urlscan.io logo urlscan.io
SecurityTrails logo

www.truesec.com Open in urlscan Pro
76.76.21.93  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Effective URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Submission: On January 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 3 countries across 15 domains to perform 78 HTTP transactions. The main IP is 76.76.21.93, located in United States and belongs to AMAZON-02, US. The main domain is www.truesec.com.
TLS certificate: Issued by R3 on December 10th 2021. Valid for: 3 months.
This is the only time www.truesec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

31    76.76.21.93 (United States)

ASN16509 (AMAZON-02, US)
blog.truesec.com
www.truesec.com
1    2606:4700::6811:b749 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsforms.net
19    2606:4700:20::ac43:4bc3 (United States)

ASN13335 (CLOUDFLARENET, US)
optimise2.assets-servd.host
9    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2606:4700::6810:5605 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a02:26f0:fb::5f64:99a9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com
1    18.66.2.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-81.txl50.r.cloudfront.net
static.hotjar.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:801::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a02:26f0:fb:594::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
1    13.32.121.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-116.fra60.r.cloudfront.net
script.hotjar.com
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    18.64.79.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-89.txl50.r.cloudfront.net
vars.hotjar.com
1    52.48.184.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-184-63.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
31 truesec.com
blog.truesec.com
www.truesec.com
483 KB
19 assets-servd.host
optimise2.assets-servd.host — Cisco Umbrella Rank: 119665
909 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 92
734 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 644
script.hotjar.com — Cisco Umbrella Rank: 919
vars.hotjar.com — Cisco Umbrella Rank: 1012
in.hotjar.com — Cisco Umbrella Rank: 1810
65 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
static.doubleclick.net — Cisco Umbrella Rank: 356
1 KB
3 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 5154
consentcdn.cookiebot.com — Cisco Umbrella Rank: 5916
85 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
33 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
548 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 109
77 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 206
1 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 13
14 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
62 KB
1 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 5270
2 KB
1 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 7555
144 KB
78 15
Domain Requested by
29 www.truesec.com www.truesec.com
19 optimise2.assets-servd.host www.truesec.com
9 www.youtube.com www.truesec.com
www.youtube.com
2 www.google-analytics.com www.googletagmanager.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 consent.cookiebot.com www.googletagmanager.com
consent.cookiebot.com
2 blog.truesec.com 2 redirects
1 pagead2.googlesyndication.com www.googletagmanager.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 consentcdn.cookiebot.com consent.cookiebot.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 static.hotjar.com www.googletagmanager.com
1 fonts.gstatic.com www.youtube.com
1 www.googletagmanager.com www.truesec.com
1 forms.hsforms.com js.hsforms.net
1 js.hsforms.net www.truesec.com
78 22
Subject Issuer Validity Valid
www.truesec.com
R3		 2021-12-10 -
2022-03-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-16 -
2022-07-15		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
consent.cookiebot.com
DigiCert ECC Extended Validation Server CA		 2020-06-11 -
2022-06-11		 2 years crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.cookiebot.com
DigiCert SHA2 Secure Server CA		 2021-07-05 -
2022-07-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Frame ID: FFE5AE0BBEBC589A03F0E8DECC3DACA5
Requests: 60 HTTP requests in this frame

Frame: https://www.youtube.com/embed/kKcko4LdeSM
Frame ID: 11B27D8337C71BF876171FDC1D58F201
Requests: 18 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Frame ID: EEACD709BDFA40BE0EE01D61BA9ADACC
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: DC2C15A0A27450B8EB7BF41884AF66C9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kaseya supply chain attack targeting MSPs to deliver REvil ransomware - Trueseclogo

Page URL History Show full URLs

  1. https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransom... HTTP 308
    https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransom... HTTP 307
    https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

78
Requests

99 %
HTTPS

76 %
IPv6

15
Domains

22
Subdomains

22
IPs

3
Countries

2630 kB
Transfer

6428 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/ HTTP 308
    https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware HTTP 307
    https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

78 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
www.truesec.com/hub/blog/
Redirect Chain
  • https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
  • https://blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
  • https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
293 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
fc0effce63aea3615c4806a936d3cd428b8ce33f0d6570a5e191dc1ba31d488b
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
content-type
text/html; charset=utf-8
content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
x-matched-path
/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
access-control-allow-credentials
true
x-content-type-options
nosniff
cache-control
public, max-age=0, must-revalidate
content-disposition
inline
etag
W/"fc0effce63aea3615c4806a936d3cd428b8ce33f0d6570a5e191dc1ba31d488b"
x-vercel-cache
HIT
age
20428
server
Vercel
x-vercel-id
fra1::255jb-1642797934085-ac5b4d46a825
strict-transport-security
max-age=63072000
content-encoding
br

Redirect headers

date
Fri, 21 Jan 2022 20:45:34 GMT
content-type
text/html
location
https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-content-type-options
nosniff
server
Vercel
x-vercel-id
fra1::krzr8-1642797934009-f009f09ad1c5
strict-transport-security
max-age=63072000
cache-control
public, max-age=0, must-revalidate
x-vercel-cache
MISS
82929dba21bc7d81.css
www.truesec.com/_next/static/css/ 		90 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/css/82929dba21bc7d81.css
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
cca2a4c5f7a241ec258225c2d1b1ae4ef61174f96ddbfa8d08ca71767f3b829a
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
320754
content-disposition
inline; filename="82929dba21bc7d81.css"
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/_next/static/css/82929dba21bc7d81.css
x-vercel-cache
HIT
strict-transport-security
max-age=63072000
content-type
text/css; charset=utf-8
x-vercel-id
fra1:fra1::255jb-1642797934426-42367fa11021
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"cca2a4c5f7a241ec258225c2d1b1ae4ef61174f96ddbfa8d08ca71767f3b829a"
content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
v2.js
js.hsforms.net/forms/ 		565 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsforms.net/forms/v2.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adfaf54621f479fda0fa70f3235cb7e8dc5c30a6b896e5e2c025ea0e8971d06d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
via
1.1 920629f47fa586ce02a1a1af8b626578.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
28
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 06 Jan 2022 04:47:31 UTC
server
cloudflare
etag
W/"49987de4bcbe452bcfd1007cc2d781f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6Ss3bhEbF%2F5dTinIPhQ648w48sw7jBoVMUZNHaQqyC%2FpJqwoWMIo1URkm%2BXBr%2BEZMMye8V8Tf6GX50UtsSU669TdeoxVjbqYKm4%2FYVx4IIUxVVW5eaZeAsAjPcVb%2F8Sd66%2FO3mSlzSKuRMH"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
IVTpif2flqawbiKKXO54iMstAlvYfdsT
access-control-allow-origin
*
cache-control
s-maxage=600, max-age=0
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
cf-ray
6d1363124f934d84-FRA
x-amz-cf-id
VvC8wvoBYIZ9B9VPCpDtWLvgYhygvR1xbFN1S03_a-kOxGxN1h18sA==
x-hs-target-asset
FormsNext/static-5.432/bundles/project_with_deps.js
webpack-378e68e29c265886.js
www.truesec.com/_next/static/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/webpack-378e68e29c265886.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
c112122123af6e36a38d5da11b0ca4cf5a74d7f0f3dcd38b26c52ab33d0c0396
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
2636033
content-disposition
inline; filename="webpack-378e68e29c265886.js"
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/_next/static/chunks/webpack-378e68e29c265886.js
x-vercel-cache
HIT
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
x-vercel-id
fra1:fra1::255jb-1642797934434-515e013b3ac7
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"c112122123af6e36a38d5da11b0ca4cf5a74d7f0f3dcd38b26c52ab33d0c0396"
content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
framework-91d7f78b5b4003c8.js
www.truesec.com/_next/static/chunks/ 		127 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/framework-91d7f78b5b4003c8.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ce3783d4091c989beac6560ce4ba0032d52339854010ac19358dfb702f226167
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
2636033
content-disposition
inline; filename="framework-91d7f78b5b4003c8.js"
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/_next/static/chunks/framework-91d7f78b5b4003c8.js
x-vercel-cache
HIT
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
x-vercel-id
fra1:fra1::255jb-1642797934434-bde8b78302fd
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"ce3783d4091c989beac6560ce4ba0032d52339854010ac19358dfb702f226167"
content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
main-6211daef22b21f40.js
www.truesec.com/_next/static/chunks/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/main-6211daef22b21f40.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
bfd3b7e70bb0380ea888f4a26ac88334b34cfbd49b3306cf0bf32a03aab2a7a3
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
2636033
content-disposition
inline; filename="main-6211daef22b21f40.js"
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/_next/static/chunks/main-6211daef22b21f40.js
x-vercel-cache
HIT
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
x-vercel-id
fra1:fra1::255jb-1642797934434-d02d2b821238
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"bfd3b7e70bb0380ea888f4a26ac88334b34cfbd49b3306cf0bf32a03aab2a7a3"
content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
_app-52f1926b7bee734a.js
www.truesec.com/_next/static/chunks/pages/ 		199 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/pages/_app-52f1926b7bee734a.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
96222ba0ce213bcd48c79515accf42963dbe3011f979456790ebe264c9bfc193
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
831504
content-disposition
inline; filename="_app-52f1926b7bee734a.js"
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/_next/static/chunks/pages/_app-52f1926b7bee734a.js
x-vercel-cache
HIT
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
x-vercel-id
fra1:fra1::255jb-1642797934434-feda01c61ada
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"96222ba0ce213bcd48c79515accf42963dbe3011f979456790ebe264c9bfc193"
content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
970-e23970f384c7e268.js
www.truesec.com/_next/static/chunks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/970-e23970f384c7e268.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
d47b9c5d7be62ddd3c18b7bda9ae7640bfbd39e0b78fd9c4dad34c25eafcabfb
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
2636033
content-disposition
inline; filename="970-e23970f384c7e268.js"
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/_next/static/chunks/970-e23970f384c7e268.js
x-vercel-cache
HIT
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
x-vercel-id
fra1:fra1::255jb-1642797934434-2c421d26c3a1
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"d47b9c5d7be62ddd3c18b7bda9ae7640bfbd39e0b78fd9c4dad34c25eafcabfb"
content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
691-c56c8bc5c3a58988.js
www.truesec.com/_next/static/chunks/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/691-c56c8bc5c3a58988.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
4095270bd9e0d892470abd5bf83c212222b8aa8d55734f307bb6b7382cd5af41
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
2636033
content-disposition
inline; filename="691-c56c8bc5c3a58988.js"
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/_next/static/chunks/691-c56c8bc5c3a58988.js
x-vercel-cache
HIT
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
x-vercel-id
fra1:fra1::255jb-1642797934434-24c2df4a56d8
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"4095270bd9e0d892470abd5bf83c212222b8aa8d55734f307bb6b7382cd5af41"
content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
730-4aa6d1770d9f198c.js
www.truesec.com/_next/static/chunks/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/730-4aa6d1770d9f198c.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
2466940e9f2f793bef82078165a0b979c59ea7c89c7a5840e9571f4e7eb3f2a1
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
2636033
content-disposition
inline; filename="730-4aa6d1770d9f198c.js"
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/_next/static/chunks/730-4aa6d1770d9f198c.js
x-vercel-cache
HIT
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
x-vercel-id
fra1:fra1::255jb-1642797934434-a2bbc6644bcf
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"2466940e9f2f793bef82078165a0b979c59ea7c89c7a5840e9571f4e7eb3f2a1"
content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
495-cbdeefa4a506e70f.js
www.truesec.com/_next/static/chunks/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/495-cbdeefa4a506e70f.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
7219d0fd967b565f827df0e7675715faa0d539964f1e64144bdabf667f482644
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
831450
content-disposition
inline; filename="495-cbdeefa4a506e70f.js"
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/_next/static/chunks/495-cbdeefa4a506e70f.js
x-vercel-cache
HIT
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
x-vercel-id
fra1:fra1::255jb-1642797934434-10cbbc522ecc
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"7219d0fd967b565f827df0e7675715faa0d539964f1e64144bdabf667f482644"
content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
390-8e200378dbcd1428.js
www.truesec.com/_next/static/chunks/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/390-8e200378dbcd1428.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
8f095977b3c341c57870d8f8f96fd38c30d70c50eee6d8bacb41ff40030ad30e
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
320754
content-disposition
inline; filename="390-8e200378dbcd1428.js"
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/_next/static/chunks/390-8e200378dbcd1428.js
x-vercel-cache
HIT
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
x-vercel-id
fra1:fra1::255jb-1642797934434-62be82a771dd
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"8f095977b3c341c57870d8f8f96fd38c30d70c50eee6d8bacb41ff40030ad30e"
content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
306-7f64258d7ae4576f.js
www.truesec.com/_next/static/chunks/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/306-7f64258d7ae4576f.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
40369b19cd79c958bce6eb17c8fee87a3fdf7d0df2c3ba1e4e3d95be466389cf
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
320754
content-disposition
inline; filename="306-7f64258d7ae4576f.js"
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/_next/static/chunks/306-7f64258d7ae4576f.js
x-vercel-cache
HIT
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
x-vercel-id
fra1:fra1::255jb-1642797934434-2c21fb73d88f
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"40369b19cd79c958bce6eb17c8fee87a3fdf7d0df2c3ba1e4e3d95be466389cf"
content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
590-991ce98b68b071a7.js
www.truesec.com/_next/static/chunks/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/590-991ce98b68b071a7.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
2298b4b48b280951e837943cc1ae31a64039c10ec7d36887bb3efeaab152363e
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
320754
content-disposition
inline; filename="590-991ce98b68b071a7.js"
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/_next/static/chunks/590-991ce98b68b071a7.js
x-vercel-cache
HIT
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
x-vercel-id
fra1:fra1::255jb-1642797934497-66c1ba60200e
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"2298b4b48b280951e837943cc1ae31a64039c10ec7d36887bb3efeaab152363e"
content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
255-86837ffa0af9bd87.js
www.truesec.com/_next/static/chunks/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/255-86837ffa0af9bd87.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
e96d3e8936cbc8ccbadbaf7968f39563040f6456088e63d849d7306211da532c
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
320754
content-disposition
inline; filename="255-86837ffa0af9bd87.js"
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/_next/static/chunks/255-86837ffa0af9bd87.js
x-vercel-cache
HIT
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
x-vercel-id
fra1:fra1::255jb-1642797934497-162c04ecc0f6
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"e96d3e8936cbc8ccbadbaf7968f39563040f6456088e63d849d7306211da532c"
content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
291-cfa71d80cf9c9a1f.js
www.truesec.com/_next/static/chunks/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/291-cfa71d80cf9c9a1f.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ea6e008bc85376939c0d57f5852c176d87bc2f593bbf7e63b7036ac8eb014e2a
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
320754
content-disposition
inline; filename="291-cfa71d80cf9c9a1f.js"
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/_next/static/chunks/291-cfa71d80cf9c9a1f.js
x-vercel-cache
HIT
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
x-vercel-id
fra1:fra1::255jb-1642797934497-9815576a5c01
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"ea6e008bc85376939c0d57f5852c176d87bc2f593bbf7e63b7036ac8eb014e2a"
content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
735-e1d94f08788a00bc.js
www.truesec.com/_next/static/chunks/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/735-e1d94f08788a00bc.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
7a1d4320bd3ecf9de6e4c4164f2aac7841d18d0d44c9a69ab9856bfd00b104a0
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
320753
content-disposition
inline; filename="735-e1d94f08788a00bc.js"
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/_next/static/chunks/735-e1d94f08788a00bc.js
x-vercel-cache
HIT
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
x-vercel-id
fra1:fra1::255jb-1642797934497-82f8a6e8c0d6
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"7a1d4320bd3ecf9de6e4c4164f2aac7841d18d0d44c9a69ab9856bfd00b104a0"
content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
695-b201e41f9be8a9de.js
www.truesec.com/_next/static/chunks/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/695-b201e41f9be8a9de.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
762830592b8802db74cdfb05ba8842abcedf00f6d8663f7e6530648c22e82e93
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
2634223
content-disposition
inline; filename="695-b201e41f9be8a9de.js"
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/_next/static/chunks/695-b201e41f9be8a9de.js
x-vercel-cache
HIT
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
x-vercel-id
fra1:fra1::255jb-1642797934497-92e2caef7ea2
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"762830592b8802db74cdfb05ba8842abcedf00f6d8663f7e6530648c22e82e93"
content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
%5Bslug%5D-d27c36298b1d687f.js
www.truesec.com/_next/static/chunks/pages/hub/blog/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/pages/hub/blog/%5Bslug%5D-d27c36298b1d687f.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
27523667a1d79ed7e48da938fd4eb15565a47613054bff8f2b9ee6c1732f849c
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
320505
content-disposition
inline; filename="[slug]-d27c36298b1d687f.js"
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/_next/static/chunks/pages/hub/blog/%5Bslug%5D-d27c36298b1d687f.js
x-vercel-cache
HIT
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
x-vercel-id
fra1:fra1::255jb-1642797934497-a8b2d93bc61e
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"27523667a1d79ed7e48da938fd4eb15565a47613054bff8f2b9ee6c1732f849c"
content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
_buildManifest.js
www.truesec.com/_next/static/bVXbb3FrHWyocu9-Q7kS5/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/bVXbb3FrHWyocu9-Q7kS5/_buildManifest.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
0d01c252e2958d9d1a858b1e3ef0c51e6e25c4495d6f9c8565ade0b730b4d757
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
21432
content-disposition
inline; filename="_buildManifest.js"
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/_next/static/bVXbb3FrHWyocu9-Q7kS5/_buildManifest.js
x-vercel-cache
HIT
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
x-vercel-id
fra1:fra1::255jb-1642797934497-6843f1d985ba
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"0d01c252e2958d9d1a858b1e3ef0c51e6e25c4495d6f9c8565ade0b730b4d757"
content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
_ssgManifest.js
www.truesec.com/_next/static/bVXbb3FrHWyocu9-Q7kS5/ 		579 B
814 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/bVXbb3FrHWyocu9-Q7kS5/_ssgManifest.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
bf9feb7688cd103c0bbbfb0c53276e60d879063271a5650d156cc5348eedf3df
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
x-content-type-options
nosniff
age
2636771
content-disposition
inline; filename="_ssgManifest.js"
content-length
579
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/_next/static/bVXbb3FrHWyocu9-Q7kS5/_ssgManifest.js
x-vercel-cache
HIT
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
x-vercel-id
fra1:fra1::255jb-1642797934497-8a86985f71b7
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"bf9feb7688cd103c0bbbfb0c53276e60d879063271a5650d156cc5348eedf3df"
content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
accept-ranges
bytes
_middlewareManifest.js
www.truesec.com/_next/static/bVXbb3FrHWyocu9-Q7kS5/ 		92 B
327 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/bVXbb3FrHWyocu9-Q7kS5/_middlewareManifest.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
x-content-type-options
nosniff
age
2636033
content-disposition
inline; filename="_middlewareManifest.js"
content-length
92
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/_next/static/bVXbb3FrHWyocu9-Q7kS5/_middlewareManifest.js
x-vercel-cache
HIT
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
x-vercel-id
fra1:fra1::255jb-1642797934497-08958e1cfd6f
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a"
content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
accept-ranges
bytes
iStock-1282287699.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		171 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/iStock-1282287699.jpg?w=1920&h=1080&auto=compress%2Cformat&fit=clip&dm=1639487607&s=446c3d9cf0a316baa4866b9e05be19b7
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59630935840a38c5b2a1c7191c2bea389e06888dbaf33946fd80c62474a5e8ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id
4_ze3a4f8b8e6a9791e712d0112_f1001c058853ce849_d20211214_m175336_c003_v0312010_t0010
age
18639
x-bz-content-sha1
9e57ea92c23be82237f411aee40e6f7b8abd398e
x-bz-file-name
21f64effaac9323dfdc24b65ec668cad
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-servd-from
Cache
x-bz-upload-timestamp
1639504416000
last-modified
Fri, 21 Jan 2022 15:34:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8JOaRBLGpPirHu4RqAr%2Bn06ENg7rahA93YCrGFVNXcnodfrEmTax9ik4DI%2B4ivBAmqYxg6KZeQ4CZ9CiytSqwnJH5VXPdemdNA8oSEqqE9cLe0qX21xxi9YN0rx0W5wQWfMIsArDUkTHvnx1afr6nVegDjtPndzeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
x-servd-hash
21f64effaac9323dfdc24b65ec668cad
accept-ranges
bytes
cf-ray
6d1363128d5d697f-FRA
atom-6-1.png
www.truesec.com/assets/patterns/ 		515 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truesec.com/assets/patterns/atom-6-1.png
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
f1426c9322621378e362570f4ae1a661cf55a46b073bc83c568c2afe67d169e4
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options
nosniff
age
2636033
content-disposition
inline; filename="atom-6-1.png"
x-vercel-cache
HIT
content-length
515
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/assets/patterns/atom-6-1.png
date
Fri, 21 Jan 2022 20:45:34 GMT
strict-transport-security
max-age=63072000
content-type
image/png
x-vercel-id
fra1:fra1::255jb-1642797934497-eca62c913674
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"f1426c9322621378e362570f4ae1a661cf55a46b073bc83c568c2afe67d169e4"
accept-ranges
bytes
fabio-viggiani-truesec.jpg
optimise2.assets-servd.host/jealous-emu/production/Users/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Users/fabio-viggiani-truesec.jpg?w=300&h=300&auto=compress%2Cformat&fit=crop&fp-x=0.5&fp-y=0.5&dm=1638201165&s=6a21baddfb91fc1f230f598ff08b63d1
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f837149a0a9a2b92a8d7f152da2ef4e69b30f98ed029cddcfcaa76bf9883ffc1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id
4_ze3a4f8b8e6a9791e712d0112_f116d0513138ff16f_d20211129_m162244_c003_v0312007_t0010
age
4592930
x-bz-content-sha1
a8eee85340f7e0baba90c953b5e18dc655b6b04d
x-bz-file-name
01dbbc299b6a3bcfe550cf81791902dd
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-servd-from
Cache
x-bz-upload-timestamp
1638202964000
last-modified
Mon, 29 Nov 2021 16:56:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BxMsolngvsf7rAeWTvbJlexd0DBI3Rn8E%2FmrzscBkkfSVG5AtUd6Oa7Z%2FUScUcOeot2YMPI6HRMn5E%2BXN3WjSfom6k7u0FFp8UE7ZJ2nswwq93ScO9u%2B541dljKwaW0QoqykIIGg93mVH%2BDkRl%2FdzhtxwuebUlGww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
x-servd-hash
01dbbc299b6a3bcfe550cf81791902dd
accept-ranges
bytes
cf-ray
6d1363128d5f697f-FRA
kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-overview-2.png
optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-overview-2.png?w=2014&auto=compress%2Cformat&fit=crop&fp-x=0.5&fp-y=0.5&dm=1633612810&s=74ba03e439bf59e2dbcf555f41307b68
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ddbeaa61005463a17ff6d9903ff1d73a158e04a10db88ede26fe7f6d7ece989

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id
4_ze3a4f8b8e6a9791e712d0112_f116cad9cd39c0ccf_d20211007_m132025_c003_v0312006_t0022
age
18639
x-bz-content-sha1
5d322386104ffab6e023af836d7c48ae7164ca6a
x-bz-file-name
35be1da5b438b0bb06ebefbc9e411acc
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-servd-from
Cache
x-bz-upload-timestamp
1633612825000
last-modified
Fri, 21 Jan 2022 15:34:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHLUzW2YAsTlNOapEngr5vO2I%2FHrsma%2F9WcJL0BiTnhG3XW150lO63BOD7KuQOJghbRBOLINQxKEbUgSEfQsQuKAg1xELmq1sJNWP7O2i4fSelpjuhAU7qzuGWCERAxNQcZ2wcCIZIr7AMXWvRg0lEmPgz1t9Lc6kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
x-servd-hash
35be1da5b438b0bb06ebefbc9e411acc
accept-ranges
bytes
cf-ray
6d1363128d60697f-FRA
kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-chain-3-2048x1115.png
optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-chain-3-2048x1115.png?w=2048&auto=compress%2Cformat&fit=crop&fp-x=0.5&fp-y=0.5&dm=1633612968&s=bbfad0c7761341e6cdca77d43cb030e7
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6243f3c77f193612648027475eaab6da009b985f0716acdfc021de263dd6f3c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id
4_ze3a4f8b8e6a9791e712d0112_f105325013e8fe2c5_d20211007_m132323_c003_v0312008_t0020
age
18639
x-bz-content-sha1
a3a663dacad0ba97d41502ca301d0b0f4de75e1f
x-bz-file-name
f0385ee97599fc62d05b0c062caa14f5
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-servd-from
Cache
x-bz-upload-timestamp
1633613003000
last-modified
Fri, 21 Jan 2022 15:34:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2Bc%2Bep7F19df%2Bt%2BFNeLRV8Pi8BUu%2B52CBhgeCFzVySzs8O62vYcWUgzsUb7F6BwjUzrRAwNlwJ0Nn%2BbpXp4uA87JvqR38McG5YvzcGLSx%2FHTlirtBpTGWy3F8b76W566OjaTLZgKtG6N7SAKBk0FTe5EwxK0VLoujg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
x-servd-hash
f0385ee97599fc62d05b0c062caa14f5
accept-ranges
bytes
cf-ray
6d1363128d62697f-FRA
kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-wireshark4-2.png
optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware-wireshark4-2.png?w=1006&auto=compress%2Cformat&fit=crop&fp-x=0.5&fp-y=0.5&dm=1633613057&s=a08c4cdc750c3ccf77b07e5d70b7b243
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c931e84b0d28fb4eaca2ecf8dfb3d1b2b2537c1c916c0999411d755ce92f269c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id
4_ze3a4f8b8e6a9791e712d0112_f116fc23b7ec3d12c_d20211013_m142058_c003_v0312008_t0009
age
164538
x-bz-content-sha1
0cb28e88711b0627458b91699e331bf70441d5cc
x-bz-file-name
7a43c9fb4ae4aeb91756c22181262cf6
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-servd-from
Cache
x-bz-upload-timestamp
1634134858000
last-modified
Wed, 19 Jan 2022 23:03:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9PdnCuVctaLPwLBMl6PYHXbNNoNkfdpLLPFeL6F8gyxy9imidAbAjvkZZnTL01rIQFjwnecdx%2FDxnew3tFlNIrqUn9oP6FeqwdUkQMT0LYiSv75%2BK9v3OL4GU57hWuiY575AqfH%2FfE4r9QYZ5A7Uol20ycjp6CrNow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
x-servd-hash
7a43c9fb4ae4aeb91756c22181262cf6
accept-ranges
bytes
cf-ray
6d1363128d65697f-FRA
sajad-nori-B5knZPjp8SY-unsplash.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/sajad-nori-B5knZPjp8SY-unsplash.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633379677&s=a8d6f548269a064995ee2c2152028dea
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46802a692af6557a560d548bcd048a28966d2b68beb29083974943de82b818a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id
4_ze3a4f8b8e6a9791e712d0112_f118b5cb1e8da505a_d20211122_m170850_c003_v0312010_t0023
age
1079690
x-bz-content-sha1
1ec5b92bd89df8d436c782e405cb409e8297d877
x-bz-file-name
52b4d5ad0fc96204d3b03a6256af3cb6
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-servd-from
Cache
x-bz-upload-timestamp
1637600930000
last-modified
Sun, 09 Jan 2022 08:50:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SieFxrUNW7RA8Bk%2FEDjMSpr3VSWHEt9dGJLLTjfu9fMSWnBR0iMpMzAMcUw5oArjph%2FzFH1i5HTH3xmi64I35UNBfZy1Vx5qjsgHeMNODD70o6yCjQA7bjkVwBAiy4VdFEzs0xtSis%2BV6d3ZgFk4DY1oJgzEBxriAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
x-servd-hash
52b4d5ad0fc96204d3b03a6256af3cb6
accept-ranges
bytes
cf-ray
6d1363128d69697f-FRA
mattias-wahlen-truesec.jpg
optimise2.assets-servd.host/jealous-emu/production/Users/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Users/mattias-wahlen-truesec.jpg?w=300&h=300&auto=compress%2Cformat&fit=crop&fp-x=0.5&fp-y=0.5&dm=1638201500&s=07b1b7cb2606c7fc28a801479276a0d6
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
080e4e6a3bb5279ae05d16d94e7ff0bf70d9a754bc9595ba104d01cb823bfff0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id
4_ze3a4f8b8e6a9791e712d0112_f108bbcc010649ddf_d20211202_m135448_c003_v0312008_t0016
age
1079692
x-bz-content-sha1
555a93470ad5b86ca187b55e8c7e066c36c2608f
x-bz-file-name
c22f57e2ca0a75a031ed699f69d8fba9
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-servd-from
Cache
x-bz-upload-timestamp
1638453288000
last-modified
Sun, 09 Jan 2022 08:50:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0in6snhfm7L1BNZ5nE6MqT0KmWKB%2Fs2L4ynJNWjalwumRJcoxdg2hJR6xfuszUYU321cAuZbgJ1vxkOILEQFJlFSS6QxwjOgWgCUqNmkuNjNyTcEi39HLxRTPFEMx%2F%2BYScsSNA9v201S2ZChVp9a16MOvptPwgQzkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
x-servd-hash
c22f57e2ca0a75a031ed699f69d8fba9
accept-ranges
bytes
cf-ray
6d136312ce11697f-FRA
j3-tTwJ7xRQ-TEMP.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/j3-tTwJ7xRQ-TEMP.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633331388&s=d12ed553f5c72d682ee2b1abb5dffc86
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd33bbecf9cd62f171950662a1f7fd70377af80b2a8c6710b8b5f26fb379fa0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id
4_ze3a4f8b8e6a9791e712d0112_f1061a44f2cc6d3dc_d20211122_m170850_c003_v0312011_t0022
age
732815
x-bz-content-sha1
ac13e1e8aa050981f1165897ff8860e8761f8b25
x-bz-file-name
23b5ee3db52d22846df0ff952fa349c6
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-servd-from
Cache
x-bz-upload-timestamp
1637600930000
last-modified
Thu, 13 Jan 2022 09:11:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OJHXRpDzwEFVyi0cDGgVqMOT95T7Cxe9Stq74LsVdCsWjLwZ56AmL0%2F%2FtUHSpjt3HjvEA5kPkP15eWbBttBfnb7c3s8zeeKN0lS9uY2BY2Un8VpZR9tq5x%2BGVyhy8d5%2Fthc325RtGZzqZNeEOSCYkxCAJ4j0n5UAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
x-servd-hash
23b5ee3db52d22846df0ff952fa349c6
accept-ranges
bytes
cf-ray
6d136312ce17697f-FRA
kKcko4LdeSM
www.youtube.com/embed/ Frame 11B2 		60 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/kKcko4LdeSM
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9ead0fe0d24c8c5cd7a4054770d386ee803edafc29d0d4235d744b3c69788e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 21 Jan 2022 20:45:34 GMT
strict-transport-security
max-age=31536000
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to
{"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dawid-zawila-fiu89zdeTQI-unsplash.jpg
optimise2.assets-servd.host/jealous-emu/production/Techtalk/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Techtalk/dawid-zawila-fiu89zdeTQI-unsplash.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633331446&s=a573c33a7c95d5da15ae4fcb9eb4bb5c
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9171a46ea05b0dc4401c5d7977a8e1979425ed485079803c9c602561dbc887bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id
4_ze3a4f8b8e6a9791e712d0112_f1007c52c18190882_d20211122_m170850_c003_v0312009_t0004
age
1079692
x-bz-content-sha1
88b4cd0d7af9c2b0681d577a9dd22368e87ec1fe
x-bz-file-name
91fe99075562ec71fd51a3aafb08d0c1
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-servd-from
Cache
x-bz-upload-timestamp
1637600930000
last-modified
Sun, 09 Jan 2022 08:50:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojfwsjMHz%2FjVIf7X7H1d0iG9mReIIzHdCj4m6VxVSFZosKo%2Bv4aG1ztxTa7MOHbvPDSIe9RBUo3KCLislqD56ejJu7ODvI3SVHGONFklAWuXmjCsJBfpCRj37ny2aZZieRNdPtxf%2Fm%2BXo6M3uyiY9fgim2DBbP0KCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
x-servd-hash
91fe99075562ec71fd51a3aafb08d0c1
accept-ranges
bytes
cf-ray
6d136312ce19697f-FRA
silhouette-of-man-during-waiting-at-airport-WWUZ7G7-1.png
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/silhouette-of-man-during-waiting-at-airport-WWUZ7G7-1.png?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633331380&s=33822e3ce30ed792810d15c412dc6aef
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
811d40810a5f80ed0ec016c290779f53b42b38889440630768f8906f381e6963

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id
4_ze3a4f8b8e6a9791e712d0112_f1071f3eca376ea35_d20211122_m170905_c003_v0312010_t0000
age
1079328
x-bz-content-sha1
7f1cf1afb6e5bafc1e1a1e2f82d472dcf2c65abe
x-bz-file-name
a1992db801f7e71635107495f7d4930c
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-servd-from
Cache
x-bz-upload-timestamp
1637600945000
last-modified
Sun, 09 Jan 2022 08:56:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olOPtxSH6X6U6T6fmTdnu6EfEwpqfvX%2BKWa50OZ%2BTIrZJzu4HUotBwoc3IwBGIY%2FGXD7dpuQkyj%2BBKFWaIhYtocl5qDRdT7SueKxCAOyQOv7rNtNFDCQvmfjpaolP7ebjmyfV%2FXRBCx4NlEBcyLVFH354F0DJP%2Bujg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
x-servd-hash
a1992db801f7e71635107495f7d4930c
accept-ranges
bytes
cf-ray
6d136312ce1c697f-FRA
iStock-507713928.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/iStock-507713928.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633331381&s=8e444aaa1cbbc6db6da7ac07d7318d66
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06d612040bfa74fc2573e015a751bc17281f73495d4905944b6ee10a5b86979a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id
4_ze3a4f8b8e6a9791e712d0112_f1112b3d1b8864662_d20211004_m080728_c003_v0312009_t0016
age
1079328
x-bz-content-sha1
73d1b4839ac1c87728147a7556cc8f2eb6206907
x-bz-file-name
c57f2fe46462bb99948fa662c6fa42ec
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-servd-from
Cache
x-bz-upload-timestamp
1633334848000
last-modified
Sun, 09 Jan 2022 08:56:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yR4Uij1NjP6zlGe%2B2GEy7cT8BTllIn4W9liInsS0kzVOLF6moPAiyghiCNRk3spNYck9ZPkITJGbEpNzAFRmt9%2FmsEe15kkgBcpMY3Hd2VTY8k9xZZbfwO0mN3GeybI5SGyn%2FBpsjzX4qjl9gFZ4Y21sIWdxwckj3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
x-servd-hash
c57f2fe46462bb99948fa662c6fa42ec
accept-ranges
bytes
cf-ray
6d136312ce1f697f-FRA
shutterstock_1962386719-1.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/shutterstock_1962386719-1.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1639141375&s=bee3bfe4c83fc3c5591edee87512c288
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceb0ff6b7050576bc752e7a3c92710aec6c3b56af39935f5e4e58dcd226fb9ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id
4_ze3a4f8b8e6a9791e712d0112_f116fd846a2b2d3c5_d20211210_m130609_c003_v0312004_t0019
age
823211
x-bz-content-sha1
51dfaf611b3c1a14ec804e683edf24b0042a82fc
x-bz-file-name
96b031e06a590c5602b556fcea6fa9e5
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-servd-from
Cache
x-bz-upload-timestamp
1639141569000
last-modified
Wed, 12 Jan 2022 08:05:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgy%2BSWts6PNgL%2B7yaY7O11pGuKI4ddY3QXvusO7e3fc%2BkwM3wcYm1A8cqKYhM%2B68qoCXWIUC%2BQ1CF63wjUQ8Kuhw6JGD9foEosfc%2BeRPJ68OpEOrgk%2BMxu%2BA8mcOKMWyn4VVgrMYzgn06beV1vW2gc%2FXuLN%2B75HcTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
x-servd-hash
96b031e06a590c5602b556fcea6fa9e5
accept-ranges
bytes
cf-ray
6d136312ce20697f-FRA
unsplash-51-TEST.jpg
optimise2.assets-servd.host/jealous-emu/production/Techtalk/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Techtalk/unsplash-51-TEST.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633331461&s=3ec39a18491616dc11155e4e5cf57c32
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f936ef3e674b7896b491821da2ac1c46d1108c1847f147ef8cea66bab43eb68a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id
4_ze3a4f8b8e6a9791e712d0112_f107de6e0318b84de_d20211021_m034443_c003_v0312005_t0019
age
1079327
x-bz-content-sha1
0b34242f5068fbf4e90292f6cb6f8f01a796b659
x-bz-file-name
784da2ba0ffd8e21e56ce4836223048d
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-servd-from
Cache
x-bz-upload-timestamp
1634787883000
last-modified
Sun, 09 Jan 2022 08:56:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvMrJKXZPp%2BLF7RzTj9IHu4%2ByZL%2BF7EC7c6jkjzzJKHuqRevnGcu7lgFmbMjvuC33HZHVQi6irhwlxn4rN0xZmoni4fStk73aJBNCK0s1ioYpLNMf2LccTYeaOUjmCOckUTbIYWNM3zz%2BeNPL8HNpQlhXFE061hddA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
x-servd-hash
784da2ba0ffd8e21e56ce4836223048d
accept-ranges
bytes
cf-ray
6d136312ce22697f-FRA
Martin-Tschammer-Truesec.jpg
optimise2.assets-servd.host/jealous-emu/production/Users/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Users/Martin-Tschammer-Truesec.jpg?w=300&h=300&auto=compress%2Cformat&fit=crop&fp-x=0.5&fp-y=0.5&dm=1634251454&s=30a652093940b8a327375caf5896cb13
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d9167fcd69a3f621386a8135b60ea216b4362009414c8631166c66d7c935bde

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id
4_ze3a4f8b8e6a9791e712d0112_f1140e340743987a3_d20211015_m085708_c003_v0312004_t0017
age
1079327
x-bz-content-sha1
bf8115b17606abaa4555e2b76faf1d719c71905e
x-bz-file-name
ca9a2233afbffafff0e0d6d4b74de34a
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-servd-from
Cache
x-bz-upload-timestamp
1634288228000
last-modified
Sun, 09 Jan 2022 08:56:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7b8JxjNVUdQXvXEuziWQajJtfF3bW8miDUu4GRFgfBft2dTPtlduSrgH9Ids8OSevi7VUcoaeBMgcFaHFsspYfvpSAI7sBvMLM0O0jrjjF8b1TZqltYAkAdnekAKExdWSboE84CtK1gIATxEmAKeykxS6YDuSOGxww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
x-servd-hash
ca9a2233afbffafff0e0d6d4b74de34a
accept-ranges
bytes
cf-ray
6d136312ce26697f-FRA
Log4Shell-summary.png
optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/2021/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/2021/Log4Shell-summary.png?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1639495104&s=7c5a95622f1def09bf1a000b7a1982c7
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18bfd108e0350640edd723648d8cea23363793faa49c2a54acc652a677708632

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id
4_ze3a4f8b8e6a9791e712d0112_f1081bb0257d2d8ff_d20211215_m144026_c003_v0312007_t0007
age
1260405
x-bz-content-sha1
2d2c703042f2da86b4d3ae50e38e69af8aaf1be6
x-bz-file-name
9473b2688a1fdb7a6ec43000fab34c5c
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-servd-from
Cache
x-bz-upload-timestamp
1639579226000
last-modified
Fri, 07 Jan 2022 06:38:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aj0YJ7%2BL2I0yEnfdjkpFJ%2F2AIvKn%2BdrdXNlmfUQBbfp2VWMNrC8FL%2FCOj7%2BzG85XxwckNwQduNdjZuQ4aWhcfwNDPkQCBzo5ZY3xUUH7KjIN43R%2Fl2dhGoqWujj7U7n90PLtg6L2B9MAcxOvmXQxgu0t4stWKhKmfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
x-servd-hash
9473b2688a1fdb7a6ec43000fab34c5c
accept-ranges
bytes
cf-ray
6d136312ce29697f-FRA
Nicklas-Kejiser.jpeg
optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/2021/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/blog-archive/2021/Nicklas-Kejiser.jpeg?w=300&h=300&auto=compress%2Cformat&fit=crop&fp-x=0.5&fp-y=0.5&dm=1639576209&s=5b5d808cfe926a1a3bafd533a5f9f152
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cb3703e579875fd7b74fd5f1e5e5b6212896b9b4e282465f51c236b3bc06587

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id
4_ze3a4f8b8e6a9791e712d0112_f1074daec6b7f65cf_d20211215_m144024_c003_v0312011_t0010
age
52638
x-bz-content-sha1
1729c657581713de5215b35212e1734434d25328
x-bz-file-name
6ad616a4a14a3fe81b0094e769e6492a
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-servd-from
Cache
x-bz-upload-timestamp
1639579224000
last-modified
Fri, 21 Jan 2022 06:08:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UWnSoKN%2BPimqnExmAVdn1P3IS7hr2suRsyRpx3hK8ZSHU%2F16C%2BG1Vd2Dcmw3EMQfgeyQkHI02IXKs4g8hNJIwY1YW2y0eRF%2FoIO5CVXTQ3kD%2FlN60DsQflMTti0in1X5gLyiTdop32iiO9f0SgrUBKFtERT0l81tmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
x-servd-hash
6ad616a4a14a3fe81b0094e769e6492a
accept-ranges
bytes
cf-ray
6d136312ce2a697f-FRA
erin-doering-Y1IDrgvDUW0-unsplash.jpg
optimise2.assets-servd.host/jealous-emu/production/Unsorted/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Unsorted/erin-doering-Y1IDrgvDUW0-unsplash.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1639226747&s=31e67d677105965d9718a18ea86907ba
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4e549236bea58a575189eda174e9e067193b6a7ef0448cbcbbec096370bb640

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id
4_ze3a4f8b8e6a9791e712d0112_f104c1e575a8dddf6_d20211211_m125102_c003_v0312011_t0005
age
3569135
x-bz-content-sha1
430680e3997a934d451995e459e47b5a9ee07c3a
x-bz-file-name
2ebf9006decd50881faae1c2a0d60bd0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-servd-from
Cache
x-bz-upload-timestamp
1639227062000
last-modified
Sat, 11 Dec 2021 13:19:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgfrFzdFkN%2BtS61cpgZ0n3VMxph1IUtrPtpAvMzwu0zX0e92EQjCVmN0wrj%2BocXElROZKu59LxxHdMqXrQ8TxOHI52rcoLPrge7phSF8i%2F2NUhdcjWevp7MTqt%2FhFk4lr0H%2B%2F9oSHJW8ZwiAZVJJxaYk6VjEjmd8Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
x-servd-hash
2ebf9006decd50881faae1c2a0d60bd0
accept-ranges
bytes
cf-ray
6d136312ce2b697f-FRA
AndersO-portr%C3%A4tt.jpg
optimise2.assets-servd.host/jealous-emu/production/General/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/General/AndersO-portr%C3%A4tt.jpg?w=300&h=300&auto=compress%2Cformat&fit=crop&fp-x=0.5&fp-y=0.5&dm=1639229069&s=ca4b40052884c21444d1897b75475a6d
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21f6af5d62976c60e60b84a6586ddd4c71d6969e3a2589c4f8a29774886a5de3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id
4_ze3a4f8b8e6a9791e712d0112_f114e04936d4b39ff_d20220115_m092710_c003_v0312008_t0024
age
52638
x-bz-content-sha1
7942e802a1d0e7821b15aa086675406fe2682ae4
x-bz-file-name
53777fdcce97dde11507397cb3a20498
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-servd-from
Cache
x-bz-upload-timestamp
1642238830000
last-modified
Fri, 21 Jan 2022 06:08:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YEgSUDLHhMnZNrfeMpek7rumgpyx0a967xkCcElO2SobHekurae2Hcck%2B293R3yuhLVAfKHjKqht6R6YKuc3p77sM%2FR2uJX5kJ5QR2V3yMMaApf3HdDRBYYD5e0%2F7EniK5NqK%2BRUDH9SqWcJ5huvpxfOoA1X4PonxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
x-servd-hash
53777fdcce97dde11507397cb3a20498
accept-ranges
bytes
cf-ray
6d136312ce2f697f-FRA
font.woff2
www.truesec.com/fonts/NimbusSanReg/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/fonts/NimbusSanReg/font.woff2
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/82929dba21bc7d81.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
0b17da62fb36f7470a36919503a56c697359e2958588c16dfb667bc9891318f9
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.truesec.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options
nosniff
age
2636034
content-disposition
inline; filename="font.woff2"
x-vercel-cache
HIT
content-length
41772
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/fonts/NimbusSanReg/font.woff2
date
Fri, 21 Jan 2022 20:45:34 GMT
strict-transport-security
max-age=63072000
content-type
font/woff2
x-vercel-id
fra1:fra1::255jb-1642797934625-39f904ec9096
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"0b17da62fb36f7470a36919503a56c697359e2958588c16dfb667bc9891318f9"
accept-ranges
bytes
font.woff2
www.truesec.com/fonts/NimbusSanLig/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/fonts/NimbusSanLig/font.woff2
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/82929dba21bc7d81.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
e30ce15e8acb6c3db0edadbc7fb54d04a8101efef317c703884a976c90335fe9
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.truesec.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options
nosniff
age
2636034
content-disposition
inline; filename="font.woff2"
x-vercel-cache
HIT
content-length
41712
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/fonts/NimbusSanLig/font.woff2
date
Fri, 21 Jan 2022 20:45:34 GMT
strict-transport-security
max-age=63072000
content-type
font/woff2
x-vercel-id
fra1:fra1::255jb-1642797934633-f3ad98f09d8e
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"e30ce15e8acb6c3db0edadbc7fb54d04a8101efef317c703884a976c90335fe9"
accept-ranges
bytes
jason-peter-Zkte7MW1j-I-unsplash.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/jason-peter-Zkte7MW1j-I-unsplash.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633331352&s=8eee768e0555293df650e1d0deb396f9
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a40013cc29ce42733279603b3399d01dfde26a90a84dd2b718d64fa63172b294

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.truesec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id
4_ze3a4f8b8e6a9791e712d0112_f10582e8479a76bde_d20211004_m080233_c003_v0312006_t0018
age
57789
x-bz-content-sha1
cf69041d1d30af84a0401979ff6fd266e173a76a
x-bz-file-name
fd547a971e9e0ebc2b3285121e9a964b
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-servd-from
Cache
x-bz-upload-timestamp
1633334553000
last-modified
Fri, 21 Jan 2022 04:42:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtPf7BK7d0NDnqWPDBbSMJS%2FP%2FldUqihxnnNFOB%2Bx%2B1BrRdRmaz%2BuNm2eFbAqKqfVSj3kygRNN%2F3p%2B6ivMY4BCW7QsRuhYcdS7vVvEhHn4dyratrxgBQBSosdbPVk1aIU5mjypplqH4WsogKFSyJ4GRwtGh9SLpC8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
x-servd-hash
fd547a971e9e0ebc2b3285121e9a964b
accept-ranges
bytes
cf-ray
6d136313780a697f-FRA
slider-next-active.svg
www.truesec.com/assets/slider/ 		245 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truesec.com/assets/slider/slider-next-active.svg
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/82929dba21bc7d81.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
5202c7efbe462a95aa34ec4cba8b72b4250884b76e5362ffddc14cec6c82e58e
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options
nosniff
age
2636033
content-disposition
inline; filename="slider-next-active.svg"
x-vercel-cache
HIT
content-length
245
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/assets/slider/slider-next-active.svg
date
Fri, 21 Jan 2022 20:45:34 GMT
strict-transport-security
max-age=63072000
content-type
image/svg+xml
x-vercel-id
fra1:fra1::255jb-1642797934637-3837679f004d
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"5202c7efbe462a95aa34ec4cba8b72b4250884b76e5362ffddc14cec6c82e58e"
accept-ranges
bytes
slider-prev-active.svg
www.truesec.com/assets/slider/ 		266 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truesec.com/assets/slider/slider-prev-active.svg
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/82929dba21bc7d81.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
5e059d5d50bd7b9859989431b0eb4288e8fddd12d6339e1d919fcae7924e999f
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options
nosniff
age
2636033
content-disposition
inline; filename="slider-prev-active.svg"
x-vercel-cache
HIT
content-length
266
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/assets/slider/slider-prev-active.svg
date
Fri, 21 Jan 2022 20:45:34 GMT
strict-transport-security
max-age=63072000
content-type
image/svg+xml
x-vercel-id
fra1:fra1::255jb-1642797934642-733ad766461b
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"5e059d5d50bd7b9859989431b0eb4288e8fddd12d6339e1d919fcae7924e999f"
accept-ranges
bytes
font.woff2
www.truesec.com/fonts/NimbusSanExtReg/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/fonts/NimbusSanExtReg/font.woff2
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/82929dba21bc7d81.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
273a989952bcaab018a929e31149171f873713cd36caa79a6650a7bdd5b08130
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.truesec.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options
nosniff
age
2636034
content-disposition
inline; filename="font.woff2"
x-vercel-cache
HIT
content-length
30036
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/fonts/NimbusSanExtReg/font.woff2
date
Fri, 21 Jan 2022 20:45:34 GMT
strict-transport-security
max-age=63072000
content-type
font/woff2
x-vercel-id
fra1:fra1::255jb-1642797934642-46ccf965bf14
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"273a989952bcaab018a929e31149171f873713cd36caa79a6650a7bdd5b08130"
accept-ranges
bytes
SourceCodePro-Regular.woff2
www.truesec.com/fonts/SourceCode/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/fonts/SourceCode/SourceCodePro-Regular.woff2
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/82929dba21bc7d81.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
8e89e4c4cbc9f5b62d5cc9939383f42998f58fcd22fa2d0f07a15ebcc11be892
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.truesec.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options
nosniff
age
2636034
content-disposition
inline; filename="SourceCodePro-Regular.woff2"
x-vercel-cache
HIT
content-length
76848
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/fonts/SourceCode/SourceCodePro-Regular.woff2
date
Fri, 21 Jan 2022 20:45:34 GMT
strict-transport-security
max-age=63072000
content-type
font/woff2
x-vercel-id
fra1:fra1::255jb-1642797934642-e17a799125a1
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"8e89e4c4cbc9f5b62d5cc9939383f42998f58fcd22fa2d0f07a15ebcc11be892"
accept-ranges
bytes
e3a542f3-ccea-4df6-b5e3-a9481f7b233b
forms.hsforms.com/embed/v3/form/5907437/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.hsforms.com/embed/v3/form/5907437/e3a542f3-ccea-4df6-b5e3-a9481f7b233b?callback=hs_reqwest_0&hutk=
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aabbe635d60e29e016c4bca05f556554d00c0ff7b8cac21d1613fda08cb5419f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
d762c8b5-74e5-4028-8c42-c9b2ca70f7e8
cf-ray
6d1363150fbf4401-FRA
content-disposition
attachment; filename=no-rfd.txt
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-trace
2BD2DF8A84CDD0D329B8C2660BBBE709DF9D705651000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
gtm.js
www.googletagmanager.com/ 		170 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K2VMF8D&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5d64e84418e7133a5bb50d2b3b55677e8574e2d4e9d9ed869ea6dbb6f44c0a73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62537
x-xss-protection
0
last-modified
Fri, 21 Jan 2022 19:02:58 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 21 Jan 2022 20:45:34 GMT
www-player-webp.css
www.youtube.com/s/player/94ee882e/ Frame 11B2 		340 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/94ee882e/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3347be09e14b684dad1ea6d9817e34fd36e10bd4c4f0914daa054932344c1d7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/kKcko4LdeSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 03:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
61710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47664
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 01:16:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 21 Jan 2023 03:37:04 GMT
www-embed-player.js
www.youtube.com/s/player/94ee882e/www-embed-player.vflset/ Frame 11B2 		273 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/94ee882e/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c2322f6714f254f2166b732262d6fcf5066d626ebcc0a422a7023c9fc7e8d86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/kKcko4LdeSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 03:30:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
62132
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85842
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 01:16:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 21 Jan 2023 03:30:02 GMT
base.js
www.youtube.com/s/player/94ee882e/player_ias.vflset/de_DE/ Frame 11B2 		2 MB
538 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/94ee882e/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87e9f6d70d0113133af6e1cffa555a7a97a910c2883866ace15f050a058ec11d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/kKcko4LdeSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 03:38:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
61650
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
550511
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 01:16:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 21 Jan 2023 03:38:04 GMT
fetch-polyfill.js
www.youtube.com/s/player/94ee882e/fetch-polyfill.vflset/ Frame 11B2 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/94ee882e/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/kKcko4LdeSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 03:30:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
62132
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 01:16:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 21 Jan 2023 03:30:02 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 11B2 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 17:06:41 GMT
x-content-type-options
nosniff
age
272333
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 17:06:41 GMT
submit-arrow.svg
www.truesec.com/assets/form/ 		243 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truesec.com/assets/form/submit-arrow.svg
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/82929dba21bc7d81.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
b12368d3c5dba872ff52f51d990122bb48b276fc7e21e4a12bf4bdcd52f33daa
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
x-content-type-options
nosniff
age
2636033
content-disposition
inline; filename="submit-arrow.svg"
x-vercel-cache
HIT
content-length
243
x-xss-protection
1; mode=block
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
referrer-policy
no-referrer
server
Vercel
x-matched-path
/assets/form/submit-arrow.svg
date
Fri, 21 Jan 2022 20:45:35 GMT
strict-transport-security
max-age=63072000
content-type
image/svg+xml
x-vercel-id
fra1:fra1::255jb-1642797935100-e56359b58a3f
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
etag
W/"b12368d3c5dba872ff52f51d990122bb48b276fc7e21e4a12bf4bdcd52f33daa"
accept-ranges
bytes
uc.js
consent.cookiebot.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js?cbid=fb174c59-0016-4d4c-8f79-2c133cf6c3fc
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2VMF8D&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb::5f64:99a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0b0d6756194596a0da992634ad369f33e6c1cdead1dc3895acb7c46aead3ec3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:35 GMT
content-encoding
gzip
last-modified
Wed, 12 Jan 2022 09:45:16 GMT
etag
"3595621a997d81:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=358
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges
bytes
content-length
28330
expires
Fri, 21 Jan 2022 20:51:33 GMT
hotjar-939887.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-939887.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2VMF8D&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-81.txl50.r.cloudfront.net
Software
/
Resource Hash
ef6836ff18d69e8f17a355b8a1b892b0eaaec6ce527c30eadd49f336a1234fa3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:35 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
TXL50-P1
etag
W/e14fa39a92e9ae26afbb94e354c3f258
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
7tUtQ__7U43EavjPSz-XnpL3kxJjP0e6ziU7bGGTNfoBpU4AbosfSA==
via
1.1 92c0d9b5836e0d9ff27ca3c2fe1b14e2.cloudfront.net (CloudFront)
id
googleads.g.doubleclick.net/pagead/ Frame 11B2
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM
Protocol
H3
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1cd4e4220b2281415687119e4dae5dc4d09fbf6f34cd947b236ae63043cf63f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 21 Jan 2022 20:45:35 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 11B2 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/94ee882e/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:33:50 GMT
x-content-type-options
nosniff
age
705
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Jan 2022 20:48:50 GMT
remote.js
www.youtube.com/s/player/94ee882e/player_ias.vflset/de_DE/ Frame 11B2 		97 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/94ee882e/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/94ee882e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d97d6a4eee498ffb32dc0f0d0754441e50fe36627d42accda8d9c29ec1e8981b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/kKcko4LdeSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 03:38:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
61651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30823
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 01:16:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 21 Jan 2023 03:38:04 GMT
5CvMVWGjgDRsR1jQ5WFSfGyoNmu5J8zZpcu7WmSRNPw.js
www.google.com/js/th/ Frame 11B2 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/5CvMVWGjgDRsR1jQ5WFSfGyoNmu5J8zZpcu7WmSRNPw.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/94ee882e/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e42bcc5561a380346c4758d0e561527c6ca8366bb927ccd9a5cbbb5a649134fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 18:01:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
96229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13304
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 17:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 18:01:46 GMT
embed.js
www.youtube.com/s/player/94ee882e/player_ias.vflset/de_DE/ Frame 11B2 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/94ee882e/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/94ee882e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8a43f870820df1799336d8c4d25352b33b9acb521a57921763d0e3d2644605f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/kKcko4LdeSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 03:38:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
61628
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7632
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 01:16:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 21 Jan 2023 03:38:27 GMT
truncated
/ Frame 11B2 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
zhvy3_ZaC9Fllc_FZVQZpBSnm1b8plAtnKLDVX2VgAP-WOrgyQ5YNCQLf_G_jkHn6zk_zit2BVw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 11B2 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/zhvy3_ZaC9Fllc_FZVQZpBSnm1b8plAtnKLDVX2VgAP-WOrgyQ5YNCQLf_G_jkHn6zk_zit2BVw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a463f197a33375cdbbe0b8aaa383f9219afbb4b6caba412fc7a642d146aeb9ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 19:08:14 GMT
x-content-type-options
nosniff
age
5841
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1134
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 19 Dec 2021 07:19:55 GMT
maxresdefault.jpg
i.ytimg.com/vi/kKcko4LdeSM/ Frame 11B2 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/kKcko4LdeSM/maxresdefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eccab74b9739bef8ec0f81f6e8be004093244e1981268e09ef9fdc413cd7ee19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:35 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78758
x-xss-protection
0
server
sffe
etag
"1625489413"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 21 Jan 2022 22:45:35 GMT
bc-v3.min.html
consentcdn.cookiebot.com/sdk/ Frame EEAC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=fb174c59-0016-4d4c-8f79-2c133cf6c3fc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:594::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-type
text/html
etag
"b10de1f5f615a79259ac9e34f470ce1d:1615283706.572935"
last-modified
Tue, 09 Mar 2021 09:55:06 GMT
server
AkamaiNetStorage
x-akamai-transformed
9 - 0 pmb=mRUM,1
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=31536000
expires
Sat, 21 Jan 2023 20:45:35 GMT
date
Fri, 21 Jan 2022 20:45:35 GMT
content-length
895
server-timing
cdn-cache; desc=HIT edge; dur=1
modules.923ec619fec69a542e35.js
script.hotjar.com/ 		229 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.923ec619fec69a542e35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-939887.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-116.fra60.r.cloudfront.net
Software
/
Resource Hash
b808c79adcdbd5df211fb64d05e220a1cb48cae0245fb720e718c7658a1ee5f9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 11:29:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
206189
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
61575
access-control-allow-origin
*
last-modified
Wed, 19 Jan 2022 11:29:02 GMT
etag
"6d6c65f494384174cfbb7de0db8782b1"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
B_ZfQhelN1pfv6-zXQJaFo8472te-mXlGA1cXrFq8F9owllBL_xgpQ==
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 11B2 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/94ee882e/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Jan 2022 20:45:35 GMT
box-21ccaa45726c0f3c8c458f7a87eb2298.html
vars.hotjar.com/ Frame DC2C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-939887.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-89.txl50.r.cloudfront.net
Software
/
Resource Hash
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
content-length
1044
date
Mon, 08 Nov 2021 14:05:19 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6a4e2ae376c29011d2e53de65a08d0b7"
last-modified
Tue, 01 Jun 2021 09:17:15 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 fdea8c36228dc968e7ca648afb7fdafa.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P2
x-amz-cf-id
mS6wGZfGc9Ox7BGHLJWw-Rz3L_0prF9d_CWBzxeFe6rvhUxl76cIdw==
age
6417616
generate_204
www.youtube.com/ Frame 11B2 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?2XbiLA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kKcko4LdeSM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/kKcko4LdeSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/97/ Frame 11B2 		53 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/97/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1a9324c503cc885e5bf568d8c5de12c34c0adc3a4990d547a4514179108badd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 12:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28874
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15488
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 15:04:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Sat, 22 Jan 2022 12:44:21 GMT
visit-data
in.hotjar.com/api/v2/client/sites/939887/ 		146 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/939887/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.923ec619fec69a542e35.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.184.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-184-63.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 21 Jan 2022 20:45:35 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
cc.js
consent.cookiebot.com/fb174c59-0016-4d4c-8f79-2c133cf6c3fc/ 		247 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/fb174c59-0016-4d4c-8f79-2c133cf6c3fc/cc.js?renew=false&referer=www.truesec.com&dnt=false&forceshow=false
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=fb174c59-0016-4d4c-8f79-2c133cf6c3fc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb::5f64:99a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f3dd88318c0794527db64d8bf8e3193172f8b27f1e243f7308bd2a090255e412

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 20:45:35 GMT
content-encoding
gzip
last-modified
Fri, 21 Jan 2022 20:45:35 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
private, max-age=1200
access-control-allow-headers
cache-control, expires, Access-Control-Allow-Headers, Origin, Pragma, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
56352
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
truncated
/ 		293 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
landing
pagead2.googlesyndication.com/pagead/ 		42 B
548 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=1916024492.1642797937&url=https%3A%2F%2Fwww.truesec.com%2Fhub%2Fblog%2Fkaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware&gtm=2wg1j0K2VMF8D
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2VMF8D&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 21 Jan 2022 20:45:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2VMF8D&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2445
date
Fri, 21 Jan 2022 20:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 21 Jan 2022 22:04:52 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=549320897&t=pageview&_s=1&dl=https%3A%2F%2Fwww.truesec.com%2Fhub%2Fblog%2Fkaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware&ul=en-us&de=UTF-8&dt=Kaseya%20supply%20chain%20attack%20targeting%20MSPs%20to%20deliver%20REvil%20ransomware%20-%20Truesec&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEAAAAAB~&cid=1162791036.1642797937&tid=UA-10378001-38&_gid=90056428.1642797937&gtm=2wg1j0K2VMF8D&gcs=G100&z=1937593330
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jan 2022 15:40:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18287
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 11B2 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/94ee882e/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/kKcko4LdeSM
X-YouTube-Client-Version
1.20220119.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgs4RkF0UjdDRm5aUSjutqyPBg%3D%3D
X-YouTube-Ad-Signals
dt=1642797935107&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C675%2C446&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 21 Jan 2022 20:45:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Fri, 21 Jan 2022 20:45:37 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| bindToWindowOnError object| globalRoot function| hns object| hubspot object| hbspt object| __hsRoot object| hspreserve undefined| React undefined| reqwest function| OutpostErrorReporter undefined| Pikaday function| hns2 function| hmerge undefined| I18n undefined| ReactDOM undefined| require undefined| requirejs undefined| define undefined| exports undefined| module undefined| bootstrap object| webpackChunk_N_E object| regeneratorRuntime object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| _N_E object| HSFR object| _hsq function| hs_reqwest_0 object| dataLayer object| __BUILD_MANIFEST object| __SSG_MANIFEST object| __MIDDLEWARE_MANIFEST object| google_tag_manager object| google_tag_data function| hj object| _hjSettings function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| CookieConsent object| CookieControl object| Cookiebot object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| CookiebotDialog object| CookieConsentDialog number| j string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

8 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: 2N-1jMKLycc
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 8FAtR7CFnZQ
.truesec.com/ Name: _hjSessionUser_939887
Value: eyJpZCI6ImUxYzU2Mzg0LTFmNzItNTg4NC1iYTlmLTZjZjc4NjA3MmJiYiIsImNyZWF0ZWQiOjE2NDI3OTc5MzUzNDAsImV4aXN0aW5nIjpmYWxzZX0=
.truesec.com/ Name: _hjFirstSeen
Value: 1
www.truesec.com/ Name: _hjIncludedInSessionSample
Value: 0
.truesec.com/ Name: _hjSession_939887
Value: eyJpZCI6IjI2ZmNlOTU3LWQwOTUtNDViMC04YjEzLTU0MjkxZDBmODZmNiIsImNyZWF0ZWQiOjE2NDI3OTc5MzU0NjEsImluU2FtcGxlIjpmYWxzZX0=
www.truesec.com/ Name: _hjIncludedInPageviewSample
Value: 1
.truesec.com/ Name: _hjAbsoluteSessionInProgress
Value: 0

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-full-version-list'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors http://localhost https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.truesec.com
consent.cookiebot.com
consentcdn.cookiebot.com
fonts.gstatic.com
forms.hsforms.com
googleads.g.doubleclick.net
i.ytimg.com
in.hotjar.com
js.hsforms.net
optimise2.assets-servd.host
pagead2.googlesyndication.com
script.hotjar.com
static.doubleclick.net
static.hotjar.com
vars.hotjar.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.truesec.com
www.youtube.com
yt3.ggpht.com
13.32.121.116
18.64.79.89
18.66.2.81
2606:4700:20::ac43:4bc3
2606:4700::6810:5605
2606:4700::6811:b749
2a00:1450:4001:801::2016
2a00:1450:4001:803::2006
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2008
2a02:26f0:fb:594::f09
2a02:26f0:fb::5f64:99a9
52.48.184.63
76.76.21.93
0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75
06d612040bfa74fc2573e015a751bc17281f73495d4905944b6ee10a5b86979a
080e4e6a3bb5279ae05d16d94e7ff0bf70d9a754bc9595ba104d01cb823bfff0
0b0d6756194596a0da992634ad369f33e6c1cdead1dc3895acb7c46aead3ec3c
0b17da62fb36f7470a36919503a56c697359e2958588c16dfb667bc9891318f9
0d01c252e2958d9d1a858b1e3ef0c51e6e25c4495d6f9c8565ade0b730b4d757
18bfd108e0350640edd723648d8cea23363793faa49c2a54acc652a677708632
1c2322f6714f254f2166b732262d6fcf5066d626ebcc0a422a7023c9fc7e8d86
1cd4e4220b2281415687119e4dae5dc4d09fbf6f34cd947b236ae63043cf63f5
21f6af5d62976c60e60b84a6586ddd4c71d6969e3a2589c4f8a29774886a5de3
2298b4b48b280951e837943cc1ae31a64039c10ec7d36887bb3efeaab152363e
2466940e9f2f793bef82078165a0b979c59ea7c89c7a5840e9571f4e7eb3f2a1
273a989952bcaab018a929e31149171f873713cd36caa79a6650a7bdd5b08130
27523667a1d79ed7e48da938fd4eb15565a47613054bff8f2b9ee6c1732f849c
2cb3703e579875fd7b74fd5f1e5e5b6212896b9b4e282465f51c236b3bc06587
30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e
3347be09e14b684dad1ea6d9817e34fd36e10bd4c4f0914daa054932344c1d7f
3d9167fcd69a3f621386a8135b60ea216b4362009414c8631166c66d7c935bde
3ddbeaa61005463a17ff6d9903ff1d73a158e04a10db88ede26fe7f6d7ece989
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40369b19cd79c958bce6eb17c8fee87a3fdf7d0df2c3ba1e4e3d95be466389cf
4095270bd9e0d892470abd5bf83c212222b8aa8d55734f307bb6b7382cd5af41
46802a692af6557a560d548bcd048a28966d2b68beb29083974943de82b818a3
5202c7efbe462a95aa34ec4cba8b72b4250884b76e5362ffddc14cec6c82e58e
59630935840a38c5b2a1c7191c2bea389e06888dbaf33946fd80c62474a5e8ae
5d64e84418e7133a5bb50d2b3b55677e8574e2d4e9d9ed869ea6dbb6f44c0a73
5e059d5d50bd7b9859989431b0eb4288e8fddd12d6339e1d919fcae7924e999f
6243f3c77f193612648027475eaab6da009b985f0716acdfc021de263dd6f3c9
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7219d0fd967b565f827df0e7675715faa0d539964f1e64144bdabf667f482644
762830592b8802db74cdfb05ba8842abcedf00f6d8663f7e6530648c22e82e93
7a1d4320bd3ecf9de6e4c4164f2aac7841d18d0d44c9a69ab9856bfd00b104a0
811d40810a5f80ed0ec016c290779f53b42b38889440630768f8906f381e6963
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87e9f6d70d0113133af6e1cffa555a7a97a910c2883866ace15f050a058ec11d
8e89e4c4cbc9f5b62d5cc9939383f42998f58fcd22fa2d0f07a15ebcc11be892
8f095977b3c341c57870d8f8f96fd38c30d70c50eee6d8bacb41ff40030ad30e
9171a46ea05b0dc4401c5d7977a8e1979425ed485079803c9c602561dbc887bf
96222ba0ce213bcd48c79515accf42963dbe3011f979456790ebe264c9bfc193
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a9324c503cc885e5bf568d8c5de12c34c0adc3a4990d547a4514179108badd
a40013cc29ce42733279603b3399d01dfde26a90a84dd2b718d64fa63172b294
a463f197a33375cdbbe0b8aaa383f9219afbb4b6caba412fc7a642d146aeb9ef
aabbe635d60e29e016c4bca05f556554d00c0ff7b8cac21d1613fda08cb5419f
adfaf54621f479fda0fa70f3235cb7e8dc5c30a6b896e5e2c025ea0e8971d06d
b12368d3c5dba872ff52f51d990122bb48b276fc7e21e4a12bf4bdcd52f33daa
b4e549236bea58a575189eda174e9e067193b6a7ef0448cbcbbec096370bb640
b808c79adcdbd5df211fb64d05e220a1cb48cae0245fb720e718c7658a1ee5f9
bf9feb7688cd103c0bbbfb0c53276e60d879063271a5650d156cc5348eedf3df
bfd3b7e70bb0380ea888f4a26ac88334b34cfbd49b3306cf0bf32a03aab2a7a3
c112122123af6e36a38d5da11b0ca4cf5a74d7f0f3dcd38b26c52ab33d0c0396
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c8a43f870820df1799336d8c4d25352b33b9acb521a57921763d0e3d2644605f
c931e84b0d28fb4eaca2ecf8dfb3d1b2b2537c1c916c0999411d755ce92f269c
cca2a4c5f7a241ec258225c2d1b1ae4ef61174f96ddbfa8d08ca71767f3b829a
ce3783d4091c989beac6560ce4ba0032d52339854010ac19358dfb702f226167
ceb0ff6b7050576bc752e7a3c92710aec6c3b56af39935f5e4e58dcd226fb9ea
d47b9c5d7be62ddd3c18b7bda9ae7640bfbd39e0b78fd9c4dad34c25eafcabfb
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d97d6a4eee498ffb32dc0f0d0754441e50fe36627d42accda8d9c29ec1e8981b
d9ead0fe0d24c8c5cd7a4054770d386ee803edafc29d0d4235d744b3c69788e4
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e30ce15e8acb6c3db0edadbc7fb54d04a8101efef317c703884a976c90335fe9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42bcc5561a380346c4758d0e561527c6ca8366bb927ccd9a5cbbb5a649134fc
e96d3e8936cbc8ccbadbaf7968f39563040f6456088e63d849d7306211da532c
ea6e008bc85376939c0d57f5852c176d87bc2f593bbf7e63b7036ac8eb014e2a
eccab74b9739bef8ec0f81f6e8be004093244e1981268e09ef9fdc413cd7ee19
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6836ff18d69e8f17a355b8a1b892b0eaaec6ce527c30eadd49f336a1234fa3
f1426c9322621378e362570f4ae1a661cf55a46b073bc83c568c2afe67d169e4
f3dd88318c0794527db64d8bf8e3193172f8b27f1e243f7308bd2a090255e412
f837149a0a9a2b92a8d7f152da2ef4e69b30f98ed029cddcfcaa76bf9883ffc1
f936ef3e674b7896b491821da2ac1c46d1108c1847f147ef8cea66bab43eb68a
fc0effce63aea3615c4806a936d3cd428b8ce33f0d6570a5e191dc1ba31d488b
fd33bbecf9cd62f171950662a1f7fd70377af80b2a8c6710b8b5f26fb379fa0a