Teams_Message_2023-09-06-111840_xfme.png
optimise2.assets-servd.host/jealous-emu/production/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Teams_Message_2023-09-06-111840_xfme.png?w=1414&auto=compress%2Cformat&fit=crop&dm=1693999120&s=7e60d0ea24e5d7a25b18753104c8c0b9
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52294dd3fa003bf6ff5d7898fec6e2430f6216fd6856fccc04a4179805623fe1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n271NuOEbVLOu8uI0U7Tv29hBA7ER%2BSKlOqtkTC18BR%2F1h7LTgmvbJx9u%2Fw1ANNExy%2FOtIfS1QDGnN9h0%2Bom3s%2B1pmkEdVDhEOnWXguIZVcGGAhzy%2BrgrXunbQaGUWk0k%2Fp7S75NuZpEpJRHzWebGsiMUMfOsySaog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
8c2c5be71c09289cbc09e3a1caf1facf
cf-ray
80ca3748184f1c2e-FRA
alt-svc
h3=":443"; ma=86400
URLs.png
optimise2.assets-servd.host/jealous-emu/production/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/URLs.png?w=3064&auto=compress%2Cformat&fit=crop&dm=1693999779&s=d309dd178c6537bd02577cbc44dc9d48
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a759b8e512cc6aee539b7373fb7f20a16400f33bcfcabcaef5220cb3e8bef0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYK%2F%2FtdjX%2FpcsTkdpadipeEcg7RFHHX53L1vx9VACGZkdKiR%2FBqWWdQSmPMaejLkodHdrYsz9IJ%2F1iOPu%2BS%2B39K0ZqGXstH0cESiEKlqG3zpjZkjlW4rYTnk%2Fm8JE6I0%2BRNZ4vH%2BjgJkorkCIvB6U4bKbvQonac4dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
acc41b4736c422fbf91349662c51698b
cf-ray
80ca374818551c2e-FRA
alt-svc
h3=":443"; ma=86400
Sharepoint-file.png
optimise2.assets-servd.host/jealous-emu/production/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Sharepoint-file.png?w=2614&auto=compress%2Cformat&fit=crop&dm=1693999116&s=efcd2491aa256b3d95c78d1d806ac9da
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3a7265795f8f7648a263d7321bebdc0d5470ed656b4738b47697794fc3491b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5b269u%2Fa1p1Pn77AZ%2F6Ue5E2FChNVpr9ghjU9Ai9eJWotW6%2Fjr5mQ8FEjBj7n2Vtyhy20j6BYoHOFGRf%2Fml9JstXMFKUgDcAR6aCPpDHuBvjuz0iMbd5QcX%2FbfJE%2Fue9Fb8IdkZDJKQ0mzhM2k9VAi3zdOYNeh3eCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
ce959bb5966edcaf7c4762073050eaaa
cf-ray
80ca3748185b1c2e-FRA
alt-svc
h3=":443"; ma=86400
MS-Defender2.png
optimise2.assets-servd.host/jealous-emu/production/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/MS-Defender2.png?w=602&auto=compress%2Cformat&fit=crop&dm=1694000140&s=83878fb42898f46235cf8ae97b9f587e
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7edc1682dc499603d9971241080541b9a21f483adc96de9b95d566cc3267610

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LH00prwplGcOI6f%2BdBLTpRemQzdmL%2Fxjzc1SAx0KQox%2BZafdxwSF8rYdFoSnrx7LpzU%2FP9BIdwMNCb1FAM8y0cviZXXx5iAuwiuw8If%2BOgm%2Fsa9%2FqOKpvdRido9k2gQL7X8L6m2yIQY%2BXxM7%2FamU%2Bu7PAc7ukZRlsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
54673005a898ac3a11b67b80921469a2
cf-ray
80ca3748185d1c2e-FRA
alt-svc
h3=":443"; ma=86400
LNK-File_2023-09-06-113238_htnw.png
optimise2.assets-servd.host/jealous-emu/production/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/LNK-File_2023-09-06-113238_htnw.png?w=756&auto=compress%2Cformat&fit=crop&dm=1693999958&s=f1a70e6c31c7ec4aa126846290cc13d4
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae16eca567dba2833aced3f9a2f29fb03bcd7c275eb7faf5bdffa028440a3e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2jH6DYGdvEYOL%2Fqk%2FGdpbT2T7L8yoUJbtWC%2B4DFl5trlRhyYd09uacZyixWX7t0ILX2h1S5u5xdUFIkkC9GKJzVHJVqju2RKIkeUsBrVo2GNrkltiCLsC93WFmjhhwV16P10h5B07%2F588gr3hcldpEy8rGd3ZCjyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
b85ed6bb727916ca0e0ac020d29e537e
cf-ray
80ca374828611c2e-FRA
alt-svc
h3=":443"; ma=86400
Shell-cmd.png
optimise2.assets-servd.host/jealous-emu/production/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Shell-cmd.png?w=3083&auto=compress%2Cformat&fit=crop&dm=1694001838&s=81f3aa58c7595bc0aaf5e8d79f1adb11
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
706a29996854169c8e3e6638676c86287583c7e153ccde44af6c6a7af174656a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e47%2BlAYMVNF9wr0SQ%2B7Sx49d9JoAuZYovfoaqghRsswf%2BR3i44HBrD1bMeiBnyGsF84j5hMANZtyB%2Bnvg1fGZp3BU6gqfef622hZK%2B4FkXTActFOxBf7ulq%2BfSNwbel3pax2ncIBBTw%2B1aFN%2FnMtYTJ9v%2FiUlgcKJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
3fadf8c280dc434b041bc300e1060138
cf-ray
80ca374828631c2e-FRA
alt-svc
h3=":443"; ma=86400
Wireshark.png
optimise2.assets-servd.host/jealous-emu/production/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Wireshark.png?w=1027&auto=compress%2Cformat&fit=crop&dm=1693999124&s=0e051bb8a1da725b0a5ac9609e901931
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44a664b26b088d4e3904cf6a6d439c5fffc2364e970f2c7d8a863e6b67113ebe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8O46JE6YJssVvkzznbYSN%2BpreHQDQ6knleplKRFG1qgLrSTuwqYm%2Bd20L7gRUT83Cw%2BDyaQT6BWzyhkgwAd4dfXfnTGvWoXHJvvuNo%2FlWmNENSEKf%2FV1y05IUVEOVF5i%2BPHayMqsA%2BhP4NwiIMXkbKhrCxbTR2ohiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
de701a8077d17b4ffd61afd2af62e0ea
cf-ray
80ca374828651c2e-FRA
alt-svc
h3=":443"; ma=86400
AuScript.png
optimise2.assets-servd.host/jealous-emu/production/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/AuScript.png?w=817&auto=compress%2Cformat&fit=crop&dm=1693999100&s=04dd42bc71c6c33ebb24f8156d6c2e07
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76b9fb6631ddfc422502bd8cd514e92d1c7eb15f7e8bf9acf0aa9c1b6ed1d0cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1X98IbKO3WEkUTeDBCi%2Fy8jirQjAkQ1HHSaZQOQFcJZ2LsXETz%2FFxEV9bhpaUBcaOwWONd6uHZU2Q79x6yoVpLYmDJNI9niR7%2FAhRYQz6%2BrSrieFW1orfPzT%2BBGIVavLUZnrm4q6%2BawwEupxLicvUJSFu9j8M3lqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
5bfc2ac4ed559b72ef80c4993da532f9
cf-ray
80ca374828671c2e-FRA
alt-svc
h3=":443"; ma=86400
Sophos.png
optimise2.assets-servd.host/jealous-emu/production/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Sophos.png?w=1242&auto=compress%2Cformat&fit=crop&dm=1693999119&s=aada66965b320b6c9d869c308377ef8f
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef18ba9f8330696838bca85be7e8ec092381fdd96e22b0540507985fc5b6de15

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhFQbcxoSHMxzLq3X7UagO%2Fg2VE2CrYMD8uHpUhEH94XV1%2F9Avpfklng0n%2BYvCYBblCawrihUrxWKtlYGTWB3Tg8dVa3z9lV8M1Km5baTAN13YRqtXb1p%2F7QKLLoQ7ATukq%2FxZIdPFdhKIHJkb994qITXq0RD5op1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
e9ec695343718abe43c3245fa73ccad7
cf-ray
80ca374828681c2e-FRA
alt-svc
h3=":443"; ma=86400
DllCall.png
optimise2.assets-servd.host/jealous-emu/production/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/DllCall.png?w=1578&auto=compress%2Cformat&fit=crop&dm=1693999102&s=4b46b045bcf363c1df1c44a6f927611e
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55381b08570c7c9e51b16aa8004c9778710d289986ccf052cf7629362b764da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EruMCblKpXxl2LcHVYSEBK%2B4p1%2BnUQXQougAq85cteR%2FAg7%2B6izQ5tmPMC207D8kD54psI7qdBiZG3fMtj7g%2FFeRX%2BJPBGCzNIFmC7Ebe9rFhQQQqzwaAzbHUK1WQ18sLoGQl8JeCxlqrAYjnY90MVTpYmUpaj9ewg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
8d39f5e7d635220d67b55e773a3b2ec6
cf-ray
80ca374828691c2e-FRA
alt-svc
h3=":443"; ma=86400
Shell.png
optimise2.assets-servd.host/jealous-emu/production/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Shell.png?w=934&auto=compress%2Cformat&fit=crop&dm=1694001339&s=e9e4fc54a5fa8384964f923fc7182892
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7b7a19107d75c9fba95c98fccc89926661184b4be83408fdf1b599d35c7bafb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HAANGmynz3CD0b8z3a3RuaDslwipttfsvbfkgVKSLP0lZYA4FbsFxfWk1ek5%2FQZLq5VkZ4uIUDGXlVGbcOBFU0In8AZNrjbNUjnqaEnc5%2FY1lOhvwjDlx2pJHcFVE%2FpqvRXWkTe5RE3V5I7p8ZUSW%2B70SLoXfVDKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
49ca812c2896b1d14bb84150ea4c9ce3
cf-ray
80ca3748286a1c2e-FRA
alt-svc
h3=":443"; ma=86400
PEstudio.png
optimise2.assets-servd.host/jealous-emu/production/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/PEstudio.png?w=1016&auto=compress%2Cformat&fit=crop&dm=1694002388&s=953f452e41d3925f58104c206bbed461
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53248121b272c5b96e926eff9a2abd225951a0a3dfebf17bf244bc7bf3e7ddab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sI6tFnKQ2QoqopM2%2BsA1HN04%2FdAuIStodizLeHZ1rcMvpwCrZu2LSPJr41ycF18txtqosZ2p%2BxW60rz%2FeU5F9g9V%2Fi6ILCpeZg8C01TFrZY7ZBItxla1EUGWEpTqWFt%2B3X02Nyq6gYK4XxLJnzOqqWy6YMneYlOwGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
e8f5984e6c24f347a8b9d91cd5a5b7c5
cf-ray
80ca3748286c1c2e-FRA
alt-svc
h3=":443"; ma=86400
Malware-Config.png
optimise2.assets-servd.host/jealous-emu/production/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Malware-Config.png?w=306&auto=compress%2Cformat&fit=crop&dm=1693999113&s=e620dfe0f44d7cdf3a28c3f44df122f7
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dba52e665e3a8c3e3a4f8016b379bf1092b52d4ce7be7501d28afb929008aec1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5z3mMk0CP%2F8sPHX5NShK2ZcpwRitTGxeNeimWJ1E1pRpPiIknp4cmR7xxiApYB3a724kYwVH8d89qPfpLcBXWd9V%2BHUof%2FV%2FQMpxgjGSfUfmH1oPfZISeh1w090OODhg7ZuOz07y0LBse5c0%2BxEbpIcd9Uaa8hk5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
87062eaa269568ee0595742bace28fb5
cf-ray
80ca3748286e1c2e-FRA
alt-svc
h3=":443"; ma=86400
Akira.png
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/Akira.png?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1693212667&s=7345ccde8dc615b175bfe013e0d50025
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c3283bdce285d0871379763f39b350b662ff2eb41b30a0a7a896bdd92fb23e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LV%2FSrHwSE8%2FY%2B7opM8Sw5uj%2B1ubHMBzmowojUtFCJaEspboy6B9VY9bND4TZbVcZzTfZ%2BzHTsbLZSgdtjYU3NUOj%2FtTpeZU4ytUPEim9X6KDQ48dLS5A0g%2BVc6%2BtsQQw%2FtTpQ3JBTQkAwvlQiuLAdziYErorhMuC8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
3ffe99aa9330e36438b194473d8795d8
cf-ray
80ca374828701c2e-FRA
alt-svc
h3=":443"; ma=86400
me.jpg
optimise2.assets-servd.host/jealous-emu/production/General/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/General/me.jpg?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1693230435&s=62119b004feb955f8c5b8062d2250ce7
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4327998a6b93140ec2c83945ee24da1f7f8d2a5399546824a8cf4af8c12f6b1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EzbEXNyUjxtzl8jKWEqi7P%2B3KfJ9CgDWaj8PsqauLWSVhOPm2zS75SbPpR0RYC%2FsfIBzJV9SPqEGEoUq2zLLmULfPv7DDUjfBCZOfLw8CN4E7NOUa4vHkRsTPGUF%2B1vc0I3WxSUpRmwlo8oRasa96JsnJ3vaXdJvIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
a0534aefbf8f23957325564c7cbfb18b
cf-ray
80ca374828711c2e-FRA
alt-svc
h3=":443"; ma=86400
Untitled.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/Untitled.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1681222488&s=e40b51240a407bddfd49e11ba137dc21
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
195d72f19d6fbe23b1f5fcf7ad169c4ea2e7e2a85cf619ab0be85671e2a56b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1tDs8xaM10fJu%2Fn3ENXecWztM1EYJMw%2Fo4UE0Ap3ePh9BrK1BKFyFlG9KShgwdoob8XfM8r2Lg1nkSTTfz7vCe2h6v48Seofqku9OR7Ef0SswC%2BP1OwKVHUh4ONoKzMSP7aRtfKSGYq5iFISBdxlvjPjFVdYNC2%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
2b62c69290876a9f092b666bd2edf19e
cf-ray
80ca374828721c2e-FRA
alt-svc
h3=":443"; ma=86400
viktor-hedberg.png
optimise2.assets-servd.host/jealous-emu/production/Users/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Users/viktor-hedberg.png?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1643982381&s=adf8c581ddac1e588bb86f3eaaba060b
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
812a98a9fcad42f55b75c791fd838062d45453b01bcbfa9edaf10c2ae3a3ecac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MnEqUsXr8b1wda%2FRhsxdx8bqukEl6elMZsi7%2BU0PBXYndnM%2FCdYMVEbA0ADJ7j84A%2F8F6itQdAqA3qYg4BozhMiLdRlzgHYG80dwnR70O18PR5TdnTjy%2BnlyYmVmclBFVa3XcmTf4N8ap%2B4VBiADhp6lV%2B1zrwdOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
f55b73b1869fe6a045ab6ed7128a895b
cf-ray
80ca374828731c2e-FRA
alt-svc
h3=":443"; ma=86400
incident_response_fortinet_cve.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/incident_response_fortinet_cve.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1666356095&s=8c72faf650fa7e757b8dc02f6c377cc4
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf55db8dd64a24ddeccfb8e36ba6385adb002aecc484e7a19faee8157ccc8024

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6jiFyCIijtktzD7eJEvx1kvfjpP0Z%2Fa9j4SSr1IItg1LT23VP3Iu4ZOhQUBirGVEUCfIWww5vdLhBhPz%2Foh%2FpXHn%2Fl36xRJDMJpcCxZYmkMGH7B12%2FXDj5%2B%2F4w55AiLBjecQfTsxAms6YXYl3juEZOFsoPwzbiIjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
2480b560797b6645da29c79ac4529c65
cf-ray
80ca374828741c2e-FRA
alt-svc
h3=":443"; ma=86400
Heresh-Zaremand-Truesec-Expert-Spotlight-2022.jpg
optimise2.assets-servd.host/jealous-emu/production/Users/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Users/Heresh-Zaremand-Truesec-Expert-Spotlight-2022.jpg?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1673511763&s=6fb72412b0d393b4ae7aa28618dabc45
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
529c118b499a77edf35a4718df6f6428e554f45db842e1a7494e44ea1c3ec346

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MoRNhTEqwDS456%2Bzki%2F89JhOsX%2BHgFzBwOWfmodWkBaUxQfDfX%2Fe0qvK3%2FCdU9MZ%2Fkpgahcjd%2FrXqtdkJau7G5HPd7pdwJfdQgPskzKLOod37BgI0R9cTp%2FtPWfsX2%2FfXRY7%2FwrDjpX9yNNyq0l%2B0K72QrIGG0Oxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
42c1bc5ceaa24a7ab9c7dcc0dd0832c8
cf-ray
80ca374828761c2e-FRA
alt-svc
h3=":443"; ma=86400
shutterstock_492815677.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/shutterstock_492815677.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1639943292&s=8cf45fd6a2823a3ad1d4394eb13cc846
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d61115ea5fdaa1c801094926e601f0a01ad99953dd7ba8c2b7c31eb07550c284

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2B8MlLqOOQNMMqSHBJA6s3mJpwpkn0hEF7SkIRoDpY%2Bp2Dz9QuMKrWlzPR3hhoMww9%2BG9VCcppZz1n%2F9OB4MMkkktGghi1eocu6SIF6iUHGhjJvLcionnxh83f8KJQjV42notm88XevV45V03HujfIFZc9BCdqxEDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
2bf92e282393414d4edf99e221b74dd2
cf-ray
80ca374828771c2e-FRA
alt-svc
h3=":443"; ma=86400
iStock-520840869.jpg
optimise2.assets-servd.host/jealous-emu/production/Techtalk/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Techtalk/iStock-520840869.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633331446&s=362a7eb5d9abd6c2a840b164b3114213
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a57b0fa179da2a854a2df35da5c0d283dadf8c0ce48e20d322d67142b2737c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQa4OObTbLdvFZ0BeHbwzXTFRNCtXbDRk23mmm3ljU587dKfJ3QA2l85tjbQm912Ya%2FIadxmBXW1r5GbktDx1iA4KZQaILrjdU2toyjPsHdWTwnrIu0SenghqucmxuPqtesrFtlLQI2ghK6iFfEszwvf62FVegUcCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
40c908f2f9215c27b377fadad9a27382
cf-ray
80ca374828781c2e-FRA
alt-svc
h3=":443"; ma=86400
MicrosoftTeams-image.png
optimise2.assets-servd.host/jealous-emu/production/General/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/General/MicrosoftTeams-image.png?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1659610676&s=716fb29c56876c2be214b6bade137539
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e5213cf60337f90e1d37e756078f913caa752eaf938e31837afdb7ade1711c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvE%2BJZZ8eVEBx%2BG9Ppz20PGCeneMjltavFvyGubZhGjs4kf75iYWFm440OBo12vCPk05VeWyVXtv9q0NYIMR4zQ9WwfPItVS%2Bl0PJGsPUCduDNI0LFvwZg1rmpvakFWno93E4imqoQApUJ0z0WFc4hy4SKpd%2Fs88dA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
3f5a43f151cc473fe92d2324ee5caa64
cf-ray
80ca3748287a1c2e-FRA
alt-svc
h3=":443"; ma=86400
MicrosoftTeams-image-10.png
optimise2.assets-servd.host/jealous-emu/production/General/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/General/MicrosoftTeams-image-10.png?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1633331395&s=14039da161c092aff8cb8609b3f23551
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f4684daf4fdaeb1b6084106f8d380ec21bf768348626110931b8661fde758c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEFaL6LHpc0rdLe3CxvDUozZkr9qlJ0CiAfgZb9F3VYNs1loGkktW%2BMt2J%2F9MDPCKNRcOTti%2BNHVojZqYkVY8b5eH%2BI41vUdw3rNQFHm8GEMSM%2BoIzjjSgmAm69ZwJKfmkDT%2BsEeQcPLDI2lXBA3xEwmEso2epMLoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
0c8ea287b72530e8fea51b865bcc3fd9
cf-ray
80ca3748287d1c2e-FRA
alt-svc
h3=":443"; ma=86400
mario-gogh-VBLHICVh-lI-unsplash.jpg
optimise2.assets-servd.host/jealous-emu/production/Article/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Article/mario-gogh-VBLHICVh-lI-unsplash.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1673611087&s=93230308cd899f59560544652e0d8ba6
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47cf28768d4b6447016d04e373262a5cbde48c532d77ad991b02176b7630b1c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEoup1K1VIpsG4UuDBXm8Xmb4nNOZoLekinnEpYS2Hm78ahv%2FmNkT22vLwXKv0kwb6424rV%2FV2LOEsyQPJhpar3vqDEALzGoWy8GzPuSbuac3EFjM17ZFGQm6Guii%2FtspJH2A67yIrBetydjUfdst09ci%2Ft5SWT9AA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
160f84278dee4fd2a8f3b581da3059c8
cf-ray
80ca3748287e1c2e-FRA
alt-svc
h3=":443"; ma=86400
font.woff2
www.truesec.com/fonts/NimbusSanReg/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/fonts/NimbusSanReg/font.woff2
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/386cb8578eab9566.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
0b17da62fb36f7470a36919503a56c697359e2958588c16dfb667bc9891318f9
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.truesec.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
date
Tue, 26 Sep 2023 08:42:51 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
age
5880
content-disposition
inline; filename="font.woff2"
content-length
41772
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::kwrtp-1695717771641-e4e9c9d12ecf
x-matched-path
/fonts/NimbusSanReg/font.woff2
etag
"261528f699bd1e08b782c32c4b2323b4"
x-vercel-cache
HIT
content-type
font/woff2
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
iStock-818435778-1.jpg
optimise2.assets-servd.host/jealous-emu/production/Guide/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Guide/iStock-818435778-1.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1656498277&s=d6206555ee2698b90770429f224c5a87
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19e3739510e1e39854190f0cc00a79b0860aafc50568bc07c5214a023fdf5575

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.truesec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQSyU3C80Z%2BXrSKYfPj8UWPJfGpZrLl4r2wJhh3QEtUYM3FGElK%2FXBDS%2B5qwPDYXloiTGKV5Gx5SBNJ2ZWfY8yvrBtj1cJ8Ad%2FwhL%2BWKZTJy9ArmsaoQ9tBjHduq9A2U0PSvyqDb3aL2VaIAwRHC1xtIO7Tz7MwVAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
f3014314e75ebc5743087dd16a09ff68
cf-ray
80ca3748c9461c2e-FRA
alt-svc
h3=":443"; ma=86400
Truesec-Threat-Intelligence-Report-2023-Background-Society-Sunset-Trheat-landscape.jpg
optimise2.assets-servd.host/jealous-emu/production/Report/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Report/Truesec-Threat-Intelligence-Report-2023-Background-Society-Sunset-Trheat-landscape.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1675158073&s=333f1ecbe4f24b8f5b52b9927fbfb7de
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00ca7ea4437a90808440f33c5ab5cfe8fccf82f52952fc567042cde324f074e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.truesec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Yi4FBQDPs%2B1QMV3rcOR73JF3a8CFUvAxAM2Am4CA86bo5TFf7X2pIrFBrCAeINGLkXncykdkXc4M394bfZfRloM%2BqjDSW%2FdlIETnS7xHk8Xu80k5ZiIe%2FnY6nEi2zYolbUNxkoce9Q74NFWJ5QTwbVLtyuhTopv6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
0c0f010eb679894e3c7a7899167933d8
cf-ray
80ca3748c9471c2e-FRA
alt-svc
h3=":443"; ma=86400
yeshi-kangrang-wTD1-_u8x1g-unsplash.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/yeshi-kangrang-wTD1-_u8x1g-unsplash.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1673441833&s=02178b5a382e74de7816fc9ad82ef2ed
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a367ee69492a7aa3aacfd5b21a2c364ae29a754e71c575e62a6a06498d6f8032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.truesec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2V92%2F2oB3TzIG3JT2pwwFhl0Tq6QcKN1XMUQe4jRHkZw%2FkOM2rYmrRHWnEjCQLgAiw19WovkoKkFUvdtUS%2FSsug8%2F4Xj9nTkxYxPQsT3S%2BquXscvFTxchIwSq3ndMV5OzVOdbdw3To%2F%2FBgzDk0JwIDWhJ7%2B2h7bNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
8c546f7583a7e90b9cc130286c7f6596
cf-ray
80ca3748c94a1c2e-FRA
alt-svc
h3=":443"; ma=86400
aerial-photographing-with-drone-picture-id1026580092.jpg
optimise2.assets-servd.host/jealous-emu/production/Report/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Report/aerial-photographing-with-drone-picture-id1026580092.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1644237367&s=626bfdc25169022e454c7f34d982ff85
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee0efafd4d3bf456260c4570c1f5f2ebe67af6ff74fcbaec9d0f871abf4b09e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.truesec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xn3z%2Fsc82%2FPIYMz3ANl%2F5nyBq5ETEFmXjnaEejP4otEHpavEk5HxxzT7zPEXXaDnIu%2BxjIUskfSBXgKH9bc7RC3GvGL68H9AGT4VBEhxwIAxH2ypUEnSXqhEyD9%2F9HswDJIh9OHDbm1UnXZufcccNC2T4Q5r3UqfEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
00b3a9236efdd5ef219f531f4f05a51f
cf-ray
80ca3748c94b1c2e-FRA
alt-svc
h3=":443"; ma=86400
slider-next-active.svg
www.truesec.com/assets/slider/ 		245 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truesec.com/assets/slider/slider-next-active.svg
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/386cb8578eab9566.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
5202c7efbe462a95aa34ec4cba8b72b4250884b76e5362ffddc14cec6c82e58e
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
date
Tue, 26 Sep 2023 08:42:51 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
age
5731
content-disposition
inline; filename="slider-next-active.svg"
content-length
245
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::nsx48-1695717771650-0625b66cce7a
x-matched-path
/assets/slider/slider-next-active.svg
etag
"11d7245358f256721cd5ffa1386435f7"
x-vercel-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
slider-prev-active.svg
www.truesec.com/assets/slider/ 		266 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truesec.com/assets/slider/slider-prev-active.svg
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/386cb8578eab9566.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
5e059d5d50bd7b9859989431b0eb4288e8fddd12d6339e1d919fcae7924e999f
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
date
Tue, 26 Sep 2023 08:42:51 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
age
5731
content-disposition
inline; filename="slider-prev-active.svg"
content-length
266
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::q8h78-1695717771650-e707722a3321
x-matched-path
/assets/slider/slider-prev-active.svg
etag
"9010c1a76008e78ca7efb5740a9bf86a"
x-vercel-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
font.woff2
www.truesec.com/fonts/NimbusSanExtReg/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/fonts/NimbusSanExtReg/font.woff2
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/386cb8578eab9566.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
273a989952bcaab018a929e31149171f873713cd36caa79a6650a7bdd5b08130
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.truesec.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
date
Tue, 26 Sep 2023 08:42:51 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
age
5880
content-disposition
inline; filename="font.woff2"
content-length
30036
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::8wk5s-1695717771653-7fa722f6b52f
x-matched-path
/fonts/NimbusSanExtReg/font.woff2
etag
"7f19a0a57a9ac444d78386fb0bcc375e"
x-vercel-cache
HIT
content-type
font/woff2
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
font.woff2
www.truesec.com/fonts/NimbusSanLig/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/fonts/NimbusSanLig/font.woff2
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/386cb8578eab9566.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
e30ce15e8acb6c3db0edadbc7fb54d04a8101efef317c703884a976c90335fe9
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.truesec.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
date
Tue, 26 Sep 2023 08:42:51 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
age
5880
content-disposition
inline; filename="font.woff2"
content-length
41712
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::xhdmv-1695717771654-abe31092fce0
x-matched-path
/fonts/NimbusSanLig/font.woff2
etag
"bfbe7dcd6caab25ca2c56fe4edfff22e"
x-vercel-cache
HIT
content-type
font/woff2
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
/
trinitymedia.ai/player/trinity/2900007345/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trinitymedia.ai/player/trinity/2900007345/?pageURL=https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/_next/static/chunks/main-84decff6cc7d59ee.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.171.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-171-51.compute-1.amazonaws.com
Software
Apache /
Resource Hash
fc9a96e5199d92d67728392184050a7c3ce8b9916b36661133651232a32eb055

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 08:42:52 GMT
content-encoding
br
server
Apache
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store
content-length
1861
json
forms-eu1.hsforms.com/embed/v3/form/26747823/e1ba94bb-d3e2-4b25-8d09-84d5380c8036/
Redirect Chain
  • https://forms.hsforms.com/embed/v3/form/26747823/e1ba94bb-d3e2-4b25-8d09-84d5380c8036/json?hs_static_app=forms-embed&hs_static_app_version=1.3812&X-HubSpot-Static-App-Info=forms-embed-1.3812
  • https://forms-eu1.hsforms.com/embed/v3/form/26747823/e1ba94bb-d3e2-4b25-8d09-84d5380c8036/json?hs_static_app=forms-embed&hs_static_app_version=1.3812&X-HubSpot-Static-App-Info=forms-embed-1.3812
3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms-eu1.hsforms.com/embed/v3/form/26747823/e1ba94bb-d3e2-4b25-8d09-84d5380c8036/json?hs_static_app=forms-embed&hs_static_app_version=1.3812&X-HubSpot-Static-App-Info=forms-embed-1.3812
Protocol
HTTP/1.1
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04f2cb4d7f05b0d763d9c88d94c691c971529efadf886ea15135ab6434668742
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

X-Origin-Hublet
eu1
Date
Tue, 26 Sep 2023 08:42:52 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
Content-Encoding
br
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
0ac4e84f-1478-4b8e-9316-d7007967dfc8
Transfer-Encoding
chunked
x-envoy-upstream-service-time
24
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
0ac4e84f-1478-4b8e-9316-d7007967dfc8
Server
cloudflare
X-Trace
2BB3C95A466871B96A192DA264CD164EFF7606BAD3000000000000000000
Vary
origin
Access-Control-Allow-Methods
OPTIONS, GET
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
null
x-evy-trace-virtual-host
all
Access-Control-Expose-Headers
X-Origin-Hublet
Access-Control-Max-Age
180
Access-Control-Allow-Credentials
false
Cache-Control
max-age=0, no-cache, no-store
X-Robots-Tag
none
Access-Control-Allow-Headers
*
CF-RAY
80ca374bab349214-FRA
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-68fc9978fc-svqcz

Redirect headers

X-Origin-Hublet
na1
Date
Tue, 26 Sep 2023 08:42:52 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
04b505b2-c3dd-4bb8-b0c3-736573788882
Transfer-Encoding
chunked
x-envoy-upstream-service-time
1
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
04b505b2-c3dd-4bb8-b0c3-736573788882
Server
cloudflare
X-Trace
2BF30860968311D0A9966EB59A301F6339C6806038000000000000000000
Access-Control-Max-Age
180
Access-Control-Allow-Methods
OPTIONS, GET
Location
https://forms-eu1.hsforms.com/embed/v3/form/26747823/e1ba94bb-d3e2-4b25-8d09-84d5380c8036/json?hs_static_app=forms-embed&hs_static_app_version=1.3812&X-HubSpot-Static-App-Info=forms-embed-1.3812
Access-Control-Allow-Origin
https://www.truesec.com
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
x-evy-trace-virtual-host
all
Vary
origin
X-Robots-Tag
none
Access-Control-Allow-Headers
*
CF-RAY
80ca374aaec5363d-FRA
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-5cf6855b8-x4r4l
gtm.js
www.googletagmanager.com/ 		264 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K2VMF8D&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3412dcf547b71d5febc9caea1269eed98ca78fec34b376b5542b1a924e31eb9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 08:42:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90257
x-xss-protection
0
last-modified
Tue, 26 Sep 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 Sep 2023 08:42:51 GMT
uc.js
consent.cookiebot.com/ 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js?cbid=fb174c59-0016-4d4c-8f79-2c133cf6c3fc
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2VMF8D&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d::210:f150 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
48db2d12493cbe46ffa0e255d3a4111213aeaf2279fa9337a096b5326f22b66c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date
Tue, 26 Sep 2023 08:42:52 GMT
content-encoding
gzip
last-modified
Mon, 25 Sep 2023 09:17:38 GMT
etag
"4be4c32091efd91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=371
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
33511
expires
Tue, 26 Sep 2023 08:49:03 GMT
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame E5F4 		627 B
810 B 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=fb174c59-0016-4d4c-8f79-2c133cf6c3fc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:8a0::f09 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=31236899
content-encoding
gzip
content-length
392
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 26 Sep 2023 08:42:52 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Sat, 21 Sep 2024 21:37:51 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1695717772162_34603332_188485013_18_2200_5_9_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
cc.js
consent.cookiebot.com/fb174c59-0016-4d4c-8f79-2c133cf6c3fc/ 		283 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/fb174c59-0016-4d4c-8f79-2c133cf6c3fc/cc.js?renew=false&referer=www.truesec.com&dnt=false&init=false
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=fb174c59-0016-4d4c-8f79-2c133cf6c3fc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d::210:f150 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b75fabd71008259a5636ae56a47a3f35785b149be0421b9224777c6f76a27da8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 08:42:52 GMT
content-encoding
gzip
last-modified
Tue, 26 Sep 2023 08:42:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
private, max-age=1200
cross-origin-resource-policy
cross-origin
content-length
66309
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 08:42:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
6d9312d3-1704-48d8-83dd-fccc0fc4552c
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
6d9312d3-1704-48d8-83dd-fccc0fc4552c
server
cloudflare
x-trace
2B9A9AC8A8C9FDF327FADF4F1F520531B9948ADBB4000000000000000000
vary
origin
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-5cf6855b8-m8gm9
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
80ca374c2a971c8b-FRA
submit-arrow.svg
www.truesec.com/assets/form/ 		243 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truesec.com/assets/form/submit-arrow.svg
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/386cb8578eab9566.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
b12368d3c5dba872ff52f51d990122bb48b276fc7e21e4a12bf4bdcd52f33daa
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
date
Tue, 26 Sep 2023 08:42:52 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
age
5878
content-disposition
inline; filename="submit-arrow.svg"
content-length
243
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::xw6vj-1695717772196-3481ff7c41b7
x-matched-path
/assets/form/submit-arrow.svg
etag
"e74b4a1bf651157f05cd7e175cbd64e6"
x-vercel-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
counters.gif
forms-eu1.hsforms.com/embed/v3/ 		35 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Tue, 26 Sep 2023 08:42:52 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
1ca681e7-bc62-4f47-b6db-057544c4d1c6
x-envoy-upstream-service-time
2
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
1ca681e7-bc62-4f47-b6db-057544c4d1c6
Server
cloudflare
X-Trace
2BB0BC59EBA17B3DB0A07D899396EBFFBA1FA60980000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-68fc9978fc-hnndp
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
80ca374e48f83625-FRA
truncated
/ 		293 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/png
trinity-injector-script.js
vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/ 		281 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Requested by
Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity/2900007345/?pageURL=https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 -, , ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
6bea99a03245b7817b80fe28f3d3bc9b7b068dd4fd6571427b3a79d2754abe55

Request headers

Referer
Origin
https://www.truesec.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 08:42:52 GMT
x-amz-version-id
d3fjqr7ttvwW3qfTp5yCcudxbQ7hR7rJ
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
YAMMD3K29SQZK7Y2
cdn-cachedat
09/19/2023 14:36:51
cdn-pullzone
112690
x-amz-id-2
ZqYEexMYXvHdcOgKIVXz+nIfqz6nJ1DeZfYkXaOTqlG5ivWUtoe17gGGiSPO9qZH2KF2qdU5FTg=
last-modified
Tue, 19 Sep 2023 14:28:46 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"a136dcf0514097308fbcc495de3f1aef"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
acbc2e0b-1875-472e-93e7-be7f028b2851
access-control-max-age
3000
cache-control
public, max-age=604800
cdn-requestid
c3494737f1875a687562c443c685b1f2
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
trinity-player.php
trinitymedia.ai/player/ Frame C24E 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.truesec.com%2Fhub%2Fblog%2Fdarkgate-loader-delivered-via-teams&unitId=2900007345&userId=c3a1d908-285b-4964-9958-1f37953ee482&isLegacyBrowser=false&version=20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93&useBunnyCDN=0&themeId=140
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.171.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-171-51.compute-1.amazonaws.com
Software
Apache /
Resource Hash
a8c314e059178ee6386e2cb50fe78fd94f0524f7860ac40b54417a0e3ffbd223

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-length
1985
content-type
text/html; charset=UTF-8
date
Tue, 26 Sep 2023 08:42:52 GMT
server
Apache
vary
Accept-Encoding
thoughtful-businessman-working-late-on-a-computer-in-the-office-picture-id1160562587.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/thoughtful-businessman-working-late-on-a-computer-in-the-office-picture-id1160562587.jpg?w=1920&h=1080&auto=compress%2Cformat&fit=clip&dm=1694003846&s=e5f9adab91419062d4c32f2282059665
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc66ad7045bdbd9baaa49bc6d270edb9b49b8a0c1b9c18643cb2637e097c836b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGCH1gqmXigvEsLP6z6ZdY60w6G0eUwGedseEuCHOa2BjDwYJOYQu4AfGyOyDrlzy3sfEZI44YngGQStsSl%2FcW64zF%2FCm4Yo0B3SZAYLYvg4c3MUOwXqi7s%2BQX7Hg3TkOiIuzNBX%2F%2FS8WbKAdiEc8YImcFJLlD2VXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
52a0b76ced12d578fd8dd15b20a0235e
cf-ray
80ca374edae590ec-FRA
alt-svc
h3=":443"; ma=86400
atom-6-1.png
www.truesec.com/assets/patterns/ 		515 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truesec.com/assets/patterns/atom-6-1.png
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
f1426c9322621378e362570f4ae1a661cf55a46b073bc83c568c2afe67d169e4
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
date
Tue, 26 Sep 2023 08:42:52 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
age
5880
content-disposition
inline; filename="atom-6-1.png"
content-length
515
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::zvckq-1695717772619-4f6af064f3f0
x-matched-path
/assets/patterns/atom-6-1.png
etag
"6c972d066621be03b01c6e6ccf542b21"
x-vercel-cache
HIT
content-type
image/png
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
IMG_1403_small.JPG
optimise2.assets-servd.host/jealous-emu/production/General/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/General/IMG_1403_small.JPG?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1693989399&s=e3f5a02658affa00601c892dd4f15a87
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f2d6a1e2457e16a7a39bff7654eee5ebfe725f418b7a0636c0c8e5a94f3fcdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5IyI9oEcbrPpiD5cqR0byzzawtEmrM5C5NqocIC7zhziG40npNUCvTczr9rLRsRNoGuauQ5P70N0UFCUsGRuZQkqPnI2P6M%2FW%2FeMpoFfd6d30cykNdO0vwZ3%2FbbKXha%2BOZc%2B06dOxMvwpKBo3b3G7fwpFXoK3Z0mA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
45318a338f0475f72436fc9a955fe6c0
cf-ray
80ca374edaea90ec-FRA
alt-svc
h3=":443"; ma=86400
AAD1.png
optimise2.assets-servd.host/jealous-emu/production/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/AAD1.png?w=691&auto=compress%2Cformat&fit=crop&dm=1693999075&s=f54f81701c8394971bce1c0e41234ca1
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98b490054e866a6af63800293fed4cb6fbe4d71bae9ea9a2d4dfb535feb2c03a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJJf4TDeZJ3RrzW4WcC5EdsvB3Om3JkgTxp1YaKl%2FhZkDudKl2GjrsKJOIoqo1eDeoVisMaoq8DDM5N1Rwuz27UogGGP09ULBkpUOehPNsfQgUq3ZJbmUq96ffFjRqM7XOzw%2FBgasVpTSMfGE9Dh4O65NF0UwvqGkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
8dc5bb5eade54457280cc9208d79deae
cf-ray
80ca374edaec90ec-FRA
alt-svc
h3=":443"; ma=86400
AAD2.png
optimise2.assets-servd.host/jealous-emu/production/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/AAD2.png?w=688&auto=compress%2Cformat&fit=crop&dm=1693999078&s=704d7baa4ccae3ffb0740ef29cd76e7d
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3279f531006280e00c9e2360be2a97963de80364943b6c8171bf711274a4a18

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAUu6LCigWpsVe6Z2jvGmG3QRb3DRnbt2tnga65ftzrtaBujNhQ1RjkVyg0ZWse9Fq07fgCfRnlM5ha1FkoSd0%2FgGfKa6bJ3qdPPdWuPkWsnzJzZJ%2BUPccDooYq3qh5tHS05M%2BgBqif3qkn2lzmbyMN34iQXZkq3gA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
a1f74a3cc5bd20c57ea38773e0492f6a
cf-ray
80ca374edaed90ec-FRA
alt-svc
h3=":443"; ma=86400
Teams_Message_2023-09-06-111840_xfme.png
optimise2.assets-servd.host/jealous-emu/production/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Teams_Message_2023-09-06-111840_xfme.png?w=1414&auto=compress%2Cformat&fit=crop&dm=1693999120&s=7e60d0ea24e5d7a25b18753104c8c0b9
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52294dd3fa003bf6ff5d7898fec6e2430f6216fd6856fccc04a4179805623fe1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9XdymqSIN6Mm%2FV9bh4mvK2nFhddMrGanv5COpuWi9ddjTGWUvnHtWlS0003Cwke8VKPAnp8RMUuIR8m9WORtgIba1H3DXvzE5xySVq2Q1Dk3gRPUkAR3UDoK9D7dSBI4WCdBU%2Bbl03TsayAg1rGXQjkzTbKKOheDkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
8c2c5be71c09289cbc09e3a1caf1facf
cf-ray
80ca374edaee90ec-FRA
alt-svc
h3=":443"; ma=86400
URLs.png
optimise2.assets-servd.host/jealous-emu/production/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/URLs.png?w=3064&auto=compress%2Cformat&fit=crop&dm=1693999779&s=d309dd178c6537bd02577cbc44dc9d48
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a759b8e512cc6aee539b7373fb7f20a16400f33bcfcabcaef5220cb3e8bef0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuEd5E1tPyjGqXrfbIfGx2ljCNfjHxy%2Fn1i83M7qteCu2RA4VmsyyQGkvZSorALKc5r9e3K7IuyAdZ97fCWp%2BY5N4ysyGhSg1DbigfEoftWCT6aM8DkCryjKSaIxGSpcq1r7XTZXuz5%2FoApNVKMRb23lJ1mnQ2dsnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
acc41b4736c422fbf91349662c51698b
cf-ray
80ca374edaef90ec-FRA
alt-svc
h3=":443"; ma=86400
Sharepoint-file.png
optimise2.assets-servd.host/jealous-emu/production/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Sharepoint-file.png?w=2614&auto=compress%2Cformat&fit=crop&dm=1693999116&s=efcd2491aa256b3d95c78d1d806ac9da
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3a7265795f8f7648a263d7321bebdc0d5470ed656b4738b47697794fc3491b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eQ47JFY3Dro4QlcWCJLJu%2FaWDxpNURk4ttXJytBYROiIzr0MZ6qwIZlMaVZdM9BwZKSDBv%2FbOV0y3o4kyNGjg9cTxG%2BSspd8sfi5y%2FwvTzEmHJGzd4qmJxEPZgXRHjU5YHT1%2F2%2FOPmfO0oTpKsz%2B7QwKhCnglhxVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
ce959bb5966edcaf7c4762073050eaaa
cf-ray
80ca374edaf090ec-FRA
alt-svc
h3=":443"; ma=86400
MS-Defender2.png
optimise2.assets-servd.host/jealous-emu/production/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/MS-Defender2.png?w=602&auto=compress%2Cformat&fit=crop&dm=1694000140&s=83878fb42898f46235cf8ae97b9f587e
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7edc1682dc499603d9971241080541b9a21f483adc96de9b95d566cc3267610

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXEPFpF2dKb%2BYhWRusf0zlgT6h0bBL6WDjGAH53nfZ%2FhHbsBBNcF8npEdrCJa%2B0cj0wbZM61ewEyxS6gWSQdttW1uwZIyZUdoi6vENW3b%2BnZGNUETsRo68b7HpT%2F3Wz2Mw6rYWOKfrmLSQPEiEiAG0XXbuoBhB95Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
54673005a898ac3a11b67b80921469a2
cf-ray
80ca374edaf190ec-FRA
alt-svc
h3=":443"; ma=86400
LNK-File_2023-09-06-113238_htnw.png
optimise2.assets-servd.host/jealous-emu/production/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/LNK-File_2023-09-06-113238_htnw.png?w=756&auto=compress%2Cformat&fit=crop&dm=1693999958&s=f1a70e6c31c7ec4aa126846290cc13d4
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae16eca567dba2833aced3f9a2f29fb03bcd7c275eb7faf5bdffa028440a3e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6T4yXfDhoFgxuc5uAKndAzuvSX5RVmzOZKf9nZC8aNa0DF3AMq%2F5GcsUtiUdEuMVyQilsSs0mFanNNsNZbtY5189uWuY207iO7Ea7uepYlPxsLHJkXI5FXYOpDoXyD9sfB6%2B4lwS36bS%2B9S2Ljp40VFB2%2BuU0tPaSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
b85ed6bb727916ca0e0ac020d29e537e
cf-ray
80ca374edaf290ec-FRA
alt-svc
h3=":443"; ma=86400
Shell-cmd.png
optimise2.assets-servd.host/jealous-emu/production/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Shell-cmd.png?w=3083&auto=compress%2Cformat&fit=crop&dm=1694001838&s=81f3aa58c7595bc0aaf5e8d79f1adb11
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
706a29996854169c8e3e6638676c86287583c7e153ccde44af6c6a7af174656a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VF6ibPSoS321vVZrgY7Fg%2BzX6e68mu0EIGTK3iWtAf3apzIdvrOOhxuyxMiiIKSWyWjNUiKyc7K3STmwmqyVCCypjaPBWpkjtZ3NltV5tRggyvk%2BxXR3EkXggwvHC%2F2sI%2BDY%2BwI7Vg%2FwpLaApz3lpjrji8uIPmL3TA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
3fadf8c280dc434b041bc300e1060138
cf-ray
80ca374edaf390ec-FRA
alt-svc
h3=":443"; ma=86400
Wireshark.png
optimise2.assets-servd.host/jealous-emu/production/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Wireshark.png?w=1027&auto=compress%2Cformat&fit=crop&dm=1693999124&s=0e051bb8a1da725b0a5ac9609e901931
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44a664b26b088d4e3904cf6a6d439c5fffc2364e970f2c7d8a863e6b67113ebe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KGsD2KUenwJNXr%2FIo4cxNlNU3FMfcHXr5jgL%2BJYwa4hHgVOFDZ1P%2BOj01v5%2FFGT9G2LuBtQJnb%2Fyo44pIxO5n5knlhNc9Dc6cXZlJ55YaoswAa3cx9g7rSP8xv2vWhlkcb9kV%2Fb47XmmNHnYwVMXvxqWvdXOQDLTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
de701a8077d17b4ffd61afd2af62e0ea
cf-ray
80ca374edaf490ec-FRA
alt-svc
h3=":443"; ma=86400
AuScript.png
optimise2.assets-servd.host/jealous-emu/production/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/AuScript.png?w=817&auto=compress%2Cformat&fit=crop&dm=1693999100&s=04dd42bc71c6c33ebb24f8156d6c2e07
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76b9fb6631ddfc422502bd8cd514e92d1c7eb15f7e8bf9acf0aa9c1b6ed1d0cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwmo9C9L4E6qlYIyEcL%2BaqphkMQqkMtRnOzXD4s1LBS4NeBib1nwnTGxAPua6F1xw%2FBaJD03qPaoLtN4yMSr5SwDIpwtT9q2oRkBbs%2BQyP36lTtPlKCzZ7uwe3kqZ8w1Bq9g9I9b5AOdOdoibb%2FCC4IeGwFywxE5NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
5bfc2ac4ed559b72ef80c4993da532f9
cf-ray
80ca374edaf590ec-FRA
alt-svc
h3=":443"; ma=86400
Sophos.png
optimise2.assets-servd.host/jealous-emu/production/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Sophos.png?w=1242&auto=compress%2Cformat&fit=crop&dm=1693999119&s=aada66965b320b6c9d869c308377ef8f
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef18ba9f8330696838bca85be7e8ec092381fdd96e22b0540507985fc5b6de15

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qomBvDAUmWmCpiBlX4aUt%2Bpe2OtNrPDwzFqQVf%2FLvxJlnT3r5zhD9YeZ0EXFI8ltgOUGrzCUYrUBQCkCSGMHNRBF4wjljZN6MAPbeWcEe9pQxd4j8uxfJTBj3K%2FmZuB4FcRULnT1uhlWan%2FlwytGjIg8Hz1k3LUTSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
e9ec695343718abe43c3245fa73ccad7
cf-ray
80ca374edaf690ec-FRA
alt-svc
h3=":443"; ma=86400
DllCall.png
optimise2.assets-servd.host/jealous-emu/production/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/DllCall.png?w=1578&auto=compress%2Cformat&fit=crop&dm=1693999102&s=4b46b045bcf363c1df1c44a6f927611e
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55381b08570c7c9e51b16aa8004c9778710d289986ccf052cf7629362b764da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCaa0kl2cQ00xyUtKl9YcMsBuLdvu3tP4Ih8XOD%2FpetrnCcUW7aPCS2A%2FDzx4uNkGu5j%2BFSXC2jnW5HKN4jijz%2Bgl2vAKvWPILZZT1DAxjtibI43U7OEK3jlapE90VcbKhNTdfgBbEFbsnJSSNhrr4bwBhAH7PUirQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
8d39f5e7d635220d67b55e773a3b2ec6
cf-ray
80ca374edaf790ec-FRA
alt-svc
h3=":443"; ma=86400
Shell.png
optimise2.assets-servd.host/jealous-emu/production/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Shell.png?w=934&auto=compress%2Cformat&fit=crop&dm=1694001339&s=e9e4fc54a5fa8384964f923fc7182892
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7b7a19107d75c9fba95c98fccc89926661184b4be83408fdf1b599d35c7bafb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlafUcjkdGkv0glKjCShQGdlbdDxgMbNR0rMKMlIK2o9ocELHbnsj4UTuEwpMH8lJPt%2FcEXGsDDJP1%2FPNOMNL%2BI5UVtQLSxjMH4q6NhsPdmFW66uOHaipNWKktCiuCUsSJJLSWce%2BBoXjb%2F6lSa9nKVWO7x1bfKLZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
49ca812c2896b1d14bb84150ea4c9ce3
cf-ray
80ca374edaf890ec-FRA
alt-svc
h3=":443"; ma=86400
PEstudio.png
optimise2.assets-servd.host/jealous-emu/production/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/PEstudio.png?w=1016&auto=compress%2Cformat&fit=crop&dm=1694002388&s=953f452e41d3925f58104c206bbed461
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53248121b272c5b96e926eff9a2abd225951a0a3dfebf17bf244bc7bf3e7ddab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNC%2BP6m7fw3I3fK5sqEIC5WP2mddmtV6E6j%2FOoTX4KoKWJofrAR79OMEq%2FGALbKJ1VJ2X%2FWmD44pDB5SAK5KI7sH7MSMFfsPPWmzCQPkkZHT%2FCM7h8FNMJ%2FSQ8IfWwsBv79ML4aVj6mTxTWVBSxxFUb7oL0eHKppTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
e8f5984e6c24f347a8b9d91cd5a5b7c5
cf-ray
80ca374edaf990ec-FRA
alt-svc
h3=":443"; ma=86400
Malware-Config.png
optimise2.assets-servd.host/jealous-emu/production/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Malware-Config.png?w=306&auto=compress%2Cformat&fit=crop&dm=1693999113&s=e620dfe0f44d7cdf3a28c3f44df122f7
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dba52e665e3a8c3e3a4f8016b379bf1092b52d4ce7be7501d28afb929008aec1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5YTeNttkm9E64rj7Z3lyPJM21dZIPf1hEiRcAkuu3WBvwiP3jyXskO2aX6akv69dbZaj1fHOk0ySEu%2FcWbvQ7GbjzdaM8LY7U7j%2BJpNR7hidXBGj5wT9V%2BeuXMw43kF0tmLwtBBNoAR0joAlFx3SjhtJlD5w6VUKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
87062eaa269568ee0595742bace28fb5
cf-ray
80ca374edafa90ec-FRA
alt-svc
h3=":443"; ma=86400
Akira.png
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/Akira.png?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1693212667&s=7345ccde8dc615b175bfe013e0d50025
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c3283bdce285d0871379763f39b350b662ff2eb41b30a0a7a896bdd92fb23e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POv8XLnDK84LcOURPUhLcm%2FR48EvWGh%2Ft6b0dEgFW4Io2RIcch4Syz%2BIJjWj%2BhSsbjJG4fMdAkrq5%2Bf22XBj6b4FpT%2FJJFAzs6Sy5Rr5mwtmIBftwUQ3kw%2FMijq%2BMR9%2FsP7bpOiOFeKcOUx%2BtCZ%2FbSxxjuQHej8eaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
3ffe99aa9330e36438b194473d8795d8
cf-ray
80ca374edafb90ec-FRA
alt-svc
h3=":443"; ma=86400
me.jpg
optimise2.assets-servd.host/jealous-emu/production/General/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/General/me.jpg?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1693230435&s=62119b004feb955f8c5b8062d2250ce7
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4327998a6b93140ec2c83945ee24da1f7f8d2a5399546824a8cf4af8c12f6b1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQVUziF2crRosL6CHqZyHRaxdRfM%2Fo7RciiImBI%2Bho6df%2FqekYVMNIdOaDeJWeV5E01gWz%2F5eKOvMGW4qkkHKMiBtc%2Bd5uEilGcZaz6A9qVE23EnBA%2FI6K%2F9o8F0TEH3KG8eEwVXVXh45kZrdXKsRc1qJd2H6wPZOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
a0534aefbf8f23957325564c7cbfb18b
cf-ray
80ca374edafd90ec-FRA
alt-svc
h3=":443"; ma=86400
Untitled.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/Untitled.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1681222488&s=e40b51240a407bddfd49e11ba137dc21
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
195d72f19d6fbe23b1f5fcf7ad169c4ea2e7e2a85cf619ab0be85671e2a56b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I89%2FECZ2tHM2ou7V7yQoU77o%2BCrZUiq8aTURTMK8TfPhsnKAjCjdObE6HOMm2C%2FG9k7eEGpf%2BpCt1hjDPTqdGASBYfCRsvom%2BFpPOwkKshGSHn9jzIhrDxx3lZ7aKXeYsfyn1c0jRh5Oey0J%2BPnVXn6BE%2BNC%2F7T8aA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
2b62c69290876a9f092b666bd2edf19e
cf-ray
80ca374edafe90ec-FRA
alt-svc
h3=":443"; ma=86400
viktor-hedberg.png
optimise2.assets-servd.host/jealous-emu/production/Users/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Users/viktor-hedberg.png?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1643982381&s=adf8c581ddac1e588bb86f3eaaba060b
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
812a98a9fcad42f55b75c791fd838062d45453b01bcbfa9edaf10c2ae3a3ecac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zVsBQQfYPknZa412glTR1O%2BUZ9F5zTpO8HhJl3kguN7n8B8FRlQtFiGOIj7JQKdT7xmstAODpZNjy6FBZ%2FJigUuvWWpoNDcCLYYyS%2Fa6MqUGKyNHBl0tnASZoxgboCYVQ2f0lP4x6hyhbiTYxjrQANj3t2PogpqbPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
f55b73b1869fe6a045ab6ed7128a895b
cf-ray
80ca374edb0090ec-FRA
alt-svc
h3=":443"; ma=86400
incident_response_fortinet_cve.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/incident_response_fortinet_cve.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1666356095&s=8c72faf650fa7e757b8dc02f6c377cc4
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf55db8dd64a24ddeccfb8e36ba6385adb002aecc484e7a19faee8157ccc8024

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Bro5mM7UHIDTWewy6FlAlPWQL7ir30Hp04wlG0tRVGLK37pZIFNq7AsTsQXJ%2BI%2BRU4iTHwMtpi8l1gbvKaA6jPlNyqlfH1sefaBcJdt%2Bcm7fUeV2u2cdzBF5r2mp1Ln3%2FBuhgQPcDQIMfr%2FeiFj2dQTFuy%2B%2FMdpAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
2480b560797b6645da29c79ac4529c65
cf-ray
80ca374edb0190ec-FRA
alt-svc
h3=":443"; ma=86400
Heresh-Zaremand-Truesec-Expert-Spotlight-2022.jpg
optimise2.assets-servd.host/jealous-emu/production/Users/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Users/Heresh-Zaremand-Truesec-Expert-Spotlight-2022.jpg?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1673511763&s=6fb72412b0d393b4ae7aa28618dabc45
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
529c118b499a77edf35a4718df6f6428e554f45db842e1a7494e44ea1c3ec346

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ot3bySdVCvzr8Gr7wF%2BnrnWOgnKyB%2B8QsvdAzxSd8494FmDMX3WmSo1bWZsi7kUpKL%2FqVDLxoi4WAmCGkCIVQQ%2BzQ0zn%2BvtZ4bHcTydEEF8GqakoCAlQqUMrOti%2FrAeDNZ8wD3ZSYjg4twrpj5EgxouEpCju0Ktcvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
42c1bc5ceaa24a7ab9c7dcc0dd0832c8
cf-ray
80ca374edb0290ec-FRA
alt-svc
h3=":443"; ma=86400
shutterstock_492815677.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/shutterstock_492815677.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1639943292&s=8cf45fd6a2823a3ad1d4394eb13cc846
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d61115ea5fdaa1c801094926e601f0a01ad99953dd7ba8c2b7c31eb07550c284

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFUFwhGJ78rQisow0ozzHaJZo1KRsYZGdAlTkLVNdIbc97JwOxq1pInDDfAifS6JM%2Fmxtdsq8KL5VQrnguRGiSmM%2FYUBie7xVJCJJMVJ5Xt3iJlkXTqWsz7z2WLTTussedQzrKvXf6RDjWq1yrYnD0OYo5K0OdPOtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
2bf92e282393414d4edf99e221b74dd2
cf-ray
80ca374edb0390ec-FRA
alt-svc
h3=":443"; ma=86400
iStock-520840869.jpg
optimise2.assets-servd.host/jealous-emu/production/Techtalk/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Techtalk/iStock-520840869.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633331446&s=362a7eb5d9abd6c2a840b164b3114213
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a57b0fa179da2a854a2df35da5c0d283dadf8c0ce48e20d322d67142b2737c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9%2BOMBW2wYQnSkf0T2mYdRddbipzu7L6eyLjGtOHAKcCnGhjDOlB8hp%2F%2BfEvdVbb1X2Ym%2FKXEmakg7leVCgKrok2BEDl7ecQfrMjY6DxtXJzyU32FC00mS6o819V5Wuvo%2FzftZIHRuqfl30FLfGBHO6fzuQiI%2FXWZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
40c908f2f9215c27b377fadad9a27382
cf-ray
80ca374edb0490ec-FRA
alt-svc
h3=":443"; ma=86400
MicrosoftTeams-image.png
optimise2.assets-servd.host/jealous-emu/production/General/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/General/MicrosoftTeams-image.png?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1659610676&s=716fb29c56876c2be214b6bade137539
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e5213cf60337f90e1d37e756078f913caa752eaf938e31837afdb7ade1711c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lbVbARFPekfb2G6mpjjdHZ%2FiQnW6hi7ihnH8uiXwybLj1tu4Xju0iJSJhIuUNUHdzgiRs5kA8M7Qt7XSxHyNdzJphz%2F4TStjHGYTfvjGr0FprXlwhtwgouWFO6jmbSL1XtTM7lqripgG%2BkrlUTXVBvhjnS6NDZaJtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
3f5a43f151cc473fe92d2324ee5caa64
cf-ray
80ca374edb0590ec-FRA
alt-svc
h3=":443"; ma=86400
MicrosoftTeams-image-10.png
optimise2.assets-servd.host/jealous-emu/production/General/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/General/MicrosoftTeams-image-10.png?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1633331395&s=14039da161c092aff8cb8609b3f23551
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f4684daf4fdaeb1b6084106f8d380ec21bf768348626110931b8661fde758c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFQU0owa9VuyHq9XlLJhW7NV0HpKY22SD2erujnHmkahvRsfswGYtkK4%2Bs37gP0NFw%2F2w1lktauf1se635WkWUV%2BFSKZNWNO8p1JiYdnygL0FEnxQA7QlU8m3NIgREcQ6YiyVES%2FUzSWyd%2BXuBKvBIV9STLXoon16A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
0c8ea287b72530e8fea51b865bcc3fd9
cf-ray
80ca374edb0690ec-FRA
alt-svc
h3=":443"; ma=86400
mario-gogh-VBLHICVh-lI-unsplash.jpg
optimise2.assets-servd.host/jealous-emu/production/Article/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Article/mario-gogh-VBLHICVh-lI-unsplash.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1673611087&s=93230308cd899f59560544652e0d8ba6
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47cf28768d4b6447016d04e373262a5cbde48c532d77ad991b02176b7630b1c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Tue, 26 Sep 2023 08:42:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8Jr%2FyDWddhPe6wOJOXmAnIVIXzxEI4JPmjH3cfMYcGGlcVl8sMBvoAX43IsAiKJihjPmNYJ76wZfixNqunp7jMQsYKy4uOhokjVu5CLUiGLTi%2B0Y567zybNm7pG7I4EI8YfAdTgJopR%2BxFIp0AunMQ4NRxeYLprog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
160f84278dee4fd2a8f3b581da3059c8
cf-ray
80ca374edb0990ec-FRA
alt-svc
h3=":443"; ma=86400
trinity-484fef5e39bd1f12260ad07d5cc3499d.js
vd.trinitymedia.ai/trinity-player/buttons/ Frame C24E 		906 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vd.trinitymedia.ai/trinity-player/buttons/trinity-484fef5e39bd1f12260ad07d5cc3499d.js
Requested by
Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.truesec.com%2Fhub%2Fblog%2Fdarkgate-loader-delivered-via-teams&unitId=2900007345&userId=c3a1d908-285b-4964-9958-1f37953ee482&isLegacyBrowser=false&version=20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93&useBunnyCDN=0&themeId=140
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 -, , ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
bc7b889274bb4e05e2dfbd158e8daf8300bc9d47c5abeaad0b5a6f8f8e250f80

Request headers

Referer
https://trinitymedia.ai/
Origin
https://trinitymedia.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 08:42:52 GMT
x-amz-version-id
yJ4ODGfNfXjPVjlpeffF4bpGOLGUZC.4
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
1XH6WVNZ5MFWJXHE
cdn-cachedat
07/07/2023 01:54:56
cdn-pullzone
112690
x-amz-id-2
mOaUTfBSZTlzTc4zGfuGMr+qcYAdwbGlr8DZUwZF4cUNLECVcZGYO2CAl76KdI1/ToZOhezCUzM=
last-modified
Thu, 22 Jun 2023 12:27:19 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"444f9bde622bea25c2686485c1e13e40"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
acbc2e0b-1875-472e-93e7-be7f028b2851
access-control-max-age
3000
cache-control
public, max-age=604800
cdn-requestid
44af9a4d88bb4db6ba3a9a277bfb0e0a
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
trinity-player.js
vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/ Frame C24E 		1 MB
413 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-player.js
Requested by
Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.truesec.com%2Fhub%2Fblog%2Fdarkgate-loader-delivered-via-teams&unitId=2900007345&userId=c3a1d908-285b-4964-9958-1f37953ee482&isLegacyBrowser=false&version=20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93&useBunnyCDN=0&themeId=140
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 -, , ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
9a719121cb7b683e5834b5e733a6ce443697ca27ff30caa17a501b16801e3c0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trinitymedia.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 08:42:52 GMT
x-amz-version-id
VFJ880PLub2UghD0xLetO5IE7oMl1lc0
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
FE41E7EN8YF5YJYB
cdn-cachedat
09/19/2023 14:36:53
cdn-pullzone
112690
x-amz-id-2
ekgKy2KYtFcflnShvN8ge6V3dEHMAsjx96K6EoQISENDYx+DBs9wWhXDH2VmvNqw0nPJhX8o1R8=
last-modified
Tue, 19 Sep 2023 14:28:46 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"4d24ea171fefba00af1b895e57181c5a"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
acbc2e0b-1875-472e-93e7-be7f028b2851
cache-control
public, max-age=604800
cdn-requestid
d750528e91902aa1b10dab49b829cf64
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
collect
depart.trinitymedia.ai/api/ Frame C24E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://depart.trinitymedia.ai/api/collect?t=audio
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.21.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-21-96.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://trinitymedia.ai/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 26 Sep 2023 08:42:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
collect
depart.trinitymedia.ai/api/ Frame C24E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://depart.trinitymedia.ai/api/collect?t=audio
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.21.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-21-96.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://trinitymedia.ai/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 26 Sep 2023 08:42:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
collect
depart.trinitymedia.ai/api/ Frame C24E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://depart.trinitymedia.ai/api/collect?t=audio
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.21.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-21-96.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://trinitymedia.ai/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 26 Sep 2023 08:42:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization
content-length
0
access-control-allow-methods
GET, POST, OPTIONS

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| hubspot object| HubSpotForms object| _hsq object| hbspt object| hsFormsOnReady object| webpackChunk_N_E object| regeneratorRuntime object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| __BUILD_MANIFEST object| __SSG_MANIFEST object| __MIDDLEWARE_MANIFEST object| dataLayer object| google_tag_manager object| google_tag_data object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| CookieConsent object| CookiebotDialog object| CookieConsentDialog boolean| __TRINITY_IS_LEGACY__ number| __TRINITY_TAG_TIME__ object| TRINITY_PLAYER function| TRINITY_DISPLAY

4 Cookies

Domain/Path Name / Value
www.truesec.com/ Name: TRINITY_USER_DATA
Value: eyJ1c2VySWRUUyI6MTY5NTcxNzc3MjYwMH0=
www.truesec.com/ Name: TRINITY_USER_ID
Value: c3a1d908-285b-4964-9958-1f37953ee482
trinitymedia.ai/ Name: AWSALBCORS
Value: 70+HpOa+cHG7HT/Pn9S+fl6EX2LzEgdbNjv0ad6nL/V4Rb5f87C2JIvCW7mZcQCCziAdaomls68A1ZkrkJpn1zNwnqIjY5QSOpbMTTYdMO0sfbb0EsG6E33bwsOM
.trinitymedia.ai/ Name: AUID
Value: c3a1d908-285b-4964-9958-1f37953ee482

1 Console Messages

Source Level URL
Text
other warning URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230919_aaaf4bfa56a3fe4349cb079582c8605d0e113b93/trinity-injector-script.js
Message:
Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consent.cookiebot.com
consentcdn.cookiebot.com
depart.trinitymedia.ai
forms-eu1.hsforms.com
forms.hsforms.com
js.hsforms.net
optimise2.assets-servd.host
trinitymedia.ai
vd.trinitymedia.ai
www.googletagmanager.com
www.truesec.com
172.65.232.43
18.198.21.96
2400:52e0:1e00::1080:1
2606:4700:20::681a:8b5
2606:4700::6810:8ace
2606:4700::6812:a07d
2a00:1450:4001:82b::2008
2a02:26f0:480:d::210:f150
2a02:26f0:7100:8a0::f09
34.203.171.51
76.76.21.21
00ca7ea4437a90808440f33c5ab5cfe8fccf82f52952fc567042cde324f074e1
04f2cb4d7f05b0d763d9c88d94c691c971529efadf886ea15135ab6434668742
05e942b5355a69109b588f650d9fa373048ec2bd052b57fc3ee917edaa1fab08
0816d592fc5f1053871e7068875fb7b77ce9c1cb2207412377833a1c754bca27
0a759b8e512cc6aee539b7373fb7f20a16400f33bcfcabcaef5220cb3e8bef0e
0b17da62fb36f7470a36919503a56c697359e2958588c16dfb667bc9891318f9
0d863b2b45f901c1e969cb2322cf0e8ca92a6c8f9114db87ff5575f70540879c
0f2d6a1e2457e16a7a39bff7654eee5ebfe725f418b7a0636c0c8e5a94f3fcdd
10e5213cf60337f90e1d37e756078f913caa752eaf938e31837afdb7ade1711c
195d72f19d6fbe23b1f5fcf7ad169c4ea2e7e2a85cf619ab0be85671e2a56b9c
19e3739510e1e39854190f0cc00a79b0860aafc50568bc07c5214a023fdf5575
1c9ea062dfaf7950144ab12c13de6d5d56d1e79da506ba915271e8d898169a49
24f265ab754ebc79e7e78a2687c44260f5e97a6022983e6b8307eaf094c246d1
273a989952bcaab018a929e31149171f873713cd36caa79a6650a7bdd5b08130
3412dcf547b71d5febc9caea1269eed98ca78fec34b376b5542b1a924e31eb9a
3b54dffddaa2eac539bd5b13d6f80c38da6076ce740db0c587a68e7e4f25c5b6
4327998a6b93140ec2c83945ee24da1f7f8d2a5399546824a8cf4af8c12f6b1f
44a664b26b088d4e3904cf6a6d439c5fffc2364e970f2c7d8a863e6b67113ebe
47cf28768d4b6447016d04e373262a5cbde48c532d77ad991b02176b7630b1c0
48db2d12493cbe46ffa0e255d3a4111213aeaf2279fa9337a096b5326f22b66c
4dcba62e131ca99eef51fcd87910cd06078c5cc07646781d90c00abf4d0f7a15
5202c7efbe462a95aa34ec4cba8b72b4250884b76e5362ffddc14cec6c82e58e
52294dd3fa003bf6ff5d7898fec6e2430f6216fd6856fccc04a4179805623fe1
529c118b499a77edf35a4718df6f6428e554f45db842e1a7494e44ea1c3ec346
53248121b272c5b96e926eff9a2abd225951a0a3dfebf17bf244bc7bf3e7ddab
5383e85d3594f2e5d3c01a6f685b7d18b5875b745ca72d9776a8322db3bac929
5e059d5d50bd7b9859989431b0eb4288e8fddd12d6339e1d919fcae7924e999f
686488945a9723698678b0b26098a507f0241238995f1f11cf0bf6aff67eda7b
68cafb4ced99f1149bfe5c037fd60dba028bfff075be7ab7311244d92fa8abcc
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bea99a03245b7817b80fe28f3d3bc9b7b068dd4fd6571427b3a79d2754abe55
6ecf97ddcde4ca1fd32079c5aaf17668865953f4f354462318209cbe8cdae0f0
706a29996854169c8e3e6638676c86287583c7e153ccde44af6c6a7af174656a
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
76b9fb6631ddfc422502bd8cd514e92d1c7eb15f7e8bf9acf0aa9c1b6ed1d0cf
7a57b0fa179da2a854a2df35da5c0d283dadf8c0ce48e20d322d67142b2737c3
7c3283bdce285d0871379763f39b350b662ff2eb41b30a0a7a896bdd92fb23e2
7dbe027dec63d7c8577996e7a12839d9093a3385fe4b6b0d024a7e8734a9af69
8108e60f47602e67e6c9c978dd2b3cec824efaf297873ea9a7aeef5a1327e6be
812a98a9fcad42f55b75c791fd838062d45453b01bcbfa9edaf10c2ae3a3ecac
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
8ae16eca567dba2833aced3f9a2f29fb03bcd7c275eb7faf5bdffa028440a3e3
8bb1d2cc8994196f0ebebcdb7540d71a756161d36f65a62d5171f595a20eaafc
98b490054e866a6af63800293fed4cb6fbe4d71bae9ea9a2d4dfb535feb2c03a
9a719121cb7b683e5834b5e733a6ce443697ca27ff30caa17a501b16801e3c0a
a24e66d830ef814bbcc4553b662e0c2afe733f8f30fb4a86be6df577d146bec2
a367ee69492a7aa3aacfd5b21a2c364ae29a754e71c575e62a6a06498d6f8032
a8c314e059178ee6386e2cb50fe78fd94f0524f7860ac40b54417a0e3ffbd223
aa966e68cdedc8e26549f20c4cc5fc652f01da4382a112ad958ff497133eb5cf
abd886b4986fccee2b3a90517fb3e23561e863f4ad4dac9e77f5aeeaaac933c1
ac6587b8c64d2e6cfafc52b0c08823c5a756a45a4ed15f79751333310f15da01
b0f4684daf4fdaeb1b6084106f8d380ec21bf768348626110931b8661fde758c
b12368d3c5dba872ff52f51d990122bb48b276fc7e21e4a12bf4bdcd52f33daa
b3279f531006280e00c9e2360be2a97963de80364943b6c8171bf711274a4a18
b3a7265795f8f7648a263d7321bebdc0d5470ed656b4738b47697794fc3491b2
b55381b08570c7c9e51b16aa8004c9778710d289986ccf052cf7629362b764da
b75fabd71008259a5636ae56a47a3f35785b149be0421b9224777c6f76a27da8
b7b7a19107d75c9fba95c98fccc89926661184b4be83408fdf1b599d35c7bafb
ba9aaa9781bcf6a336d00f3a299b1a4a0bcd5e72750f0f67f42dc8ba87c25948
bc66ad7045bdbd9baaa49bc6d270edb9b49b8a0c1b9c18643cb2637e097c836b
bc7b889274bb4e05e2dfbd158e8daf8300bc9d47c5abeaad0b5a6f8f8e250f80
bf55db8dd64a24ddeccfb8e36ba6385adb002aecc484e7a19faee8157ccc8024
c67c9ebb2902667753b0ee6f7fb1a3d96ba9756a5a773908fa18ae3ba0310dac
d61115ea5fdaa1c801094926e601f0a01ad99953dd7ba8c2b7c31eb07550c284
dba52e665e3a8c3e3a4f8016b379bf1092b52d4ce7be7501d28afb929008aec1
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e30ce15e8acb6c3db0edadbc7fb54d04a8101efef317c703884a976c90335fe9
e3c315e23621def3913ebaf4526f08be50f72117ff32fe8126b74f44b6216da8
ee0efafd4d3bf456260c4570c1f5f2ebe67af6ff74fcbaec9d0f871abf4b09e1
ef18ba9f8330696838bca85be7e8ec092381fdd96e22b0540507985fc5b6de15
f1426c9322621378e362570f4ae1a661cf55a46b073bc83c568c2afe67d169e4
f7edc1682dc499603d9971241080541b9a21f483adc96de9b95d566cc3267610
fac5469e2cca28f7a533005edefbe714e5ceb2e3020a8616f0bdadc02ac36791
fc9a96e5199d92d67728392184050a7c3ce8b9916b36661133651232a32eb055