urlscan.io logo urlscan.io
SecurityTrails logo

www.truesec.com Open in urlscan Pro
76.76.21.21  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Submission: On September 11 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 7 domains to perform 106 HTTP transactions. The main IP is 76.76.21.21, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is www.truesec.com.
TLS certificate: Issued by R3 on September 4th 2023. Valid for: 3 months.
This is the only time www.truesec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
30 76.76.21.21 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
60 2606:4700:20:... 13335 (CLOUDFLAR...)
2 52.200.133.189 14618 (AMAZON-AES)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 172.65.232.43 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
3 2400:52e0:1e0... 200325 (BUNNYCDN)
3 18.157.136.187 16509 (AMAZON-02)
106 12
30    76.76.21.21 (Walnut, United States)

ASN16509 (AMAZON-02, US)
www.truesec.com
1    2606:4700::6810:88ce (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsforms.net
60    2606:4700:20::681a:9b5 (United States)

ASN13335 (CLOUDFLARENET, US)
optimise2.assets-servd.host
2    52.200.133.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-133-189.compute-1.amazonaws.com
trinitymedia.ai
2    2606:4700::6811:cff9 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
2    172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)
forms-eu1.hsforms.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a02:26f0:1700:11::b856:6785 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com
1    2a02:26f0:1700:781::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
3    2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)
vd.trinitymedia.ai
3    18.157.136.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-136-187.eu-central-1.compute.amazonaws.com
depart.trinitymedia.ai
Apex Domain
Subdomains		 Transfer
60 assets-servd.host
optimise2.assets-servd.host — Cisco Umbrella Rank: 122774
2 MB
30 truesec.com
www.truesec.com
764 KB
8 trinitymedia.ai
trinitymedia.ai — Cisco Umbrella Rank: 14983
vd.trinitymedia.ai — Cisco Umbrella Rank: 19402
depart.trinitymedia.ai — Cisco Umbrella Rank: 17436
506 KB
4 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4840
forms-eu1.hsforms.com — Cisco Umbrella Rank: 30514
6 KB
3 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 4871
consentcdn.cookiebot.com — Cisco Umbrella Rank: 5481
96 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
88 KB
1 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 7560
165 KB
106 7
Domain Requested by
60 optimise2.assets-servd.host www.truesec.com
vd.trinitymedia.ai
30 www.truesec.com www.truesec.com
vd.trinitymedia.ai
3 depart.trinitymedia.ai vd.trinitymedia.ai
3 vd.trinitymedia.ai trinitymedia.ai
2 consent.cookiebot.com www.googletagmanager.com
consent.cookiebot.com
2 forms-eu1.hsforms.com
2 forms.hsforms.com 1 redirects
2 trinitymedia.ai www.truesec.com
vd.trinitymedia.ai
1 consentcdn.cookiebot.com consent.cookiebot.com
1 www.googletagmanager.com www.truesec.com
1 js.hsforms.net www.truesec.com
106 11
Subject Issuer Validity Valid
www.truesec.com
R3		 2023-09-04 -
2023-12-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-16 -
2024-05-15		 a year crt.sh
*.trinitymedia.ai
Amazon RSA 2048 M01		 2022-12-08 -
2024-01-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-06 -
2024-04-06		 a year crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-17 -
2024-04-17		 a year crt.sh
vd.trinitymedia.ai
R3		 2023-08-28 -
2023-11-26		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Frame ID: AC09B4EA9F159DF32F41F311891E6B97
Requests: 100 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 39E5F931E808D489DC0199B04C92AB7F
Requests: 1 HTTP requests in this frame

Frame: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.truesec.com%2Fhub%2Fblog%2Fdarkgate-loader-delivered-via-teams&unitId=2900007345&userId=83015b33-cbfb-4e90-b8af-f80316cb2cc6&isLegacyBrowser=false&version=20230907_6ca36752a633a8e8e0eda691840a48fd303457b8&useBunnyCDN=0&themeId=140
Frame ID: A27E51834045A6C60DF8E747C104CE9B
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Title: DarkGate Loader delivered via Teams - TruesecPowered by Cookiebot

Detected technologies

Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

106
Requests

99 %
HTTPS

64 %
IPv6

7
Domains

11
Subdomains

12
IPs

2
Countries

3670 kB
Transfer

7353 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://forms.hsforms.com/embed/v3/form/26747823/e1ba94bb-d3e2-4b25-8d09-84d5380c8036/json?hs_static_app=forms-embed&hs_static_app_version=1.3699&X-HubSpot-Static-App-Info=forms-embed-1.3699 HTTP 307
  • https://forms-eu1.hsforms.com/embed/v3/form/26747823/e1ba94bb-d3e2-4b25-8d09-84d5380c8036/json?hs_static_app=forms-embed&hs_static_app_version=1.3699&X-HubSpot-Static-App-Info=forms-embed-1.3699

106 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request darkgate-loader-delivered-via-teams
www.truesec.com/hub/blog/ 		566 KB
100 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
cf03ecf030290b6233be696822cdd47bc3eb800234300a36693c4232c35744e8
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
age
50605
cache-control
public, max-age=0, must-revalidate
content-disposition
inline
content-encoding
br
content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-type
text/html; charset=utf-8
date
Mon, 11 Sep 2023 09:05:24 GMT
etag
W/"a28a1af6238e90a08f83acd17551df5e"
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy
no-referrer
server
Vercel
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
x-matched-path
/hub/blog/darkgate-loader-delivered-via-teams
x-vercel-cache
HIT
x-vercel-id
fra1::j6cgx-1694423124025-480502b1b4da
x-xss-protection
1; mode=block
386cb8578eab9566.css
www.truesec.com/_next/static/css/ 		114 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/css/386cb8578eab9566.css
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
1c9ea062dfaf7950144ab12c13de6d5d56d1e79da506ba915271e8d898169a49
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 09:05:24 GMT
strict-transport-security
max-age=63072000
age
49849
content-disposition
inline; filename="386cb8578eab9566.css"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::sqps6-1694423124053-a151dea13f14
x-matched-path
/_next/static/css/386cb8578eab9566.css
etag
W/"b5062f0fd11cf792df032ed087fd77a6"
x-vercel-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
v2.js
js.hsforms.net/forms/ 		526 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsforms.net/forms/v2.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:88ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a310b7dbaf9f4c6bed4342cdbaeab0c4e611c71a79ea3da893597a707ada6df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-encoding
br
age
199
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3699/bundles/project-v2.js&cfRay=804ebad25d178fc5-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"9d62b75c92ae0102719875dd9e4697a5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.3699/bundles/project-v2.js
date
Mon, 11 Sep 2023 09:05:24 GMT
x-amz-version-id
_C5KQMITJKtBCh4HMAlyij_acrW41qed
via
1.1 c378d79f6d61c9af35c366d426990acc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD55-P2
x-hubspot-correlation-id
e4d786ce-c714-4bf0-ad5a-e70b9a894e3c
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
e4d786ce-c714-4bf0-ad5a-e70b9a894e3c
last-modified
Thu, 07 Sep 2023 03:24:59 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1jzLloUAvppg2Bas6B9OW%2FAzEyunluB0aM0ggebZ0wIxG0pbWSIMw2JUtVPkziJNMei%2BFR4Qjqz2JYb79R2FVvghdDB35Bv9sa40GFeT9NoQQC2%2Fu%2BAc1hqJC2qk%2BSXtTkBQC8srsVzFoKn"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-ftklr
cf-ray
804ebfad7e7dbb73-FRA
x-amz-cf-id
aQZz0kMuvX1oZjFEd9y7VfqVGyCRUZLOkhw6H45ERvDO0LpsPQ9Xhg==
webpack-cb7634a8b6194820.js
www.truesec.com/_next/static/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/webpack-cb7634a8b6194820.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
3b54dffddaa2eac539bd5b13d6f80c38da6076ce740db0c587a68e7e4f25c5b6
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 09:05:24 GMT
strict-transport-security
max-age=63072000
age
48250
content-disposition
inline; filename="webpack-cb7634a8b6194820.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::j6cgx-1694423124058-2c371789b566
x-matched-path
/_next/static/chunks/webpack-cb7634a8b6194820.js
etag
W/"1fd72a66e4bc2658bbca0754def47fc5"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
framework-81da43a8dcd978d9.js
www.truesec.com/_next/static/chunks/ 		137 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/framework-81da43a8dcd978d9.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
7dbe027dec63d7c8577996e7a12839d9093a3385fe4b6b0d024a7e8734a9af69
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 09:05:24 GMT
strict-transport-security
max-age=63072000
age
41789
content-disposition
inline; filename="framework-81da43a8dcd978d9.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::sqps6-1694423124064-2170f5ab44d4
x-matched-path
/_next/static/chunks/framework-81da43a8dcd978d9.js
etag
W/"586fe86475ac869ab424789869893863"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
main-84decff6cc7d59ee.js
www.truesec.com/_next/static/chunks/ 		101 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/main-84decff6cc7d59ee.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
05e942b5355a69109b588f650d9fa373048ec2bd052b57fc3ee917edaa1fab08
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 09:05:24 GMT
strict-transport-security
max-age=63072000
age
49849
content-disposition
inline; filename="main-84decff6cc7d59ee.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::k2b4r-1694423124066-4ee927ad4809
x-matched-path
/_next/static/chunks/main-84decff6cc7d59ee.js
etag
W/"a72d6a7f905dec6ade4ec04dd7824222"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
_app-534518dd555325bd.js
www.truesec.com/_next/static/chunks/pages/ 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/pages/_app-534518dd555325bd.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
abd886b4986fccee2b3a90517fb3e23561e863f4ad4dac9e77f5aeeaaac933c1
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 09:05:24 GMT
strict-transport-security
max-age=63072000
age
49849
content-disposition
inline; filename="_app-534518dd555325bd.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::dqj6x-1694423124066-ba7b54937b33
x-matched-path
/_next/static/chunks/pages/_app-534518dd555325bd.js
etag
W/"f1700d35963c7b0d8776726dcacd035e"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
970-2289913181c48a8e.js
www.truesec.com/_next/static/chunks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/970-2289913181c48a8e.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
8108e60f47602e67e6c9c978dd2b3cec824efaf297873ea9a7aeef5a1327e6be
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 09:05:24 GMT
strict-transport-security
max-age=63072000
age
43849
content-disposition
inline; filename="970-2289913181c48a8e.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::vr8t6-1694423124066-643209618472
x-matched-path
/_next/static/chunks/970-2289913181c48a8e.js
etag
W/"8b73f83ec324497b1f4aaafc22a24a76"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
691-3b8a138618316012.js
www.truesec.com/_next/static/chunks/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/691-3b8a138618316012.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
aa966e68cdedc8e26549f20c4cc5fc652f01da4382a112ad958ff497133eb5cf
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 09:05:24 GMT
strict-transport-security
max-age=63072000
age
49849
content-disposition
inline; filename="691-3b8a138618316012.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::ff76n-1694423124066-a78a90d26c89
x-matched-path
/_next/static/chunks/691-3b8a138618316012.js
etag
W/"be10ac90dfd63c43ea9e1895465859fb"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
730-88310ee013b02dc1.js
www.truesec.com/_next/static/chunks/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/730-88310ee013b02dc1.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
6ecf97ddcde4ca1fd32079c5aaf17668865953f4f354462318209cbe8cdae0f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 09:05:24 GMT
strict-transport-security
max-age=63072000
age
49447
content-disposition
inline; filename="730-88310ee013b02dc1.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::pq227-1694423124074-ef74e0e405d1
x-matched-path
/_next/static/chunks/730-88310ee013b02dc1.js
etag
W/"4749a219cecf5edd2d6fefe56910ff2c"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
495-1f9d6c6549e4fbdd.js
www.truesec.com/_next/static/chunks/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/495-1f9d6c6549e4fbdd.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
e3c315e23621def3913ebaf4526f08be50f72117ff32fe8126b74f44b6216da8
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 09:05:24 GMT
strict-transport-security
max-age=63072000
age
48191
content-disposition
inline; filename="495-1f9d6c6549e4fbdd.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::znfpk-1694423124077-867340ff9dd5
x-matched-path
/_next/static/chunks/495-1f9d6c6549e4fbdd.js
etag
W/"80a8a1de04db5dc777806feb7d90327c"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
637-9aa4f41777021ed2.js
www.truesec.com/_next/static/chunks/ 		1011 KB
295 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/637-9aa4f41777021ed2.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
4dcba62e131ca99eef51fcd87910cd06078c5cc07646781d90c00abf4d0f7a15
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 09:05:24 GMT
strict-transport-security
max-age=63072000
age
48881
content-disposition
inline; filename="637-9aa4f41777021ed2.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::vwjm6-1694423124070-0d512334e31a
x-matched-path
/_next/static/chunks/637-9aa4f41777021ed2.js
etag
W/"b0d74ff4c4e74517ea39de2029e312c0"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
883-0a79894e73455858.js
www.truesec.com/_next/static/chunks/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/883-0a79894e73455858.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
c67c9ebb2902667753b0ee6f7fb1a3d96ba9756a5a773908fa18ae3ba0310dac
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 09:05:24 GMT
strict-transport-security
max-age=63072000
age
49849
content-disposition
inline; filename="883-0a79894e73455858.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::nvpx7-1694423124066-f4b25f6c365b
x-matched-path
/_next/static/chunks/883-0a79894e73455858.js
etag
W/"63e59df5535b3ac4318f4ed5006e0fb0"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
634-2ec27f8fbd09a8dc.js
www.truesec.com/_next/static/chunks/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/634-2ec27f8fbd09a8dc.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
0816d592fc5f1053871e7068875fb7b77ce9c1cb2207412377833a1c754bca27
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 09:05:24 GMT
strict-transport-security
max-age=63072000
age
42342
content-disposition
inline; filename="634-2ec27f8fbd09a8dc.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::8tsrx-1694423124067-63566150f829
x-matched-path
/_next/static/chunks/634-2ec27f8fbd09a8dc.js
etag
W/"90b9cf2d38c21fcb0b2addce473c65cd"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
752-33d94f2b8b7a3828.js
www.truesec.com/_next/static/chunks/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/752-33d94f2b8b7a3828.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
0d863b2b45f901c1e969cb2322cf0e8ca92a6c8f9114db87ff5575f70540879c
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 09:05:24 GMT
strict-transport-security
max-age=63072000
age
48881
content-disposition
inline; filename="752-33d94f2b8b7a3828.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::7dl22-1694423124067-2c449c7fc700
x-matched-path
/_next/static/chunks/752-33d94f2b8b7a3828.js
etag
W/"d12aab46a676c1c80d7a99efa433b8a2"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
479-5aa04becb06d6349.js
www.truesec.com/_next/static/chunks/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/479-5aa04becb06d6349.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ba9aaa9781bcf6a336d00f3a299b1a4a0bcd5e72750f0f67f42dc8ba87c25948
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 09:05:24 GMT
strict-transport-security
max-age=63072000
age
49849
content-disposition
inline; filename="479-5aa04becb06d6349.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::26cnj-1694423124067-78ffd3477ec0
x-matched-path
/_next/static/chunks/479-5aa04becb06d6349.js
etag
W/"14374e1845c11c070c3b9c38705ba527"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
204-bc1e7c5d164fd039.js
www.truesec.com/_next/static/chunks/ 		43 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/204-bc1e7c5d164fd039.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
686488945a9723698678b0b26098a507f0241238995f1f11cf0bf6aff67eda7b
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 09:05:24 GMT
strict-transport-security
max-age=63072000
age
48881
content-disposition
inline; filename="204-bc1e7c5d164fd039.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::gxsps-1694423124067-518b5e032a4b
x-matched-path
/_next/static/chunks/204-bc1e7c5d164fd039.js
etag
W/"9b3387ca1ae1e80c53e995a5bbf7fd62"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
330-b7a668b4ac5e2467.js
www.truesec.com/_next/static/chunks/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/330-b7a668b4ac5e2467.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
68cafb4ced99f1149bfe5c037fd60dba028bfff075be7ab7311244d92fa8abcc
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 09:05:24 GMT
strict-transport-security
max-age=63072000
age
48881
content-disposition
inline; filename="330-b7a668b4ac5e2467.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::26cnj-1694423124067-7742ca875125
x-matched-path
/_next/static/chunks/330-b7a668b4ac5e2467.js
etag
W/"9d2cb5a5e34246f77d1bed6d76d5a98f"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
992-ca93483616017817.js
www.truesec.com/_next/static/chunks/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/992-ca93483616017817.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
fac5469e2cca28f7a533005edefbe714e5ceb2e3020a8616f0bdadc02ac36791
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 09:05:24 GMT
strict-transport-security
max-age=63072000
age
48881
content-disposition
inline; filename="992-ca93483616017817.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::7xnrn-1694423124067-ced79aad8492
x-matched-path
/_next/static/chunks/992-ca93483616017817.js
etag
W/"75c50cf674d40150a8b0156d2f9b3353"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
%5Bslug%5D-cc721b1e4348b76e.js
www.truesec.com/_next/static/chunks/pages/hub/blog/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/chunks/pages/hub/blog/%5Bslug%5D-cc721b1e4348b76e.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
8bb1d2cc8994196f0ebebcdb7540d71a756161d36f65a62d5171f595a20eaafc
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 09:05:24 GMT
strict-transport-security
max-age=63072000
age
48881
content-disposition
inline; filename="[slug]-cc721b1e4348b76e.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::8dhsr-1694423124068-d5817b263038
x-matched-path
/_next/static/chunks/pages/hub/blog/%5Bslug%5D-cc721b1e4348b76e.js
etag
W/"164594cea50084621abe9d83fa466dac"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
_buildManifest.js
www.truesec.com/_next/static/p4vn7W0yMuflfSkIuC6W8/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/p4vn7W0yMuflfSkIuC6W8/_buildManifest.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
38a1f97713a4a82ca482e4bd1a2ebe658a0af8f138a7a0695dd76836d83c8927
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 09:05:24 GMT
strict-transport-security
max-age=63072000
age
49849
content-disposition
inline; filename="_buildManifest.js"
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::tcvgh-1694423124067-bf3c7db9abbc
x-matched-path
/_next/static/p4vn7W0yMuflfSkIuC6W8/_buildManifest.js
etag
W/"c11e9d32cf7c76eff5d2e71eedb20302"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
_ssgManifest.js
www.truesec.com/_next/static/p4vn7W0yMuflfSkIuC6W8/ 		564 B
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/p4vn7W0yMuflfSkIuC6W8/_ssgManifest.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
80355310a104e9171d06b0f88674d1e775674e802eb8bfac4e107c7d551bd97d
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
date
Mon, 11 Sep 2023 09:05:24 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
age
49849
content-disposition
inline; filename="_ssgManifest.js"
content-length
564
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::xcpw5-1694423124067-8f1a0828fe84
x-matched-path
/_next/static/p4vn7W0yMuflfSkIuC6W8/_ssgManifest.js
etag
"5e94858cf2eecd1580455903473648c0"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
_middlewareManifest.js
www.truesec.com/_next/static/p4vn7W0yMuflfSkIuC6W8/ 		92 B
277 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/_next/static/p4vn7W0yMuflfSkIuC6W8/_middlewareManifest.js
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
date
Mon, 11 Sep 2023 09:05:24 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
age
49849
content-disposition
inline; filename="_middlewareManifest.js"
content-length
92
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::tcvgh-1694423124067-f29d934c4067
x-matched-path
/_next/static/p4vn7W0yMuflfSkIuC6W8/_middlewareManifest.js
etag
"7c3f7e060745668041278118c0bb3d6d"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public,max-age=31536000,immutable
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
thoughtful-businessman-working-late-on-a-computer-in-the-office-picture-id1160562587.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/thoughtful-businessman-working-late-on-a-computer-in-the-office-picture-id1160562587.jpg?w=1920&h=1080&auto=compress%2Cformat&fit=clip&dm=1694003846&s=e5f9adab91419062d4c32f2282059665
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc66ad7045bdbd9baaa49bc6d270edb9b49b8a0c1b9c18643cb2637e097c836b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9FJPPBCJLgU8uKC4fHLQ9rauALJ5qAJANbrCXUndUt9VdoB%2FhjdlWdbSjTNKWVJOp6l7YUq0Jj83xJDdC7QVyXj5XXu4%2BJhoIxRbv1zOIAG3%2Bug2TorgcZgMrij9Of2AMG1cu7m%2FuxjOeHSOAdVmr3Pe03cblOOMFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
52a0b76ced12d578fd8dd15b20a0235e
cf-ray
804ebfadae3c1d86-FRA
alt-svc
h3=":443"; ma=86400
atom-6-1.png
www.truesec.com/assets/patterns/ 		515 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truesec.com/assets/patterns/atom-6-1.png
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
f1426c9322621378e362570f4ae1a661cf55a46b073bc83c568c2afe67d169e4
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
date
Mon, 11 Sep 2023 09:05:24 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
age
49849
content-disposition
inline; filename="atom-6-1.png"
content-length
515
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::dqj6x-1694423124067-80da991c8c7f
x-matched-path
/assets/patterns/atom-6-1.png
etag
"6c972d066621be03b01c6e6ccf542b21"
x-vercel-cache
HIT
content-type
image/png
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
IMG_1403_small.JPG
optimise2.assets-servd.host/jealous-emu/production/General/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/General/IMG_1403_small.JPG?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1693989399&s=e3f5a02658affa00601c892dd4f15a87
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f2d6a1e2457e16a7a39bff7654eee5ebfe725f418b7a0636c0c8e5a94f3fcdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=phZgCUu7p323pqpnJPGH8kgKsX7esCaqjFr7mb62K%2BrGxncnNPOQzSyM1XXhfFiT0Dh%2BaRWaBLojxdOm%2FpVOSLhaXTafnGKpQJ4avGZ6mrEqssMloCQqW%2Fu2537GoGdQjWKRKe1xcU%2F81en7ulPbg6z8Jc3r2UuuuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
45318a338f0475f72436fc9a955fe6c0
cf-ray
804ebfadae3e1d86-FRA
alt-svc
h3=":443"; ma=86400
AAD1.png
optimise2.assets-servd.host/jealous-emu/production/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/AAD1.png?w=691&auto=compress%2Cformat&fit=crop&dm=1693999075&s=f54f81701c8394971bce1c0e41234ca1
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98b490054e866a6af63800293fed4cb6fbe4d71bae9ea9a2d4dfb535feb2c03a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKZRK1cPpFstzdiIoIHchiIgSuN5p4EWeNGNpWaBQcLQx9cm80acpiCQX%2F8e1yW7%2BeywJbQpOltR5ysRryFHidPlgxBw9mBA6Z19Q0yeAaMDKmTUqJ2cLG6ygUq7RnnctlEx6DYRYlE4RQX3LVvI84v%2Bttj5yK0lUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
8dc5bb5eade54457280cc9208d79deae
cf-ray
804ebfadae3f1d86-FRA
alt-svc
h3=":443"; ma=86400
AAD2.png
optimise2.assets-servd.host/jealous-emu/production/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/AAD2.png?w=688&auto=compress%2Cformat&fit=crop&dm=1693999078&s=704d7baa4ccae3ffb0740ef29cd76e7d
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3279f531006280e00c9e2360be2a97963de80364943b6c8171bf711274a4a18

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCVFbYpDx5iayJq7vGee8tQcSfyhIMR3vlmtmbduLqJhF24XRMbhdFPRtLUt17rMUR7tpfpaNWaBoMCiwlu7z1l6GE4zHYN8GhLUpsU0I%2FjuQXjT%2F%2FFcta90Pny%2Fl6umf3Lf7GDWTFrknntJERgyLDpUeCQYlYXKgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
a1f74a3cc5bd20c57ea38773e0492f6a
cf-ray
804ebfadae421d86-FRA
alt-svc
h3=":443"; ma=86400
Teams_Message_2023-09-06-111840_xfme.png
optimise2.assets-servd.host/jealous-emu/production/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Teams_Message_2023-09-06-111840_xfme.png?w=1414&auto=compress%2Cformat&fit=crop&dm=1693999120&s=7e60d0ea24e5d7a25b18753104c8c0b9
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52294dd3fa003bf6ff5d7898fec6e2430f6216fd6856fccc04a4179805623fe1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfzHC8Sw30SeCic8TJfIwfBRDq83G16uToefpCr5lJr9nV5gm%2F7%2FJkL43mxAhCqIQi%2BLyjBUNFhyjNvElAj7COsyRKJX1J4U5NJIpmow4ymHbNUKZBgUrnpjcAh%2BqfxhBPIWC6QkKmsy0nlWwCJKrr4ESR8jdu4PDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
8c2c5be71c09289cbc09e3a1caf1facf
cf-ray
804ebfadae451d86-FRA
alt-svc
h3=":443"; ma=86400
URLs.png
optimise2.assets-servd.host/jealous-emu/production/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/URLs.png?w=3064&auto=compress%2Cformat&fit=crop&dm=1693999779&s=d309dd178c6537bd02577cbc44dc9d48
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a759b8e512cc6aee539b7373fb7f20a16400f33bcfcabcaef5220cb3e8bef0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAK%2FDkkJtjwSbyYKqKZQ%2Bvpy%2BiOJixRtuj%2F1wjoR67dJjbJom9jjm3cCYzaid3eHxt4l8xohYbKvfD0wJHfQJTxESR8llGmXcJVq0WW5ZGKo3ETjiRdSKFZ0wyKCWkkSEjjJAjrNI1KJDXOtWaTsqOMDX2ZytyUDzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
acc41b4736c422fbf91349662c51698b
cf-ray
804ebfadae461d86-FRA
alt-svc
h3=":443"; ma=86400
Sharepoint-file.png
optimise2.assets-servd.host/jealous-emu/production/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Sharepoint-file.png?w=2614&auto=compress%2Cformat&fit=crop&dm=1693999116&s=efcd2491aa256b3d95c78d1d806ac9da
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3a7265795f8f7648a263d7321bebdc0d5470ed656b4738b47697794fc3491b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TEcLaFD5J13XyU1rdJNx45qENIvUSPynA6PxyPgnoeDiwE42X2UnhoEp5eljGjqnhQH%2FOKhwvLHhUZtRVAVHYdSx6zoXeiCBkE0wHvKD9plykO%2FEP4Bk33aDlHua3%2B1zZ3uOa5FohypsntCgbaC6rDj4HMSKj%2B2%2B1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
ce959bb5966edcaf7c4762073050eaaa
cf-ray
804ebfadbe531d86-FRA
alt-svc
h3=":443"; ma=86400
MS-Defender2.png
optimise2.assets-servd.host/jealous-emu/production/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/MS-Defender2.png?w=602&auto=compress%2Cformat&fit=crop&dm=1694000140&s=83878fb42898f46235cf8ae97b9f587e
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7edc1682dc499603d9971241080541b9a21f483adc96de9b95d566cc3267610

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UN%2BF6NH0511r0BfELximKC23paynZ1i3Sx82y2tml4qV2nfU0WZWDc3b2T5iHheiH1gCOVIUp6vdnfWjGY5OGiwBtx91cEwkp4b9Nb0UMxeoghfB1m3xkkoXeWLbSWpq4QpMaBX626%2Bx2zLNuh8eulWy9%2FzvM1MjRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
54673005a898ac3a11b67b80921469a2
cf-ray
804ebfadbe541d86-FRA
alt-svc
h3=":443"; ma=86400
LNK-File_2023-09-06-113238_htnw.png
optimise2.assets-servd.host/jealous-emu/production/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/LNK-File_2023-09-06-113238_htnw.png?w=756&auto=compress%2Cformat&fit=crop&dm=1693999958&s=f1a70e6c31c7ec4aa126846290cc13d4
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae16eca567dba2833aced3f9a2f29fb03bcd7c275eb7faf5bdffa028440a3e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwu2Z%2F1jSUAXd%2FurgSBb1%2F7Hk%2B3znRzP2nM2V2CY3On%2FuU4fT5h26a%2BY5am7yiF6MSnr1xx9q2Q1y5cW3MrIm1cJHQ1FsG5Ptq3cCC9%2BSyW2FyuI%2Bm5HcU86qAbk7VfqWDy1fyEaRHHFSoKvXLErPR%2FQsVPe0noOqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
b85ed6bb727916ca0e0ac020d29e537e
cf-ray
804ebfadbe561d86-FRA
alt-svc
h3=":443"; ma=86400
Shell-cmd.png
optimise2.assets-servd.host/jealous-emu/production/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Shell-cmd.png?w=3083&auto=compress%2Cformat&fit=crop&dm=1694001838&s=81f3aa58c7595bc0aaf5e8d79f1adb11
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
706a29996854169c8e3e6638676c86287583c7e153ccde44af6c6a7af174656a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXCZkThnahz6zOhgUDLWgGnfnPsITukAd9%2B1QKDwhd7g5Rze2LHsPk9fQUCCyncPDfns7%2F5sDsuOcXh360o%2F%2FG3DwxanqOeunyNtoliABOxV5VEchAPRSeBlMuwgdcHPlffEb0rIk5xfrMpgynG%2BvWCCa%2FXihN0c3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
3fadf8c280dc434b041bc300e1060138
cf-ray
804ebfadbe571d86-FRA
alt-svc
h3=":443"; ma=86400
Wireshark.png
optimise2.assets-servd.host/jealous-emu/production/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Wireshark.png?w=1027&auto=compress%2Cformat&fit=crop&dm=1693999124&s=0e051bb8a1da725b0a5ac9609e901931
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44a664b26b088d4e3904cf6a6d439c5fffc2364e970f2c7d8a863e6b67113ebe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SzTvNUqCoV%2F%2BLomIRS1JX3IHeno7ZI1lyllULV02MR0Z3Bk87f3qv9dYX8okDzXcdYoLIxXhnp7Ybu%2FIgAhNX7S6FEn91IQ4GTfsWsB6Eji5T27v09GRHHDdMB3Haj2arLFFkL0v5whqszLCPDPxQY7yoZZ2T7zA0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
de701a8077d17b4ffd61afd2af62e0ea
cf-ray
804ebfadbe591d86-FRA
alt-svc
h3=":443"; ma=86400
AuScript.png
optimise2.assets-servd.host/jealous-emu/production/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/AuScript.png?w=817&auto=compress%2Cformat&fit=crop&dm=1693999100&s=04dd42bc71c6c33ebb24f8156d6c2e07
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76b9fb6631ddfc422502bd8cd514e92d1c7eb15f7e8bf9acf0aa9c1b6ed1d0cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJZLU7S3j3ZFa5P6K859HG%2FgcyXkDtLgt0IwJAr0b%2B%2FJ2VWgNAHDR3jT1UVmYrZvYKP7bQuQyxbv%2Bi2LcVixk6UMb9GJuJukuV2vZFpEZGg4BQ%2FdEIj4iHnStydIoiN6OyLYU970sYRnv8TSXfxo9oQ59unhCQkSmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
5bfc2ac4ed559b72ef80c4993da532f9
cf-ray
804ebfadbe5c1d86-FRA
alt-svc
h3=":443"; ma=86400
Sophos.png
optimise2.assets-servd.host/jealous-emu/production/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Sophos.png?w=1242&auto=compress%2Cformat&fit=crop&dm=1693999119&s=aada66965b320b6c9d869c308377ef8f
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef18ba9f8330696838bca85be7e8ec092381fdd96e22b0540507985fc5b6de15

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZqr%2F5vxeu6Mo2TIJkzzBKntYEo2aF6T3ifVXoMoqDwJ%2Balcz7auK52%2F%2B4nsNq6fYWkxw07PRQHtlMcmaLsQ2JIGkOgGV%2BG8ezx1%2B2pxSCn%2BxoHmh%2F9fSpztBYDAMldiqK1m4xt3FPktWwBNZQMhbCbIAPbl7is80Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
e9ec695343718abe43c3245fa73ccad7
cf-ray
804ebfadbe5f1d86-FRA
alt-svc
h3=":443"; ma=86400
DllCall.png
optimise2.assets-servd.host/jealous-emu/production/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/DllCall.png?w=1578&auto=compress%2Cformat&fit=crop&dm=1693999102&s=4b46b045bcf363c1df1c44a6f927611e
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55381b08570c7c9e51b16aa8004c9778710d289986ccf052cf7629362b764da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zr5IBA%2ByZFxJ8z%2FnzgK1UXNJpOW%2FWFZLkvmh603LPM5ywRsPI7BcT9N6UjIySlnsO%2By0XdCC%2B77ZsraGt1J0kxGofNZhLlUVOagTaSq84WvfR00kkwvVcMu0%2FFrpXUrMIN%2FsEJo9YsxcsKO08GLDvjje0B9TSLamWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
8d39f5e7d635220d67b55e773a3b2ec6
cf-ray
804ebfadbe601d86-FRA
alt-svc
h3=":443"; ma=86400
Shell.png
optimise2.assets-servd.host/jealous-emu/production/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Shell.png?w=934&auto=compress%2Cformat&fit=crop&dm=1694001339&s=e9e4fc54a5fa8384964f923fc7182892
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7b7a19107d75c9fba95c98fccc89926661184b4be83408fdf1b599d35c7bafb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kCZQ57OIUXeRlRyEVUfMVYBZzt2hqqGQvkdJfkzy%2Fpsbx8VXIsWV5pWV58DNOpQWe20EG9QD6%2BCulPEkJYGIme8QoCqkfd0Xc1YLRUh%2BIuXEvIt4B96HImKh6LC%2BGTBmMThyhzsKYdpBrH3cGblQvl3Vb9ny84yPxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
49ca812c2896b1d14bb84150ea4c9ce3
cf-ray
804ebfadbe621d86-FRA
alt-svc
h3=":443"; ma=86400
PEstudio.png
optimise2.assets-servd.host/jealous-emu/production/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/PEstudio.png?w=1016&auto=compress%2Cformat&fit=crop&dm=1694002388&s=953f452e41d3925f58104c206bbed461
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53248121b272c5b96e926eff9a2abd225951a0a3dfebf17bf244bc7bf3e7ddab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCTh4BuuswFIE8JsShsDFP7VKKCK9uDUToPEen4cnH%2BeHkRO9Xo0FKSDXxbGTCw%2B1Ni6gbPkJzKpSslFWxORMzfotj1vCm5%2FF9aHqpqe2zKfI5Ar4hgLcm8rdjdj57z8e5CSdFpg%2FZMSM5nLaXN5ytbNUpSBZjpcXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
e8f5984e6c24f347a8b9d91cd5a5b7c5
cf-ray
804ebfadbe641d86-FRA
alt-svc
h3=":443"; ma=86400
Malware-Config.png
optimise2.assets-servd.host/jealous-emu/production/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Malware-Config.png?w=306&auto=compress%2Cformat&fit=crop&dm=1693999113&s=e620dfe0f44d7cdf3a28c3f44df122f7
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dba52e665e3a8c3e3a4f8016b379bf1092b52d4ce7be7501d28afb929008aec1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apwui4bYEGcd%2FKQa5gqqTFSP3%2FI0rc%2FI1445XHC%2FkQQgBWN11IdOgQjoRu%2BudF9HJQTNpKl6OAfIV%2FO%2BP8%2FvC892Rfn3ibrry7em9%2FTkzoy6vf6KhROLDXgCVgYyw4i7lvrsn9gCCuOonpZ7SYf3r7Vg9hqEkNT%2BoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
87062eaa269568ee0595742bace28fb5
cf-ray
804ebfadbe671d86-FRA
alt-svc
h3=":443"; ma=86400
Akira.png
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/Akira.png?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1693212667&s=7345ccde8dc615b175bfe013e0d50025
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c3283bdce285d0871379763f39b350b662ff2eb41b30a0a7a896bdd92fb23e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TTYzc0Ply68BpI63ycKKvLetyvlgx%2BQ7zvX5rMOhJ6FYP3fQOUN0OqZlZ68xdU6aqCkwJmrWbvGupuaBPtF7%2BWRpuvgeZaLFTuw87xa793TJZDVKMPznT7B9aqSP3Crz1ERLbukTRHaIx9N9Ryl0gwnzwYFbp7C8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
3ffe99aa9330e36438b194473d8795d8
cf-ray
804ebfadbe681d86-FRA
alt-svc
h3=":443"; ma=86400
me.jpg
optimise2.assets-servd.host/jealous-emu/production/General/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/General/me.jpg?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1693230435&s=62119b004feb955f8c5b8062d2250ce7
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4327998a6b93140ec2c83945ee24da1f7f8d2a5399546824a8cf4af8c12f6b1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cx%2BTl2zpTHqGg5JcwDnNQ8de9PLoIitfa6AWG30fF8O0%2Fx2XBdymcZu%2Bmv%2Bum6bt0IypyYiOCYsWc5I7URX4C8qVJN4fjMV1KMYRDIZjLpCJR%2BvITHj%2B4ITaJWsOhPjNblcMoRvnEeR%2Brlb5QdqVmhHq0cUFStCPSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
a0534aefbf8f23957325564c7cbfb18b
cf-ray
804ebfadbe691d86-FRA
alt-svc
h3=":443"; ma=86400
Untitled.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/Untitled.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1681222488&s=e40b51240a407bddfd49e11ba137dc21
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
195d72f19d6fbe23b1f5fcf7ad169c4ea2e7e2a85cf619ab0be85671e2a56b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQXa1E7RZD2JAqHSWtYhfTLIASnFkEawziJu%2F23GRd6KQHdXs2j42y7MuQNqCSPok2hUTgXItjROxBTDBEtxx%2BKS%2F2LnD3rxgX%2FValkZgdyk7hP6gpQ7IzVkHXK7lj5w8b6Jpu%2BRogKMNNFHIu7sMHICFLTp0jXXXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
2b62c69290876a9f092b666bd2edf19e
cf-ray
804ebfadbe6b1d86-FRA
alt-svc
h3=":443"; ma=86400
viktor-hedberg.png
optimise2.assets-servd.host/jealous-emu/production/Users/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Users/viktor-hedberg.png?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1643982381&s=adf8c581ddac1e588bb86f3eaaba060b
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
812a98a9fcad42f55b75c791fd838062d45453b01bcbfa9edaf10c2ae3a3ecac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OlOZjn9so%2BMqXtk%2FBHn14hRg%2BHYqGu3BMdbndqXNdvE81nR4X10ZajFgdIXQoFeYaYRa8iCDZD0Vn%2BPyJu6H0T5TFwxUBps6j7jh1wy7blI%2FUVQ5ZOGr%2FfL5ndtompKqFLrf0jjo%2F1v5cf56pN0YRuAyvYpDi%2BrC%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
f55b73b1869fe6a045ab6ed7128a895b
cf-ray
804ebfadbe6e1d86-FRA
alt-svc
h3=":443"; ma=86400
incident_response_fortinet_cve.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/incident_response_fortinet_cve.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1666356095&s=8c72faf650fa7e757b8dc02f6c377cc4
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf55db8dd64a24ddeccfb8e36ba6385adb002aecc484e7a19faee8157ccc8024

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYBRvD2flzNxb%2FML5Kr5UZupa%2FXqjV8B%2F2CBRd6p0mqg94RAX%2FIsKgC0RNkmMxbkTVEkg6fPqYrK2dPoxef%2FqPwiKu9v%2BPLWmsAi0XxnYAlNNwNtCkA2To2BTStrW64chQXv1z31YoASyu8pEah90qLS2GxIe%2BM%2FMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
2480b560797b6645da29c79ac4529c65
cf-ray
804ebfadbe731d86-FRA
alt-svc
h3=":443"; ma=86400
Heresh-Zaremand-Truesec-Expert-Spotlight-2022.jpg
optimise2.assets-servd.host/jealous-emu/production/Users/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Users/Heresh-Zaremand-Truesec-Expert-Spotlight-2022.jpg?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1673511763&s=6fb72412b0d393b4ae7aa28618dabc45
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
529c118b499a77edf35a4718df6f6428e554f45db842e1a7494e44ea1c3ec346

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvNXUbRap2HbD%2BGeGRZP0eA7KzCn9dG7qWd6sJPie5YH38eeZaeRtCnYGniWisW80SEhAJX%2FakO3QuXDV9uOxgLvfNGqyjQP9wyDnGoUEV0%2BA%2BCwoJaVpzjsNOZybUIR4XQCQlzBJxWZ7uEomqhzYt47L3%2BPDuKfeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
42c1bc5ceaa24a7ab9c7dcc0dd0832c8
cf-ray
804ebfadbe791d86-FRA
alt-svc
h3=":443"; ma=86400
shutterstock_492815677.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/shutterstock_492815677.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1639943292&s=8cf45fd6a2823a3ad1d4394eb13cc846
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d61115ea5fdaa1c801094926e601f0a01ad99953dd7ba8c2b7c31eb07550c284

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ol7CMiTgDQ3Wpl7LOxDieo7dLdw6o88Acvau3axlt0tFgS5aFwz0TZJBw6jD8XzKObHB4I%2Bb5LFNWWTA7iRW0t7FaFE8wkLD%2BRP0zjnqPtiVFh6uXQufJ8JH3gZ%2BkkB3Fm%2B5clhtypa2qQdQTlNTXDyppuG6YyIl3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
2bf92e282393414d4edf99e221b74dd2
cf-ray
804ebfadce7b1d86-FRA
alt-svc
h3=":443"; ma=86400
iStock-520840869.jpg
optimise2.assets-servd.host/jealous-emu/production/Techtalk/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Techtalk/iStock-520840869.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633331446&s=362a7eb5d9abd6c2a840b164b3114213
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a57b0fa179da2a854a2df35da5c0d283dadf8c0ce48e20d322d67142b2737c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbdLfQGnN8cMxtDT0rYdlsq9g5ttHNZRgt4hFHhDxdE7unPgUFJnst0Lp5Z6l%2BDHtum15hWzJHEFPoA7hZqxZBmK%2FLCfMnVg1RXgt5l30%2BG6y9IKyEddMEear9YVi%2FWNyy28WnGg0ELO1nFa%2Fnr49Fyn8wPQaSf1aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
40c908f2f9215c27b377fadad9a27382
cf-ray
804ebfadce7c1d86-FRA
alt-svc
h3=":443"; ma=86400
MicrosoftTeams-image.png
optimise2.assets-servd.host/jealous-emu/production/General/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/General/MicrosoftTeams-image.png?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1659610676&s=716fb29c56876c2be214b6bade137539
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e5213cf60337f90e1d37e756078f913caa752eaf938e31837afdb7ade1711c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukfoR%2Bm9WHuyOdZO0enR9MG6PRyouj2JOfivpaIAJaVIGz1AOFo3Y%2FnwHu8usPX1ZIWlgLIvv9R%2BvFMc3G%2B%2BKFnSg%2F3CGtMPn5HpFYWTgAFZs50cMqoxKhLYUxBdeBASuv2LO6wzkMCWtobeRI2alDArvnXVgnB5NA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
3f5a43f151cc473fe92d2324ee5caa64
cf-ray
804ebfadce7f1d86-FRA
alt-svc
h3=":443"; ma=86400
MicrosoftTeams-image-10.png
optimise2.assets-servd.host/jealous-emu/production/General/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/General/MicrosoftTeams-image-10.png?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1633331395&s=14039da161c092aff8cb8609b3f23551
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f4684daf4fdaeb1b6084106f8d380ec21bf768348626110931b8661fde758c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BAfihQ6iLNh4qiMpWRGgQZx%2BwKLGlAiEUExyRhBzOO8%2Fk5dYx9N2I0I74cCSgsVmMq%2FGj0EqYlKOQIhF7kXc0QT%2BhoOP7zIsOL20%2FZJtAQ6tobJsM3YOCZ39%2ForvEzPW43zTqJ%2FBQlgkrExhMlp8Zb3qAB%2B%2FJPsUwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
0c8ea287b72530e8fea51b865bcc3fd9
cf-ray
804ebfadce811d86-FRA
alt-svc
h3=":443"; ma=86400
mario-gogh-VBLHICVh-lI-unsplash.jpg
optimise2.assets-servd.host/jealous-emu/production/Article/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Article/mario-gogh-VBLHICVh-lI-unsplash.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1673611087&s=93230308cd899f59560544652e0d8ba6
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47cf28768d4b6447016d04e373262a5cbde48c532d77ad991b02176b7630b1c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUFauoDbGo7IjyBsBTpSpaJ5iB3itie2SkUTaMu9EtWN5ejHKVQI7pdIjkAN0zLMwhDnKcfgubvtqrD%2BldwSin1QlISivxAgOsat1Gy1JeeFv4dwDscp890FaMMZI4NtZGUkdrgAfrM5DgzNl2SHyOranRjGgwBnNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
160f84278dee4fd2a8f3b581da3059c8
cf-ray
804ebfadce821d86-FRA
alt-svc
h3=":443"; ma=86400
font.woff2
www.truesec.com/fonts/NimbusSanReg/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/fonts/NimbusSanReg/font.woff2
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/386cb8578eab9566.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
0b17da62fb36f7470a36919503a56c697359e2958588c16dfb667bc9891318f9
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.truesec.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
date
Mon, 11 Sep 2023 09:05:24 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
age
50370
content-disposition
inline; filename="font.woff2"
content-length
41772
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::k2b4r-1694423124089-0e79500768db
x-matched-path
/fonts/NimbusSanReg/font.woff2
etag
"261528f699bd1e08b782c32c4b2323b4"
x-vercel-cache
HIT
content-type
font/woff2
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
iStock-818435778-1.jpg
optimise2.assets-servd.host/jealous-emu/production/Guide/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Guide/iStock-818435778-1.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1656498277&s=d6206555ee2698b90770429f224c5a87
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19e3739510e1e39854190f0cc00a79b0860aafc50568bc07c5214a023fdf5575

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.truesec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MShIrlu0AZ%2FqNB0lp0R9t%2BN2ohgy6Ny%2BgzPG6rcmILS%2BIwPcBQF%2FZyPEuMmR7f0rTx%2FaeGakrwiYjgoEQXER9t5dtgDxfFSgzi%2FTC6DBX69NDVcUEJ5d5Ad%2Bxp2MeR99UkIkab%2Bm5dRRUGbSQ8afbRf2lTsZPfD7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
f3014314e75ebc5743087dd16a09ff68
cf-ray
804ebfadce841d86-FRA
alt-svc
h3=":443"; ma=86400
Truesec-Threat-Intelligence-Report-2023-Background-Society-Sunset-Trheat-landscape.jpg
optimise2.assets-servd.host/jealous-emu/production/Report/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Report/Truesec-Threat-Intelligence-Report-2023-Background-Society-Sunset-Trheat-landscape.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1675158073&s=333f1ecbe4f24b8f5b52b9927fbfb7de
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00ca7ea4437a90808440f33c5ab5cfe8fccf82f52952fc567042cde324f074e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.truesec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4Kr4nYm0SgnKYzxjrWbv%2FR2JsFaV%2FiL8G95epsiCoZ6UnHO6sUVG70BDnD9I6AJWFncavnwgrdB2xRKgSh06rFcSTUOdKUngo%2BUDCBbiurppiLSYEU7zAjnP9RxJIA856HLn17e0MncvVWoDXS6PmU2XA5erE4RBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
0c0f010eb679894e3c7a7899167933d8
cf-ray
804ebfadce851d86-FRA
alt-svc
h3=":443"; ma=86400
yeshi-kangrang-wTD1-_u8x1g-unsplash.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/yeshi-kangrang-wTD1-_u8x1g-unsplash.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1673441833&s=02178b5a382e74de7816fc9ad82ef2ed
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a367ee69492a7aa3aacfd5b21a2c364ae29a754e71c575e62a6a06498d6f8032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.truesec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVQr9mXUOo3CwxTSkWsXQWGOEA2UKl9P03981YQDXuNAbkNIXdSlpKiLMBTIA5%2BWLGPLABuMEL1BMFX3BFJe4OKldaLYOTM0sELgFKB4k%2BkECRtjuY7eGt8DKYcSg1xjNqFS1XqbBgpo8nN2yz7XCOBfb6G6iOhV0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
8c546f7583a7e90b9cc130286c7f6596
cf-ray
804ebfadce861d86-FRA
alt-svc
h3=":443"; ma=86400
aerial-photographing-with-drone-picture-id1026580092.jpg
optimise2.assets-servd.host/jealous-emu/production/Report/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Report/aerial-photographing-with-drone-picture-id1026580092.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1644237367&s=626bfdc25169022e454c7f34d982ff85
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee0efafd4d3bf456260c4570c1f5f2ebe67af6ff74fcbaec9d0f871abf4b09e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.truesec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NW0YjzLmTA6NBosqsatnLMrXn7KyhIIXeZkGIfpQj3aRJc3%2BYh2fJReRRT%2BzR8FPTTbS3kP2%2B5I8SFX802g0xJV8Vw4FoPIEkrzSodOwGA3FRd%2BDheaqeVjCCYWawkKorYBi13%2B7bm30RnYulowa8pSSc%2FcRxgUiPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
00b3a9236efdd5ef219f531f4f05a51f
cf-ray
804ebfadce871d86-FRA
alt-svc
h3=":443"; ma=86400
slider-next-active.svg
www.truesec.com/assets/slider/ 		245 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truesec.com/assets/slider/slider-next-active.svg
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/386cb8578eab9566.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
5202c7efbe462a95aa34ec4cba8b72b4250884b76e5362ffddc14cec6c82e58e
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
date
Mon, 11 Sep 2023 09:05:24 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
age
49849
content-disposition
inline; filename="slider-next-active.svg"
content-length
245
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::vwjm6-1694423124103-1ad9688332e4
x-matched-path
/assets/slider/slider-next-active.svg
etag
"11d7245358f256721cd5ffa1386435f7"
x-vercel-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
slider-prev-active.svg
www.truesec.com/assets/slider/ 		266 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truesec.com/assets/slider/slider-prev-active.svg
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/386cb8578eab9566.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
5e059d5d50bd7b9859989431b0eb4288e8fddd12d6339e1d919fcae7924e999f
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
date
Mon, 11 Sep 2023 09:05:24 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
age
48250
content-disposition
inline; filename="slider-prev-active.svg"
content-length
266
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::k2b4r-1694423124103-164dee26745e
x-matched-path
/assets/slider/slider-prev-active.svg
etag
"9010c1a76008e78ca7efb5740a9bf86a"
x-vercel-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
font.woff2
www.truesec.com/fonts/NimbusSanExtReg/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/fonts/NimbusSanExtReg/font.woff2
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/386cb8578eab9566.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
273a989952bcaab018a929e31149171f873713cd36caa79a6650a7bdd5b08130
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.truesec.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
date
Mon, 11 Sep 2023 09:05:24 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
age
49849
content-disposition
inline; filename="font.woff2"
content-length
30036
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::pq227-1694423124103-4088ca12805c
x-matched-path
/fonts/NimbusSanExtReg/font.woff2
etag
"7f19a0a57a9ac444d78386fb0bcc375e"
x-vercel-cache
HIT
content-type
font/woff2
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
font.woff2
www.truesec.com/fonts/NimbusSanLig/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.truesec.com/fonts/NimbusSanLig/font.woff2
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/386cb8578eab9566.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
e30ce15e8acb6c3db0edadbc7fb54d04a8101efef317c703884a976c90335fe9
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.truesec.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
date
Mon, 11 Sep 2023 09:05:24 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
age
49849
content-disposition
inline; filename="font.woff2"
content-length
41712
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::j68fk-1694423124103-4841f874ef50
x-matched-path
/fonts/NimbusSanLig/font.woff2
etag
"bfbe7dcd6caab25ca2c56fe4edfff22e"
x-vercel-cache
HIT
content-type
font/woff2
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
/
trinitymedia.ai/player/trinity/2900007345/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trinitymedia.ai/player/trinity/2900007345/?pageURL=https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/_next/static/chunks/main-84decff6cc7d59ee.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.133.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-133-189.compute-1.amazonaws.com
Software
Apache /
Resource Hash
21f0b92361b4edc71ece0791a0ca370a9c8d15cb03b66b544805cb370c13ed87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 09:05:24 GMT
content-encoding
br
server
Apache
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store
content-length
1850
json
forms-eu1.hsforms.com/embed/v3/form/26747823/e1ba94bb-d3e2-4b25-8d09-84d5380c8036/
Redirect Chain
  • https://forms.hsforms.com/embed/v3/form/26747823/e1ba94bb-d3e2-4b25-8d09-84d5380c8036/json?hs_static_app=forms-embed&hs_static_app_version=1.3699&X-HubSpot-Static-App-Info=forms-embed-1.3699
  • https://forms-eu1.hsforms.com/embed/v3/form/26747823/e1ba94bb-d3e2-4b25-8d09-84d5380c8036/json?hs_static_app=forms-embed&hs_static_app_version=1.3699&X-HubSpot-Static-App-Info=forms-embed-1.3699
3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms-eu1.hsforms.com/embed/v3/form/26747823/e1ba94bb-d3e2-4b25-8d09-84d5380c8036/json?hs_static_app=forms-embed&hs_static_app_version=1.3699&X-HubSpot-Static-App-Info=forms-embed-1.3699
Protocol
HTTP/1.1
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe32f3b97a20afc22716df6ffe48d4b9f96eaeca69181805ae0e8ba1444b31c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

X-Origin-Hublet
eu1
Date
Mon, 11 Sep 2023 09:05:24 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
Content-Encoding
br
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
bf59334d-d1f3-4fe1-be91-cfa5653c1563
Transfer-Encoding
chunked
x-envoy-upstream-service-time
7
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
bf59334d-d1f3-4fe1-be91-cfa5653c1563
Server
cloudflare
X-Trace
2B8444255F1FC903AF2FD3010025EDBA00527AFD51000000000000000000
Vary
origin
Access-Control-Allow-Methods
OPTIONS, GET
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
null
x-evy-trace-virtual-host
all
Access-Control-Expose-Headers
X-Origin-Hublet
Access-Control-Max-Age
180
Access-Control-Allow-Credentials
false
Cache-Control
max-age=0, no-cache, no-store
X-Robots-Tag
none
Access-Control-Allow-Headers
*
CF-RAY
804ebfb139fc18cd-FRA
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-79bb87d888-6mshh

Redirect headers

X-Origin-Hublet
na1
Date
Mon, 11 Sep 2023 09:05:24 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
e9f7536f-02a4-49b6-9dc0-e7b7b3ce2bb9
Transfer-Encoding
chunked
x-envoy-upstream-service-time
2
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
e9f7536f-02a4-49b6-9dc0-e7b7b3ce2bb9
Server
cloudflare
X-Trace
2B6F05C9B14AE168848318E53E7ACEA64268532E85000000000000000000
Access-Control-Max-Age
180
Access-Control-Allow-Methods
OPTIONS, GET
Location
https://forms-eu1.hsforms.com/embed/v3/form/26747823/e1ba94bb-d3e2-4b25-8d09-84d5380c8036/json?hs_static_app=forms-embed&hs_static_app_version=1.3699&X-HubSpot-Static-App-Info=forms-embed-1.3699
Access-Control-Allow-Origin
https://www.truesec.com
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
x-evy-trace-virtual-host
all
Vary
origin
X-Robots-Tag
none
Access-Control-Allow-Headers
*
CF-RAY
804ebfb02cdd92b7-FRA
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-d2gnr
gtm.js
www.googletagmanager.com/ 		262 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K2VMF8D&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2c55b6eeca8d750a04e577dcc3e6bc919b5f1a8ec79291fe9c6a253c812787c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 09:05:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89618
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 11 Sep 2023 09:05:24 GMT
uc.js
consent.cookiebot.com/ 		106 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js?cbid=fb174c59-0016-4d4c-8f79-2c133cf6c3fc
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2VMF8D&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:6785 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1ffdbab6c1c63856cfa9cf33bd89f8c00181e54925f96e1373ca2792e0376cf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date
Mon, 11 Sep 2023 09:05:24 GMT
content-encoding
gzip
last-modified
Tue, 29 Aug 2023 08:41:45 GMT
etag
"a95b8da454dad91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=339
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
33297
expires
Mon, 11 Sep 2023 09:11:03 GMT
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame 39E5 		627 B
813 B 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=fb174c59-0016-4d4c-8f79-2c133cf6c3fc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:781::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30713288
content-encoding
gzip
content-length
392
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 09:05:24 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Sat, 31 Aug 2024 20:33:32 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1694423124727_3092568088_1980996254_18_856_15_31_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
cc.js
consent.cookiebot.com/fb174c59-0016-4d4c-8f79-2c133cf6c3fc/ 		271 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/fb174c59-0016-4d4c-8f79-2c133cf6c3fc/cc.js?renew=false&referer=www.truesec.com&dnt=false&init=false
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=fb174c59-0016-4d4c-8f79-2c133cf6c3fc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:6785 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1dd978d7b6720d34187523774848300fd53a6d648cb35602298ee8ee148d7227

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 09:05:24 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 09:05:24 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
private, max-age=1200
cross-origin-resource-policy
cross-origin
content-length
63319
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:cff9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 09:05:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
413d1a09-a4e6-451f-972e-078fc800b2b1
x-envoy-upstream-service-time
8
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
413d1a09-a4e6-451f-972e-078fc800b2b1
server
cloudflare
x-trace
2BE2374B8D92A80B1FA65ED8132E307A84A847E510000000000000000000
vary
origin
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-m2kqt
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
804ebfb1be509259-FRA
submit-arrow.svg
www.truesec.com/assets/form/ 		243 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truesec.com/assets/form/submit-arrow.svg
Requested by
Host: www.truesec.com
URL: https://www.truesec.com/_next/static/css/386cb8578eab9566.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
b12368d3c5dba872ff52f51d990122bb48b276fc7e21e4a12bf4bdcd52f33daa
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
date
Mon, 11 Sep 2023 09:05:24 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
age
49848
content-disposition
inline; filename="submit-arrow.svg"
content-length
243
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::7xnrn-1694423124773-aea73ba0f327
x-matched-path
/assets/form/submit-arrow.svg
etag
"e74b4a1bf651157f05cd7e175cbd64e6"
x-vercel-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
counters.gif
forms-eu1.hsforms.com/embed/v3/ 		35 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 09:05:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
4c805e36-97dd-49b6-b558-1448dcbe9e5a
x-envoy-upstream-service-time
2
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
4c805e36-97dd-49b6-b558-1448dcbe9e5a
Server
cloudflare
X-Trace
2B26CA721D811BEFF05120A91F54927CF14D928259000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-79bb87d888-vwr8b
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
804ebfb3df182bd6-FRA
trinity-injector-script.js
vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/ 		280 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Requested by
Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity/2900007345/?pageURL=https://www.truesec.com/hub/blog/darkgate-loader-delivered-via-teams
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
12eafb79e16d64f4daa2ab6ba61aefc064eccab6b69941a651bb736eb8350ce4

Request headers

Referer
Origin
https://www.truesec.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 09:05:24 GMT
x-amz-version-id
qagOIB64nooY0e9D9o.W3BUZhDwcwHe8
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
5148152EVT4CR49K
cdn-cachedat
09/07/2023 14:42:24
cdn-pullzone
112690
x-amz-id-2
wr5kPMUfMj6k0w6YS2tm+fnjrxpbZJjkz4ha4dFugKU9przvnuulrfMbnvJV8zapQRj+VIzmvvI=
last-modified
Thu, 07 Sep 2023 13:40:41 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"70983ffe98fd394eee76162430005ecf"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
acbc2e0b-1875-472e-93e7-be7f028b2851
access-control-max-age
3000
cache-control
public, max-age=604800
cdn-requestid
dedb9b4d9530778a33deed5e69d8f1b6
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
truncated
/ 		293 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
trinity-player.php
trinitymedia.ai/player/ Frame A27E 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.truesec.com%2Fhub%2Fblog%2Fdarkgate-loader-delivered-via-teams&unitId=2900007345&userId=83015b33-cbfb-4e90-b8af-f80316cb2cc6&isLegacyBrowser=false&version=20230907_6ca36752a633a8e8e0eda691840a48fd303457b8&useBunnyCDN=0&themeId=140
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.133.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-133-189.compute-1.amazonaws.com
Software
Apache /
Resource Hash
d2920219f0d530a27550929d0ecc329bba083b5b80abe2fdb042dd0be51542ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-length
1993
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 09:05:25 GMT
server
Apache
vary
Accept-Encoding
thoughtful-businessman-working-late-on-a-computer-in-the-office-picture-id1160562587.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/thoughtful-businessman-working-late-on-a-computer-in-the-office-picture-id1160562587.jpg?w=1920&h=1080&auto=compress%2Cformat&fit=clip&dm=1694003846&s=e5f9adab91419062d4c32f2282059665
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc66ad7045bdbd9baaa49bc6d270edb9b49b8a0c1b9c18643cb2637e097c836b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5uAv48rcOLfDtUZ9ygzItjN5ioq%2Fb7g2SVrQqv7Aeh1OujcDzbIcnS%2FmVmn%2Fu6bUrnXjjL2fH27Yn0OqLjk8avwxlrK63nHa3gqRpijeoFm8sNcYPVWPBtneOtxgQHkKKhPz8VaOZF3KMLTDkBtzuvSiDHP37vimA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
52a0b76ced12d578fd8dd15b20a0235e
cf-ray
804ebfb38d631d86-FRA
alt-svc
h3=":443"; ma=86400
atom-6-1.png
www.truesec.com/assets/patterns/ 		515 B
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.truesec.com/assets/patterns/atom-6-1.png
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
f1426c9322621378e362570f4ae1a661cf55a46b073bc83c568c2afe67d169e4
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
date
Mon, 11 Sep 2023 09:05:25 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
age
49850
content-disposition
inline; filename="atom-6-1.png"
content-length
515
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Vercel
x-vercel-id
fra1::xcpw5-1694423125043-33d525580d57
x-matched-path
/assets/patterns/atom-6-1.png
etag
"6c972d066621be03b01c6e6ccf542b21"
x-vercel-cache
HIT
content-type
image/png
access-control-allow-origin
https://jealous-emu-production.cl-eu-west-2.servd.dev
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
IMG_1403_small.JPG
optimise2.assets-servd.host/jealous-emu/production/General/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/General/IMG_1403_small.JPG?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1693989399&s=e3f5a02658affa00601c892dd4f15a87
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f2d6a1e2457e16a7a39bff7654eee5ebfe725f418b7a0636c0c8e5a94f3fcdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNs%2B73SUlHd6WHGKx0i77T%2FvpxXP3cqIc0kGBuLH8P7AclC5KTHUIMi5aHXiY9LCdegeQ15RO48SvQ%2B%2BzE4n823JzFia5Hfd90PDzfwnrA%2BtFNBktOu48tKktc3J31QN1pFnA3w%2BbS0NFvFF2rPmmFfjv8UxJNCCMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
45318a338f0475f72436fc9a955fe6c0
cf-ray
804ebfb38d671d86-FRA
alt-svc
h3=":443"; ma=86400
AAD1.png
optimise2.assets-servd.host/jealous-emu/production/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/AAD1.png?w=691&auto=compress%2Cformat&fit=crop&dm=1693999075&s=f54f81701c8394971bce1c0e41234ca1
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98b490054e866a6af63800293fed4cb6fbe4d71bae9ea9a2d4dfb535feb2c03a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCkeFetVW0P%2F3Zg04DnF8b%2Fdl6fKLr4Wnjf6sNAS8jf0UmCpAIrg5Gz5zalgTW12aOb4lTxhi31z8iJ2xqLujtGzPnaMgrl9meriEK0wSyGVuONyyBbboKNmAanEwxdVHUaMrW%2FHPIVo8orC3E99zByTK2iVi1kH9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
8dc5bb5eade54457280cc9208d79deae
cf-ray
804ebfb38d681d86-FRA
alt-svc
h3=":443"; ma=86400
AAD2.png
optimise2.assets-servd.host/jealous-emu/production/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/AAD2.png?w=688&auto=compress%2Cformat&fit=crop&dm=1693999078&s=704d7baa4ccae3ffb0740ef29cd76e7d
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3279f531006280e00c9e2360be2a97963de80364943b6c8171bf711274a4a18

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vw3H5LqozELYiE4Vfs4FsDtrCD6QKhZyvyYKtLLblDllLpOS%2BNG97wURfp%2BfZjPx3ylFH62M5k1es06%2BFtcxHuU4fCEkaCvGomBYpAP7atOylUW1fiksiuTCVocK7lqvOOzpE9%2BxAG%2FExm%2BZDj96GW2mcWg6iBssAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
a1f74a3cc5bd20c57ea38773e0492f6a
cf-ray
804ebfb38d6a1d86-FRA
alt-svc
h3=":443"; ma=86400
Teams_Message_2023-09-06-111840_xfme.png
optimise2.assets-servd.host/jealous-emu/production/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Teams_Message_2023-09-06-111840_xfme.png?w=1414&auto=compress%2Cformat&fit=crop&dm=1693999120&s=7e60d0ea24e5d7a25b18753104c8c0b9
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52294dd3fa003bf6ff5d7898fec6e2430f6216fd6856fccc04a4179805623fe1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9mxxPcf6f0e6cpJCppR4ElbKAbhp%2FEU%2B1TMBRjZp9jkWA%2BnnMA%2FWJSJrrAxVx4pX%2FaC5Rj8KUAHfQpWrRMgTU%2Fdc3S7DPxu8fvXZThUbQwuqSKV1XhX4OYWrDgLzYyY7OQkBCsI%2BBQL8f4tK3yghltZEw9r%2FgjHRdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
8c2c5be71c09289cbc09e3a1caf1facf
cf-ray
804ebfb38d6b1d86-FRA
alt-svc
h3=":443"; ma=86400
URLs.png
optimise2.assets-servd.host/jealous-emu/production/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/URLs.png?w=3064&auto=compress%2Cformat&fit=crop&dm=1693999779&s=d309dd178c6537bd02577cbc44dc9d48
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a759b8e512cc6aee539b7373fb7f20a16400f33bcfcabcaef5220cb3e8bef0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMo1tIyMOlFSJpW4n7LYiR1AzOTAsOwqyw8E2J93jX3afT7%2BLs9LAlAHYtYTaaPillEHgtCximS7PkPmGkeBgMHiqflPEkxup0KH3VHRgbrNV1ZQQSCWfXJzRugJiSrMdflKJYeHdaKCgbjVSS6wJNiBxCrnrbG59g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
acc41b4736c422fbf91349662c51698b
cf-ray
804ebfb38d6d1d86-FRA
alt-svc
h3=":443"; ma=86400
Sharepoint-file.png
optimise2.assets-servd.host/jealous-emu/production/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Sharepoint-file.png?w=2614&auto=compress%2Cformat&fit=crop&dm=1693999116&s=efcd2491aa256b3d95c78d1d806ac9da
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3a7265795f8f7648a263d7321bebdc0d5470ed656b4738b47697794fc3491b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEe1%2BmAO7m672L9apQGvewIpSDqOfoimO8smD6LeMMkoE2YE2JbBPelgZugKpOLj9P3NfTDLPUDGFn4WF9h3hZAMbTqpL5v8VRBojR7Pc%2BKUM4TfUcU4kkMM%2FttvNfSE5vOXCab97SsrdJND99uKs%2B%2Blqbxg%2F%2F%2FykQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
ce959bb5966edcaf7c4762073050eaaa
cf-ray
804ebfb38d6e1d86-FRA
alt-svc
h3=":443"; ma=86400
MS-Defender2.png
optimise2.assets-servd.host/jealous-emu/production/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/MS-Defender2.png?w=602&auto=compress%2Cformat&fit=crop&dm=1694000140&s=83878fb42898f46235cf8ae97b9f587e
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7edc1682dc499603d9971241080541b9a21f483adc96de9b95d566cc3267610

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ef5Mh6%2FIxTpE%2BsvoQn2nT7E7AmG1tkvp5%2F88UPAAvHQYyefWZYjoVZSjfaIU7sYftMXvRtkYD5XMdUGI3HeVwUQWa%2FoLPfaCaVy%2F3Og8opkSUTY5RItDcWJeqKGIJ12NU%2FJ%2FRk1s%2Fxcfmuuz0fzOZHxCGQRsR4JYmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
54673005a898ac3a11b67b80921469a2
cf-ray
804ebfb38d6f1d86-FRA
alt-svc
h3=":443"; ma=86400
LNK-File_2023-09-06-113238_htnw.png
optimise2.assets-servd.host/jealous-emu/production/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/LNK-File_2023-09-06-113238_htnw.png?w=756&auto=compress%2Cformat&fit=crop&dm=1693999958&s=f1a70e6c31c7ec4aa126846290cc13d4
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae16eca567dba2833aced3f9a2f29fb03bcd7c275eb7faf5bdffa028440a3e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiN2ue1oAJRubQdw2eNW13o1viuMkiFEf8%2FjnRPbfjp85Y8KTtNuSxjqG1arnpTSA8EnsKjPhV9MYN1i3AXUk6CsZIqwKtX8L4ESKgTxwLg8nQUPZ4dqCvjOhb4LFgbUmaxOT68urL87s%2FEyoWTCwf8fe9vY4jnVhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
b85ed6bb727916ca0e0ac020d29e537e
cf-ray
804ebfb38d701d86-FRA
alt-svc
h3=":443"; ma=86400
Shell-cmd.png
optimise2.assets-servd.host/jealous-emu/production/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Shell-cmd.png?w=3083&auto=compress%2Cformat&fit=crop&dm=1694001838&s=81f3aa58c7595bc0aaf5e8d79f1adb11
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
706a29996854169c8e3e6638676c86287583c7e153ccde44af6c6a7af174656a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2Bjb%2BOyqtStSQ159Ku%2FV4ZetmybhD0wUJoJPF52qOKXQhFUbWORdf6hOo3UmZ3QC%2BXb0qYxp%2BTTNGW0WpNNim%2FeiV3gA1r%2FfdvE0XGeLTnspIkbi%2Ba142KyiwIS4OIJVBRMYQs%2BCe6xwaUQhH%2F0UOtUNAtE3K6Mmvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
3fadf8c280dc434b041bc300e1060138
cf-ray
804ebfb38d711d86-FRA
alt-svc
h3=":443"; ma=86400
Wireshark.png
optimise2.assets-servd.host/jealous-emu/production/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Wireshark.png?w=1027&auto=compress%2Cformat&fit=crop&dm=1693999124&s=0e051bb8a1da725b0a5ac9609e901931
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44a664b26b088d4e3904cf6a6d439c5fffc2364e970f2c7d8a863e6b67113ebe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysuLvGF%2BWiqA2LlcG33JWMMRvApD8fNcpCA9A2PpRUDzXgYmHIOe7bdlggu610S1xqdA6Q%2BxbudOEXFF9%2BbaU4cmeisEJ%2BUvzdkdFPcxhhl9iSejjZv1irzXAb%2Bm0MLU50v%2FRWXFn1utieQsELEkEt0UmVESslL5bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
de701a8077d17b4ffd61afd2af62e0ea
cf-ray
804ebfb38d751d86-FRA
alt-svc
h3=":443"; ma=86400
AuScript.png
optimise2.assets-servd.host/jealous-emu/production/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/AuScript.png?w=817&auto=compress%2Cformat&fit=crop&dm=1693999100&s=04dd42bc71c6c33ebb24f8156d6c2e07
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76b9fb6631ddfc422502bd8cd514e92d1c7eb15f7e8bf9acf0aa9c1b6ed1d0cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gb2V1%2BJ5%2BukuqzbAvNQ8Hog6RTKIHO%2B7W%2BKt1rJU2XxUxyizit0B0fL0LBj6VP9gY6qccWZQD40jIsvTBbG2JIlWv4fzFVcJNc4DYaC2XnTqk89A4ez4QCzkybLc11HVaNsiqnJqIpaEoSQluTfMGJc9%2Bbuozu088Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
5bfc2ac4ed559b72ef80c4993da532f9
cf-ray
804ebfb38d771d86-FRA
alt-svc
h3=":443"; ma=86400
Sophos.png
optimise2.assets-servd.host/jealous-emu/production/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Sophos.png?w=1242&auto=compress%2Cformat&fit=crop&dm=1693999119&s=aada66965b320b6c9d869c308377ef8f
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef18ba9f8330696838bca85be7e8ec092381fdd96e22b0540507985fc5b6de15

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWwKVfcv9NP%2BwxOo3xRbQyp5umzRjFtgY%2BYrciYpER7P5QlwM1vORqr5lKPpVLCM97RrUprYiizhdRbYiGzjE6DdtFtl%2BDAWUsteDY1kjM9i3%2F1SqQiPr%2FBfvXBZbqyGlkkz6MIzUhMG8AoNsdppcpGGIchssC7SwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
e9ec695343718abe43c3245fa73ccad7
cf-ray
804ebfb38d781d86-FRA
alt-svc
h3=":443"; ma=86400
DllCall.png
optimise2.assets-servd.host/jealous-emu/production/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/DllCall.png?w=1578&auto=compress%2Cformat&fit=crop&dm=1693999102&s=4b46b045bcf363c1df1c44a6f927611e
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55381b08570c7c9e51b16aa8004c9778710d289986ccf052cf7629362b764da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtaSaSDP5PBxbbypJ8HtS5PLXhdyFx%2F4L0OCSWJHWjYTE4MidyJGfz2HuB%2FgdzdX%2B7YItP2nLUJnkCgg0aKC95Cmm1cdJ3Phsoiz3LB69xJDdjsAeYXvyTKDZ%2FDtQraLfffP8dpNxZEl2FkzJlOJtyXG9ElOdcKcXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
8d39f5e7d635220d67b55e773a3b2ec6
cf-ray
804ebfb38d7a1d86-FRA
alt-svc
h3=":443"; ma=86400
Shell.png
optimise2.assets-servd.host/jealous-emu/production/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Shell.png?w=934&auto=compress%2Cformat&fit=crop&dm=1694001339&s=e9e4fc54a5fa8384964f923fc7182892
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7b7a19107d75c9fba95c98fccc89926661184b4be83408fdf1b599d35c7bafb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDAYZitGcOX8QUFDRJ5jMR4MQQqg5K9PXE%2BCOotS4mTKk8SATzAaxRi%2F4YB8ZdgnSQLBDB3%2Ft8zUMVfwpwuGOSHNyWJZKmLoLEKEOBYFbC56XNNqrssdlYLAH370Pp2cfMk9FuLbEswKT7j%2FmgNLV9lSi2ziqp3bXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
49ca812c2896b1d14bb84150ea4c9ce3
cf-ray
804ebfb38d7b1d86-FRA
alt-svc
h3=":443"; ma=86400
PEstudio.png
optimise2.assets-servd.host/jealous-emu/production/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/PEstudio.png?w=1016&auto=compress%2Cformat&fit=crop&dm=1694002388&s=953f452e41d3925f58104c206bbed461
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53248121b272c5b96e926eff9a2abd225951a0a3dfebf17bf244bc7bf3e7ddab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8LrtmC5am5RRv6FXqmMzyWxj2wxOArB4Q0kU0fPthwAmxM7s2Q1rX%2FfUXlc%2FSj4ydidRfZcVDjJrqMxDGHW8SjuuqpluHDUF9T9YMgYoEAGzUHwxgn1NWQ%2FsuHu9KwEfw%2B4tWEmd6V1Qnhwxoz7a7gt2piXvodMbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
e8f5984e6c24f347a8b9d91cd5a5b7c5
cf-ray
804ebfb38d7c1d86-FRA
alt-svc
h3=":443"; ma=86400
Malware-Config.png
optimise2.assets-servd.host/jealous-emu/production/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Malware-Config.png?w=306&auto=compress%2Cformat&fit=crop&dm=1693999113&s=e620dfe0f44d7cdf3a28c3f44df122f7
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dba52e665e3a8c3e3a4f8016b379bf1092b52d4ce7be7501d28afb929008aec1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qockXT4dPCG%2FVjD7zfaoNostDOTrKap98uQnI5WJAwgYiYswfB4tspc1mxohVqD7p6YWFkC8fxtZBlhaq0nzlRZPZvntQ8G6qrr2GpLT8r5vKVHw789A4wTwP2VyJlleM%2FEC7fGjbbrz9k2ZGQMltKSa2y%2Fyiqr3lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
87062eaa269568ee0595742bace28fb5
cf-ray
804ebfb38d7d1d86-FRA
alt-svc
h3=":443"; ma=86400
Akira.png
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/Akira.png?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1693212667&s=7345ccde8dc615b175bfe013e0d50025
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c3283bdce285d0871379763f39b350b662ff2eb41b30a0a7a896bdd92fb23e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IN5D8AHbdLu3dChqwrVN5BdXL5jtbKU9RBZGjvp1MTz3frQuTUjuhM9DJKNCtvzoVrc%2BT5QzU3b29z9LJnXSj4XuCFTWEfhJES3kQNxX%2Bw3zNNBo2loRayAO%2BXXhxXs30Crs5uJLfKIEhqmoRu82kxTHNLFZsGzuNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
3ffe99aa9330e36438b194473d8795d8
cf-ray
804ebfb38d7e1d86-FRA
alt-svc
h3=":443"; ma=86400
me.jpg
optimise2.assets-servd.host/jealous-emu/production/General/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/General/me.jpg?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1693230435&s=62119b004feb955f8c5b8062d2250ce7
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4327998a6b93140ec2c83945ee24da1f7f8d2a5399546824a8cf4af8c12f6b1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6mz133gPbudLDCsPzE83PH7K0J4cu%2BLRyqmS81EQZ2LQnCP5tsDjAXDCf9oiUNnJliWPubZinUNVAYdXD5yKkdGRXfYLupuvpiugoCOQatniF19JJczb48uTP136SIa40JUzi1wZqDZagyONW2XzdCjbMXxkvRzCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
a0534aefbf8f23957325564c7cbfb18b
cf-ray
804ebfb38d7f1d86-FRA
alt-svc
h3=":443"; ma=86400
Untitled.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/Untitled.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1681222488&s=e40b51240a407bddfd49e11ba137dc21
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
195d72f19d6fbe23b1f5fcf7ad169c4ea2e7e2a85cf619ab0be85671e2a56b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmdhfbXCEPKPGN5JJGLRF0uUAN%2F6%2FQdAfdO8E1Lwy3M%2FWRw%2BrORYxlGf6NaQd1OWMJMyUqOXA22dd%2BQYceYDtHSVWqgbty8J9nJJuMqHajhcmxAJUnBRhJvPOigAyJBgndrJpgqDhs8PzGA97K5LdPkEWP7%2BIzrdkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
2b62c69290876a9f092b666bd2edf19e
cf-ray
804ebfb38d821d86-FRA
alt-svc
h3=":443"; ma=86400
viktor-hedberg.png
optimise2.assets-servd.host/jealous-emu/production/Users/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Users/viktor-hedberg.png?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1643982381&s=adf8c581ddac1e588bb86f3eaaba060b
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
812a98a9fcad42f55b75c791fd838062d45453b01bcbfa9edaf10c2ae3a3ecac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fy5u0YRaWTEb0Wpp1z%2F%2FpBqKzxNBRhMYWJlB8ZYITwEjzgz3KPGUU198yGnKCVuweOxfJH86O1SydCAQLqyrCgZM%2BbBvmERAvLB2DgS5X5TYHiugdFs53Dcl9BMnoNUctKXwGsMm44I9pjaF%2F31wh5%2FtL00ycSLRmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
f55b73b1869fe6a045ab6ed7128a895b
cf-ray
804ebfb38d841d86-FRA
alt-svc
h3=":443"; ma=86400
incident_response_fortinet_cve.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/incident_response_fortinet_cve.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1666356095&s=8c72faf650fa7e757b8dc02f6c377cc4
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf55db8dd64a24ddeccfb8e36ba6385adb002aecc484e7a19faee8157ccc8024

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jo3CjVai76ovM4ygBWKZomYbOeH3A31SbBEPEMm6XYs7ZG7FJz%2Buch0ZpCB5Tws%2FD%2FZO4%2FMGSNd2Evv7WjxM8bOUGKZricDMDmBm%2FzOS0%2F2Y8WWU7cH5%2ByPfgA903gnQ1qBsbIDLtaIk3ptfTBEpEuMX2sqqzJYY5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
2480b560797b6645da29c79ac4529c65
cf-ray
804ebfb38d851d86-FRA
alt-svc
h3=":443"; ma=86400
Heresh-Zaremand-Truesec-Expert-Spotlight-2022.jpg
optimise2.assets-servd.host/jealous-emu/production/Users/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Users/Heresh-Zaremand-Truesec-Expert-Spotlight-2022.jpg?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1673511763&s=6fb72412b0d393b4ae7aa28618dabc45
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
529c118b499a77edf35a4718df6f6428e554f45db842e1a7494e44ea1c3ec346

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LuTJLixq5tB2hgrBNtFnC6%2Bu5IFBERfyB%2FRXYLdLqqoPS5iQNIUkS7VVZct0w8NBPbqhllLhgRwuaP4WszxE%2BXpS9DU51GHCBlyxSsGV74UVYzyeDY55URlh9o6cDHclshN5DzUsvPDQrUfOHIIWuFvVWsjWI68jHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
42c1bc5ceaa24a7ab9c7dcc0dd0832c8
cf-ray
804ebfb38d871d86-FRA
alt-svc
h3=":443"; ma=86400
shutterstock_492815677.jpg
optimise2.assets-servd.host/jealous-emu/production/Blog/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Blog/shutterstock_492815677.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1639943292&s=8cf45fd6a2823a3ad1d4394eb13cc846
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d61115ea5fdaa1c801094926e601f0a01ad99953dd7ba8c2b7c31eb07550c284

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFH81H28WbfMj%2FwWPvD9ofr8ebRvFDL1YluhlPBOOP3wSY6pPIiKXOo%2FhatMZn7RrEarL6ssSL13qiP4AsTleJJebnyESo3Hw6WipWbr%2BTX0Jklgf94Tyqt15gAXie8P2ldWzyO4yilVnh4R8nakRdcWB6gPgU7NtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
2bf92e282393414d4edf99e221b74dd2
cf-ray
804ebfb38d881d86-FRA
alt-svc
h3=":443"; ma=86400
iStock-520840869.jpg
optimise2.assets-servd.host/jealous-emu/production/Techtalk/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Techtalk/iStock-520840869.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1633331446&s=362a7eb5d9abd6c2a840b164b3114213
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a57b0fa179da2a854a2df35da5c0d283dadf8c0ce48e20d322d67142b2737c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dArlqW3RnSzgTrpTwPfzTi2ZFBkcjjqzimMJCWSX7Y44VZenW%2BU8hYTXcH1iuTxEJYs5tRRMnGZbroJaVUWY1l8N81laRpRm%2Bm7NkPRnRyDQqGs33RWYRM%2F5M0unNyUQyrYG0YLcOmiSVaxcxtU5JnwKI6uTMv2brQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
40c908f2f9215c27b377fadad9a27382
cf-ray
804ebfb38d891d86-FRA
alt-svc
h3=":443"; ma=86400
MicrosoftTeams-image.png
optimise2.assets-servd.host/jealous-emu/production/General/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/General/MicrosoftTeams-image.png?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1659610676&s=716fb29c56876c2be214b6bade137539
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e5213cf60337f90e1d37e756078f913caa752eaf938e31837afdb7ade1711c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FaRrJGiucPR8obEqTFlRi%2F1OKFpFygDIfNbEh8pvhiR4%2FXEB0MP67Pzk3nt8QrzcT26VtFS%2Bi8ob47uHTrYbWth746fxY952TYP5ccP8DmdgIfvm29B3uz7p1EH28Kw2PIENE9SYLfG4v1lQsGW%2FpUh7zBYjLg51OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
3f5a43f151cc473fe92d2324ee5caa64
cf-ray
804ebfb38d8a1d86-FRA
alt-svc
h3=":443"; ma=86400
MicrosoftTeams-image-10.png
optimise2.assets-servd.host/jealous-emu/production/General/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/General/MicrosoftTeams-image-10.png?w=300&h=300&auto=compress%2Cformat&fit=crop&dm=1633331395&s=14039da161c092aff8cb8609b3f23551
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f4684daf4fdaeb1b6084106f8d380ec21bf768348626110931b8661fde758c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGCE0008Zt%2Fc6mAHPm4Yx5F9G6KbMttyAhNHBv%2FEsmCyqL%2FNJYruu5YYz5FIffQr8w5dJ9SOkAezslnO2%2B3LoOonkXRkWSthEmiaV7wZbPiusGeBcUp4s08QkOg7RRj2uuza6lXNVyxUeUT0lMGHeIviNLjYFEbfqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
0c8ea287b72530e8fea51b865bcc3fd9
cf-ray
804ebfb38d8c1d86-FRA
alt-svc
h3=":443"; ma=86400
mario-gogh-VBLHICVh-lI-unsplash.jpg
optimise2.assets-servd.host/jealous-emu/production/Article/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimise2.assets-servd.host/jealous-emu/production/Article/mario-gogh-VBLHICVh-lI-unsplash.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1673611087&s=93230308cd899f59560544652e0d8ba6
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47cf28768d4b6447016d04e373262a5cbde48c532d77ad991b02176b7630b1c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-servd-from
Cache EU
date
Mon, 11 Sep 2023 09:05:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UG6D848HLiySDYuWHQxhthHpW%2BaPj1bpAZoW2RGOOrZAAZ0Q08av5G4SGnQvr9abBWHjqAbJ%2FljS%2B%2B1%2BijrVQfgBy80IQpz84oZOOjuR8J9SsLjie4134j2mdLxQDnh%2FWDvjVVQFEtPfdapO%2FkTXiJYlJ7LeAUJMlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31104000
cross-origin-resource-policy
cross-origin
x-servd-hash
160f84278dee4fd2a8f3b581da3059c8
cf-ray
804ebfb38d8e1d86-FRA
alt-svc
h3=":443"; ma=86400
trinity-484fef5e39bd1f12260ad07d5cc3499d.js
vd.trinitymedia.ai/trinity-player/buttons/ Frame A27E 		906 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vd.trinitymedia.ai/trinity-player/buttons/trinity-484fef5e39bd1f12260ad07d5cc3499d.js
Requested by
Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.truesec.com%2Fhub%2Fblog%2Fdarkgate-loader-delivered-via-teams&unitId=2900007345&userId=83015b33-cbfb-4e90-b8af-f80316cb2cc6&isLegacyBrowser=false&version=20230907_6ca36752a633a8e8e0eda691840a48fd303457b8&useBunnyCDN=0&themeId=140
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
bc7b889274bb4e05e2dfbd158e8daf8300bc9d47c5abeaad0b5a6f8f8e250f80

Request headers

Referer
https://trinitymedia.ai/
Origin
https://trinitymedia.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 09:05:25 GMT
x-amz-version-id
yJ4ODGfNfXjPVjlpeffF4bpGOLGUZC.4
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
1XH6WVNZ5MFWJXHE
cdn-cachedat
07/07/2023 01:54:56
cdn-pullzone
112690
x-amz-id-2
mOaUTfBSZTlzTc4zGfuGMr+qcYAdwbGlr8DZUwZF4cUNLECVcZGYO2CAl76KdI1/ToZOhezCUzM=
last-modified
Thu, 22 Jun 2023 12:27:19 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"444f9bde622bea25c2686485c1e13e40"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
acbc2e0b-1875-472e-93e7-be7f028b2851
access-control-max-age
3000
cache-control
public, max-age=604800
cdn-requestid
6ee64b3c2860eacce4aae02c7c4a38d6
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
trinity-player.js
vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/ Frame A27E 		1 MB
412 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-player.js
Requested by
Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.truesec.com%2Fhub%2Fblog%2Fdarkgate-loader-delivered-via-teams&unitId=2900007345&userId=83015b33-cbfb-4e90-b8af-f80316cb2cc6&isLegacyBrowser=false&version=20230907_6ca36752a633a8e8e0eda691840a48fd303457b8&useBunnyCDN=0&themeId=140
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
ed88bd41298b476b776edd5f6385a5a97ba90e4e5562ba2b596830e3972008af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trinitymedia.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 09:05:25 GMT
x-amz-version-id
Z0KhXGpgpFFlActiKnYDoDOxM6ct0YEN
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
QQQRJK8AKVPQ0EQ7
cdn-cachedat
09/07/2023 14:42:25
cdn-pullzone
112690
x-amz-id-2
/IVvmXchbGskSMlEnNuAjP/GIH8F8HWnRkGQ5eEn3OlL2FtTFuUyjaoabc9glpY2hl/+bRqZ6qw=
last-modified
Thu, 07 Sep 2023 13:40:41 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"098d8044e6d8a25e945494d76efe436f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
acbc2e0b-1875-472e-93e7-be7f028b2851
cache-control
public, max-age=604800
cdn-requestid
05f528aa254558b2dfffd24884261bfc
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
collect
depart.trinitymedia.ai/api/ Frame A27E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://depart.trinitymedia.ai/api/collect?t=audio
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.136.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-136-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://trinitymedia.ai/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 11 Sep 2023 09:05:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
collect
depart.trinitymedia.ai/api/ Frame A27E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://depart.trinitymedia.ai/api/collect?t=audio
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.136.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-136-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://trinitymedia.ai/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 11 Sep 2023 09:05:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
collect
depart.trinitymedia.ai/api/ Frame A27E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://depart.trinitymedia.ai/api/collect?t=audio
Requested by
Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.136.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-136-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://trinitymedia.ai/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 11 Sep 2023 09:05:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization
content-length
0
access-control-allow-methods
GET, POST, OPTIONS

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| hubspot object| HubSpotForms object| _hsq object| hbspt object| hsFormsOnReady object| webpackChunk_N_E object| regeneratorRuntime object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| __BUILD_MANIFEST object| __SSG_MANIFEST object| __MIDDLEWARE_MANIFEST object| dataLayer object| google_tag_manager object| google_tag_data object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| CookieConsent object| CookiebotDialog object| CookieConsentDialog boolean| __TRINITY_IS_LEGACY__ number| __TRINITY_TAG_TIME__ object| TRINITY_PLAYER function| TRINITY_DISPLAY

4 Cookies

Domain/Path Name / Value
www.truesec.com/ Name: TRINITY_USER_DATA
Value: eyJ1c2VySWRUUyI6MTY5NDQyMzEyNTAxMX0=
www.truesec.com/ Name: TRINITY_USER_ID
Value: 83015b33-cbfb-4e90-b8af-f80316cb2cc6
trinitymedia.ai/ Name: AWSALBCORS
Value: XXOuBncfLQ5jz6IxdurkK2WW1LInoCLU6OTEQ4jAQeaLkddtEQdbzWMdBhnf0YrGGLXFYznYL5HJi6PYfg7TV0d6zHacNM67wkiMbovB8dhG62WmR3J7nwXVcVVo
.trinitymedia.ai/ Name: AUID
Value: 83015b33-cbfb-4e90-b8af-f80316cb2cc6

1 Console Messages

Source Level URL
Text
other warning URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20230907_6ca36752a633a8e8e0eda691840a48fd303457b8/trinity-injector-script.js
Message:
Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors http://localhost http://ts-craft-cms.test https://jealous-emu-production.cl-eu-west-2.servd.dev https://jealous-emu-staging.cl-eu-west-2.servd.dev
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consent.cookiebot.com
consentcdn.cookiebot.com
depart.trinitymedia.ai
forms-eu1.hsforms.com
forms.hsforms.com
js.hsforms.net
optimise2.assets-servd.host
trinitymedia.ai
vd.trinitymedia.ai
www.googletagmanager.com
www.truesec.com
172.65.232.43
18.157.136.187
2400:52e0:1e00::1081:1
2606:4700:20::681a:9b5
2606:4700::6810:88ce
2606:4700::6811:cff9
2a00:1450:4001:811::2008
2a02:26f0:1700:11::b856:6785
2a02:26f0:1700:781::f09
52.200.133.189
76.76.21.21
00ca7ea4437a90808440f33c5ab5cfe8fccf82f52952fc567042cde324f074e1
05e942b5355a69109b588f650d9fa373048ec2bd052b57fc3ee917edaa1fab08
0816d592fc5f1053871e7068875fb7b77ce9c1cb2207412377833a1c754bca27
0a759b8e512cc6aee539b7373fb7f20a16400f33bcfcabcaef5220cb3e8bef0e
0b17da62fb36f7470a36919503a56c697359e2958588c16dfb667bc9891318f9
0d863b2b45f901c1e969cb2322cf0e8ca92a6c8f9114db87ff5575f70540879c
0f2d6a1e2457e16a7a39bff7654eee5ebfe725f418b7a0636c0c8e5a94f3fcdd
10e5213cf60337f90e1d37e756078f913caa752eaf938e31837afdb7ade1711c
12eafb79e16d64f4daa2ab6ba61aefc064eccab6b69941a651bb736eb8350ce4
195d72f19d6fbe23b1f5fcf7ad169c4ea2e7e2a85cf619ab0be85671e2a56b9c
19e3739510e1e39854190f0cc00a79b0860aafc50568bc07c5214a023fdf5575
1c9ea062dfaf7950144ab12c13de6d5d56d1e79da506ba915271e8d898169a49
1dd978d7b6720d34187523774848300fd53a6d648cb35602298ee8ee148d7227
1ffdbab6c1c63856cfa9cf33bd89f8c00181e54925f96e1373ca2792e0376cf7
21f0b92361b4edc71ece0791a0ca370a9c8d15cb03b66b544805cb370c13ed87
273a989952bcaab018a929e31149171f873713cd36caa79a6650a7bdd5b08130
2c55b6eeca8d750a04e577dcc3e6bc919b5f1a8ec79291fe9c6a253c812787c3
38a1f97713a4a82ca482e4bd1a2ebe658a0af8f138a7a0695dd76836d83c8927
3b54dffddaa2eac539bd5b13d6f80c38da6076ce740db0c587a68e7e4f25c5b6
4327998a6b93140ec2c83945ee24da1f7f8d2a5399546824a8cf4af8c12f6b1f
44a664b26b088d4e3904cf6a6d439c5fffc2364e970f2c7d8a863e6b67113ebe
47cf28768d4b6447016d04e373262a5cbde48c532d77ad991b02176b7630b1c0
4dcba62e131ca99eef51fcd87910cd06078c5cc07646781d90c00abf4d0f7a15
5202c7efbe462a95aa34ec4cba8b72b4250884b76e5362ffddc14cec6c82e58e
52294dd3fa003bf6ff5d7898fec6e2430f6216fd6856fccc04a4179805623fe1
529c118b499a77edf35a4718df6f6428e554f45db842e1a7494e44ea1c3ec346
53248121b272c5b96e926eff9a2abd225951a0a3dfebf17bf244bc7bf3e7ddab
5a310b7dbaf9f4c6bed4342cdbaeab0c4e611c71a79ea3da893597a707ada6df
5e059d5d50bd7b9859989431b0eb4288e8fddd12d6339e1d919fcae7924e999f
686488945a9723698678b0b26098a507f0241238995f1f11cf0bf6aff67eda7b
68cafb4ced99f1149bfe5c037fd60dba028bfff075be7ab7311244d92fa8abcc
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ecf97ddcde4ca1fd32079c5aaf17668865953f4f354462318209cbe8cdae0f0
706a29996854169c8e3e6638676c86287583c7e153ccde44af6c6a7af174656a
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
76b9fb6631ddfc422502bd8cd514e92d1c7eb15f7e8bf9acf0aa9c1b6ed1d0cf
7a57b0fa179da2a854a2df35da5c0d283dadf8c0ce48e20d322d67142b2737c3
7c3283bdce285d0871379763f39b350b662ff2eb41b30a0a7a896bdd92fb23e2
7dbe027dec63d7c8577996e7a12839d9093a3385fe4b6b0d024a7e8734a9af69
80355310a104e9171d06b0f88674d1e775674e802eb8bfac4e107c7d551bd97d
8108e60f47602e67e6c9c978dd2b3cec824efaf297873ea9a7aeef5a1327e6be
812a98a9fcad42f55b75c791fd838062d45453b01bcbfa9edaf10c2ae3a3ecac
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
8ae16eca567dba2833aced3f9a2f29fb03bcd7c275eb7faf5bdffa028440a3e3
8bb1d2cc8994196f0ebebcdb7540d71a756161d36f65a62d5171f595a20eaafc
98b490054e866a6af63800293fed4cb6fbe4d71bae9ea9a2d4dfb535feb2c03a
a367ee69492a7aa3aacfd5b21a2c364ae29a754e71c575e62a6a06498d6f8032
aa966e68cdedc8e26549f20c4cc5fc652f01da4382a112ad958ff497133eb5cf
abd886b4986fccee2b3a90517fb3e23561e863f4ad4dac9e77f5aeeaaac933c1
b0f4684daf4fdaeb1b6084106f8d380ec21bf768348626110931b8661fde758c
b12368d3c5dba872ff52f51d990122bb48b276fc7e21e4a12bf4bdcd52f33daa
b3279f531006280e00c9e2360be2a97963de80364943b6c8171bf711274a4a18
b3a7265795f8f7648a263d7321bebdc0d5470ed656b4738b47697794fc3491b2
b55381b08570c7c9e51b16aa8004c9778710d289986ccf052cf7629362b764da
b7b7a19107d75c9fba95c98fccc89926661184b4be83408fdf1b599d35c7bafb
ba9aaa9781bcf6a336d00f3a299b1a4a0bcd5e72750f0f67f42dc8ba87c25948
bc66ad7045bdbd9baaa49bc6d270edb9b49b8a0c1b9c18643cb2637e097c836b
bc7b889274bb4e05e2dfbd158e8daf8300bc9d47c5abeaad0b5a6f8f8e250f80
bf55db8dd64a24ddeccfb8e36ba6385adb002aecc484e7a19faee8157ccc8024
c67c9ebb2902667753b0ee6f7fb1a3d96ba9756a5a773908fa18ae3ba0310dac
cf03ecf030290b6233be696822cdd47bc3eb800234300a36693c4232c35744e8
d2920219f0d530a27550929d0ecc329bba083b5b80abe2fdb042dd0be51542ef
d61115ea5fdaa1c801094926e601f0a01ad99953dd7ba8c2b7c31eb07550c284
dba52e665e3a8c3e3a4f8016b379bf1092b52d4ce7be7501d28afb929008aec1
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e30ce15e8acb6c3db0edadbc7fb54d04a8101efef317c703884a976c90335fe9
e3c315e23621def3913ebaf4526f08be50f72117ff32fe8126b74f44b6216da8
ed88bd41298b476b776edd5f6385a5a97ba90e4e5562ba2b596830e3972008af
ee0efafd4d3bf456260c4570c1f5f2ebe67af6ff74fcbaec9d0f871abf4b09e1
ef18ba9f8330696838bca85be7e8ec092381fdd96e22b0540507985fc5b6de15
f1426c9322621378e362570f4ae1a661cf55a46b073bc83c568c2afe67d169e4
f7edc1682dc499603d9971241080541b9a21f483adc96de9b95d566cc3267610
fac5469e2cca28f7a533005edefbe714e5ceb2e3020a8616f0bdadc02ac36791
fe32f3b97a20afc22716df6ffe48d4b9f96eaeca69181805ae0e8ba1444b31c4