www.trustwave.com Open in urlscan Pro
52.151.96.240 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.trustwave.com/e3t/Ctc/5F+113/d2vn8X04/VWtLQQ6-q_-6VH_6tF5vMz81W178YCN50hTX0N7Rflz93pcXVV1-WJV7CgXZVW94CPyQ3nTw...
Effective URL:
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23...
Submission: On June 27 via api (June 27th 2023, 8:06:49 pm UTC) from LK — Scanned from DE

Summary HTTP 186 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 53 IPs in 10 countries across 41 domains to perform 186 HTTP transactions. The main IP is 52.151.96.240, located in London, United Kingdom and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.trustwave.com. The Cisco Umbrella rank of the primary domain is 394490.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 17th 2022. Valid for: a year.

This is the only time www.trustwave.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:67fe	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
21 35	52.151.96.240 52.151.96.240	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
16	2606:4700::68... 2606:4700::6812:1153	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e04e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a02:26f0:170... 2a02:26f0:1700:d::1737:6ea4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6810:ba41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	52.239.171.228 52.239.171.228	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
4	204.79.197.234 204.79.197.234	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6812:863b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:310... 2a02:26f0:3100::1735:28b2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
9	2606:4700::68... 2606:4700::6811:d5f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	104.77.31.43 104.77.31.43	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
2	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2	2606:4700::68... 2606:4700::6812:18c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:8ace	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:6ac7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:79be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	192.96.202.198 192.96.202.198	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	99.84.88.95 99.84.88.95	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d2f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:26d... 2600:9000:26db:4600:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	99.84.88.65 99.84.88.65	16509 (AMAZON-02) (AMAZON-02)
2	2603:1030:f00... 2603:1030:f00:3::35	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	199.15.214.243 199.15.214.243	15224 (OMNITURE) (OMNITURE)
1	2606:4700::68... 2606:4700::6811:cacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2603:1020:e01... 2603:1020:e01:2::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2603:1040:c01... 2603:1040:c01::341	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.236.186.218 52.236.186.218	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
186	53

2 2606:2c40::c73c:67fe (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

info.trustwave.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 52.151.96.240 (London, United Kingdom) 21 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.trustwave.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700::6812:1153 (United States)

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e04e (United States)

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:26f0:1700:d::1737:6ea4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

trustwave.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:ba41 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 52.239.171.228 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

trustwave.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.79.197.234 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.atmrum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:863b (United States)

ASN13335 (CLOUDFLARENET, US)

js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100::1735:28b2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

10419288.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9785483.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States) 1 redirects

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6811:d5f3 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.77.31.43 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-31-43.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8ace (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:6ac7 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:79be (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.96.202.198 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

n2.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-95.muc50.r.cloudfront.net

vidassets.terminus.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2f3 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26db:4600:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-65.muc50.r.cloudfront.net

wec-assets.terminus.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2603:1030:f00:3::35 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

17d48576e9fcf8646fca3b0bd582c2db.azr.footprintdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.15.214.243 (United States)

ASN15224 (OMNITURE, US)

815-rfm-693.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cacc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2603:1020:e01:2::60 (Oslo, Norway)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ec55be6537f8444a901d184d2f0ed60c.azr.footprintdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2603:1040:c01::341 (Chennai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

0f03f66557640799d2117a8b715de776.azr.footprintdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.236.186.218 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	trustwave.com 22 redirects info.trustwave.com www.trustwave.com — Cisco Umbrella Rank: 394490	179 KB
21	windows.net trustwave.blob.core.windows.net	3 MB
16	cookiepro.com cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 6714	205 KB
12	azureedge.net trustwave.azureedge.net	231 KB
11	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2542	7 KB
10	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4527 forms-na1.hsforms.com — Cisco Umbrella Rank: 7529	38 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	1005 KB
10	google.com www.google.com — Cisco Umbrella Rank: 10 region1.analytics.google.com — Cisco Umbrella Rank: 2556 adservice.google.com — Cisco Umbrella Rank: 113	31 KB
6	footprintdns.com 17d48576e9fcf8646fca3b0bd582c2db.azr.footprintdns.com ec55be6537f8444a901d184d2f0ed60c.azr.footprintdns.com 0f03f66557640799d2117a8b715de776.azr.footprintdns.com	1 KB
6	google.de www.google.de — Cisco Umbrella Rank: 4752 adservice.google.de — Cisco Umbrella Rank: 10561	1 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 10419288.fls.doubleclick.net 9785483.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130	6 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 414 www.linkedin.com — Cisco Umbrella Rank: 544 px4.ads.linkedin.com — Cisco Umbrella Rank: 6544	5 KB
5	mouseflow.com 1 redirects cdn.mouseflow.com — Cisco Umbrella Rank: 7488 n2.mouseflow.com — Cisco Umbrella Rank: 24342	57 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	4 KB
5	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 7363	824 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	319 KB
4	atmrum.net www.atmrum.net — Cisco Umbrella Rank: 40117	4 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	70 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 274	31 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 683	284 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	259 B
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1031	749 B
2	terminus.services vidassets.terminus.services — Cisco Umbrella Rank: 22585 wec-assets.terminus.services — Cisco Umbrella Rank: 20390	12 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 5002 forms.hscollectedforms.net — Cisco Umbrella Rank: 5136	26 KB
2	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2438	127 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 732	635 B
2	t.co t.co — Cisco Umbrella Rank: 511	581 B
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3991	7 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	133 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 914	6 KB
2	hs-scripts.com js-na1.hs-scripts.com — Cisco Umbrella Rank: 8679	2 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3795	1 KB
1	mktoresp.com 815-rfm-693.mktoresp.com	121 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 383	265 B
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3599	3 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2425	21 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 768	15 KB
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2394	22 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 2484	361 B
1	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 2033	12 KB
1	fonts.net fast.fonts.net — Cisco Umbrella Rank: 3640
186	41

	Domain	Requested by
35	www.trustwave.com	21 redirects info.trustwave.com www.trustwave.com az416426.vo.msecnd.net
21	trustwave.blob.core.windows.net	www.trustwave.com
16	cookie-cdn.cookiepro.com	www.trustwave.com cookie-cdn.cookiepro.com az416426.vo.msecnd.net
12	trustwave.azureedge.net	www.trustwave.com trustwave.azureedge.net
11	track.hubspot.com
8	forms.hsforms.com	az416426.vo.msecnd.net www.trustwave.com js.hsforms.net
7	www.google.com	www.trustwave.com www.gstatic.com
6	fonts.gstatic.com	www.trustwave.com www.google.com
5	fonts.googleapis.com	trustwave.azureedge.net js.hsforms.net
5	js.hsforms.net	www.trustwave.com js.hsforms.net
4	www.google.de	www.trustwave.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.googletagmanager.com	www.trustwave.com www.googletagmanager.com js.hsadspixel.net
4	www.atmrum.net	www.trustwave.com www.atmrum.net az416426.vo.msecnd.net
3	px.ads.linkedin.com	3 redirects
3	n2.mouseflow.com	az416426.vo.msecnd.net
3	www.google-analytics.com	www.googletagmanager.com az416426.vo.msecnd.net
3	cdnjs.cloudflare.com	www.trustwave.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	0f03f66557640799d2117a8b715de776.azr.footprintdns.com	www.trustwave.com
2	ec55be6537f8444a901d184d2f0ed60c.azr.footprintdns.com	www.trustwave.com
2	17d48576e9fcf8646fca3b0bd582c2db.azr.footprintdns.com	www.trustwave.com
2	www.facebook.com	www.trustwave.com
2	cdn.linkedin.oribi.io	az416426.vo.msecnd.net
2	forms-na1.hsforms.com	www.trustwave.com js.hsforms.net
2	adservice.google.de	adservice.google.com
2	js.hs-banner.com	js-na1.hs-scripts.com
2	analytics.twitter.com	www.trustwave.com
2	t.co	www.trustwave.com
2	munchkin.marketo.net	trustwave.azureedge.net munchkin.marketo.net
2	adservice.google.com	9785483.fls.doubleclick.net 10419288.fls.doubleclick.net
2	stats.g.doubleclick.net	www.googletagmanager.com az416426.vo.msecnd.net
2	cdn.mouseflow.com	1 redirects www.trustwave.com
2	connect.facebook.net	info.trustwave.com connect.facebook.net
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	js-na1.hs-scripts.com	www.trustwave.com www.googletagmanager.com
2	info.trustwave.com	1 redirects
1	api.hubapi.com	az416426.vo.msecnd.net
1	815-rfm-693.mktoresp.com	munchkin.marketo.net
1	forms.hscollectedforms.net	az416426.vo.msecnd.net
1	wec-assets.terminus.services	www.trustwave.com
1	match.adsrvr.org	www.trustwave.com
1	px4.ads.linkedin.com	www.trustwave.com
1	www.linkedin.com	1 redirects
1	vidassets.terminus.services	www.googletagmanager.com
1	js.hsadspixel.net	js-na1.hs-scripts.com
1	js.hscollectedforms.net	js-na1.hs-scripts.com
1	js.hs-analytics.net	js-na1.hs-scripts.com
1	region1.analytics.google.com	www.googletagmanager.com
1	9785483.fls.doubleclick.net	www.googletagmanager.com
1	10419288.fls.doubleclick.net	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	az416426.vo.msecnd.net	www.trustwave.com
1	s7.addthis.com	www.trustwave.com
1	player.vimeo.com	www.trustwave.com
1	fast.fonts.net	www.trustwave.com
186	57

This site contains links to these domains. Also see Links.

Domain
fusion.trustwave.com
console.us.mailmarshal.cloud
trustwave.ziftone.com
twitter.com
www.linkedin.com
www.facebook.com
www.hivesystems.io
www.youtube.com
local.trustwave.com
cookiepedia.co.uk
www.cookiepro.com

Subject Issuer	Validity	Valid
info.trustwave.com GTS CA 1P5	`2023-05-26` - `2023-08-24`	3 months	crt.sh
www.trustwave.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-17` - `2023-11-16`	a year	crt.sh
cookiepro.com Cloudflare Inc ECC CA-3	`2023-03-20` - `2024-03-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-05` - `2024-05-04`	a year	crt.sh
*.azureedge.net Microsoft Azure TLS Issuing CA 05	`2023-05-17` - `2024-05-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
atmrum.net Microsoft Azure TLS Issuing CA 06	`2023-04-18` - `2024-04-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-07` - `2023-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.mouseflow.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-24` - `2023-09-24`	a year	crt.sh
*.terminus.services Amazon RSA 2048 M01	`2023-02-22` - `2023-11-14`	9 months	crt.sh
*.google.de GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.footprintdns.com Microsoft Azure TLS Issuing CA 05	`2023-06-12` - `2024-06-06`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 05	`2023-04-21` - `2024-04-15`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Frame ID: 2E29709F6DE44A8D6BD10FFCA71EAD9E
Requests: 163 HTTP requests in this frame

Frame: https://10419288.fls.doubleclick.net/activityi;src=10419288;type=trust0;cat=trust0;ord=4070759502462;gtm=45He36q0;auiddc=1857590066.1687896403;u1=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email
Frame ID: 5D60DFACE2C080D078536B757DEF3DD1
Requests: 1 HTTP requests in this frame

Frame: https://9785483.fls.doubleclick.net/activityi;src=9785483;type=siter0;cat=siter00;ord=6601719101295;gtm=45He36q0;auiddc=1857590066.1687896403;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email
Frame ID: 565BDAD83468EC1715B19515DA1581D8
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/src=9785483;type=siter0;cat=siter00;ord=6601719101295;gtm=45He36q0;auiddc=1857590066.1687896403;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email
Frame ID: 32AB13B0A630964A3AE191C498462C34
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/src=10419288;type=trust0;cat=trust0;ord=4070759502462;gtm=45He36q0;auiddc=1857590066.1687896403;u1=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email
Frame ID: 7B0FF5DE4E9F7CB1B5A7649968818A6E
Requests: 1 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/embed/v2.js
Frame ID: 4156A5AB5916A351581E6EF0B4386D46
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdMtIkUAAAAAP7FCbfNuAv_bvJRl7vsAjPIyOWc&co=aHR0cHM6Ly93d3cudHJ1c3R3YXZlLmNvbTo0NDM.&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=1jlqiootqxih
Frame ID: F8AB42AC8C25094A5F3D142215F0F849
Requests: 7 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/embed/v2.js
Frame ID: 59A19B9B957A329E32A695092204BEC1
Requests: 2 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/embed/v2.js
Frame ID: C9070EA45234A37F5DC5D89015AEAB59
Requests: 2 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/embed/v2.js
Frame ID: 9A50F1862E861D52B831B8858FA0CE33
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/src=9785483;type=siter0;cat=siter00;ord=6601719101295;gtm=45He36q0;auiddc=1857590066.1687896403;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email
Frame ID: A49116D8513829D593F5389A51B56647
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/src=10419288;type=trust0;cat=trust0;ord=4070759502462;gtm=45He36q0;auiddc=1857590066.1687896403;u1=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email
Frame ID: C4569E825ADA07BFB69EFE112F6B2A54
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 53A60E05E1AEB296A0D4CCAC2ED5EAC7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Honeypot Recon: MSSQL Server – Database Threat Overview '22/'23 | TrustwaveBack ButtonSearch IconFilter IconBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://info.trustwave.com/e3t/Ctc/5F+113/d2vn8X04/VWtLQQ6-q_-6VH_6tF5vMz81W178YCN50hTX0N7Rflz93pcXVV1-... Page URL
https://info.trustwave.com/events/public/v1/encoded/track/tc/5F+113/d2vn8X04/VWtLQQ6-q_-6VH_6tF5vMz81W1... HTTP 307
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-t... Page URL

Detected technologies

AddThis (Widgets) Expand

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

186
Requests

88 %
HTTPS

67 %
IPv6

41
Domains

57
Subdomains

53
IPs

10
Countries

6278 kB
Transfer

12569 kB
Size

39
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://fusion.trustwave.com/?utm_medium=email&utm_source=hs_email&utm_campaign=NWS%20Trustwave%20Digest
Title: Fusion Platform Login

Search URL Search Domain Scan URL

URL: https://console.us.mailmarshal.cloud/?utm_medium=email&utm_source=hs_email&utm_campaign=NWS%20Trustwave%20Digest
Title: MailMarshal Cloud Login

Search URL Search Domain Scan URL

URL: https://trustwave.ziftone.com/?utm_medium=email&utm_source=hs_email&utm_campaign=NWS%20Trustwave%20Digest#/page/reg
Title: Register

Search URL Search Domain Scan URL

URL: https://trustwave.ziftone.com/?utm_medium=email&utm_source=hs_email&utm_campaign=NWS%20Trustwave%20Digest#/page/logged-out-home
Title: Login

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/&text=Honeypot%20Recon:%20MSSQL%20Server%20%E2%80%93%20Database%20Threat%20Overview%20%2722/%2723+-+Trustwave&utm_medium=email&utm_source=hs_email&utm_campaign=NWS%20Trustwave%20Digest

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/&title=Honeypot%20Recon:%20MSSQL%20Server%20%E2%80%93%20Database%20Threat%20Overview%20%2722/%2723&utm_medium=email&utm_source=hs_email&utm_campaign=NWS%20Trustwave%20Digest

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/&utm_medium=email&utm_source=hs_email&utm_campaign=NWS%20Trustwave%20Digest

Search URL Search Domain Scan URL

URL: https://www.hivesystems.io/blog/are-your-passwords-in-the-green?utm_medium=email&utm_source=hs_email&utm_campaign=NWS%20Trustwave%20Digest
Title: report

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/trustwave?utm_medium=email&utm_source=hs_email&utm_campaign=NWS%20Trustwave%20Digest

Search URL Search Domain Scan URL

URL: https://twitter.com/Trustwave?utm_medium=email&utm_source=hs_email&utm_campaign=NWS%20Trustwave%20Digest

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Trustwave/?utm_medium=email&utm_source=hs_email&utm_campaign=NWS%20Trustwave%20Digest

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC2CCqdrAxD9-Fv83NOdjhqA?utm_medium=email&utm_source=hs_email&utm_campaign=NWS%20Trustwave%20Digest

Search URL Search Domain Scan URL

URL: http://local.trustwave.com/en-us/legal-documents/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.cookiepro.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.trustwave.com/e3t/Ctc/5F+113/d2vn8X04/VWtLQQ6-q_-6VH_6tF5vMz81W178YCN50hTX0N7Rflz93pcXVV1-WJV7CgXZVW94CPyQ3nTwg6W6Y1bCq1gWD74W5x_fNK2jBVV6W5tFXC73C1kxYW73PcL87xJn0rW36GTpR7bcnTsW1YK_yz2ydbbBW5Qbwf822rTDyW47r6p01tYHnjW4CM0TC8_xLSTW39PrvB5z78X4W8c67Bp70n_9GW6Hf9bc5TrrH7VM3Xw1763CrXW10ZTRL1TJMr9W1-yH-T618Z98W2vbSfl3BLLJsW2N-96T4nWK2lW5D4fkT20hsJdW15QPnS86DxMkW12gsRQ10swxdW65WBXz7SFqxkN3wnsN737MtGW5kTkN691m5TRW603cKz7gNvh8W1BVBxK8FY2KnW1X6tVF1Gt3wNW5FKzxf3hw7XMW97Kmp543557zW5FHtKt7glTwz3kbf1 Page URL
https://info.trustwave.com/events/public/v1/encoded/track/tc/5F+113/d2vn8X04/VWtLQQ6-q_-6VH_6tF5vMz81W178YCN50hTX0N7Rflz93pcXVV1-WJV7CgXZVW94CPyQ3nTwg6W6Y1bCq1gWD74W5x_fNK2jBVV6W5tFXC73C1kxYW73PcL87xJn0rW36GTpR7bcnTsW1YK_yz2ydbbBW5Qbwf822rTDyW47r6p01tYHnjW4CM0TC8_xLSTW39PrvB5z78X4W8c67Bp70n_9GW6Hf9bc5TrrH7VM3Xw1763CrXW10ZTRL1TJMr9W1-yH-T618Z98W2vbSfl3BLLJsW2N-96T4nWK2lW5D4fkT20hsJdW15QPnS86DxMkW12gsRQ10swxdW65WBXz7SFqxkN3wnsN737MtGW5kTkN691m5TRW603cKz7gNvh8W1BVBxK8FY2KnW1X6tVF1Gt3wNW5FKzxf3hw7XMW97Kmp543557zW5FHtKt7glTwz3kbf1?_ud=d29116aa-2bc8-4ae2-8091-a359ec6700dd&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Linux%20x86_64&_scr=1600,1200 HTTP 307
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://www.trustwave.com/media/20125/picture1jj.png?width=453&height=429&mode=max&v=0.0.1 HTTP 302
https://trustwave.blob.core.windows.net/cache/2/e/d/f/8/4/2edf8453f515b5984129312c86acac7f4d078ced.png

Request Chain 18

https://www.trustwave.com/media/20126/picture2jj.png?v=0.0.1 HTTP 302
https://trustwave.blob.core.windows.net/cache/1/3/1/a/b/0/131ab05f463bde308b3a31bfb0a1f06bbeb853a7.png

Request Chain 19

https://www.trustwave.com/media/20127/picture3jj.png?width=425&height=478&mode=max&v=0.0.1 HTTP 302
https://trustwave.blob.core.windows.net/cache/3/2/8/b/8/1/328b8197fddcf00e401c8c3dddc800f0e0058398.png

Request Chain 20

https://www.trustwave.com/media/20128/picture4jj.png?v=0.0.1 HTTP 302
https://trustwave.blob.core.windows.net/cache/8/d/d/6/b/8/8dd6b8325fba3fac52dc35346a2907094532ad18.png

Request Chain 21

https://www.trustwave.com/media/20129/picture5jj.png?v=0.0.1 HTTP 302
https://trustwave.blob.core.windows.net/cache/e/d/d/e/7/0/edde70af1c377ec3266431b8c4ea8e47cc7ce8c7.png

Request Chain 22

https://www.trustwave.com/media/20130/picture6jj.png?v=0.0.1 HTTP 302
https://trustwave.blob.core.windows.net/cache/b/e/1/8/2/0/be1820ec4288d15d5aa4c1e3ccab3bd0f3c42f1c.png

Request Chain 23

https://www.trustwave.com/media/20131/picture7jj.png?v=0.0.1 HTTP 302
https://trustwave.blob.core.windows.net/cache/6/a/a/0/e/3/6aa0e3501c09d8dc2bc48ceb66f265ca04df4386.png

Request Chain 24

https://www.trustwave.com/media/20132/picture8jj.png?v=0.0.1 HTTP 302
https://trustwave.blob.core.windows.net/cache/0/4/a/7/d/e/04a7dee8152f8cfdd2dd94ddf20f6c0b4ea82539.png

Request Chain 25

https://www.trustwave.com/media/20133/picture9jj.png?v=0.0.1 HTTP 302
https://trustwave.blob.core.windows.net/cache/0/6/b/1/1/f/06b11f3818ab8a5618d8ea6640c05cfd921fec6b.png

Request Chain 26

https://www.trustwave.com/media/20134/picture10jj.png?v=0.0.1 HTTP 302
https://trustwave.blob.core.windows.net/cache/a/3/0/c/c/b/a30ccba0035a8dc257bf612dbd96094be9625839.png

Request Chain 27

https://www.trustwave.com/media/20135/picture11jj.png?v=0.0.1 HTTP 302
https://trustwave.blob.core.windows.net/cache/0/5/6/9/5/1/0569514210990f04cefe81194e05469ed086f8ea.png

Request Chain 28

https://www.trustwave.com/media/20136/picture12jj.png?v=0.0.1 HTTP 302
https://trustwave.blob.core.windows.net/cache/b/b/a/f/e/e/bbafeebe638158a744cada7f206309ca693f206d.png

Request Chain 29

https://www.trustwave.com/media/20137/picture13jj.png?v=0.0.1 HTTP 302
https://trustwave.blob.core.windows.net/cache/9/d/d/2/e/9/9dd2e9811e8b56f073d42f1916e27a3cfd390b1f.png

Request Chain 30

https://www.trustwave.com/media/20138/picture14jj.png?v=0.0.1 HTTP 302
https://trustwave.blob.core.windows.net/cache/2/1/5/1/7/b/21517b6339620ac3ce2f32f37d86e589484b4cc2.png

Request Chain 31

https://www.trustwave.com/media/20139/picture15jj.png?v=0.0.1 HTTP 302
https://trustwave.blob.core.windows.net/cache/f/c/e/9/e/4/fce9e42377632ecc8553faaa77ddc858db504967.png

Request Chain 32

https://www.trustwave.com/media/20140/picture16jj.png?v=0.0.1 HTTP 302
https://trustwave.blob.core.windows.net/cache/9/e/4/b/1/6/9e4b161968ad85d371db64c19ff4a55ac9db4b14.png

Request Chain 33

https://www.trustwave.com/media/20141/picture17jj.png?v=0.0.1 HTTP 302
https://trustwave.blob.core.windows.net/cache/d/e/e/b/f/2/deebf27b0e816e7d750aa93892d379fe0e5893e4.png

Request Chain 34

https://www.trustwave.com/media/20142/picture18jj.png?v=0.0.1 HTTP 302
https://trustwave.blob.core.windows.net/cache/5/6/d/7/7/e/56d77e048c9983c81ea53e517efe00f36640a1bf.png

Request Chain 35

https://www.trustwave.com/media/20143/picture19jj.png?v=0.0.1 HTTP 302
https://trustwave.blob.core.windows.net/cache/b/0/a/3/c/9/b0a3c90202e269939d1d5af3473c1bc9999abadd.png

Request Chain 36

https://www.trustwave.com/media/20144/picture20jj.png?v=0.0.1 HTTP 302
https://trustwave.blob.core.windows.net/cache/f/5/7/b/c/d/f57bcd0aac3a571a0f187721abf1939dfc12d5bb.png

Request Chain 69

https://cdn.mouseflow.com/projects/96dff353-a928-44b4-b1d0-6432c69133ba.js HTTP 301
https://cdn.mouseflow.com/projects/96dff353-a928-44b4-b1d0-6432c69133ba_eu.js

Request Chain 73

https://www.trustwave.com/media/15279/sl-blog-default-image.jpg?anchor=center&mode=crop&width=400&rnd=131897042940000000 HTTP 302
https://trustwave.blob.core.windows.net/cache/a/8/c/4/4/3/a8c4434c70c4e1e6102f99b8fa9d52122c530944.jpg

Request Chain 128

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=70652&time=1687896403358&url=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=70652&time=1687896403358&url=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D70652%26time%3D1687896403358%26url%3Dhttps%253A%252F%252Fwww.trustwave.com%252Fen-us%252Fresources%252Fblogs%252Fspiderlabs-blog%252Fhoneypot-recon-mssql-server-database-threat-overview-22-23%252F%253Futm_campaign%253DNWS%252520Trustwave%252520Digest%2526utm_medium%253Demail%2526utm_content%253D264045642%2526utm_source%253Dhs_email%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=70652&time=1687896403358&url=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=70652&time=1687896403358&url=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&cookiesTest=true&liSync=true&e_ipv6=AQKSMkaaBFNvXwAAAYj-dzDUSOjliAD-s_N9w_SXKvtsniTtdpP4e6Oco5_EeKAy-3tB98W5X6TV

186 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VWtLQQ6-q_-6VH_6tF5vMz81W178YCN50hTX0N7Rflz93pcXVV1-WJV7CgXZVW94CPyQ3nTwg6W6Y1bCq1gWD74W5x_fNK2jBVV6W5tFXC73C1kxYW73PcL87xJn0rW36GTpR7bcnTsW1YK_yz2ydbbBW5Qbwf822rTDyW47r6p01tYHnjW4CM0TC8_xLSTW39Prv...
info.trustwave.com/e3t/Ctc/5F+113/d2vn8X04/ 8 KB
4 KB 288ms
203ms Document
text/html 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://info.trustwave.com/e3t/Ctc/5F+113/d2vn8X04/VWtLQQ6-q_-6VH_6tF5vMz81W178YCN50hTX0N7Rflz93pcXVV1-WJV7CgXZVW94CPyQ3nTwg6W6Y1bCq1gWD74W5x_fNK2jBVV6W5tFXC73C1kxYW73PcL87xJn0rW36GTpR7bcnTsW1YK_yz2ydbbBW5Qbwf822rTDyW47r6p01tYHnjW4CM0TC8_xLSTW39PrvB5z78X4W8c67Bp70n_9GW6Hf9bc5TrrH7VM3Xw1763CrXW10ZTRL1TJMr9W1-yH-T618Z98W2vbSfl3BLLJsW2N-96T4nWK2lW5D4fkT20hsJdW15QPnS86DxMkW12gsRQ10swxdW65WBXz7SFqxkN3wnsN737MtGW5kTkN691m5TRW603cKz7gNvh8W1BVBxK8FY2KnW1X6tVF1Gt3wNW5FKzxf3hw7XMW97Kmp543557zW5FHtKt7glTwz3kbf1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
cf-ray: 7de04fdb7ab8373c-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=utf-8
date: Tue, 27 Jun 2023 20:06:41 GMT
last-modified: Tue, 27 Jun 2023 20:06:41 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbaTaq19bkTLHTK2EdTrSFliyOvp13eA%2FUZ1%2Bbz6h9yMrzIqcY%2BP9K2Q%2FP3gcvh6tI%2Bw%2BLNXi6aK1b9bPDQFOW0MXoNP4hUxRf7RUhDTTBmE5WS7T%2BUESh4tVsUXnPBko2QiMplfCdySjAfYcTQyww%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-envoy-upstream-service-time: 4
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-5c4cb998cf-kqmqc
x-evy-trace-virtual-host: all
x-hs-https-only: worker
x-hubspot-correlation-id: 34ebedc0-9b6d-4e3f-9c15-ad8b669922cf
x-request-id: bb163f13-aa03-4a49-b60b-71ca229732d3
x-robots-tag: none

GET
H2

200

Primary Request / Show response
www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/
Redirect Chain

https://info.trustwave.com/events/public/v1/encoded/track/tc/5F+113/d2vn8X04/VWtLQQ6-q_-6VH_6tF5vMz81W178YCN50hTX0N7Rflz93pcXVV1-WJV7CgXZVW94CPyQ3nTwg6W6Y1bCq1gWD74W5x_fNK2jBVV6W5tFXC73C1kxYW73PcL8...
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045...

115 KB
26 KB

422ms
312ms

Document
text/html

52.151.96.240
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email

Requested by

Host: info.trustwave.com
URL: https://info.trustwave.com/e3t/Ctc/5F+113/d2vn8X04/VWtLQQ6-q_-6VH_6tF5vMz81W178YCN50hTX0N7Rflz93pcXVV1-WJV7CgXZVW94CPyQ3nTwg6W6Y1bCq1gWD74W5x_fNK2jBVV6W5tFXC73C1kxYW73PcL87xJn0rW36GTpR7bcnTsW1YK_yz2ydbbBW5Qbwf822rTDyW47r6p01tYHnjW4CM0TC8_xLSTW39PrvB5z78X4W8c67Bp70n_9GW6Hf9bc5TrrH7VM3Xw1763CrXW10ZTRL1TJMr9W1-yH-T618Z98W2vbSfl3BLLJsW2N-96T4nWK2lW5D4fkT20hsJdW15QPnS86DxMkW12gsRQ10swxdW65WBXz7SFqxkN3wnsN737MtGW5kTkN691m5TRW603cKz7gNvh8W1BVBxK8FY2KnW1X6tVF1Gt3wNW5FKzxf3hw7XMW97Kmp543557zW5FHtKt7glTwz3kbf1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.96.240 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e09e478319343760de07251bf7ebb98a5ad087ddade8cd37299f13dfd0fed1bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://info.trustwave.com/e3t/Ctc/5F+113/d2vn8X04/VWtLQQ6-q_-6VH_6tF5vMz81W178YCN50hTX0N7Rflz93pcXVV1-WJV7CgXZVW94CPyQ3nTwg6W6Y1bCq1gWD74W5x_fNK2jBVV6W5tFXC73C1kxYW73PcL87xJn0rW36GTpR7bcnTsW1YK_yz2ydbbBW5Qbwf822rTDyW47r6p01tYHnjW4CM0TC8_xLSTW39PrvB5z78X4W8c67Bp70n_9GW6Hf9bc5TrrH7VM3Xw1763CrXW10ZTRL1TJMr9W1-yH-T618Z98W2vbSfl3BLLJsW2N-96T4nWK2lW5D4fkT20hsJdW15QPnS86DxMkW12gsRQ10swxdW65WBXz7SFqxkN3wnsN737MtGW5kTkN691m5TRW603cKz7gNvh8W1BVBxK8FY2KnW1X6tVF1Gt3wNW5FKzxf3hw7XMW97Kmp543557zW5FHtKt7glTwz3kbf1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-length: 25553
content-type: text/html; charset=utf-8
date: Tue, 27 Jun 2023 20:06:41 GMT
expires: -1
pragma: no-cache
server
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-aspnet-version
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
cf-ray: 7de04fdcdca0373c-FRA
content-security-policy: upgrade-insecure-requests
date: Tue, 27 Jun 2023 20:06:41 GMT
link: <https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email>; rel="canonical"
location: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFzVUiDUqoJGEQE%2BmAXrcN52zziIZyLtiFtmnD3mtUUZz7iZscMPzKMuTGUD7ifzR8%2FSmGC7fujj6Hq9X8Z2dU2e1UUG1JU292nvrQt1F%2FhmQLieB69iObZQMnMsm1d73Q0JS0yDPpJYni2U73C90Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-envoy-upstream-service-time: 28
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-5c4cb998cf-kqmqc
x-evy-trace-virtual-host: all
x-hs-https-only: worker
x-hubspot-correlation-id: ed517bd5-a8ed-4837-806a-6e0f8a02782d
x-request-id: fdbf87fc-701f-482e-b1bd-1c71ef3ec1ed
x-robots-tag: none

GET
H2 200 otSDKStub.js Show response
cookie-cdn.cookiepro.com/scripttemplates/ 21 KB
7 KB 323ms
36ms Script
application/javascript 2606:4700::6812:1153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Requested by

Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1153 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0be44b8963766e88bfb1034f5cf93deb8710ec30e7a54537ff463951c5976234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: 0mEq0pw2uQHv5iDD8WI5Bw==
age: 38689
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 01:34:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8efd431d-301e-006b-4a38-9bbfb9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7de04fe28b16bbd9-FRA
expires: Wed, 28 Jun 2023 20:06:42 GMT

GET
H2 403 9c85e15b-99ed-40a4-929d-2262f9ed2706.css
fast.fonts.net/cssapi/ 0
0 467ms
420ms Stylesheet
application/xml 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/cssapi/9c85e15b-99ed-40a4-929d-2262f9ed2706.css
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

GET
H2 200 legacy.min.css
trustwave.azureedge.net/dist/css/ 265 KB
35 KB 313ms
26ms Stylesheet
text/css 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://trustwave.azureedge.net/dist/css/legacy.min.css?id=1037
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4e01c98e627574457dc4a7251f0b5a3d8ca22fc72fe7127db1ebd63e36a06a70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:42 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 16:24:08 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: tG3mqBdm+eKsTXR9yDZSNQ==
etag: 0x8DA5922A0B0456D
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: d14b7f5d-501e-0021-060e-8b4add000000
cache-control: public, max-age=30159969
x-ms-version: 2009-09-19
content-length: 35618

GET
H2 200 styles.min.css
www.trustwave.com/dist/css/ 150 KB
35 KB 163ms
161ms Stylesheet
text/css 52.151.96.240
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trustwave.com/dist/css/styles.min.css?id=1037

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.96.240 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

68e318c58c5a8e85cf16359b0897e1766a64528353a5db53843a4dffbf097baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Jun 2023 20:06:42 GMT
last-modified: Tue, 27 Jun 2023 03:12:44 GMT
server
x-aspnet-version
etag: "01e8f3da5a8d91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 35364
x-xss-protection: 1; mode=block

GET
H2 200 feather.css
www.trustwave.com/dist/css/ 315 B
384 B 160ms
159ms Stylesheet
text/css 52.151.96.240
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trustwave.com/dist/css/feather.css?id=1037

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.96.240 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4e5ab440329cd7d94538bc256cd00097682d6dcfb803cc0e9e64cfab683831dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Jun 2023 20:06:42 GMT
last-modified: Tue, 27 Jun 2023 03:12:44 GMT
server
x-aspnet-version
etag: "01e8f3da5a8d91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 263
x-xss-protection: 1; mode=block

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
623 B 324ms
40ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a678c4996f3af19954605ff0cbb95c2a1880c522da930831c8d20c08a101ac62

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 554
x-xss-protection: 1; mode=block
expires: Tue, 27 Jun 2023 20:06:42 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
906 B 318ms
35ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdMtIkUAAAAAP7FCbfNuAv_bvJRl7vsAjPIyOWc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

94f9b18d90180e697e61941f29297edc5d58b27b42450da64da0913340128f7e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 586
x-xss-protection: 1; mode=block
expires: Tue, 27 Jun 2023 20:06:42 GMT

GET
H2 200 trustwave-logo-color.svg
trustwave.azureedge.net/dist/svg/logos/trustwave/ 3 KB
3 KB 44ms
37ms Image
image/svg+xml 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.azureedge.net/dist/svg/logos/trustwave/trustwave-logo-color.svg
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: eec92db3906701a283982a9ea481e806b6fd01fb2efb2c802cba1c376b19c2f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:42 GMT
last-modified: Tue, 28 Jun 2022 16:24:09 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: dve3eUlE6WumX3xgQyGMDA==
etag: 0x8DA5922A14A2267
content-type: image/svg+xml
x-ms-request-id: 1848a253-c01e-00a5-77e7-9938dc000000
cache-control: public, max-age=31430616
x-ms-version: 2009-09-19
content-length: 2788

GET
H2 200 fusion-logo-color.svg
trustwave.azureedge.net/dist/svg/logos/fusion/ 9 KB
9 KB 44ms
37ms Image
image/svg+xml 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.azureedge.net/dist/svg/logos/fusion/fusion-logo-color.svg
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a76b2bc12b0e3c9536c8c0c3af4170cc66c19ff44fb96326aa6b542ee272365f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:42 GMT
last-modified: Tue, 28 Jun 2022 16:24:09 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: PEBEe6TBHJ1Si1foIhaJWA==
etag: 0x8DA5922A1061FA4
content-type: image/svg+xml
x-ms-request-id: feb73ee4-401e-0060-4235-961239000000
cache-control: public, max-age=29489916
x-ms-version: 2009-09-19
content-length: 9083

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0/ 84 KB
27 KB 91ms
31ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5277983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27139
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15145"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IEVHXzrDqK3jsfvLus1mrWOltYiQi9pq3GhAnnwucYTDwV%2B8pcIcIxMMk913FBMgkSKIVKze8%2Foynn1XPbg0MuILD2q%2BvdTKR3lI%2F4GLjvvwPqydGyzrDIMvmlWmx8EFzTTr0kjgyk2pon56aUjDvsFE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7de04fe3cffe3834-FRA
expires: Sun, 16 Jun 2024 20:06:42 GMT

GET
H2 200 jquery.modal.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 5 KB
2 KB 41ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5890843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1399
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-1359"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxzjOf8VfeueKxjn%2FhW%2Bgg80mwX%2F2Qys3EKZn9yxf6AU8Va9kmON5WEN7B4aOyXoL9v0XQU0vZvoGflK10cDM3Xt8GbtuWP4zzKO9U1daMIZ%2BBr5o4wjULWcrFNM31VqvhpaHubwNPJnAoPt%2FHxfr3bH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7de04fe3c8003834-FRA
expires: Sun, 16 Jun 2024 20:06:42 GMT

GET
H2 200 jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 3 KB
2 KB 40ms
28ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1824185
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1541
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-c81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXILi7WXfkCwg1An1iEG2N46rpYYr0MiHo9OcF0Dzxz91vTbmo1%2BX%2BrvB%2BE2pJNb3h0ovLmWjFI15X7sNzvspSBTczQnp5WRqOzl%2BbLAZKb%2BqsS1qm%2F0wdKtIQLcEIIJfQH1yw75vaJGv917JAooMZgX"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7de04fe3cfff3834-FRA
expires: Sun, 16 Jun 2024 20:06:42 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/embed/ 527 KB
165 KB 112ms
48ms Script
application/javascript 2606:4700::6810:ba41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ba41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aad18b84e34e15f9dddf39cc08a040e557bce50512b8689f3f7faae963f1429f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

content-encoding: br
age: 529
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3372/bundles/project-v2.js&cfRay=7de042f4bce63666-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"df557d754a89ef0210bd93ff6301921d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.3372/bundles/project-v2.js
date: Tue, 27 Jun 2023 20:06:42 GMT
x-amz-version-id: r0RDqVAx5nyXFjVas4brXORZ1.2QDi7x
via: 1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: dac63206-3051-4e78-8ca6-4833c5b8b16e
last-modified: Tue, 27 Jun 2023 09:59:09 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKg%2F8ur1BfNr9R%2BBfjo1pvPrPOQTWK3RWGoRvExBHqjjPaxPDvT0eMhqlv7dhIeiVRULNeKhro0Ibn9BUN7TyxVx0%2B4O6uiokTPVqDhPAb6JuQ1Pg7okPDKIpGR90iSPEzB6zpR%2BNZQIYmrV"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-ksc82
cf-ray: 7de04fe41d26360f-FRA
x-amz-cf-id: PD5Gztd5babxKOA7WxnX3eFqldfiP4Jl5nTntUQQm1uApsIJ-1SwFQ==

GET
H2 200 twitter.svg
www.trustwave.com/img/icon/social/svg/dark/ 778 B
874 B 326ms
319ms Image
image/svg+xml 52.151.96.240
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trustwave.com/img/icon/social/svg/dark/twitter.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.96.240 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cf7008a1bb1e7dcffa096b3f0c782f3dd610f847413ae4861a5c03006f093553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Jun 2023 03:13:44 GMT
server
x-aspnet-version
etag: "0645261a5a8d91:0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 778
x-xss-protection: 1; mode=block

GET
H2 200 linkedin.svg
www.trustwave.com/img/icon/social/svg/dark/ 636 B
682 B 326ms
319ms Image
image/svg+xml 52.151.96.240
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trustwave.com/img/icon/social/svg/dark/linkedin.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.96.240 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

42f2f65a52347bf6ed6c0633b5458c48ddc1b439923c92caec18c6d6f111afe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Jun 2023 03:13:44 GMT
server
x-aspnet-version
etag: "0645261a5a8d91:0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 636
x-xss-protection: 1; mode=block

GET
H2 200 facebook.svg
www.trustwave.com/img/icon/social/svg/dark/ 446 B
492 B 327ms
320ms Image
image/svg+xml 52.151.96.240
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trustwave.com/img/icon/social/svg/dark/facebook.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.96.240 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3f18aeab9b9baa3e61c4bc2cd0372e3946f494bd03bff3cad740e5ea817fce2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Jun 2023 03:13:44 GMT
server
x-aspnet-version
etag: "0645261a5a8d91:0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 446
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

2edf8453f515b5984129312c86acac7f4d078ced.png
trustwave.blob.core.windows.net/cache/2/e/d/f/8/4/
Redirect Chain

https://www.trustwave.com/media/20125/picture1jj.png?width=453&height=429&mode=max&v=0.0.1
https://trustwave.blob.core.windows.net/cache/2/e/d/f/8/4/2edf8453f515b5984129312c86acac7f4d078ced.png

29 KB
30 KB

462ms
114ms

Image
image/png

52.239.171.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.blob.core.windows.net/cache/2/e/d/f/8/4/2edf8453f515b5984129312c86acac7f4d078ced.png
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.239.171.228 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 38dbd74f0b8818c8510cf4b02431747186219616a8928407ec8990c8d018a988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 27 Jun 2023 20:06:43 GMT
Last-Modified: Wed, 21 Jun 2023 17:04:28 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: dOz28+2c6biQMJ5EZAHVBA==
ETag: 0x8DB727993073447
x-ms-meta-ImageProcessedBy: ImageProcessor.Web/4.10.0.100
Content-Type: image/png
x-ms-request-id: a5f7e948-d01e-0000-1c32-a96ea6000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
Content-Length: 29762

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:42 GMT
x-content-type-options: nosniff
server
x-aspnet-version
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://trustwave.blob.core.windows.net/cache/2/e/d/f/8/4/2edf8453f515b5984129312c86acac7f4d078ced.png
cache-control: no-cache
content-length: 219
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

131ab05f463bde308b3a31bfb0a1f06bbeb853a7.png
trustwave.blob.core.windows.net/cache/1/3/1/a/b/0/
Redirect Chain

https://www.trustwave.com/media/20126/picture2jj.png?v=0.0.1
https://trustwave.blob.core.windows.net/cache/1/3/1/a/b/0/131ab05f463bde308b3a31bfb0a1f06bbeb853a7.png

271 KB
272 KB

480ms
129ms

Image
image/png

52.239.171.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.blob.core.windows.net/cache/1/3/1/a/b/0/131ab05f463bde308b3a31bfb0a1f06bbeb853a7.png
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.239.171.228 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 01bc1078a72cc59abcb6ee8625c0c807a7f1b6b39bb7ee31d12f006b84639f26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 27 Jun 2023 20:06:43 GMT
Last-Modified: Tue, 20 Jun 2023 06:07:30 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: ZNlY1J1u9PI8LdL/IoarcQ==
ETag: 0x8DB7154A1A45EAE
x-ms-meta-ImageProcessedBy: ImageProcessor.Web/4.10.0.100
Content-Type: image/png
x-ms-request-id: 1d9f9078-001e-0003-1d32-a98fc2000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
Content-Length: 277806

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:42 GMT
x-content-type-options: nosniff
server
x-aspnet-version
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://trustwave.blob.core.windows.net/cache/1/3/1/a/b/0/131ab05f463bde308b3a31bfb0a1f06bbeb853a7.png
cache-control: no-cache
content-length: 219
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

328b8197fddcf00e401c8c3dddc800f0e0058398.png
trustwave.blob.core.windows.net/cache/3/2/8/b/8/1/
Redirect Chain

https://www.trustwave.com/media/20127/picture3jj.png?width=425&height=478&mode=max&v=0.0.1
https://trustwave.blob.core.windows.net/cache/3/2/8/b/8/1/328b8197fddcf00e401c8c3dddc800f0e0058398.png

29 KB
29 KB

449ms
113ms

Image
image/png

52.239.171.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.blob.core.windows.net/cache/3/2/8/b/8/1/328b8197fddcf00e401c8c3dddc800f0e0058398.png
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.239.171.228 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f0a3764fa2232094be51e1145e6ea64a8ad3e53ba3f663f79e7284a59c4c7bd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 27 Jun 2023 20:06:42 GMT
Last-Modified: Wed, 21 Jun 2023 17:04:28 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: LXrEfHM8kNS4JZNhvSH5gw==
ETag: 0x8DB72799301DDE4
x-ms-meta-ImageProcessedBy: ImageProcessor.Web/4.10.0.100
Content-Type: image/png
x-ms-request-id: 9ced3485-801e-001d-6c32-a9631a000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
Content-Length: 29697

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:42 GMT
x-content-type-options: nosniff
server
x-aspnet-version
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://trustwave.blob.core.windows.net/cache/3/2/8/b/8/1/328b8197fddcf00e401c8c3dddc800f0e0058398.png
cache-control: no-cache
content-length: 219
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

8dd6b8325fba3fac52dc35346a2907094532ad18.png
trustwave.blob.core.windows.net/cache/8/d/d/6/b/8/
Redirect Chain

https://www.trustwave.com/media/20128/picture4jj.png?v=0.0.1
https://trustwave.blob.core.windows.net/cache/8/d/d/6/b/8/8dd6b8325fba3fac52dc35346a2907094532ad18.png

140 KB
140 KB

380ms
111ms

Image
image/png

52.239.171.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.blob.core.windows.net/cache/8/d/d/6/b/8/8dd6b8325fba3fac52dc35346a2907094532ad18.png
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.239.171.228 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5b12353c5a19cc78fb6c632ce69997c397a3580403b966b7aca9fc5a49e76470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 27 Jun 2023 20:06:43 GMT
Last-Modified: Tue, 20 Jun 2023 06:07:30 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: I7A94PhQUYeoPw7/EItZnA==
ETag: 0x8DB7154A1A5E51E
x-ms-meta-ImageProcessedBy: ImageProcessor.Web/4.10.0.100
Content-Type: image/png
x-ms-request-id: 7ade7c0d-d01e-0062-4632-a9ac81000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
Content-Length: 143057

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:42 GMT
x-content-type-options: nosniff
server
x-aspnet-version
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://trustwave.blob.core.windows.net/cache/8/d/d/6/b/8/8dd6b8325fba3fac52dc35346a2907094532ad18.png
cache-control: no-cache
content-length: 219
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

edde70af1c377ec3266431b8c4ea8e47cc7ce8c7.png
trustwave.blob.core.windows.net/cache/e/d/d/e/7/0/
Redirect Chain

https://www.trustwave.com/media/20129/picture5jj.png?v=0.0.1
https://trustwave.blob.core.windows.net/cache/e/d/d/e/7/0/edde70af1c377ec3266431b8c4ea8e47cc7ce8c7.png

307 KB
308 KB

476ms
148ms

Image
image/png

52.239.171.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.blob.core.windows.net/cache/e/d/d/e/7/0/edde70af1c377ec3266431b8c4ea8e47cc7ce8c7.png
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.239.171.228 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 108382761a9645a58db86a092908aa70fc3ce728a814b22d8314831ce343940f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 27 Jun 2023 20:06:43 GMT
Last-Modified: Tue, 20 Jun 2023 06:07:30 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Ww0T/1MkvrlO0TJVVeq/sQ==
ETag: 0x8DB7154A1B1551F
x-ms-meta-ImageProcessedBy: ImageProcessor.Web/4.10.0.100
Content-Type: image/png
x-ms-request-id: 0c7d5e33-a01e-000a-3a32-a9ca11000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
Content-Length: 314779

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:42 GMT
x-content-type-options: nosniff
server
x-aspnet-version
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://trustwave.blob.core.windows.net/cache/e/d/d/e/7/0/edde70af1c377ec3266431b8c4ea8e47cc7ce8c7.png
cache-control: no-cache
content-length: 219
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

be1820ec4288d15d5aa4c1e3ccab3bd0f3c42f1c.png
trustwave.blob.core.windows.net/cache/b/e/1/8/2/0/
Redirect Chain

https://www.trustwave.com/media/20130/picture6jj.png?v=0.0.1
https://trustwave.blob.core.windows.net/cache/b/e/1/8/2/0/be1820ec4288d15d5aa4c1e3ccab3bd0f3c42f1c.png

244 KB
244 KB

331ms
110ms

Image
image/png

52.239.171.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.blob.core.windows.net/cache/b/e/1/8/2/0/be1820ec4288d15d5aa4c1e3ccab3bd0f3c42f1c.png
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.239.171.228 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 37f464cf55166ea3cba05eeb9155439a40c142ca30fd3669745ce3efdf200a3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 27 Jun 2023 20:06:42 GMT
Last-Modified: Tue, 20 Jun 2023 06:07:30 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 14X6zYr0QTPSCYNWluPFAg==
ETag: 0x8DB7154A192D519
x-ms-meta-ImageProcessedBy: ImageProcessor.Web/4.10.0.100
Content-Type: image/png
x-ms-request-id: 9ced357e-801e-001d-5232-a9631a000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
Content-Length: 249781

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:43 GMT
x-content-type-options: nosniff
server
x-aspnet-version
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://trustwave.blob.core.windows.net/cache/b/e/1/8/2/0/be1820ec4288d15d5aa4c1e3ccab3bd0f3c42f1c.png
cache-control: no-cache
content-length: 219
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

6aa0e3501c09d8dc2bc48ceb66f265ca04df4386.png
trustwave.blob.core.windows.net/cache/6/a/a/0/e/3/
Redirect Chain

https://www.trustwave.com/media/20131/picture7jj.png?v=0.0.1
https://trustwave.blob.core.windows.net/cache/6/a/a/0/e/3/6aa0e3501c09d8dc2bc48ceb66f265ca04df4386.png

65 KB
65 KB

437ms
110ms

Image
image/png

52.239.171.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.blob.core.windows.net/cache/6/a/a/0/e/3/6aa0e3501c09d8dc2bc48ceb66f265ca04df4386.png
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.239.171.228 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 05a208b51905359afbb00bd91d1e40b144757825894d8f5d3a0ab2e2dac6c517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 27 Jun 2023 20:06:42 GMT
Last-Modified: Tue, 20 Jun 2023 06:07:31 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: wVquIGQvrsyX9D881gXUdA==
ETag: 0x8DB7154A1E8148C
x-ms-meta-ImageProcessedBy: ImageProcessor.Web/4.10.0.100
Content-Type: image/png
x-ms-request-id: 12fab6bf-d01e-0010-2c32-a9abce000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
Content-Length: 66257

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:42 GMT
x-content-type-options: nosniff
server
x-aspnet-version
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://trustwave.blob.core.windows.net/cache/6/a/a/0/e/3/6aa0e3501c09d8dc2bc48ceb66f265ca04df4386.png
cache-control: no-cache
content-length: 219
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

04a7dee8152f8cfdd2dd94ddf20f6c0b4ea82539.png
trustwave.blob.core.windows.net/cache/0/4/a/7/d/e/
Redirect Chain

https://www.trustwave.com/media/20132/picture8jj.png?v=0.0.1
https://trustwave.blob.core.windows.net/cache/0/4/a/7/d/e/04a7dee8152f8cfdd2dd94ddf20f6c0b4ea82539.png

90 KB
90 KB

305ms
101ms

Image
image/png

52.239.171.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.blob.core.windows.net/cache/0/4/a/7/d/e/04a7dee8152f8cfdd2dd94ddf20f6c0b4ea82539.png
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.239.171.228 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6df905d3e689019ba181027cdbb40d8989f3ebc2e501e27027d9c1a82d024f62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 27 Jun 2023 20:06:43 GMT
Last-Modified: Tue, 20 Jun 2023 06:07:31 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: V0bBHp+y5tOYZrZBk/zp+g==
ETag: 0x8DB7154A204E72E
x-ms-meta-ImageProcessedBy: ImageProcessor.Web/4.10.0.100
Content-Type: image/png
x-ms-request-id: a5f7e9f1-d01e-0000-3432-a96ea6000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
Content-Length: 92123

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:43 GMT
x-content-type-options: nosniff
server
x-aspnet-version
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://trustwave.blob.core.windows.net/cache/0/4/a/7/d/e/04a7dee8152f8cfdd2dd94ddf20f6c0b4ea82539.png
cache-control: no-cache
content-length: 219
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

06b11f3818ab8a5618d8ea6640c05cfd921fec6b.png
trustwave.blob.core.windows.net/cache/0/6/b/1/1/f/
Redirect Chain

https://www.trustwave.com/media/20133/picture9jj.png?v=0.0.1
https://trustwave.blob.core.windows.net/cache/0/6/b/1/1/f/06b11f3818ab8a5618d8ea6640c05cfd921fec6b.png

187 KB
187 KB

725ms
111ms

Image
image/png

52.239.171.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.blob.core.windows.net/cache/0/6/b/1/1/f/06b11f3818ab8a5618d8ea6640c05cfd921fec6b.png
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.239.171.228 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7c8696f504c5e2703ab09bdac94d97f5d73c0f9cba432632f4b70f3047fcd417

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 27 Jun 2023 20:06:43 GMT
Last-Modified: Tue, 20 Jun 2023 06:07:31 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: tcg11scgNHnAzSmfehMcrQ==
ETag: 0x8DB7154A214C354
x-ms-meta-ImageProcessedBy: ImageProcessor.Web/4.10.0.100
Content-Type: image/png
x-ms-request-id: 9ced3789-801e-001d-2632-a9631a000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
Content-Length: 191425

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:43 GMT
x-content-type-options: nosniff
server
x-aspnet-version
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://trustwave.blob.core.windows.net/cache/0/6/b/1/1/f/06b11f3818ab8a5618d8ea6640c05cfd921fec6b.png
cache-control: no-cache
content-length: 219
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

a30ccba0035a8dc257bf612dbd96094be9625839.png
trustwave.blob.core.windows.net/cache/a/3/0/c/c/b/
Redirect Chain

https://www.trustwave.com/media/20134/picture10jj.png?v=0.0.1
https://trustwave.blob.core.windows.net/cache/a/3/0/c/c/b/a30ccba0035a8dc257bf612dbd96094be9625839.png

117 KB
117 KB

815ms
115ms

Image
image/png

52.239.171.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.blob.core.windows.net/cache/a/3/0/c/c/b/a30ccba0035a8dc257bf612dbd96094be9625839.png
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.239.171.228 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7be5c8e38572372ddf9ace7967a1fe756373d6dee5eefd54a41cbff68683f223

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 27 Jun 2023 20:06:43 GMT
Last-Modified: Tue, 20 Jun 2023 06:07:31 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: X2VhSCAxGpFHvrclC4hyyA==
ETag: 0x8DB7154A20C1204
x-ms-meta-ImageProcessedBy: ImageProcessor.Web/4.10.0.100
Content-Type: image/png
x-ms-request-id: 9ced3815-801e-001d-2332-a9631a000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
Content-Length: 119428

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:43 GMT
x-content-type-options: nosniff
server
x-aspnet-version
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://trustwave.blob.core.windows.net/cache/a/3/0/c/c/b/a30ccba0035a8dc257bf612dbd96094be9625839.png
cache-control: no-cache
content-length: 219
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

0569514210990f04cefe81194e05469ed086f8ea.png
trustwave.blob.core.windows.net/cache/0/5/6/9/5/1/
Redirect Chain

https://www.trustwave.com/media/20135/picture11jj.png?v=0.0.1
https://trustwave.blob.core.windows.net/cache/0/5/6/9/5/1/0569514210990f04cefe81194e05469ed086f8ea.png

48 KB
48 KB

728ms
109ms

Image
image/png

52.239.171.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.blob.core.windows.net/cache/0/5/6/9/5/1/0569514210990f04cefe81194e05469ed086f8ea.png
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.239.171.228 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d5f698fc0fd45b33a248d63e5b46d7cb1d802911b4b5a8a11d63208417892496

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 27 Jun 2023 20:06:44 GMT
Last-Modified: Tue, 20 Jun 2023 06:07:31 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: I/y2AxemnCg55JzQMlxzDA==
ETag: 0x8DB7154A22BA365
x-ms-meta-ImageProcessedBy: ImageProcessor.Web/4.10.0.100
Content-Type: image/png
x-ms-request-id: 7ade7d46-d01e-0062-5c32-a9ac81000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
Content-Length: 48954

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:43 GMT
x-content-type-options: nosniff
server
x-aspnet-version
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://trustwave.blob.core.windows.net/cache/0/5/6/9/5/1/0569514210990f04cefe81194e05469ed086f8ea.png
cache-control: no-cache
content-length: 219
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

bbafeebe638158a744cada7f206309ca693f206d.png
trustwave.blob.core.windows.net/cache/b/b/a/f/e/e/
Redirect Chain

https://www.trustwave.com/media/20136/picture12jj.png?v=0.0.1
https://trustwave.blob.core.windows.net/cache/b/b/a/f/e/e/bbafeebe638158a744cada7f206309ca693f206d.png

105 KB
105 KB

617ms
113ms

Image
image/png

52.239.171.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.blob.core.windows.net/cache/b/b/a/f/e/e/bbafeebe638158a744cada7f206309ca693f206d.png
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.239.171.228 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2ba5faf0489e0918095f3a1dddc7994837e094aec7f0629ab23e7955e17d639c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 27 Jun 2023 20:06:43 GMT
Last-Modified: Tue, 20 Jun 2023 06:07:31 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: GZM5y9MB58IbRfmcSJ3aqA==
ETag: 0x8DB7154A23CDEE8
x-ms-meta-ImageProcessedBy: ImageProcessor.Web/4.10.0.100
Content-Type: image/png
x-ms-request-id: 1d9f91d0-001e-0003-4b32-a98fc2000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
Content-Length: 107131

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:43 GMT
x-content-type-options: nosniff
server
x-aspnet-version
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://trustwave.blob.core.windows.net/cache/b/b/a/f/e/e/bbafeebe638158a744cada7f206309ca693f206d.png
cache-control: no-cache
content-length: 219
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

9dd2e9811e8b56f073d42f1916e27a3cfd390b1f.png
trustwave.blob.core.windows.net/cache/9/d/d/2/e/9/
Redirect Chain

https://www.trustwave.com/media/20137/picture13jj.png?v=0.0.1
https://trustwave.blob.core.windows.net/cache/9/d/d/2/e/9/9dd2e9811e8b56f073d42f1916e27a3cfd390b1f.png

97 KB
97 KB

619ms
111ms

Image
image/png

52.239.171.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.blob.core.windows.net/cache/9/d/d/2/e/9/9dd2e9811e8b56f073d42f1916e27a3cfd390b1f.png
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.239.171.228 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f157146d9a7ab16e9fb8e5eb01eac6200edf5766b6426c3aa79c29872af7df08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 27 Jun 2023 20:06:43 GMT
Last-Modified: Tue, 20 Jun 2023 06:07:31 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: MUtxPEt9SIudqtXQGDz+sg==
ETag: 0x8DB7154A264855A
x-ms-meta-ImageProcessedBy: ImageProcessor.Web/4.10.0.100
Content-Type: image/png
x-ms-request-id: 9ced36f0-801e-001d-2632-a9631a000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
Content-Length: 99149

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:43 GMT
x-content-type-options: nosniff
server
x-aspnet-version
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://trustwave.blob.core.windows.net/cache/9/d/d/2/e/9/9dd2e9811e8b56f073d42f1916e27a3cfd390b1f.png
cache-control: no-cache
content-length: 219
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

21517b6339620ac3ce2f32f37d86e589484b4cc2.png
trustwave.blob.core.windows.net/cache/2/1/5/1/7/b/
Redirect Chain

https://www.trustwave.com/media/20138/picture14jj.png?v=0.0.1
https://trustwave.blob.core.windows.net/cache/2/1/5/1/7/b/21517b6339620ac3ce2f32f37d86e589484b4cc2.png

102 KB
103 KB

624ms
110ms

Image
image/png

52.239.171.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.blob.core.windows.net/cache/2/1/5/1/7/b/21517b6339620ac3ce2f32f37d86e589484b4cc2.png
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.239.171.228 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 85ea4804b8ee1cf5f67f7b52d136c82247eb94a12f48de9786760ff5a7b54364

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 27 Jun 2023 20:06:43 GMT
Last-Modified: Tue, 20 Jun 2023 06:07:31 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Qqv3jxNskDCimTqeTDho9Q==
ETag: 0x8DB7154A264FA78
x-ms-meta-ImageProcessedBy: ImageProcessor.Web/4.10.0.100
Content-Type: image/png
x-ms-request-id: 7ade7d00-d01e-0062-1b32-a9ac81000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
Content-Length: 104832

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:43 GMT
x-content-type-options: nosniff
server
x-aspnet-version
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://trustwave.blob.core.windows.net/cache/2/1/5/1/7/b/21517b6339620ac3ce2f32f37d86e589484b4cc2.png
cache-control: no-cache
content-length: 219
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

fce9e42377632ecc8553faaa77ddc858db504967.png
trustwave.blob.core.windows.net/cache/f/c/e/9/e/4/
Redirect Chain

https://www.trustwave.com/media/20139/picture15jj.png?v=0.0.1
https://trustwave.blob.core.windows.net/cache/f/c/e/9/e/4/fce9e42377632ecc8553faaa77ddc858db504967.png

216 KB
217 KB

700ms
112ms

Image
image/png

52.239.171.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.blob.core.windows.net/cache/f/c/e/9/e/4/fce9e42377632ecc8553faaa77ddc858db504967.png
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.239.171.228 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5f9e039bdb4cb6ad310aba5a76a742f10612e74d54139abd81636a825ce8e9af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 27 Jun 2023 20:06:43 GMT
Last-Modified: Tue, 20 Jun 2023 06:07:31 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: CgbNPTPDjnPNbhY6Qg5Jqg==
ETag: 0x8DB7154A264855A
x-ms-meta-ImageProcessedBy: ImageProcessor.Web/4.10.0.100
Content-Type: image/png
x-ms-request-id: a5f7eb04-d01e-0000-3532-a96ea6000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
Content-Length: 221565

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:43 GMT
x-content-type-options: nosniff
server
x-aspnet-version
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://trustwave.blob.core.windows.net/cache/f/c/e/9/e/4/fce9e42377632ecc8553faaa77ddc858db504967.png
cache-control: no-cache
content-length: 219
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

9e4b161968ad85d371db64c19ff4a55ac9db4b14.png
trustwave.blob.core.windows.net/cache/9/e/4/b/1/6/
Redirect Chain

https://www.trustwave.com/media/20140/picture16jj.png?v=0.0.1
https://trustwave.blob.core.windows.net/cache/9/e/4/b/1/6/9e4b161968ad85d371db64c19ff4a55ac9db4b14.png

205 KB
205 KB

483ms
110ms

Image
image/png

52.239.171.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.blob.core.windows.net/cache/9/e/4/b/1/6/9e4b161968ad85d371db64c19ff4a55ac9db4b14.png
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.239.171.228 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a71ac528a5f244dcfcf59e0acde7e2c956604c1519af7a28bdce0c4f2e7b52b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 27 Jun 2023 20:06:43 GMT
Last-Modified: Tue, 20 Jun 2023 06:07:31 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: QKZiX8zdv2jb8/izvk33tA==
ETag: 0x8DB7154A264855A
x-ms-meta-ImageProcessedBy: ImageProcessor.Web/4.10.0.100
Content-Type: image/png
x-ms-request-id: a5f7ea87-d01e-0000-4032-a96ea6000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
Content-Length: 209684

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:43 GMT
x-content-type-options: nosniff
server
x-aspnet-version
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://trustwave.blob.core.windows.net/cache/9/e/4/b/1/6/9e4b161968ad85d371db64c19ff4a55ac9db4b14.png
cache-control: no-cache
content-length: 219
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

deebf27b0e816e7d750aa93892d379fe0e5893e4.png
trustwave.blob.core.windows.net/cache/d/e/e/b/f/2/
Redirect Chain

https://www.trustwave.com/media/20141/picture17jj.png?v=0.0.1
https://trustwave.blob.core.windows.net/cache/d/e/e/b/f/2/deebf27b0e816e7d750aa93892d379fe0e5893e4.png

88 KB
88 KB

586ms
111ms

Image
image/png

52.239.171.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.blob.core.windows.net/cache/d/e/e/b/f/2/deebf27b0e816e7d750aa93892d379fe0e5893e4.png
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.239.171.228 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1e81a50f50c312323629e4eb6906000ef991477c184dbff8e5b53eeafc8e31e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 27 Jun 2023 20:06:43 GMT
Last-Modified: Tue, 20 Jun 2023 06:07:32 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: K3zcUXZlH4/kzvKgj4XPQw==
ETag: 0x8DB7154A2837A8A
x-ms-meta-ImageProcessedBy: ImageProcessor.Web/4.10.0.100
Content-Type: image/png
x-ms-request-id: 12fab7f3-d01e-0010-2e32-a9abce000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
Content-Length: 89988

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:43 GMT
x-content-type-options: nosniff
server
x-aspnet-version
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://trustwave.blob.core.windows.net/cache/d/e/e/b/f/2/deebf27b0e816e7d750aa93892d379fe0e5893e4.png
cache-control: no-cache
content-length: 219
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

56d77e048c9983c81ea53e517efe00f36640a1bf.png
trustwave.blob.core.windows.net/cache/5/6/d/7/7/e/
Redirect Chain

https://www.trustwave.com/media/20142/picture18jj.png?v=0.0.1
https://trustwave.blob.core.windows.net/cache/5/6/d/7/7/e/56d77e048c9983c81ea53e517efe00f36640a1bf.png

169 KB
169 KB

520ms
111ms

Image
image/png

52.239.171.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.blob.core.windows.net/cache/5/6/d/7/7/e/56d77e048c9983c81ea53e517efe00f36640a1bf.png
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.239.171.228 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a432ddc35f43db449327ca5e32c286fc1bd9e92fb4c4e4d001e05a4760ecf1e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 27 Jun 2023 20:06:44 GMT
Last-Modified: Tue, 20 Jun 2023 06:07:32 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: ZtC0Z5m8fozIDhY2e6aJlw==
ETag: 0x8DB7154A2992233
x-ms-meta-ImageProcessedBy: ImageProcessor.Web/4.10.0.100
Content-Type: image/png
x-ms-request-id: 7ade7d7a-d01e-0062-0c32-a9ac81000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
Content-Length: 172631

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:43 GMT
x-content-type-options: nosniff
server
x-aspnet-version
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://trustwave.blob.core.windows.net/cache/5/6/d/7/7/e/56d77e048c9983c81ea53e517efe00f36640a1bf.png
cache-control: no-cache
content-length: 219
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

b0a3c90202e269939d1d5af3473c1bc9999abadd.png
trustwave.blob.core.windows.net/cache/b/0/a/3/c/9/
Redirect Chain

https://www.trustwave.com/media/20143/picture19jj.png?v=0.0.1
https://trustwave.blob.core.windows.net/cache/b/0/a/3/c/9/b0a3c90202e269939d1d5af3473c1bc9999abadd.png

176 KB
177 KB

1049ms
432ms

Image
image/png

52.239.171.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.blob.core.windows.net/cache/b/0/a/3/c/9/b0a3c90202e269939d1d5af3473c1bc9999abadd.png
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.239.171.228 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0adef222a47e22a5c051a9c28034255f0f60642ef890e41ac2fa634865d95a49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 27 Jun 2023 20:06:44 GMT
Last-Modified: Tue, 20 Jun 2023 06:07:32 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: YYDkRE8TFFTu9DW+LCXaqw==
ETag: 0x8DB7154A2A296B6
x-ms-meta-ImageProcessedBy: ImageProcessor.Web/4.10.0.100
Content-Type: image/png
x-ms-request-id: 1d9f92fa-001e-0003-5632-a98fc2000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
Content-Length: 180651

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:43 GMT
x-content-type-options: nosniff
server
x-aspnet-version
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://trustwave.blob.core.windows.net/cache/b/0/a/3/c/9/b0a3c90202e269939d1d5af3473c1bc9999abadd.png
cache-control: no-cache
content-length: 219
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

f57bcd0aac3a571a0f187721abf1939dfc12d5bb.png
trustwave.blob.core.windows.net/cache/f/5/7/b/c/d/
Redirect Chain

https://www.trustwave.com/media/20144/picture20jj.png?v=0.0.1
https://trustwave.blob.core.windows.net/cache/f/5/7/b/c/d/f57bcd0aac3a571a0f187721abf1939dfc12d5bb.png

173 KB
173 KB

774ms
118ms

Image
image/png

52.239.171.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.blob.core.windows.net/cache/f/5/7/b/c/d/f57bcd0aac3a571a0f187721abf1939dfc12d5bb.png
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.239.171.228 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c589a082ff90f2b6c3f249068c506cad74d0b7e46846a27a9177e481cdcddb3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 27 Jun 2023 20:06:43 GMT
Last-Modified: Tue, 20 Jun 2023 06:07:32 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: tyWPnxP5ZocgULEKTwe7xg==
ETag: 0x8DB7154A29F14C5
x-ms-meta-ImageProcessedBy: ImageProcessor.Web/4.10.0.100
Content-Type: image/png
x-ms-request-id: 12fab8d6-d01e-0010-7132-a9abce000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
Content-Length: 176817

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:43 GMT
x-content-type-options: nosniff
server
x-aspnet-version
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://trustwave.blob.core.windows.net/cache/f/5/7/b/c/d/f57bcd0aac3a571a0f187721abf1939dfc12d5bb.png
cache-control: no-cache
content-length: 219
x-xss-protection: 1; mode=block

GET
H2 200 legacy.min.js Show response
trustwave.azureedge.net/dist/js/ 495 KB
152 KB 44ms
37ms Script
application/javascript 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://trustwave.azureedge.net/dist/js/legacy.min.js?id=1037
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: acb597f6847f2877c81754fdb6a4b483cc05516c2a87865c8d0d02307b670c65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:42 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 16:24:09 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: yG5v7s3rVw9uMb1rb1aZPA==
etag: 0x8DA5922A14C9303
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: f5d94165-d01e-00a9-3af5-8cafd4000000
cache-control: public, max-age=29355428
x-ms-version: 2009-09-19
content-length: 154921

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 37 KB
12 KB 117ms
41ms Script
application/javascript 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98e67b7c00d3ed50871865e8acf0381d72b909eb2360b56261061c9be60bde9e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-varnish-cache: 1
Date: Tue, 27 Jun 2023 20:06:42 GMT
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
CF-Cache-Status: DYNAMIC
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
Age: 1101
X-Cache: HIT
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Tue, 27 Jun 2023 19:58:15 GMT
x-host: player-596996844b-86k7d
Connection: keep-alive
x-vserver: player-varnish-prod-varnish-3
Content-Length: 11160
x-xss-protection: 1; mode=block
X-Served-By: cache-fra-eddf8230063-FRA
X-Player-Backend: p
Server: cloudflare
X-Timer: S1687896403.606114,VS0,VE0
x-backend-proxy: playproxy4
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: player-596996844b-86k7d
Accept-Ranges: bytes
CF-RAY: 7de04fe42e6037cc-FRA
X-Cache-Hits: 987

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
361 B 119ms
26ms Script
text/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Jun 2023 20:06:42 GMT
server: Oracle API Gateway
opc-request-id: /487B88EE1817DCAC4F2CFA00006DDE71/B6375B694720BF7E8B152FD1A14BAE0C
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 rum.js Show response
www.atmrum.net/ 301 B
609 B 123ms
27ms Script
application/javascript 204.79.197.234
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.atmrum.net/rum.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.234 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

80afdcdab5af95e11f8edac404947668a91582b9799723a8d5272483a010f23d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:42 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Jun 2023 22:47:16 GMT
x-msedge-ref: Ref A: 88CE42F128634C88903394C367CE9AF1 Ref B: FRA31EDGE0117 Ref C: 2023-06-27T20:06:42Z
etag: 0x8D4FC0223F2F653
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-MSEdge-Ref
cache-control: no-store
accept-ranges: bytes
timing-allow-origin: *
content-length: 301

GET
H2 200 21158977.js Show response
js-na1.hs-scripts.com/ 2 KB
1 KB 216ms
149ms Script
application/javascript 2606:4700::6812:863b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-na1.hs-scripts.com/21158977.js
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:863b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48c6a1c1b83c94f772d3ca8dc0e10f80dc320fb3a640ce8f12bb0dd12a847c2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:42 GMT
content-encoding: br
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 7b7f4aac-b212-462e-95f1-0dc43a79d594
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ee18e1b8-3f9a-46f8-90f2-a0208ecb3c8c
last-modified: Tue, 27 Jun 2023 19:42:32 GMT
server: cloudflare
x-trace: 2B972FA2A3D0D1A1D8B32EB25D8A7E2C26A9F2DEDA000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.trustwave.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=30
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-5grng
cf-ray: 7de04fe429b8048f-FRA

GET
H2 200 c7ede6b6-5518-4502-94a5-673e62cff495.json Show response
cookie-cdn.cookiepro.com/consent/c7ede6b6-5518-4502-94a5-673e62cff495/ 3 KB
2 KB 89ms
46ms XHR
application/x-javascript 2606:4700::6812:1153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/c7ede6b6-5518-4502-94a5-673e62cff495/c7ede6b6-5518-4502-94a5-673e62cff495.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1153 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

809765ad9401369a9a87159ade197a7893be54c78de5e0c1995f77efbde4a286

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: FlMWWNWt99scM6fkHGo+qw==
age: 62110
x-ms-lease-status: unlocked
last-modified: Tue, 23 May 2023 05:24:03 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9756ce2a-f01e-0016-1336-8dce9a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7de04fe318d02be8-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 274 KB
92 KB 98ms
38ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-54M2ZJN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9bb1ca038e5b7f0ea47d1dfe4f0480f4ee430e5c033eaf969b08baf66167d7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94078
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 19:21:26 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Jun 2023 20:06:42 GMT

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 87ms
34ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;300;400;500;700;900&display=swap

Requested by

Host: trustwave.azureedge.net
URL: https://trustwave.azureedge.net/dist/css/legacy.min.css?id=1037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

87289efaf9cc62bd74432c4048229f1f1f1108973a99460d5676c4caa4fb4923

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trustwave.azureedge.net/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Jun 2023 20:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Jun 2023 20:06:42 GMT

GET
H2 200 otBannerSdk.js Show response
cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/ 403 KB
94 KB 89ms
86ms Script
application/javascript 2606:4700::6812:1153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/otBannerSdk.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1153 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed3a69e3267f056582ed012f7252319adb227fed203a4781eb820ea732aa4594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: fuN6EZWNAh2xn3yE+0HSRQ==
age: 70576
x-ms-lease-status: unlocked
last-modified: Thu, 25 May 2023 07:08:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6cc411c3-d01e-0011-2ddc-8ea2f9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7de04fe3bcb9bbd9-FRA
expires: Wed, 28 Jun 2023 20:06:42 GMT

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 103ms
22ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD6) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:42 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1150
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/4CD6)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 75ec2538-e01e-0094-2530-a9d3f4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Tue, 27 Jun 2023 20:36:42 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ 430 KB
173 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.trustwave.com/
Origin: https://www.trustwave.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 15:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 15:01:57 GMT

GET
H2 200 trustwave-logo-white.svg
trustwave.azureedge.net/dist/svg/logos/trustwave/ 3 KB
3 KB 67ms
65ms Image
image/svg+xml 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.azureedge.net/dist/svg/logos/trustwave/trustwave-logo-white.svg
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b0f35cc025dc27ea345536d4eafc13e52fe2b1c237fd6c4150d4dbf85c323c27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:42 GMT
last-modified: Tue, 28 Jun 2022 16:24:09 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: 6MtEXkwnMy6FcNENYC/dGQ==
etag: 0x8DA5922A14B5AB4
content-type: image/svg+xml
x-ms-request-id: 6d277546-101e-001f-0e38-9adda2000000
cache-control: public, max-age=30760800
x-ms-version: 2009-09-19
content-length: 2776

GET
H2 200 twi-radar-color.svg
trustwave.azureedge.net/dist/svg/icons/trustwave/ 1 KB
2 KB 59ms
57ms Image
image/svg+xml 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.azureedge.net/dist/svg/icons/trustwave/twi-radar-color.svg
Requested by: Host: trustwave.azureedge.net
URL: https://trustwave.azureedge.net/dist/css/legacy.min.css?id=1037
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a6843d5ffd9052e631f84994401389694fd86b7cff2f9910ec6a28814cbb6b03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trustwave.azureedge.net/dist/css/legacy.min.css?id=1037
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:42 GMT
last-modified: Tue, 28 Jun 2022 16:24:12 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: GNjSQQWJRAl3TR5ibPNqMw==
etag: 0x8DA5922A2CA43AF
content-type: image/svg+xml
x-ms-request-id: 0252a5be-b01e-0090-573e-9a54c8000000
cache-control: public, max-age=30030013
x-ms-version: 2009-09-19
content-length: 1533

GET
H2 200 twi-cloud-lock-color.svg
trustwave.azureedge.net/dist/svg/icons/trustwave/ 2 KB
2 KB 58ms
57ms Image
image/svg+xml 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.azureedge.net/dist/svg/icons/trustwave/twi-cloud-lock-color.svg
Requested by: Host: trustwave.azureedge.net
URL: https://trustwave.azureedge.net/dist/css/legacy.min.css?id=1037
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 08529955a8d9e583dacd78d8ade75159e0869e25766fba0ac911d5fa3e3b234b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trustwave.azureedge.net/dist/css/legacy.min.css?id=1037
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:42 GMT
last-modified: Tue, 28 Jun 2022 16:24:10 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: tX3lBpqGWSajnyTY7cF8lg==
etag: 0x8DA5922A1B86291
content-type: image/svg+xml
x-ms-request-id: e7c791dc-001e-0061-78e3-984de5000000
cache-control: public, max-age=29998322
x-ms-version: 2009-09-19
content-length: 1770

GET
H2 200 twi-briefcase-color.svg
trustwave.azureedge.net/dist/svg/icons/trustwave/ 1 KB
2 KB 58ms
57ms Image
image/svg+xml 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.azureedge.net/dist/svg/icons/trustwave/twi-briefcase-color.svg
Requested by: Host: trustwave.azureedge.net
URL: https://trustwave.azureedge.net/dist/css/legacy.min.css?id=1037
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b016380c1e5281bf5629d39c1dd2d79d1d8eec45e77f69d7f101105b93e813e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trustwave.azureedge.net/dist/css/legacy.min.css?id=1037
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:42 GMT
last-modified: Tue, 28 Jun 2022 16:24:10 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: hGlggEcUaBxKcCIx033beQ==
etag: 0x8DA5922A189B913
content-type: image/svg+xml
x-ms-request-id: 43a25455-601e-0083-7f6b-9a70c4000000
cache-control: public, max-age=30432117
x-ms-version: 2009-09-19
content-length: 1289

GET
H2 200 twi-dashboard-color.svg
trustwave.azureedge.net/dist/svg/icons/trustwave/ 8 KB
9 KB 57ms
56ms Image
image/svg+xml 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.azureedge.net/dist/svg/icons/trustwave/twi-dashboard-color.svg
Requested by: Host: trustwave.azureedge.net
URL: https://trustwave.azureedge.net/dist/css/legacy.min.css?id=1037
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 85617163a0d798f5865addd9cb026438b1096093b4cac1838630ad93ebfdf4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trustwave.azureedge.net/dist/css/legacy.min.css?id=1037
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:42 GMT
last-modified: Tue, 28 Jun 2022 16:24:10 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: acoxEKKx1R/DrtFbiOadbQ==
etag: 0x8DA5922A1D77E43
content-type: image/svg+xml
x-ms-request-id: 3d6be6df-301e-006a-04df-9ab68e000000
cache-control: public, max-age=31430617
x-ms-version: 2009-09-19
content-length: 8525

GET
H2 200 twi-database-color.svg
trustwave.azureedge.net/dist/svg/icons/trustwave/ 1 KB
2 KB 67ms
66ms Image
image/svg+xml 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.azureedge.net/dist/svg/icons/trustwave/twi-database-color.svg
Requested by: Host: trustwave.azureedge.net
URL: https://trustwave.azureedge.net/dist/css/legacy.min.css?id=1037
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9a2b09b1bd7190df58b8462804537f71a64e447921a03e62dc16148f9c433511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trustwave.azureedge.net/dist/css/legacy.min.css?id=1037
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:42 GMT
last-modified: Tue, 28 Jun 2022 16:24:10 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: q85KHiSPCUDrj48jT/7LXA==
etag: 0x8DA5922A1DAB208
content-type: image/svg+xml
x-ms-request-id: 5b44b31a-a01e-009c-60b1-9ac3c0000000
cache-control: public, max-age=30035575
x-ms-version: 2009-09-19
content-length: 1431

GET
H2 200 twi-email-color.svg
trustwave.azureedge.net/dist/svg/icons/trustwave/ 719 B
1015 B 73ms
73ms Image
image/svg+xml 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.azureedge.net/dist/svg/icons/trustwave/twi-email-color.svg
Requested by: Host: trustwave.azureedge.net
URL: https://trustwave.azureedge.net/dist/css/legacy.min.css?id=1037
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b9833a558a67d159aa6139bb0b9168560a37f580ae04654ccc7b6b1ce0d75ea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trustwave.azureedge.net/dist/css/legacy.min.css?id=1037
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:42 GMT
last-modified: Tue, 28 Jun 2022 16:24:10 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: eVpqIsKpjw3YUN0OY6Y/Tw==
etag: 0x8DA5922A1F89567
content-type: image/svg+xml
x-ms-request-id: 5602e0ec-501e-0098-18ed-9a4ec7000000
cache-control: public, max-age=31430617
x-ms-version: 2009-09-19
content-length: 719

GET
H2 200 twi-managed-portal-color.svg
trustwave.azureedge.net/dist/svg/icons/trustwave/ 12 KB
12 KB 67ms
66ms Image
image/svg+xml 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.azureedge.net/dist/svg/icons/trustwave/twi-managed-portal-color.svg
Requested by: Host: trustwave.azureedge.net
URL: https://trustwave.azureedge.net/dist/css/legacy.min.css?id=1037
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2071a3274f291c02c034caf6889a9e7267640862d6d22d348507e929534e74f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trustwave.azureedge.net/dist/css/legacy.min.css?id=1037
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:42 GMT
last-modified: Tue, 28 Jun 2022 16:24:11 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: MIxQ1hT8XSaqnrbBWdMTUQ==
etag: 0x8DA5922A2480803
content-type: image/svg+xml
x-ms-request-id: 93c6d8c3-601e-0093-6343-ddb5ac000000
cache-control: public, max-age=30608953
x-ms-version: 2009-09-19
content-length: 12197

GET
H2 200 loading-white.svg
www.trustwave.com/img/utility/ 687 B
771 B 486ms
485ms Image
image/svg+xml 52.151.96.240
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.trustwave.com/img/utility/loading-white.svg

Requested by

Host: www.trustwave.com
URL: https://www.trustwave.com/dist/css/styles.min.css?id=1037

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.96.240 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4d84802c2cc3550892199289d28a046c4e1d011964c7c7f9d43bdeebecf107de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/dist/css/styles.min.css?id=1037
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Jun 2023 03:13:46 GMT
server
x-aspnet-version
etag: "0918362a5a8d91:0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 687
x-xss-protection: 1; mode=block

GET
H2 200 Feather.ttf
www.trustwave.com/fonts/feather/ 64 KB
64 KB 499ms
499ms Font
application/octet-stream 52.151.96.240
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trustwave.com/fonts/feather/Feather.ttf?sdxovp

Requested by

Host: www.trustwave.com
URL: https://www.trustwave.com/dist/css/feather.css?id=1037

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.96.240 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e103929dd758126ea4a090ff0e33b620f3ceb1b81ffad1345023c95661c84d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.trustwave.com/dist/css/feather.css?id=1037
Origin: https://www.trustwave.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Jun 2023 03:12:44 GMT
server
x-aspnet-version
etag: "01e8f3da5a8d91:0"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
accept-ranges: bytes
content-length: 65112
x-xss-protection: 1; mode=block

GET
H2 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfMZg.ttf
fonts.gstatic.com/s/inter/v11/ 296 KB
144 KB 79ms
21ms Font
font/ttf 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v11/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfMZg.ttf

Requested by

Host: www.trustwave.com
URL: https://www.trustwave.com/dist/css/styles.min.css?id=1037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddda5bfbb5cfd3c61a5ae0075a6b5719d1eca08ce1575fe1bad14fe7f79a5f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.trustwave.com/
Origin: https://www.trustwave.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 18:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146696
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:40:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 18:09:37 GMT

GET
H2 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuI6fMZg.ttf
fonts.gstatic.com/s/inter/v11/ 301 KB
153 KB 135ms
78ms Font
font/ttf 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v11/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuI6fMZg.ttf

Requested by

Host: www.trustwave.com
URL: https://www.trustwave.com/dist/css/styles.min.css?id=1037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8032d79deba14b8b207f78489b5cb3b7dd8c39e3519688988e075c30aa128157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.trustwave.com/
Origin: https://www.trustwave.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Sat, 24 Jun 2023 20:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 156504
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:30:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 20:39:29 GMT

GET
H2 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuFuYMZg.ttf
fonts.gstatic.com/s/inter/v11/ 303 KB
155 KB 140ms
83ms Font
font/ttf 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v11/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuFuYMZg.ttf

Requested by

Host: www.trustwave.com
URL: https://www.trustwave.com/dist/css/styles.min.css?id=1037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

399275d88086e4012aa96f7769747462bee9f414f38ab6df75ac13dbc03ccfe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.trustwave.com/
Origin: https://www.trustwave.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Sun, 25 Jun 2023 05:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158245
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:30:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Jun 2024 05:38:19 GMT

GET
H2 200 en.json Show response
cookie-cdn.cookiepro.com/consent/c7ede6b6-5518-4502-94a5-673e62cff495/f45c1dcb-4e3d-4ab0-a829-22e58a3f19f6/ 44 KB
10 KB 50ms
49ms Fetch
application/x-javascript 2606:4700::6812:1153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/c7ede6b6-5518-4502-94a5-673e62cff495/f45c1dcb-4e3d-4ab0-a829-22e58a3f19f6/en.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1153 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f8bc26c4789780ae3a330a2d348a7c806e3e019f852d543937745e0512d4e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: zSu/aRykCTI2vfMfJM1amQ==
age: 4112
x-ms-lease-status: unlocked
last-modified: Tue, 23 May 2023 05:24:03 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0a7af8b4-001e-0002-4e36-8d86f5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7de04fe48a952be8-FRA

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 130 KB
49 KB 84ms
30ms Script
application/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-5B38B7F

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54M2ZJN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

180bfe5289396add1808d9ce8fa113e02c0eb823c7b4e9f75c3dc5703a21501d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 50303
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Jun 2023 20:06:42 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
772 B 142ms
46ms Script
application/x-javascript 2a02:26f0:3100::1735:28b2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54M2ZJN

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:28b2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

42c9d1df23e2f7d82d90b2bd6bab3b5398e81889cb9bde1d4a530acc663c9c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Jun 2023 17:35:57 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=68831
accept-ranges: bytes
content-length: 560

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 111ms
21ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54M2ZJN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:42 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220116-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/494613180/ 3 KB
2 KB 93ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/494613180/?random=1687896402689&cv=11&fst=1687896402689&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&hn=www.googleadservices.com&frm=0&tiba=Honeypot%20Recon%3A%20MSSQL%20Server%20%E2%80%93%20Database%20Threat%20Overview%20%2722%2F%2723%20%7C%20Trustwave&auid=1857590066.1687896403&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54M2ZJN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83fb7a24beceb1a4fdf940b00d446e9ca94003f1ed53f4aa8a164923e6faa4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 20:06:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1367
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activityi;src=10419288;type=trust0;cat=trust0;ord=4070759502462;gtm=45He36q0;auiddc=1857590066.1687896403;u1=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot... Show response
10419288.fls.doubleclick.net/ Frame 5D60 983 B
926 B 164ms
60ms Document
text/html 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10419288.fls.doubleclick.net/activityi;src=10419288;type=trust0;cat=trust0;ord=4070759502462;gtm=45He36q0;auiddc=1857590066.1687896403;u1=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54M2ZJN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

3ff8afe5ed8807374585f39d66586c8c790dd6f96c7a4d9946c8f3d9695a34d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.trustwave.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 400
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 20:06:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activityi;src=9785483;type=siter0;cat=siter00;ord=6601719101295;gtm=45He36q0;auiddc=1857590066.1687896403;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.trustwave.com%2Fen-us... Show response
9785483.fls.doubleclick.net/ Frame 565B 721 B
921 B 150ms
58ms Document
text/html 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9785483.fls.doubleclick.net/activityi;src=9785483;type=siter0;cat=siter00;ord=6601719101295;gtm=45He36q0;auiddc=1857590066.1687896403;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54M2ZJN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

f252e382f36692bcdbe514f096120a378a5475ff6079162bcaab562a85cfc206

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.trustwave.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 394
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 20:06:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 170 KB
47 KB 72ms
21ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab8666c9c5f434bb652bf6ee88cb6ff9e51b120c0c38648fd3352168bcb96dae

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Jun 2023 20:06:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46730
x-xss-protection: 0
pragma: public
x-fb-debug: PjM55Xu2fLMiJRxc0k71MIjA98LCHHPW7J6MGQ3nBWvtIfH6XOv+MN3PoVuwc3LJA/Y7dH8XNs8PX2admEDIAA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

96dff353-a928-44b4-b1d0-6432c69133ba_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/96dff353-a928-44b4-b1d0-6432c69133ba.js
https://cdn.mouseflow.com/projects/96dff353-a928-44b4-b1d0-6432c69133ba_eu.js

192 KB
56 KB

25ms
25ms

Script
application/javascript

151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mouseflow.com/projects/96dff353-a928-44b4-b1d0-6432c69133ba_eu.js

Requested by

Protocol

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Mouseflow /

Resource Hash

a4c6f490f7db151fb0dd9ce3339d17fdc511dabe0252f5b73bdf67b20268b107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 06 Jun 2023 15:54:49 GMT
server: Mouseflow
etag: W/"f6ff75398f98d91:0"
x-cache-status: HIT
x-hw: 1687896402.cds329.fr8.hn,1687896402.cds221.fr8.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 57442

Redirect headers

date: Tue, 27 Jun 2023 20:06:42 GMT
x-hw: 1687896402.cds329.fr8.hn,1687896402.cds255.fr8.c
location: https://cdn.mouseflow.com/projects/96dff353-a928-44b4-b1d0-6432c69133ba_eu.js
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-hw-loc: https://cdn.mouseflow.com/projects/96dff353-a928-44b4-b1d0-6432c69133ba.js
content-length: 0

GET
H2 200 22616067.js Show response
js-na1.hs-scripts.com/ 978 B
652 B 180ms
180ms Script
application/javascript 2606:4700::6812:863b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-na1.hs-scripts.com/22616067.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54M2ZJN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:863b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd6112d6912f3b8e7bf868040f108bc6c339386ace7d11a9522e19b0b1bbcc20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:42 GMT
content-encoding: br
cf-cache-status: EXPIRED
x-hubspot-correlation-id: cb98ba91-22ce-49dc-a52f-251bed81ccae
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 11
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1c8ca111-bc22-479f-9b28-f926aff269f7
last-modified: Tue, 27 Jun 2023 19:42:32 GMT
server: cloudflare
x-trace: 2B080CE7719A80BEF81D430C7B4FAA7FE997CF441C000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.trustwave.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=30
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-2nhmb
cf-ray: 7de04fe50a8f048f-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
90 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DP8B111F8E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54M2ZJN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83b67928c4d43907334640138124200a945183db38f6f96305d0a5e05da3fdd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91642
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Jun 2023 20:06:42 GMT

GET
H/1.1 200
OK json Show response
forms.hsforms.com/embed/v3/form/21158977/92358282-9e9e-4fe6-a21f-c30c1e55336d/ 53 KB
8 KB 250ms
192ms XHR
application/json 2606:4700::6811:d5f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/21158977/92358282-9e9e-4fe6-a21f-c30c1e55336d/json?hs_static_app=forms-embed&hs_static_app_version=1.3372&X-HubSpot-Static-App-Info=forms-embed-1.3372

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f295a6c12b881fb7b33847adb08254903faf0d12ab18048a661431ac581ed00b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.trustwave.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

X-Origin-Hublet: na1
Date: Tue, 27 Jun 2023 20:06:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: br
CF-Cache-Status: DYNAMIC
X-HubSpot-Correlation-Id: a52af367-71a8-4d25-a6ee-40edb7b68ac4
x-evy-trace-route-service-name: envoyset-translator
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 19
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 64752989-b95e-432e-8888-b7ec36ac1f1e
Server: cloudflare
X-Trace: 2B80196F646B606C988D7CBA5F46F29E58A5516108000000000000000000
Vary: origin
Access-Control-Allow-Methods: OPTIONS, GET
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.trustwave.com
x-evy-trace-virtual-host: all
Access-Control-Expose-Headers: X-Origin-Hublet
Access-Control-Max-Age: 180
Access-Control-Allow-Credentials: false
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
Access-Control-Allow-Headers: *
CF-RAY: 7de04fe5df99365a-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-f4t27

GET
H/1.1

200
OK

a8c4434c70c4e1e6102f99b8fa9d52122c530944.jpg
trustwave.blob.core.windows.net/cache/a/8/c/4/4/3/
Redirect Chain

https://www.trustwave.com/media/15279/sl-blog-default-image.jpg?anchor=center&mode=crop&width=400&rnd=131897042940000000
https://trustwave.blob.core.windows.net/cache/a/8/c/4/4/3/a8c4434c70c4e1e6102f99b8fa9d52122c530944.jpg

9 KB
10 KB

431ms
114ms

Image
image/jpeg

52.239.171.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustwave.blob.core.windows.net/cache/a/8/c/4/4/3/a8c4434c70c4e1e6102f99b8fa9d52122c530944.jpg
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.239.171.228 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9998a28912966aa8ae78c7bae4b70bce32095ac4cafb972428f96c60bf374a98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 27 Jun 2023 20:06:43 GMT
Last-Modified: Sat, 28 Jan 2023 22:26:27 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: MsdJ7/i6e4BXG2Gh7eeTmQ==
ETag: 0x8DB017EB2C0DC88
x-ms-meta-ImageProcessedBy: ImageProcessor.Web/4.10.0.100
Content-Type: image/jpeg
x-ms-request-id: 7ade7bb8-d01e-0062-7d32-a9ac81000000
Cache-Control: public, max-age=31536000
x-ms-version: 2009-09-19
Content-Length: 9529

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:42 GMT
x-content-type-options: nosniff
server
x-aspnet-version
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://trustwave.blob.core.windows.net/cache/a/8/c/4/4/3/a8c4434c70c4e1e6102f99b8fa9d52122c530944.jpg
cache-control: no-cache
content-length: 219
x-xss-protection: 1; mode=block

GET
H2 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuOKfMZg.ttf
fonts.gstatic.com/s/inter/v11/ 297 KB
151 KB 22ms
21ms Font
font/ttf 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v11/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuOKfMZg.ttf

Requested by

Host: www.trustwave.com
URL: https://www.trustwave.com/dist/css/styles.min.css?id=1037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5948fc8f016a175f6dc4b0e00bc4dbbc93875315d7af4469ab7e4c0c47f4c269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.trustwave.com/
Origin: https://www.trustwave.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Wed, 21 Jun 2023 18:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 523930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 154459
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:40:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jun 2024 18:34:32 GMT

GET
H2 200 MaterialIcons-Regular.woff2
www.trustwave.com/fonts/material-icons/ 43 KB
43 KB 213ms
213ms Font
application/x-font-woff2 52.151.96.240
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trustwave.com/fonts/material-icons/MaterialIcons-Regular.woff2

Requested by

Host: www.trustwave.com
URL: https://www.trustwave.com/dist/css/styles.min.css?id=1037

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.96.240 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.trustwave.com/dist/css/styles.min.css?id=1037
Origin: https://www.trustwave.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Jun 2023 03:12:44 GMT
server
x-aspnet-version
etag: "01e8f3da5a8d91:0"
x-frame-options: SAMEORIGIN
content-type: application/x-font-woff2
accept-ranges: bytes
content-length: 44300
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK json Show response
forms.hsforms.com/embed/v3/form/21158977/cfc901a2-eafd-46d4-a988-cdec75f02fd1/ 53 KB
8 KB 197ms
152ms XHR
application/json 2606:4700::6811:d5f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/21158977/cfc901a2-eafd-46d4-a988-cdec75f02fd1/json?hs_static_app=forms-embed&hs_static_app_version=1.3372&X-HubSpot-Static-App-Info=forms-embed-1.3372

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bff143a6cc220d778f407ad5e3d492da7a9835e5fa937a28796605e8a83195c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.trustwave.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

X-Origin-Hublet: na1
Date: Tue, 27 Jun 2023 20:06:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: br
CF-Cache-Status: DYNAMIC
X-HubSpot-Correlation-Id: 0c71a491-8ba3-4564-88c2-d208bf1efea2
x-evy-trace-route-service-name: envoyset-translator
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 22
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b8178573-889e-4a7e-b56f-6747512d7475
Server: cloudflare
X-Trace: 2BF96987C9181C1E28103B0D0522335765636B6AEF000000000000000000
Vary: origin
Access-Control-Allow-Methods: OPTIONS, GET
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.trustwave.com
x-evy-trace-virtual-host: all
Access-Control-Expose-Headers: X-Origin-Hublet
Access-Control-Max-Age: 180
Access-Control-Allow-Credentials: false
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
Access-Control-Allow-Headers: *
CF-RAY: 7de04fe64fb6916a-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-jn5ls

GET
H2 200 otFlat.json Show response
cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/assets/ 13 KB
3 KB 32ms
32ms Fetch
application/json 2606:4700::6812:1153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/assets/otFlat.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1153 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa355c393e03f831dbdbcc678ba16396aab95930b1bc5b0549695d40cc955ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: iCAxFkQWfzfDHevR0IbBjg==
age: 4112
x-ms-lease-status: unlocked
last-modified: Thu, 25 May 2023 07:08:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 0de38b04-101e-0021-480e-8f1c36000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7de04fe61c6c2be8-FRA
expires: Wed, 28 Jun 2023 20:06:42 GMT

GET
H2 200 otPcCenter.json Show response
cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/assets/v2/ 61 KB
13 KB 35ms
35ms Fetch
application/json 2606:4700::6812:1153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/assets/v2/otPcCenter.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1153 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: Nrtw9V+L/sfw1fri0BTPUA==
age: 4112
x-ms-lease-status: unlocked
last-modified: Thu, 25 May 2023 07:08:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2df8f15d-301e-0054-760e-8f771a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7de04fe61c6d2be8-FRA
expires: Wed, 28 Jun 2023 20:06:42 GMT

GET
H2 200 otCommonStyles.css Show response
cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/assets/ 21 KB
4 KB 34ms
34ms Fetch
text/css 2606:4700::6812:1153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/assets/otCommonStyles.css

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1153 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 4112
x-ms-lease-status: unlocked
last-modified: Thu, 25 May 2023 07:08:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 64605b3e-a01e-009d-4b0e-8fcaf7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7de04fe61c6f2be8-FRA
expires: Wed, 28 Jun 2023 20:06:42 GMT

GET
H/1.1 200
OK json Show response
forms.hsforms.com/embed/v3/form/21158977/cfc901a2-eafd-46d4-a988-cdec75f02fd1/ 53 KB
8 KB 213ms
167ms XHR
application/json 2606:4700::6811:d5f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/21158977/cfc901a2-eafd-46d4-a988-cdec75f02fd1/json?hs_static_app=forms-embed&hs_static_app_version=1.3372&X-HubSpot-Static-App-Info=forms-embed-1.3372

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebcc1ad68f71d2603293b21a5d6335d6a511c31c9fd301a2690be2ce8f714047

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.trustwave.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

X-Origin-Hublet: na1
Date: Tue, 27 Jun 2023 20:06:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: br
CF-Cache-Status: DYNAMIC
X-HubSpot-Correlation-Id: 689f369f-7e0f-4fac-b28d-814e18ba5da4
x-evy-trace-route-service-name: envoyset-translator
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 28
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a790d3a9-5c5d-4d35-8fd5-ca964d5446c5
Server: cloudflare
X-Trace: 2B60C547671B5880C17289A157AB4254B1CC00D362000000000000000000
Vary: origin
Access-Control-Allow-Methods: OPTIONS, GET
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.trustwave.com
x-evy-trace-virtual-host: all
Access-Control-Expose-Headers: X-Origin-Hublet
Access-Control-Max-Age: 180
Access-Control-Allow-Credentials: false
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
Access-Control-Allow-Headers: *
CF-RAY: 7de04fe69acf1caf-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-cxrpn

GET
H/1.1 200
OK json Show response
forms.hsforms.com/embed/v3/form/21158977/de7ea1d6-a749-4248-88db-dc813310bec6/ 53 KB
8 KB 228ms
184ms XHR
application/json 2606:4700::6811:d5f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/21158977/de7ea1d6-a749-4248-88db-dc813310bec6/json?hs_static_app=forms-embed&hs_static_app_version=1.3372&X-HubSpot-Static-App-Info=forms-embed-1.3372

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e80e2186672b1ebc4c9cf653d86913b2384acd0ded0fdd1bc0b6200fd9621f05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.trustwave.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

X-Origin-Hublet: na1
Date: Tue, 27 Jun 2023 20:06:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: br
CF-Cache-Status: DYNAMIC
X-HubSpot-Correlation-Id: 434b5ae4-b7f2-411c-97ce-b7d545947953
x-evy-trace-route-service-name: envoyset-translator
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 39
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 48fc15b4-45fe-45d4-ae12-1f9118d061c8
Server: cloudflare
X-Trace: 2B110ACAA95A1467FC039BED50FC593BB6BE9CEDBB000000000000000000
Vary: origin
Access-Control-Allow-Methods: OPTIONS, GET
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.trustwave.com
x-evy-trace-virtual-host: all
Access-Control-Expose-Headers: X-Origin-Hublet
Access-Control-Max-Age: 180
Access-Control-Allow-Credentials: false
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
Access-Control-Allow-Headers: *
CF-RAY: 7de04fe6ad6c9101-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-j4dtm

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 23ms
22ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54M2ZJN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Jun 2023 19:04:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3721
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 27 Jun 2023 21:04:41 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 132ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DP8B111F8E&gtm=45je36q0&_p=2107771472&_gaz=1&cid=1127171977.1687896403&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687896402&sct=1&seg=0&dl=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&dt=Honeypot%20Recon%3A%20MSSQL%20Server%20%E2%80%93%20Database%20Threat%20Overview%20%2722%2F%2723%20%7C%20Trustwave&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DP8B111F8E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 20:06:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trustwave.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 131ms
28ms Ping
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DP8B111F8E&cid=1127171977.1687896403&gtm=45je36q0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DP8B111F8E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 20:06:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trustwave.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 149ms
45ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DP8B111F8E&cid=1127171977.1687896403&gtm=45je36q0&aip=1&z=1157884663

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 20:06:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 src=9785483;type=siter0;cat=siter00;ord=6601719101295;gtm=45He36q0;auiddc=1857590066.1687896403;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresourc... Show response
adservice.google.com/ddm/fls/i/ Frame 32AB 720 B
774 B 115ms
59ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/src=9785483;type=siter0;cat=siter00;ord=6601719101295;gtm=45He36q0;auiddc=1857590066.1687896403;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email

Requested by

Host: 9785483.fls.doubleclick.net
URL: https://9785483.fls.doubleclick.net/activityi;src=9785483;type=siter0;cat=siter00;ord=6601719101295;gtm=45He36q0;auiddc=1857590066.1687896403;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47cd0963360b4b754c3cadfbe22d63b30b26c891474bffdc860b1e524c0d1b3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9785483.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 399
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 20:06:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/494613180/ 42 B
327 B 35ms
34ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/494613180/?random=1687896402689&cv=11&fst=1687896000000&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&frm=0&tiba=Honeypot%20Recon%3A%20MSSQL%20Server%20%E2%80%93%20Database%20Threat%20Overview%20%2722%2F%2723%20%7C%20Trustwave&fmt=3&is_vtc=1&random=3712405746&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 20:06:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/494613180/ 42 B
455 B 134ms
33ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/494613180/?random=1687896402689&cv=11&fst=1687896000000&bg=ffffff&guid=ON&async=1&gtm=45He36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&frm=0&tiba=Honeypot%20Recon%3A%20MSSQL%20Server%20%E2%80%93%20Database%20Threat%20Overview%20%2722%2F%2723%20%7C%20Trustwave&fmt=3&is_vtc=1&random=3712405746&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 20:06:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 657537318161329 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 82ms
81ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/657537318161329?v=2.9.109&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55e7c16cece26a11545f539a52d5af51895ee9c97c94fc6b5336d21e8a5ea94b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Jun 2023 20:06:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: DWzMARX838ya5TRf18/tngvgAnB++RLml6iPngAewlzoWkuicTsoIVNaEHbjdmE7TgBe1T+a4W/gJhwexcy40Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 src=10419288;type=trust0;cat=trust0;ord=4070759502462;gtm=45He36q0;auiddc=1857590066.1687896403;u1=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mss... Show response
adservice.google.com/ddm/fls/i/ Frame 7B0F 982 B
473 B 115ms
60ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/src=10419288;type=trust0;cat=trust0;ord=4070759502462;gtm=45He36q0;auiddc=1857590066.1687896403;u1=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email

Requested by

Host: 10419288.fls.doubleclick.net
URL: https://10419288.fls.doubleclick.net/activityi;src=10419288;type=trust0;cat=trust0;ord=4070759502462;gtm=45He36q0;auiddc=1857590066.1687896403;u1=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36d091a5c5b3aa312c51ea63253d6290d7970fc1daf47655f95b98b81618fe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10419288.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 403
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 20:06:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK json Show response
forms.hsforms.com/embed/v3/form/21158977/68741a11-8e56-4f23-ba7f-b2307e77714c/ 2 KB
2 KB 189ms
150ms XHR
application/json 2606:4700::6811:d5f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/21158977/68741a11-8e56-4f23-ba7f-b2307e77714c/json?hs_static_app=forms-embed&hs_static_app_version=1.3372&X-HubSpot-Static-App-Info=forms-embed-1.3372

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b70cea9e957c821b70be13476badce7d101815cb43ac929964c6613553124fac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.trustwave.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

X-Origin-Hublet: na1
Date: Tue, 27 Jun 2023 20:06:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: br
CF-Cache-Status: DYNAMIC
X-HubSpot-Correlation-Id: 4ae09a21-faee-4c34-8728-2fb3d8dbfa52
x-evy-trace-route-service-name: envoyset-translator
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 6
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6d73e9e7-0a95-4afe-bb00-a976281ce1e1
Server: cloudflare
X-Trace: 2BB95D49C16720352991A41DF0292E7E9D8E44B42E000000000000000000
Vary: origin
Access-Control-Allow-Methods: OPTIONS, GET
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.trustwave.com
x-evy-trace-virtual-host: all
Access-Control-Expose-Headers: X-Origin-Hublet
Access-Control-Max-Age: 180
Access-Control-Allow-Credentials: false
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
Access-Control-Allow-Headers: *
CF-RAY: 7de04fe709a2365a-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-qr8ft

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
2 KB 195ms
28ms Script
application/x-javascript 104.77.31.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: trustwave.azureedge.net
URL: https://trustwave.azureedge.net/dist/js/legacy.min.js?id=1037
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.31.43 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-77-31-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

Date: Tue, 27 Jun 2023 20:06:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 adsct
t.co/i/ 43 B
203 B 193ms
134ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=06d9bc76-e894-4ffb-982f-0afb282ab752&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c37b4e91-d9e3-4c44-92e3-8177b5bc224f&tw_document_href=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4ya5&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-response-time: 111
date: Tue, 27 Jun 2023 20:06:42 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 2e0656eb23a13aa7
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 1af7768fb9d3a25f0e4b3a607ae5965994a8216fdac9a9b838fbc5bce0c0fc66
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 271ms
191ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=06d9bc76-e894-4ffb-982f-0afb282ab752&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c37b4e91-d9e3-4c44-92e3-8177b5bc224f&tw_document_href=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4ya5&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-response-time: 169
date: Tue, 27 Jun 2023 20:06:43 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 871eacd918af8593
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: f833faafc6dc1fc1f3bfbea25d2c67c232de5b9860bb8c173230a837bc1220f6
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
378 B 190ms
132ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=aea1edc0-0b80-45b7-a42d-22b12e15b927&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c37b4e91-d9e3-4c44-92e3-8177b5bc224f&tw_document_href=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4ya5&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-response-time: 109
date: Tue, 27 Jun 2023 20:06:42 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: c8cdd8182fbc835c
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 1af7768fb9d3a25f0e4b3a607ae5965994a8216fdac9a9b838fbc5bce0c0fc66
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
240 B 276ms
197ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=aea1edc0-0b80-45b7-a42d-22b12e15b927&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c37b4e91-d9e3-4c44-92e3-8177b5bc224f&tw_document_href=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4ya5&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-response-time: 174
date: Tue, 27 Jun 2023 20:06:42 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 5b4907a17ccd515d
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: f833faafc6dc1fc1f3bfbea25d2c67c232de5b9860bb8c173230a837bc1220f6
content-length: 43

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 37ms
37ms Script
application/x-javascript 2a02:26f0:3100::1735:28b2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:28b2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Jun 2023 22:23:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=13611
accept-ranges: bytes
content-length: 4807

GET
H2 200 fpv2.min.js Show response
www.atmrum.net/client/v1/atm/ 3 KB
3 KB 24ms
23ms Script
application/javascript 204.79.197.234
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.atmrum.net/client/v1/atm/fpv2.min.js

Requested by

Host: www.atmrum.net
URL: https://www.atmrum.net/rum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.234 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

32ea28e4cc9fb2662d406bc5e859f774b58f927861c31864c33cb81aa8263aac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:42 GMT
x-content-type-options: nosniff
last-modified: Sat, 10 Jun 2023 21:31:02 GMT
x-msedge-ref: Ref A: 7349BCD28DDD4924B4F3A5C76FC27C33 Ref B: FRA31EDGE0117 Ref C: 2023-06-27T20:06:43Z
etag: 0x8D501F7AFB7338D
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-MSEdge-Ref
cache-control: no-store
accept-ranges: bytes
timing-allow-origin: *
content-length: 2983

GET
H2 200 c7ede6b6-5518-4502-94a5-673e62cff495.json Show response
cookie-cdn.cookiepro.com/consent/c7ede6b6-5518-4502-94a5-673e62cff495/ 3 KB
2 KB 44ms
43ms XHR
application/x-javascript 2606:4700::6812:1153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/c7ede6b6-5518-4502-94a5-673e62cff495/c7ede6b6-5518-4502-94a5-673e62cff495.json

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1153 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

809765ad9401369a9a87159ade197a7893be54c78de5e0c1995f77efbde4a286

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: FlMWWNWt99scM6fkHGo+qw==
age: 62111
x-ms-lease-status: unlocked
last-modified: Tue, 23 May 2023 05:24:03 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9756ce2a-f01e-0016-1336-8dce9a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7de04fe72d832be8-FRA

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/22616067/ 209 KB
64 KB 478ms
420ms Script
text/javascript 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/22616067/banner.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/22616067.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed8376e9badc551507bafcee5df98369b04c2091086bd161f641209d558e603c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:43 GMT
x-amz-version-id: 56gDbMFi7wXJ5SlcURoN2W5oEr0CY1M5
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: GPAQN29041ZJVVCN
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 59
x-amz-id-2: p4o4eQCenst6U2/Elm5UZszvw14EVxEXEIzo2F0rZejBci+uxxJEAVYw743aISvukHjm0nRi/68=
x-evy-trace-listener: listener_https
x-request-id: 32ff2402-9dc8-4f9f-b111-40e76cb28339
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 22 Jun 2023 19:48:40 GMT
server: cloudflare
etag: W/"08f42533849a02e3d81531e1c710c278"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.trustwave.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-f4w7q
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7de04fe78c11bbc1-FRA
expires: Tue, 27 Jun 2023 20:11:43 GMT

GET
H2 200 22616067.js Show response
js.hs-analytics.net/analytics/1687896300000/ 66 KB
21 KB 234ms
169ms Script
text/javascript 2606:4700::6810:8ace
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1687896300000/22616067.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/22616067.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2f4c3fd1718ae1083436a631cefaeb5ec341110a5aab47cebe7e0ee34630709

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:43 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: KJ7N4QZKNP4Z1FWM
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 22
x-amz-id-2: ReUBQePSppR2vkf+2HEsKXwrQr80WLlfYnhgsK4Tb+uf5jqGk4kjttj6IqcpUe7LN2PuRzfzt0U=
x-evy-trace-listener: listener_https
x-request-id: 4401dcb4-910d-41c3-9bed-1a80b23907ee
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 15 Jun 2023 15:33:08 GMT
server: cloudflare
etag: W/"78857cf89f2fdb48fb5258b75ac2b106"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-9vnjb
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7de04fe7e9728fce-FRA
expires: Tue, 27 Jun 2023 20:11:43 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/21158977/ 209 KB
63 KB 428ms
420ms Script
text/javascript 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/21158977/banner.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/21158977.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b40a93cfffc7cc88b425c84b80cf85f60577787fb1e9a0a77acbe1f3bd6389d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:43 GMT
x-amz-version-id: YmU9KHJWFldI3_SW2dhultvMKGSaoehL
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: CYHMVAXBHMQ83J7M
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 40
x-amz-id-2: CmewDpvESYFErCU6vclgz+FaufT9qa39sJC7+mdLVWDIR7sqlTXnclqAviKstfkIqBPSPEckSfw=
x-evy-trace-listener: listener_https
x-request-id: 7ca07d06-9dbb-4d02-a500-1a7fba026de1
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 22 Jun 2023 18:56:38 GMT
server: cloudflare
etag: W/"40857cbc36102f3da8233a58b1429a8a"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://info.trustwave.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-ns2gd
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7de04fe78c12bbc1-FRA
expires: Tue, 27 Jun 2023 20:11:43 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 187ms
124ms Script
application/javascript 2606:4700::6811:6ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/21158977.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f148a333a7585ab1391cceb303d946f5bf1b38ba6bb8eae863125ccde728bb3

Request headers

Referer: https://www.trustwave.com/
Origin: https://www.trustwave.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:43 GMT
x-amz-version-id: S1jmwKbmrdTaJO._teNI0LpuWSvl4WIJ
via: 1.1 7c77abdf1c625c25627fe2a24e660a34.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.378/bundles/project.js&cfRay=7de04fe7ebee3735-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 99753a89-2d2c-472a-a98c-23dd2ce3a4ce
last-modified: Tue, 13 Jun 2023 09:45:35 UTC
server: cloudflare
etag: W/"b19afd994dc32a5784e74169cca8128a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-cxzff
cf-ray: 7de04fe7ebee3735-FRA
x-amz-cf-id: Z94NqmItzBfn7FF9cOy2V8fhjyW-6KC0RjsoU5tJU7-awsH29kUYmA==
x-hs-target-asset: collected-forms-embed-js/static-1.378/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 98ms
28ms Script
application/javascript 2606:4700::6810:79be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/21158977.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:79be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1874f11501aa7118cdfa7af21a9ef1c87301e917881dc941831b122d82b34a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:43 GMT
x-amz-version-id: tZNqk9JR4hpL4HhK3M1JevHxbsFiShRO
via: 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 114
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.382/bundles/pixels-release.js&cfRay=7de04d1efe6c9b6a-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 009bcd1b-be18-4b1c-a363-7da2bcd86117
last-modified: Tue, 20 Jun 2023 11:26:10 UTC
server: cloudflare
etag: W/"15e730192a32cd4563797f160ff1fd6f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-qrxbq
cf-ray: 7de04fe80c2d047a-FRA
x-amz-cf-id: YntPiXDobSDmwKMMBZIT75j7lQTSStUU0iBq2mezubU6e15Fo5644g==
x-hs-target-asset: adsscriptloaderstatic/static-1.382/bundles/pixels-release.js

GET
H2 200 init Show response
n2.mouseflow.com/ 0
213 B 1426ms
112ms XHR
text/plain 192.96.202.198
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL

https://n2.mouseflow.com/init?v=17.89&p=96dff353-a928-44b4-b1d0-6432c69133ba&s=6d68e819ed2f887bcc40c711a2ec4579&page=062743610d9123b59d372fadfde7146b75fd35ba&ret=0&u=a89a4f799d95865f902126b5509331c7&href=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&url=%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23&ref=&title=Honeypot%20Recon%3A%20MSSQL%20Server%20%E2%80%93%20Database%20Threat%20Overview%20%2722%2F%2723%20%7C%20Trustwave&res=1600x1200&tz=0&to=0&dnt=0&ori=&dw=1600&dh=1200&time=1030&pxr=1&gdpr=1&vars=utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D264045642%26utm_campaign%3DNWS%2520Trustwave%2520Digest

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.96.202.198 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

Mouseflow /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.trustwave.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0
Content-type: text/plain

Response headers

date: Tue, 27 Jun 2023 20:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Mouseflow
x-recorder: rec-19-us
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.trustwave.com
access-control-allow-credentials: true
content-length: 0

GET
H2 200 v2.js Show response
js.hsforms.net/forms/embed/ Frame 4156 527 KB
164 KB 51ms
50ms Script
application/javascript 2606:4700::6810:ba41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ba41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aad18b84e34e15f9dddf39cc08a040e557bce50512b8689f3f7faae963f1429f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

content-encoding: br
age: 530
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3372/bundles/project-v2.js&cfRay=7de042f4bce63666-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"df557d754a89ef0210bd93ff6301921d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.3372/bundles/project-v2.js
date: Tue, 27 Jun 2023 20:06:43 GMT
x-amz-version-id: r0RDqVAx5nyXFjVas4brXORZ1.2QDi7x
via: 1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: dac63206-3051-4e78-8ca6-4833c5b8b16e
last-modified: Tue, 27 Jun 2023 09:59:09 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUxAXzIuiTfOJMVLCVPaa%2FaOoCfTGaKBXP2sprehIv4wxwmzwyXV98601FonSfitZZ9bZPHQrwWilBsxO77uB5Pq9SyN7b%2FXr%2BdtOWf114wVR9gYO3gCi73RrvDBxQdUlHBxv%2FLx5wXF2Uss"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-ksc82
cf-ray: 7de04fe779c3360f-FRA
x-amz-cf-id: PD5Gztd5babxKOA7WxnX3eFqldfiP4Jl5nTntUQQm1uApsIJ-1SwFQ==

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame F8AB 50 KB
27 KB 46ms
44ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdMtIkUAAAAAP7FCbfNuAv_bvJRl7vsAjPIyOWc&co=aHR0cHM6Ly93d3cudHJ1c3R3YXZlLmNvbTo0NDM.&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=1jlqiootqxih

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9f7ea50d6e3411cab4b6068984a935273aef90a4644348986a5e4b526a4292f7

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-1rywW3RfGcpwK6uNYqkamQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.trustwave.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28070
content-security-policy: script-src 'nonce-1rywW3RfGcpwK6uNYqkamQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 20:06:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 t.js Show response
vidassets.terminus.services/af0d2044-417b-49dd-b4e9-25d4e62e0332/ 35 KB
11 KB 130ms
57ms Script
application/javascript 99.84.88.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vidassets.terminus.services/af0d2044-417b-49dd-b4e9-25d4e62e0332/t.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54M2ZJN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-95.muc50.r.cloudfront.net

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

9178d19c46b5a36fc8d4de24aa7fef3b62e7f69c259f4e81ee3f2d5aba263216

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Jun 2023 19:22:51 GMT
via: 1.1 89a45b9ac94fb6c6e52c37fdd89a6cb0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 2632
x-cache: Hit from cloudfront
last-modified: Fri, 09 Jun 2023 13:18:07 GMT
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
cache-control: public, s-maxage=2700
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
x-amz-cf-id: NRuiWi_l0NflyuFXWf9B-EQPhe1Mp36K7pDhuxMoqLg3KxdY2YTdvg==

GET
H3 200 v2.js Show response
js.hsforms.net/forms/embed/ Frame 59A1 527 KB
165 KB 32ms
32ms Script
application/javascript 2606:4700::6810:ba41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:ba41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aad18b84e34e15f9dddf39cc08a040e557bce50512b8689f3f7faae963f1429f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

content-encoding: br
age: 184
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3372/bundles/project-v2.js&cfRay=7de04b68ff301d90-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"df557d754a89ef0210bd93ff6301921d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.3372/bundles/project-v2.js
date: Tue, 27 Jun 2023 20:06:43 GMT
x-amz-version-id: r0RDqVAx5nyXFjVas4brXORZ1.2QDi7x
via: 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: b3360bfa-2aab-4e5b-b93a-d233922612d6
last-modified: Tue, 27 Jun 2023 09:59:09 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYSdc0oPn1ZS%2FD2Wo46WrWFGDIO9%2FiwSm%2FWQx2gcDqUSsApItYnQp4sX0Xo5blCx7IPockNUyPvueEJ7rshC2kPUEDn5AHxrv8yp5Rl2nhCOmhN0EPiicmmnP1VIE8kbjpg0YIZr4eDX1Vya"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-5c7n7
cf-ray: 7de04fe7ad6a1e62-FRA
x-amz-cf-id: zSPiFyaQW_wjVCxxcc3GLom2jsT8bpGS-XfdeQRxIpF3ep4QhSHQog==

GET
H2 200 en-us.json Show response
www.trustwave.com/locale/en-us/LC_MESSAGES/ 1 KB
666 B 171ms
170ms XHR
application/json 52.151.96.240
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trustwave.com/locale/en-us/LC_MESSAGES/en-us.json

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.96.240 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

21c3d65ef1a0105fb3114d843bd4c68e474e7571db6b0af5ca759fbfec9eca81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
X-Requested-With: XMLHttpRequest
Request-Id: |0JS0q.Y+HJp
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Jun 2023 20:06:43 GMT
last-modified: Tue, 27 Jun 2023 03:13:46 GMT
server
x-aspnet-version
etag: "0918362a5a8d91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
accept-ranges: bytes
content-length: 590
x-xss-protection: 1; mode=block

GET
H2 200 ja-jp.json Show response
www.trustwave.com/locale/ja-jp/LC_MESSAGES/ 1 KB
930 B 200ms
199ms XHR
application/json 52.151.96.240
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trustwave.com/locale/ja-jp/LC_MESSAGES/ja-jp.json

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.96.240 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7b0ef13b754c456f5621d74ca260e49b061f759bcaeb9223e0eaa78ff4359189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
X-Requested-With: XMLHttpRequest
Request-Id: |0JS0q.w9isM
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Jun 2023 20:06:43 GMT
last-modified: Tue, 27 Jun 2023 03:13:46 GMT
server
x-aspnet-version
etag: "0918362a5a8d91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
accept-ranges: bytes
content-length: 877
x-xss-protection: 1; mode=block

GET
H2 200 de-de.json Show response
www.trustwave.com/locale/de-de/LC_MESSAGES/ 1 KB
612 B 228ms
228ms XHR
application/json 52.151.96.240
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trustwave.com/locale/de-de/LC_MESSAGES/de-de.json

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.96.240 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b5e5c5c8b9ebe9fb7f4a8cde7f2ff4f6652e6beb87585c18e99fb446fbb301a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
X-Requested-With: XMLHttpRequest
Request-Id: |0JS0q.DAjfk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Jun 2023 20:06:43 GMT
last-modified: Tue, 27 Jun 2023 03:13:46 GMT
server
x-aspnet-version
etag: "0918362a5a8d91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
accept-ranges: bytes
content-length: 564
x-xss-protection: 1; mode=block

GET
H2 200 ot_guard_logo.svg Show response
cookie-cdn.cookiepro.com/logos/static/ 497 B
492 B 35ms
35ms Fetch
image/svg+xml 2606:4700::6812:1153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/logos/static/ot_guard_logo.svg

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1153 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 62110
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 01:34:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 03d2ae97-201e-0015-5380-9a2ffe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7de04fe7ee7e2be8-FRA
expires: Wed, 28 Jun 2023 20:06:43 GMT

GET
H2 200 cookiepro_logo.png
cookie-cdn.cookiepro.com/logos/static/ 35 KB
36 KB 35ms
34ms Image
image/png 2606:4700::6812:1153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookie-cdn.cookiepro.com/logos/static/cookiepro_logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1153 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

088dbe5e4bb2f902e2e7c62ca7a15bae5cb55f4708d99f7c4daae7148a19a865

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-md5: IipuN9Einq/0wIZw6VIt/g==
age: 38614
cf-polished: origSize=36419
content-length: 36343
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri
last-modified: Fri, 09 Jun 2023 01:34:39 GMT
server: cloudflare
etag: 0x8DB6889B113E3C1
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: e112b1eb-e01e-00b3-783a-9b98e0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7de04fe80a36bbd9-FRA
expires: Wed, 28 Jun 2023 20:06:43 GMT

GET
H2 200 poweredBy_cp_logo.svg
cookie-cdn.cookiepro.com/logos/static/ 5 KB
2 KB 34ms
33ms Image
image/svg+xml 2606:4700::6812:1153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookie-cdn.cookiepro.com/logos/static/poweredBy_cp_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1153 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: uInNdQwuuw8s7lYl3cE7eQ==
age: 38686
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 01:34:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: ba71f173-201e-002a-2238-9be75d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7de04fe80a38bbd9-FRA
expires: Wed, 28 Jun 2023 20:06:43 GMT

GET
H3 200 v2.js Show response
js.hsforms.net/forms/embed/ Frame C907 527 KB
165 KB 53ms
53ms Script
application/javascript 2606:4700::6810:ba41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:ba41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aad18b84e34e15f9dddf39cc08a040e557bce50512b8689f3f7faae963f1429f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

content-encoding: br
age: 184
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3372/bundles/project-v2.js&cfRay=7de04b68ff301d90-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"df557d754a89ef0210bd93ff6301921d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.3372/bundles/project-v2.js
date: Tue, 27 Jun 2023 20:06:43 GMT
x-amz-version-id: r0RDqVAx5nyXFjVas4brXORZ1.2QDi7x
via: 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: b3360bfa-2aab-4e5b-b93a-d233922612d6
last-modified: Tue, 27 Jun 2023 09:59:09 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdtACiHG7FTu3kz51lypqJFVHMiil2uFeVro3U8udTT633hleX2Wc0y7aGNqWhyZzy%2Bw1%2FRSkpRX8YxxXJLvpb3d3zkKs04xnpmJf5YMCZtoG1Kb%2FfDhtfC1yhqR3RVfam0plKFOh40G18YZ"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-5c7n7
cf-ray: 7de04fe81de51e62-FRA
x-amz-cf-id: zSPiFyaQW_wjVCxxcc3GLom2jsT8bpGS-XfdeQRxIpF3ep4QhSHQog==

GET
H3 200 v2.js Show response
js.hsforms.net/forms/embed/ Frame 9A50 527 KB
165 KB 73ms
72ms Script
application/javascript 2606:4700::6810:ba41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:ba41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aad18b84e34e15f9dddf39cc08a040e557bce50512b8689f3f7faae963f1429f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

content-encoding: br
age: 184
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3372/bundles/project-v2.js&cfRay=7de04b68ff301d90-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"df557d754a89ef0210bd93ff6301921d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.3372/bundles/project-v2.js
date: Tue, 27 Jun 2023 20:06:43 GMT
x-amz-version-id: r0RDqVAx5nyXFjVas4brXORZ1.2QDi7x
via: 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: b3360bfa-2aab-4e5b-b93a-d233922612d6
last-modified: Tue, 27 Jun 2023 09:59:09 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfi0T1Wc%2B7iSjA73FCsP%2B7QvSP%2FVoPMQ8xASFYGlHoSG8bRZcJDO23ynZ6DnlT1dGjdKYg8PDileaGj0%2Bgl2Ivt47eRWSOxiov7WHlAE%2BERV8SyzQYLkEc%2FMbbN7NrxwSwtagHhqLgDf%2BkJV"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-5c7n7
cf-ray: 7de04fe83e081e62-FRA
x-amz-cf-id: zSPiFyaQW_wjVCxxcc3GLom2jsT8bpGS-XfdeQRxIpF3ep4QhSHQog==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame F8AB 55 KB
24 KB 68ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdMtIkUAAAAAP7FCbfNuAv_bvJRl7vsAjPIyOWc&co=aHR0cHM6Ly93d3cudHJ1c3R3YXZlLmNvbTo0NDM.&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=1jlqiootqxih

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 04:26:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 04:26:30 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame F8AB 430 KB
173 KB 66ms
21ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 15:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 15:01:57 GMT

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
625 B 172ms
145ms Image
image/gif 2606:4700::6811:d5f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 9a01fc8b-1800-4223-9caf-cc2dc8d84e02
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 74004b0d-cb7d-4497-bdb3-7f3d54bd0fc6
server: cloudflare
x-trace: 2BD6F69ADB83AFE04D5CB2D56B079214FA30B9ACEC000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-w9hvc
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7de04fe87bab5c68-FRA

GET
H2 200 src=9785483;type=siter0;cat=siter00;ord=6601719101295;gtm=45He36q0;auiddc=1857590066.1687896403;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresourc... Show response
adservice.google.de/ddm/fls/i/ Frame A491 194 B
515 B 155ms
59ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/src=9785483;type=siter0;cat=siter00;ord=6601719101295;gtm=45He36q0;auiddc=1857590066.1687896403;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/src=9785483;type=siter0;cat=siter00;ord=6601719101295;gtm=45He36q0;auiddc=1857590066.1687896403;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 20:06:43 GMT
expires: Tue, 27 Jun 2023 20:06:43 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 src=10419288;type=trust0;cat=trust0;ord=4070759502462;gtm=45He36q0;auiddc=1857590066.1687896403;u1=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mss... Show response
adservice.google.de/ddm/fls/i/ Frame C456 194 B
150 B 156ms
60ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/src=10419288;type=trust0;cat=trust0;ord=4070759502462;gtm=45He36q0;auiddc=1857590066.1687896403;u1=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/src=10419288;type=trust0;cat=trust0;ord=4070759502462;gtm=45He36q0;auiddc=1857590066.1687896403;u1=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 20:06:43 GMT
expires: Tue, 27 Jun 2023 20:06:43 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 en.json Show response
cookie-cdn.cookiepro.com/consent/c7ede6b6-5518-4502-94a5-673e62cff495/f45c1dcb-4e3d-4ab0-a829-22e58a3f19f6/ 44 KB
10 KB 43ms
43ms Fetch
application/x-javascript 2606:4700::6812:1153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/c7ede6b6-5518-4502-94a5-673e62cff495/f45c1dcb-4e3d-4ab0-a829-22e58a3f19f6/en.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1153 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f8bc26c4789780ae3a330a2d348a7c806e3e019f852d543937745e0512d4e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: zSu/aRykCTI2vfMfJM1amQ==
age: 4113
x-ms-lease-status: unlocked
last-modified: Tue, 23 May 2023 05:24:03 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0a7af8b4-001e-0002-4e36-8d86f5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7de04fe89f6e2be8-FRA

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 28ms
28ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2107771472&t=pageview&_s=1&dl=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Honeypot%20Recon%3A%20MSSQL%20Server%20%E2%80%93%20Database%20Threat%20Overview%20%2722%2F%2723%20%7C%20Trustwave&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABQAAAACAAI~&jid=409305006&gjid=955077966&cid=1127171977.1687896403&tid=UA-123880220-1&_gid=200534915.1687896403&_r=1&_slc=1&gtm=45He36q0n8154M2ZJN&z=229926509

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.trustwave.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 20:06:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trustwave.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
983 B 207ms
158ms Image
image/gif 2606:4700::6811:d2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d2f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

Date: Tue, 27 Jun 2023 20:06:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-HubSpot-Correlation-Id: b723a5c0-6770-4734-b402-232050536e7e
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 3
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e1227e14-6be4-4103-80f0-7130ee8a1ad5
Server: cloudflare
X-Trace: 2BED0CB1303C3B28917B3E595CFEE5E1BB646479C6000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-zlsgj
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 7de04fe94b6c037c-FRA

GET
H2 200 fpconfig.min.json Show response
www.atmrum.net/conf/v1/atm/ 191 B
495 B 79ms
25ms XHR
application/json 204.79.197.234
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.atmrum.net/conf/v1/atm/fpconfig.min.json

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.234 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

72766f736186eb5c7c6d08502f3bf28da0092e8ea85cf3b5413c9daf8dc2d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:42 GMT
x-content-type-options: nosniff
last-modified: Sat, 10 Jun 2023 21:31:02 GMT
x-msedge-ref: Ref A: CD5B736B60B044C2B9A714F8F005247E Ref B: FRA31EDGE0816 Ref C: 2023-06-27T20:06:43Z
etag: 0x8D501F7AFB7338D
x-cache: CONFIG_NOCACHE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-MSEdge-Ref
cache-control: no-store
accept-ranges: bytes
timing-allow-origin: *
content-length: 191

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/70652/domain/trustwave.com/ 36 B
376 B 123ms
36ms XHR
application/json 2600:9000:26db:4600:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/70652/domain/trustwave.com/token
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:4600:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.trustwave.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 19:42:08 GMT
content-encoding: gzip
via: 1.1 19392de11dadb918bd6f24e199ea180e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 1475
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: GBxmFzFRRR-JEqnrFisCVXBf8jNbiGMnpVCAhyiATYbU3vr8PjZifw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=70652&time=1687896403358&url=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=70652&time=1687896403358&url=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D70652%26time%3D1687896403358%26url%3Dhttps%253A%252F%252Fwww.trustwave.com%252Fen...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=70652&time=1687896403358&url=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=70652&time=1687896403358&url=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database...

0
265 B

330ms
196ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=70652&time=1687896403358&url=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&cookiesTest=true&liSync=true&e_ipv6=AQKSMkaaBFNvXwAAAYj-dzDUSOjliAD-s_N9w_SXKvtsniTtdpP4e6Oco5_EeKAy-3tB98W5X6TV
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:43 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 67385060E5884D42A318DF3B6D3F58F0 Ref B: FRAEDGE1919 Ref C: 2023-06-27T20:06:44Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX/IgGbo2Ii2cSVWAO+fg==

Redirect headers

date: Tue, 27 Jun 2023 20:06:44 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 21F319C1DE1F44F8A733D3838AAD5F27 Ref B: FRAEDGE1206 Ref C: 2023-06-27T20:06:44Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=70652&time=1687896403358&url=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&cookiesTest=true&liSync=true&e_ipv6=AQKSMkaaBFNvXwAAAYj-dzDUSOjliAD-s_N9w_SXKvtsniTtdpP4e6Oco5_EeKAy-3tB98W5X6TV
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX/IgGWpsaJSbk+Ndbgsg==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/70652/domain/trustwave.com/ 36 B
373 B 121ms
37ms XHR
application/json 2600:9000:26db:4600:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/70652/domain/trustwave.com/token
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:4600:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.trustwave.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 19:42:08 GMT
content-encoding: gzip
via: 1.1 19392de11dadb918bd6f24e199ea180e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 1475
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: V1l7DEgqJkG3vCvnT4OJ0Go0b5a7usgaa8l92dSzazRqMH-Epv3ynA==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 85ms
22ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=657537318161329&ev=PageView&dl=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&rl=&if=false&ts=1687896403368&sw=1600&sh=1200&v=2.9.109&r=stable&ec=0&o=30&fbp=fb.1.1687896403367.775375755&it=1687896402992&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 34ms
33ms Script
application/x-javascript 104.77.31.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.31.43 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-77-31-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

Date: Tue, 27 Jun 2023 20:06:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Thu, 05 Oct 2023 20:06:43 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 4156 7 KB
759 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a6d7a06a4458b56f188177654688a18648aaf4800feee0a4a09a858f46bc920

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Jun 2023 20:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Jun 2023 20:06:43 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 59A1 7 KB
736 B 37ms
27ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a6d7a06a4458b56f188177654688a18648aaf4800feee0a4a09a858f46bc920

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Jun 2023 20:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Jun 2023 20:06:43 GMT

GET
H2 200 IsUserAusi Show response
www.trustwave.com/umbraco/surface/AJAX/ 5 B
174 B 361ms
360ms XHR
text/html 52.151.96.240
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trustwave.com/umbraco/surface/AJAX/IsUserAusi

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.96.240 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

60a33e6cf5151f2d52eddae9685cfa270426aa89d8dbc7dfb854606f1d1a40fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
X-Requested-With: XMLHttpRequest
Request-Id: |0JS0q.AP5zQ
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Jun 2023 20:06:43 GMT
server
x-aspnet-version
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: private
content-length: 123
x-xss-protection: 1; mode=block

GET
H2 200 IsUserAPAC Show response
www.trustwave.com/umbraco/surface/AJAX/ 5 B
165 B 363ms
363ms XHR
text/html 52.151.96.240
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trustwave.com/umbraco/surface/AJAX/IsUserAPAC

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.96.240 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

60a33e6cf5151f2d52eddae9685cfa270426aa89d8dbc7dfb854606f1d1a40fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
X-Requested-With: XMLHttpRequest
Request-Id: |0JS0q.1n8c9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Jun 2023 20:06:43 GMT
server
x-aspnet-version
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: private
content-length: 123
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 29ms
28ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-123880220-1&cid=1127171977.1687896403&jid=409305006&gjid=955077966&_gid=200534915.1687896403&_u=YADAAEAAQAAAACAAI~&z=1621337984

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.trustwave.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Jun 2023 20:06:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trustwave.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame C907 7 KB
686 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a6d7a06a4458b56f188177654688a18648aaf4800feee0a4a09a858f46bc920

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Jun 2023 20:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Jun 2023 20:06:43 GMT

GET
H2 200 otFlat.json Show response
cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/assets/ 13 KB
3 KB 39ms
38ms Fetch
application/json 2606:4700::6812:1153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/assets/otFlat.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1153 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa355c393e03f831dbdbcc678ba16396aab95930b1bc5b0549695d40cc955ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: iCAxFkQWfzfDHevR0IbBjg==
age: 4113
x-ms-lease-status: unlocked
last-modified: Thu, 25 May 2023 07:08:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 0de38b04-101e-0021-480e-8f1c36000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7de04fea08ea2be8-FRA
expires: Wed, 28 Jun 2023 20:06:43 GMT

GET
H2 200 otPcCenter.json Show response
cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/assets/v2/ 61 KB
13 KB 43ms
42ms Fetch
application/json 2606:4700::6812:1153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/assets/v2/otPcCenter.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1153 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: Nrtw9V+L/sfw1fri0BTPUA==
age: 4113
x-ms-lease-status: unlocked
last-modified: Thu, 25 May 2023 07:08:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2df8f15d-301e-0054-760e-8f771a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7de04fea08ec2be8-FRA
expires: Wed, 28 Jun 2023 20:06:43 GMT

GET
H2 200 otCommonStyles.css Show response
cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/assets/ 21 KB
4 KB 45ms
45ms Fetch
text/css 2606:4700::6812:1153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/assets/otCommonStyles.css

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1153 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 4113
x-ms-lease-status: unlocked
last-modified: Thu, 25 May 2023 07:08:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 64605b3e-a01e-009d-4b0e-8fcaf7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7de04fea08ee2be8-FRA
expires: Wed, 28 Jun 2023 20:06:43 GMT

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
587 B 146ms
146ms Image
image/gif 2606:4700::6811:d5f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: c45dbead-2d66-42b4-8e01-757250fbc585
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1e4eda33-f914-4f08-9111-906135723475
server: cloudflare
x-trace: 2B096B6099415EB5D788ABE98D264152A572159101000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-qr8ft
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7de04fea1de95c68-FRA

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 926ms
48ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=id17evj&ttd_tpi=1&ttd_puid=af0d2044-417b-49dd-b4e9-25d4e62e0332|36c78226-2044-4bcd-a8a4-64746065f527
Requested by: Host: www.trustwave.com
URL: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 27 Jun 2023 20:06:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 t.gif
wec-assets.terminus.services/af0d2044-417b-49dd-b4e9-25d4e62e0332/ 43 B
305 B 922ms
44ms Image
image/gif 99.84.88.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wec-assets.terminus.services/af0d2044-417b-49dd-b4e9-25d4e62e0332/t.gif?d=36c78226-2044-4bcd-a8a4-64746065f527&s=2a4325fb-3e2e-4014-b63b-19a66d41e458&p=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&cb=1687896403537&t=Honeypot%20Recon%3A%20MSSQL%20Server%20%E2%80%93%20Database%20Threat%20Overview%20%2722%2F%2723%20%7C%20Trustwave&r=&e=page_viewed&u=94a3c24d-65e8-4aee-892a-a04f5588b469-1687896403537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-65.muc50.r.cloudfront.net

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/honeypot-recon-mssql-server-database-threat-overview-22-23/?utm_campaign=NWS%20Trustwave%20Digest&utm_medium=email&utm_content=264045642&utm_source=hs_email
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 19:51:59 GMT
strict-transport-security: max-age=31536000
via: 1.1 ea6cdb5ba8bfb6f6aa18ec6651e5bc42.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 885
x-cache: Hit from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: 7Vem6ULZ3QsPcUH9bvNtHyTE0EzEpQRbwb2rWpLSLymDDMzkMhMbDw==

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F8AB 2 KB
2 KB 22ms
22ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Wed, 21 Jun 2023 00:33:37 GMT
x-content-type-options: nosniff
age: 588786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 28 Jun 2023 00:33:37 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F8AB 15 KB
15 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Wed, 21 Jun 2023 00:06:15 GMT
x-content-type-options: nosniff
age: 590428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jun 2024 00:06:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F8AB 15 KB
15 KB 26ms
26ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Sat, 24 Jun 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 267538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 17:47:45 GMT

GET
H2 200 trans.gif
17d48576e9fcf8646fca3b0bd582c2db.azr.footprintdns.com/apc/ 43 B
377 B 1060ms
234ms Image
image/gif 2603:1030:f00:3::35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://17d48576e9fcf8646fca3b0bd582c2db.azr.footprintdns.com/apc/trans.gif?c0bf0504cf103fccf3740400542ceb8e

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1030:f00:3::35 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:44 GMT
x-machinename: yt1app013
x-content-type-options: nosniff
last-modified: Fri, 02 Jun 2023 00:46:28 GMT
server: Microsoft-IIS/10.0
etag: "392fdcaaeb94d91:0"
x-powered-by: ASP.NET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
x-endpoint: yt1prdapp01
accept-ranges: bytes
content-length: 43
x-userhostaddress: 2001:1b60:2::

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 116 B
450 B 136ms
123ms XHR
application/json 2606:4700::6811:6ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=21158977&utk=
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 932082305544d3426acaefac13815f07c276046aee77847071d1dfc1754636e4

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.trustwave.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 29fe70b5-d721-4b00-89c6-1ddf125805fa
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2f2247ff-3570-4069-86ec-c00925ba0101
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.trustwave.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-xhv87
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7de04fea9f753735-FRA

GET
H3 200 css2
fonts.googleapis.com/ Frame 9A50 7 KB
686 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a6d7a06a4458b56f188177654688a18648aaf4800feee0a4a09a858f46bc920

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Jun 2023 20:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Jun 2023 20:06:43 GMT

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
589 B 149ms
149ms Image
image/gif 2606:4700::6811:d5f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 160f7fc0-7dcc-4a44-9db8-e4c25b8c2c91
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7fb284d5-46d8-4c51-823d-ee60fbf5196c
server: cloudflare
x-trace: 2B3AC9535600ACB93AF7F9686DFE28AC3D17E3DABE000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-llkhw
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7de04feacea85c68-FRA

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 47ms
47ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-123880220-1&cid=1127171977.1687896403&jid=409305006&_u=YADAAEAAQAAAACAAI~&z=833082323

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 20:06:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 46ms
45ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-123880220-1&cid=1127171977.1687896403&jid=409305006&_u=YADAAEAAQAAAACAAI~&z=833082323

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 20:06:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.0 200
OK visitWebPage
815-rfm-693.mktoresp.com/webevents/ 43 B
121 B 1112ms
170ms Ping
image/gif 199.15.214.243
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://815-rfm-693.mktoresp.com/webevents/visitWebPage?_mchNc=1687896403645&_mchCn=&_mchId=815-RFM-693&_mchTk=_mch-trustwave.com-1687896403644-85331&_mchHo=www.trustwave.com&_mchPo=&_mchRu=%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=utm_campaign%3DNWS%20Trustwave%20Digest__-__utm_medium%3Demail__-__utm_content%3D264045642__-__utm_source%3Dhs_email
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.15.214.243 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: BigIP /
Resource Hash: cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

Connection: Keep-Alive
Content-Length: 43
Server: BigIP

GET
H2 200 ot_guard_logo.svg Show response
cookie-cdn.cookiepro.com/logos/static/ 497 B
385 B 33ms
31ms Fetch
image/svg+xml 2606:4700::6812:1153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/logos/static/ot_guard_logo.svg

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1153 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 27 Jun 2023 20:06:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 62110
x-ms-lease-status: unlocked
last-modified: Fri, 09 Jun 2023 01:34:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 03d2ae97-201e-0015-5380-9a2ffe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7de04feb1a0c2be8-FRA
expires: Wed, 28 Jun 2023 20:06:43 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 115 B
1 KB 815ms
146ms XHR
application/json 2606:4700::6811:cacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=21158977

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cacc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e223b8d14bf788e379f1e9efbdba145129720675091f310bbb014f04f3c5cdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f0180c1e-5751-4709-883b-5175d5a7d4c2
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0a02fa5c-fb6b-4c62-b073-07a5fa952316
server: cloudflare
x-trace: 2BC60FDAD8F20A82D69E329A0C39BC9196C4D5C205000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.trustwave.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-ds89m
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTxSin7hol%2Fzu4M3k4E%2FZqGQ1E%2BK9J1%2Fy4QrWNNhd%2BYeyem6Txo24ZJxtC01HxE0XqU9UPgyE5UImLCvTb5a0mm49%2FEy2L6Q%2F1T9flOqxDPZdCIjkYN6eVhk71nUIY%2BARBM4riRRjUf%2FuN6I"}],"group":"cf-nel","max_age":604800}
cf-ray: 7de04fefa99837ca-FRA
access-control-allow-headers: *

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 53A6 0
74 B 22ms
22ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.trustwave.com
Referer: https://www.trustwave.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.trustwave.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 20:06:44 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
588 B 141ms
140ms Image
image/gif 2606:4700::6811:d5f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: d1b6058f-9976-4d27-a5fe-daea2a798c94
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 24bf5769-a5c9-417d-b948-3daf3ed12b52
server: cloudflare
x-trace: 2B39933BC8A9BF6B4C8395D29C3B581235AC1B0D6F000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-2ls4d
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7de04fef8c985c68-FRA

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame F8AB 102 B
133 B 32ms
31ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=IqA9DpBOUJevxkykws9RiIBs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bad26f37947717a5b9564dd23d44644d869182f7f9830bf5fae2dd26c16fa021

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdMtIkUAAAAAP7FCbfNuAv_bvJRl7vsAjPIyOWc&co=aHR0cHM6Ly93d3cudHJ1c3R3YXZlLmNvbTo0NDM.&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=1jlqiootqxih
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Tue, 27 Jun 2023 20:06:44 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
69 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-973142331

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

741d434712303f040a32ca9a8aae46045c421611a63b991c8f205599f25ccfac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70214
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 19:34:53 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Jun 2023 20:06:44 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
69 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-973142331&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54M2ZJN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ead95f458f5ecb647d28c223f0f896acafdd4734fab3fe7292e8ba1271f8e040

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70336
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 19:21:26 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Jun 2023 20:06:44 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/973142331/ 3 KB
2 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973142331/?random=1687896404664&cv=11&fst=1687896404664&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&hn=www.googleadservices.com&frm=0&tiba=Honeypot%20Recon%3A%20MSSQL%20Server%20%E2%80%93%20Database%20Threat%20Overview%20%2722%2F%2723%20%7C%20Trustwave&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=1857590066.1687896403&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-973142331&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff7ec99660e6be51fa9417ea104406811e53ecd610a9617c7e627917859794d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 20:06:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1381
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 trans.gif
17d48576e9fcf8646fca3b0bd582c2db.azr.footprintdns.com/apc/ 43 B
110 B 119ms
119ms Image
image/gif 2603:1030:f00:3::35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://17d48576e9fcf8646fca3b0bd582c2db.azr.footprintdns.com/apc/trans.gif?2e69b3c6c6ec2b6b2502935b67af440e

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1030:f00:3::35 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:44 GMT
x-machinename: yt1app013
x-content-type-options: nosniff
last-modified: Fri, 02 Jun 2023 00:46:28 GMT
server: Microsoft-IIS/10.0
etag: "392fdcaaeb94d91:0"
x-powered-by: ASP.NET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
x-endpoint: yt1prdapp01
accept-ranges: bytes
content-length: 43
x-userhostaddress: 2001:1b60:2::

GET
H3 200 /
www.google.com/pagead/1p-user-list/973142331/ 42 B
64 B 34ms
33ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/973142331/?random=1687896404664&cv=11&fst=1687896000000&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&frm=0&tiba=Honeypot%20Recon%3A%20MSSQL%20Server%20%E2%80%93%20Database%20Threat%20Overview%20%2722%2F%2723%20%7C%20Trustwave&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2605709125&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 20:06:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/973142331/ 42 B
64 B 39ms
38ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/973142331/?random=1687896404664&cv=11&fst=1687896000000&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&frm=0&tiba=Honeypot%20Recon%3A%20MSSQL%20Server%20%E2%80%93%20Database%20Threat%20Overview%20%2722%2F%2723%20%7C%20Trustwave&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2605709125&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 20:06:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 trans.gif
ec55be6537f8444a901d184d2f0ed60c.azr.footprintdns.com/apc/ 43 B
379 B 339ms
93ms Image
image/gif 2603:1020:e01:2::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ec55be6537f8444a901d184d2f0ed60c.azr.footprintdns.com/apc/trans.gif?e42bc6e1a69dc2fa9ea63ac8423d1090

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1020:e01:2::60 Oslo, Norway, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:44 GMT
x-machinename: osl20app011
x-content-type-options: nosniff
last-modified: Fri, 02 Jun 2023 00:46:28 GMT
server: Microsoft-IIS/10.0
etag: "392fdcaaeb94d91:0"
x-powered-by: ASP.NET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
x-endpoint: osl20prdapp01
accept-ranges: bytes
content-length: 43
x-userhostaddress: 2001:1b60:2::

GET
H2 200 trans.gif
ec55be6537f8444a901d184d2f0ed60c.azr.footprintdns.com/apc/ 43 B
110 B 55ms
55ms Image
image/gif 2603:1020:e01:2::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ec55be6537f8444a901d184d2f0ed60c.azr.footprintdns.com/apc/trans.gif?9e54d986030c9445606c3d6e2a284dc2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1020:e01:2::60 Oslo, Norway, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:44 GMT
x-machinename: osl20app011
x-content-type-options: nosniff
last-modified: Fri, 02 Jun 2023 00:46:28 GMT
server: Microsoft-IIS/10.0
etag: "392fdcaaeb94d91:0"
x-powered-by: ASP.NET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
x-endpoint: osl20prdapp01
accept-ranges: bytes
content-length: 43
x-userhostaddress: 2001:1b60:2::

GET
H2 200 trans.gif
0f03f66557640799d2117a8b715de776.azr.footprintdns.com/apc/ 43 B
377 B 842ms
379ms Image
image/gif 2603:1040:c01::341
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0f03f66557640799d2117a8b715de776.azr.footprintdns.com/apc/trans.gif?4f138e4e23dfe203247d1fec60227461

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1040:c01::341 Chennai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:45 GMT
x-machinename: ma1app013
x-content-type-options: nosniff
last-modified: Fri, 02 Jun 2023 00:46:28 GMT
server: Microsoft-IIS/10.0
etag: "392fdcaaeb94d91:0"
x-powered-by: ASP.NET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
x-endpoint: ma1prdapp01
accept-ranges: bytes
content-length: 43
x-userhostaddress: 2001:1b60:2::

POST
H2 200 html Show response
n2.mouseflow.com/ 0
195 B 566ms
230ms XHR
text/plain 192.96.202.198
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL

https://n2.mouseflow.com/html?website=96dff353-a928-44b4-b1d0-6432c69133ba&session=6d68e819ed2f887bcc40c711a2ec4579&page=062743610d9123b59d372fadfde7146b75fd35ba&gz=1

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.96.202.198 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

Mouseflow /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.trustwave.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0
Content-type: text/plain

Response headers

access-control-allow-origin: https://www.trustwave.com
date: Tue, 27 Jun 2023 20:06:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-credentials: true
server: Mouseflow
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 trans.gif
0f03f66557640799d2117a8b715de776.azr.footprintdns.com/apc/ 43 B
110 B 190ms
189ms Image
image/gif 2603:1040:c01::341
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0f03f66557640799d2117a8b715de776.azr.footprintdns.com/apc/trans.gif?26597f32fc50e55d15f75837272d243e

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1040:c01::341 Chennai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 20:06:45 GMT
x-machinename: ma1app013
x-content-type-options: nosniff
last-modified: Fri, 02 Jun 2023 00:46:28 GMT
server: Microsoft-IIS/10.0
etag: "392fdcaaeb94d91:0"
x-powered-by: ASP.NET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-UserHostAddress, X-EndPoint, X-FrontEnd, X-MachineName
x-endpoint: ma1prdapp01
accept-ranges: bytes
content-length: 43
x-userhostaddress: 2001:1b60:2::

GET
H2 200 r.gif Show response
www.atmrum.net/report/v1/atm/ 7 B
161 B 23ms
23ms XHR
image/gif 204.79.197.234
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.atmrum.net/report/v1/atm/r.gif?MonitorID=atm&rid=8f39f1897723ef4c8946c8a830e690fa&w3c=true&prot=https:&v=2017061301&tag=602cc9bb0a513db2b327299487211347&DATA=[{%22RequestID%22:%2217d48576e9fcf8646fca3b0bd582c2db%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:1063},{%22RequestID%22:%2217d48576e9fcf8646fca3b0bd582c2db%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:120},{%22RequestID%22:%22ec55be6537f8444a901d184d2f0ed60c%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:339},{%22RequestID%22:%22ec55be6537f8444a901d184d2f0ed60c%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:56},{%22RequestID%22:%220f03f66557640799d2117a8b715de776%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:843},{%22RequestID%22:%220f03f66557640799d2117a8b715de776%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:190}]
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.234 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f82624464e9e95dfae29e0e54c360aff84dda3c419fc8c3bd10ef668bbe7df9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

access-control-allow-origin: https://www.trustwave.com
date: Tue, 27 Jun 2023 20:06:45 GMT
cache-control: no-store
x-msedge-ref: Ref A: 158C1DA9DBFA47058A4456506F045232 Ref B: FRA31EDGE0816 Ref C: 2023-06-27T20:06:46Z
content-type: image/gif

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
636 B 203ms
143ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3518565405&v=1.1&a=22616067&rcu=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F&pu=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&t=Honeypot+Recon%3A+MSSQL+Server+%E2%80%93+Database+Threat+Overview+%2722%2F%2723+%7C+Trustwave&cts=1687896406240&vi=2c0d0532603a1db042d78286fb6ab816&nc=true&u=94548739.2c0d0532603a1db042d78286fb6ab816.1687896406237.1687896406237.1687896406237.1&b=94548739.1.1687896406237&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: b53e8b06-55f0-4792-9b48-ceace913cf2a
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9f00f02d-f081-4ae4-bd5d-b4a4cb7cfb5f
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZStgJZo4NlvUyhAnXa7IvTfIWyM4G46fYnGPsnxWxqK6kNis1eJeL1DbKKhyXMqbi1RHai%2FhiKgNbxsZBIxfKMmz5GJQi%2F42iPO6gTVHBdhajEQ6MaPVx5T7dY47ykXNUpck2RkTF5iE%2Bs15VG5%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-j9299
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7de04ffb8af79ba1-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
647 B 188ms
140ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=68741a11-8e56-4f23-ba7f-b2307e77714c&fci=0d4c7ddd-55bc-46be-933c-8d5a13efc392&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3518565405&v=1.1&a=22616067&rcu=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F&pu=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&t=Honeypot+Recon%3A+MSSQL+Server+%E2%80%93+Database+Threat+Overview+%2722%2F%2723+%7C+Trustwave&cts=1687896406242&vi=2c0d0532603a1db042d78286fb6ab816&nc=true&u=94548739.2c0d0532603a1db042d78286fb6ab816.1687896406237.1687896406237.1687896406237.1&b=94548739.1.1687896406237&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 95383666-181d-4eb8-9a63-8bfd07f5d90e
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 349fd037-b343-47a5-a829-4d803cd7d876
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=US6n6THYHrKfktMt%2BjakqBN%2B2koUMKe%2FNFeQhquO5x3%2BfVtDP76IXNAN9Z2M2IkcxdWLhd70kuheWHc896P0XRXHL9RNY%2Fj7qZUPrwuCqbDaDTFs%2Bhh3AT4LiyO%2B3p%2Ftih9Hu7kRmCe6vQmpbv5a"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-kn6mk
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7de04ffb8af89ba1-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 186ms
139ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=68741a11-8e56-4f23-ba7f-b2307e77714c&fci=0d4c7ddd-55bc-46be-933c-8d5a13efc392&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3518565405&v=1.1&a=22616067&rcu=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F&pu=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&t=Honeypot+Recon%3A+MSSQL+Server+%E2%80%93+Database+Threat+Overview+%2722%2F%2723+%7C+Trustwave&cts=1687896406243&vi=2c0d0532603a1db042d78286fb6ab816&nc=true&u=94548739.2c0d0532603a1db042d78286fb6ab816.1687896406237.1687896406237.1687896406237.1&b=94548739.1.1687896406237&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7e3bbfb5-6efd-46ba-8cba-fd110b19ab6f
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e350ed22-8ec3-4f8b-bcee-c326342185db
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nM9QsLc5JMdbiV0laFEK4IyaPeWzaE48JP9OccxIZ7GGpnCykEXtX5CMCLb5enWzptwrYjiuwBXtJslsmS%2F73c5b9II9lZWuL1eA%2FT5bydEVQMuntT%2BMZDY9wxP8HL%2Bx%2F7jrAh0AogQje2TBx59"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-wnd65
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7de04ffb8afa9ba1-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
635 B 184ms
149ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=92358282-9e9e-4fe6-a21f-c30c1e55336d&fci=99683f8e-a5cc-4900-947d-71d974eb5667&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3518565405&v=1.1&a=22616067&rcu=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F&pu=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&t=Honeypot+Recon%3A+MSSQL+Server+%E2%80%93+Database+Threat+Overview+%2722%2F%2723+%7C+Trustwave&cts=1687896406245&vi=2c0d0532603a1db042d78286fb6ab816&nc=true&u=94548739.2c0d0532603a1db042d78286fb6ab816.1687896406237.1687896406237.1687896406237.1&b=94548739.1.1687896406237&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 2090a3f3-ccd8-46e2-bb60-ef317a785a90
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 8
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d34ebbd9-064d-4ec2-83ec-57f548c1cdee
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Miu8%2FqS3PDovRUXU2FK8%2FkfXzQf%2FZaAjNqaWV78j89qmRP%2BhTbrDe6m1LTG9fKExlAiBMD68GtGgz5z660yw052TGe4Y32738eRVq48f8gQKHFGB8MbOaEaKvgLk6RLG2wuyAX0hWXB9KAdOOda6"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-pwxm2
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7de04ffb8b009ba1-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
632 B 182ms
147ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=92358282-9e9e-4fe6-a21f-c30c1e55336d&fci=99683f8e-a5cc-4900-947d-71d974eb5667&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3518565405&v=1.1&a=22616067&rcu=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F&pu=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&t=Honeypot+Recon%3A+MSSQL+Server+%E2%80%93+Database+Threat+Overview+%2722%2F%2723+%7C+Trustwave&cts=1687896406246&vi=2c0d0532603a1db042d78286fb6ab816&nc=true&u=94548739.2c0d0532603a1db042d78286fb6ab816.1687896406237.1687896406237.1687896406237.1&b=94548739.1.1687896406237&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 50d6382e-a53b-4295-926e-b0d084949e79
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f88fd369-a3e3-44fa-b308-21cc96b236cd
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wP%2F7UvFWL5OnqulDlwDAISVF%2F9S18Oijb1Govp8BUdHkQwhTL3m0GO7bJysi2yYUIaALsl4OkKKTyP1j2sgCnzwdZMdQ3Eyk6q2WwxRcFz7aDidliTuhMh102tfc51Pqir7FiPZkTFBtlSXNMyo9"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-zkwrk
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7de04ffb8afd9ba1-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 182ms
147ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=cfc901a2-eafd-46d4-a988-cdec75f02fd1&fci=afdbf7a5-0983-419e-bf1d-e24b6b2bfc2d&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3518565405&v=1.1&a=22616067&rcu=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F&pu=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&t=Honeypot+Recon%3A+MSSQL+Server+%E2%80%93+Database+Threat+Overview+%2722%2F%2723+%7C+Trustwave&cts=1687896406247&vi=2c0d0532603a1db042d78286fb6ab816&nc=true&u=94548739.2c0d0532603a1db042d78286fb6ab816.1687896406237.1687896406237.1687896406237.1&b=94548739.1.1687896406237&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 602d9455-81ad-4bce-9e03-49de02a3ecfa
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8fa743c2-5eda-4ae4-9e3a-4ec9382a8f57
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQilm6rfCBk0Vb5OM79Rm68PLpfbQ9cccPIFBescvnAPeQsqwtguVTw%2Bfz3l7XB9aLoN6b3ounsLbo3E7LgFH8kDBbRJ2g25mMBfG4S6tgB%2FM3Ln%2FY7nPQhXxDydFmzjUid3YKSFQZS48CC3hT0l"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-z7z79
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7de04ffb8afc9ba1-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
763 B 149ms
147ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=cfc901a2-eafd-46d4-a988-cdec75f02fd1&fci=afdbf7a5-0983-419e-bf1d-e24b6b2bfc2d&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3518565405&v=1.1&a=22616067&rcu=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F&pu=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&t=Honeypot+Recon%3A+MSSQL+Server+%E2%80%93+Database+Threat+Overview+%2722%2F%2723+%7C+Trustwave&cts=1687896406248&vi=2c0d0532603a1db042d78286fb6ab816&nc=true&u=94548739.2c0d0532603a1db042d78286fb6ab816.1687896406237.1687896406237.1687896406237.1&b=94548739.1.1687896406237&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d4797ac0-0c9a-4078-9820-6a7377234c31
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2fe62f8e-6d29-468c-98ab-c93eb56a0b1d
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwMGRxU0CDwEqsCT%2FtEwPS%2BVIV0jtLDO9CYW%2Bevs9snsE1Is%2Bod1n3jVRUdhZo4SBWdXEE2vfQcKYk2reHTPNcSe32x2lqytNKpT9UiRSb72D5M0cuJvbNP1iDTWIAngoiQBHTTPk%2FRoN9NlScR3"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-8bmqp
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7de04ffc6c239ba1-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
436 B 148ms
146ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=cfc901a2-eafd-46d4-a988-cdec75f02fd1&fci=3f034110-fb51-4bad-868e-32648865a092&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3518565405&v=1.1&a=22616067&rcu=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F&pu=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&t=Honeypot+Recon%3A+MSSQL+Server+%E2%80%93+Database+Threat+Overview+%2722%2F%2723+%7C+Trustwave&cts=1687896406251&vi=2c0d0532603a1db042d78286fb6ab816&nc=true&u=94548739.2c0d0532603a1db042d78286fb6ab816.1687896406237.1687896406237.1687896406237.1&b=94548739.1.1687896406237&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 328f7c37-f443-4ca8-9b83-8c1a9cc7e1ad
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d840eb60-efba-4199-8033-4c1b33f72d3a
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvwCkSCU%2BoG6KD8BMzfYBcQMeEGR8fRWV7JjIDcVIPL9ocVuwEiuX0B6B263U3GtpdpzY8%2FldSdgjoJr2sP2xFXDp9qo7wTSQv7Spf5mRZfSVN5uUF7M3RnjHJCObr1uzRNuGXaG5F7sV8NJwSaI"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-2c4rt
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7de04ffc6c259ba1-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
487 B 152ms
150ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=cfc901a2-eafd-46d4-a988-cdec75f02fd1&fci=3f034110-fb51-4bad-868e-32648865a092&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3518565405&v=1.1&a=22616067&rcu=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F&pu=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&t=Honeypot+Recon%3A+MSSQL+Server+%E2%80%93+Database+Threat+Overview+%2722%2F%2723+%7C+Trustwave&cts=1687896406252&vi=2c0d0532603a1db042d78286fb6ab816&nc=true&u=94548739.2c0d0532603a1db042d78286fb6ab816.1687896406237.1687896406237.1687896406237.1&b=94548739.1.1687896406237&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 777d2ed1-7e2d-4d5f-89b2-32a9928c6ac6
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c3ccd2b6-e5d4-4767-ae03-c3fcc4ceaded
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d11qmwSKr%2F1GETCY%2BfxFjTSiYhwMwwfU0pi7KJa5XokI%2FumZ1S0OVeblb9F5N3b0o9SG9cVryixbScMKc669DMH%2F7vY7RUiOJq8OESXEGZa0mP8q5Ys%2ByoLra53eb9mFDMRhv%2Fk%2FlL8s%2BUXiPyE8"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-2c4rt
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7de04ffc6c279ba1-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
394 B 153ms
151ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=de7ea1d6-a749-4248-88db-dc813310bec6&fci=51164ade-e700-49b0-99dd-a23023dd2d97&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3518565405&v=1.1&a=22616067&rcu=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F&pu=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&t=Honeypot+Recon%3A+MSSQL+Server+%E2%80%93+Database+Threat+Overview+%2722%2F%2723+%7C+Trustwave&cts=1687896406252&vi=2c0d0532603a1db042d78286fb6ab816&nc=true&u=94548739.2c0d0532603a1db042d78286fb6ab816.1687896406237.1687896406237.1687896406237.1&b=94548739.1.1687896406237&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 50f715a9-15b2-4e4e-968f-c4963467a804
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 8
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d3b48620-c72f-4cc0-9ced-0692e16d0a24
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJGcQftbAe4PTwPoU0Onl84EzU2l7AfZF2bKFRQVai86iR0VyfBx5DMXvY%2FH%2FG3xncIH3n2N2D43xP0GnqRQj7VWRWNCe1G%2B5Hg00%2FPuPfYfCs0ouNE4qhRM9rhhoEL3cRsj%2F7Y5cb7lK5vk6tTE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-2c4rt
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7de04ffc6c299ba1-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
392 B 147ms
145ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=de7ea1d6-a749-4248-88db-dc813310bec6&fci=51164ade-e700-49b0-99dd-a23023dd2d97&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3518565405&v=1.1&a=22616067&rcu=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F&pu=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&t=Honeypot+Recon%3A+MSSQL+Server+%E2%80%93+Database+Threat+Overview+%2722%2F%2723+%7C+Trustwave&cts=1687896406254&vi=2c0d0532603a1db042d78286fb6ab816&nc=true&u=94548739.2c0d0532603a1db042d78286fb6ab816.1687896406237.1687896406237.1687896406237.1&b=94548739.1.1687896406237&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trustwave.com/
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

date: Tue, 27 Jun 2023 20:06:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d74a89ce-d840-4ec3-9ac2-b93809f3daa6
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 74e46bee-ec0c-4f45-a99f-011ed48673eb
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFZ0kIRt3fc7G%2FqtGLDbRbDM2YArh%2Bbc8qDRCu9uGqCFv7tzQ9onpPaccFRYZiM77unocOlEMfzOT%2FsguS%2FjW1iw6M3vhb6PCSCFyvCslrjyFr7x2bPS2jio3CEVLAUXcryIQ8VIhIIiYoXWgEbw"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-z7z79
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7de04ffc6c2c9ba1-FRA
x-robots-tag: none

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 214ms
29ms Preflight 52.236.186.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.236.186.218 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://www.trustwave.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Tue, 27 Jun 2023 20:06:45 GMT
x-content-type-options: nosniff

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 98 B
284 B 81ms
80ms XHR
application/json 52.236.186.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.236.186.218 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

011fdeed0bd252197ebac990b0770778d02f75f9ca87b8825d4f957cd33f56fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.trustwave.com/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0
Content-type: application/json

Response headers

x-ms-session-id: 9DE95AF8-3CB4-4B7B-89C9-6FB253FB1F52
strict-transport-security: max-age=31536000
date: Tue, 27 Jun 2023 20:06:45 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 98

POST
H2 200 dom Show response
n2.mouseflow.com/ 0
194 B 113ms
112ms XHR
text/plain 192.96.202.198
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL

https://n2.mouseflow.com/dom?gz=1

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.96.202.198 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

Mouseflow /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.trustwave.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0
Content-type: text/plain

Response headers

access-control-allow-origin: https://www.trustwave.com
date: Tue, 27 Jun 2023 20:06:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-credentials: true
server: Mouseflow
content-length: 0
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

178 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.info.trustwave.com/	1970-01-20 12:51:38	Name: __cf_bm Value: Jh2gX9oUO.LjDStQ1j5Np1Te7ecb7ruEPhMeSmjE4GM-1687896401-0-AW5/W2y3G+/Nw0ZGSJohsuhZBVGogLOCnLo+2rmUChYMTEI0qCuwg/HgR8D1CjWIdbnZA53UXdtNFjUDJSZ4ERc=
.info.trustwave.com/	1969-12-31 23:59:59	Name: __cfruid Value: 53b11e68de6a73dd154b33a5fd264f900069d54c-1687896401
.www.trustwave.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: bcc70b3e9d2a132e2376fddfd28702ba57725b0d585f7a92e016c74563f04890
.www.trustwave.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: bcc70b3e9d2a132e2376fddfd28702ba57725b0d585f7a92e016c74563f04890
.fonts.net/	1970-01-20 12:51:38	Name: __cf_bm Value: YZO5TPLp17imOf9dXVU94LLg8kTIRgj6pZIWabsVO_8-1687896402-0-ATM8MhHfF/VARNS8MMaIKoyum/X9UlALco5NQ3NvtBgNH3HkqweDVAitI851EQ8Ko1CfZ1iDaATQgS9JnnKV/Yk=
.vimeo.com/	1970-01-20 12:51:38	Name: __cf_bm Value: HSLc4heqFRrXkaQyLDFHWqlLetH9Iu8ipLYkwV2PDaU-1687896402-0-AQsirn2qtIcSkG3Fmn2fIfEBDlMCw9+q4/LqGMQmIQcOQb50tgeNjjpQ4NeKBMAUII2b9r46xVLGXAMEtBOXJjA=
www.trustwave.com/	1970-01-20 21:37:12	Name: ai_user Value: nb+vG\|2023-06-27T20:06:42.631Z
.trustwave.com/	1970-01-20 15:01:12	Name: _gcl_au Value: 1.1.1857590066.1687896403
.trustwave.com/	1970-01-20 22:27:36	Name: _ga_DP8B111F8E Value: GS1.1.1687896402.1.0.1687896402.60.0.0
www.trustwave.com/	1969-12-31 23:59:59	Name: utm_source Value: hs_email
www.trustwave.com/	1969-12-31 23:59:59	Name: utm_medium Value: email
www.trustwave.com/	1969-12-31 23:59:59	Name: utm_campaign Value: NWS%20Trustwave%20Digest
www.trustwave.com/	1970-01-20 12:51:38	Name: ai_session Value: xn8SH\|1687896403057.1\|1687896403057.1
.trustwave.com/	1970-01-20 15:01:12	Name: mf_user Value: a89a4f799d95865f902126b5509331c7\|
.www.trustwave.com/	1970-01-20 21:37:12	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Jun+27+2023+20%3A06%3A43+GMT%2B0000+(GMT)&version=202305.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.trustwave.com%2Fen-us%2Fresources%2Fblogs%2Fspiderlabs-blog%2Fhoneypot-recon-mssql-server-database-threat-overview-22-23%2F%3Futm_campaign%3DNWS%2520Trustwave%2520Digest%26utm_medium%3Demail%26utm_content%3D264045642%26utm_source%3Dhs_email&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0%2CC0003%3A0
.t.co/	1970-01-20 22:27:36	Name: muc_ads Value: 510c2669-c64a-4232-9892-e328408ee69f
.trustwave.com/	1970-01-20 22:27:36	Name: _ga Value: GA1.2.1127171977.1687896403
.trustwave.com/	1970-01-20 12:53:02	Name: _gid Value: GA1.2.200534915.1687896403
.trustwave.com/	1970-01-20 12:51:36	Name: _gat_UA-123880220-1 Value: 1
.twitter.com/	1970-01-20 22:27:36	Name: personalization_id Value: "v1_HcWFWLh76ao/7rMZiT3L+g=="
.trustwave.com/	1970-01-20 15:01:12	Name: _fbp Value: fb.1.1687896403367.775375755
www.trustwave.com/	1970-01-20 21:37:12	Name: d-a8e6 Value: 36c78226-2044-4bcd-a8a4-64746065f527
www.trustwave.com/	1970-01-20 12:51:37	Name: s-9da4 Value: 2a4325fb-3e2e-4014-b63b-19a66d41e458
www.trustwave.com/	1970-01-20 12:53:02	Name: ln_or Value: eyI3MDY1MiI6ImQifQ%3D%3D
.linkedin.com/	1970-01-20 15:01:12	Name: li_sugr Value: 9121293f-8eab-4c03-abda-97e4f23e73ed
.linkedin.com/	1970-01-20 21:37:12	Name: bcookie Value: "v=2&7afdceda-87d4-4d58-8d5d-2922b3e19b9b"
.linkedin.com/	1970-01-20 12:53:02	Name: lidc Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2577:u=1:x=1:i=1687896403:t=1687982803:v=2:sig=AQE-4RSaaqZfVjh_fKeyk41mrZFFIrdY"
.trustwave.com/	1970-01-20 22:27:36	Name: _mkto_trk Value: id:815-RFM-693&token:_mch-trustwave.com-1687896403644-85331
.linkedin.com/	1970-01-20 13:34:48	Name: UserMatchHistory Value: AQJd8hxYPPmFrwAAAYj-dy9DlIygZ4wxI27wByN_WuEp4j279E3DytalrY0-ewLfLtVT4jQrIlH1mg
.linkedin.com/	1970-01-20 13:34:48	Name: AnalyticsSyncHistory Value: AQK7jr-XcQMjwwAAAYj-dy9DkCQt1JP0lxzDGDTq8m9E6hrL5kZp222zQSPYjuqgqAup-TzxZDL7rhegv5-pWA
.www.linkedin.com/	1970-01-20 21:37:12	Name: bscookie Value: "v=1&202306272006437f273b07-89a3-449b-87d4-4d7bedbfa5d8AQGwkC5zvc0BOh_520U2wWNBThSQ1-TO"
.linkedin.com/	1970-01-20 17:10:48	Name: li_gc Value: MTswOzE2ODc4OTY0MDM7MjswMjFG4PhTzoDoYzAqwN5BPOXlLZqXFxLgVcCVjyYL085UCg==
.doubleclick.net/	1970-01-20 22:13:12	Name: IDE Value: AHWqTUl6IROHZe3fMl6RivvgerXUDFzGTdo85nDbc335uAJtEHEzZGJMEHFCU0Pr
.trustwave.com/	1969-12-31 23:59:59	Name: mf_96dff353-a928-44b4-b1d0-6432c69133ba Value: 6d68e819ed2f887bcc40c711a2ec4579\|062743610d9123b59d372fadfde7146b75fd35ba.12668368625.1687896403068\|1687896403061\|2071166924_-1631221912.1889642278_96619420.-1539894552_-226526381.-64687999_-11335729815\|0\|\|\|0\|17.89\|0.09678
www.trustwave.com/	1970-01-20 17:10:48	Name: __hstc Value: 94548739.2c0d0532603a1db042d78286fb6ab816.1687896406237.1687896406237.1687896406237.1
www.trustwave.com/	1970-01-20 17:10:48	Name: hubspotutk Value: 2c0d0532603a1db042d78286fb6ab816
www.trustwave.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
www.trustwave.com/	1970-01-20 12:51:38	Name: __hssc Value: 94548739.1.1687896406237
.hubspot.com/	1970-01-20 12:51:38	Name: __cf_bm Value: 1TPYM1_4.HA.gLYa.Ts_4r9x14QqsQvbE4Wbxi48Ugk-1687896406-0-AXS9pomA8G/CgXLp6Kq1OLMT1vsF0RJW3x9cWnwy8MIc4Fkbqb811oQvEnFS9g9NH3V3O4FoT5ppotY1MZLIwIA=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fast.fonts.net/cssapi/9c85e15b-99ed-40a4-929d-2262f9ed2706.css Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0f03f66557640799d2117a8b715de776.azr.footprintdns.com
10419288.fls.doubleclick.net
17d48576e9fcf8646fca3b0bd582c2db.azr.footprintdns.com
815-rfm-693.mktoresp.com
9785483.fls.doubleclick.net
adservice.google.com
adservice.google.de
analytics.twitter.com
api.hubapi.com
az416426.vo.msecnd.net
cdn.linkedin.oribi.io
cdn.mouseflow.com
cdnjs.cloudflare.com
connect.facebook.net
cookie-cdn.cookiepro.com
dc.services.visualstudio.com
ec55be6537f8444a901d184d2f0ed60c.azr.footprintdns.com
fast.fonts.net
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
googleads.g.doubleclick.net
info.trustwave.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
match.adsrvr.org
munchkin.marketo.net
n2.mouseflow.com
player.vimeo.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
s7.addthis.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
track.hubspot.com
trustwave.azureedge.net
trustwave.blob.core.windows.net
vidassets.terminus.services
wec-assets.terminus.services
www.atmrum.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.trustwave.com
104.244.42.5
104.244.42.67
104.75.88.126
104.77.31.43
13.107.42.14
142.250.186.134
146.75.120.157
151.139.128.10
162.159.138.60
192.96.202.198
199.15.214.243
2001:4860:4802:34::178
2001:4860:4802:34::36
204.79.197.234
2600:9000:26db:4600:2:53b2:240:93a1
2603:1020:e01:2::60
2603:1030:f00:3::35
2603:1040:c01::341
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2c40::c73c:67fe
2606:4700::6810:79be
2606:4700::6810:8ace
2606:4700::6810:ba41
2606:4700::6811:190e
2606:4700::6811:6ac7
2606:4700::6811:cacc
2606:4700::6811:d2f3
2606:4700::6811:d5f3
2606:4700::6811:e04e
2606:4700::6812:1153
2606:4700::6812:18c4
2606:4700::6812:863b
2606:4700::6813:9a53
2620:1ec:21::14
2a00:1450:4001:802::2008
2a00:1450:4001:806::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c0b::9b
2a02:26f0:1700:d::1737:6ea4
2a02:26f0:3100::1735:28b2
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
52.151.96.240
52.223.40.198
52.236.186.218
52.239.171.228
99.84.88.65
99.84.88.95
011fdeed0bd252197ebac990b0770778d02f75f9ca87b8825d4f957cd33f56fe
01bc1078a72cc59abcb6ee8625c0c807a7f1b6b39bb7ee31d12f006b84639f26
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
05a208b51905359afbb00bd91d1e40b144757825894d8f5d3a0ab2e2dac6c517
08529955a8d9e583dacd78d8ade75159e0869e25766fba0ac911d5fa3e3b234b
088dbe5e4bb2f902e2e7c62ca7a15bae5cb55f4708d99f7c4daae7148a19a865
0adef222a47e22a5c051a9c28034255f0f60642ef890e41ac2fa634865d95a49
0be44b8963766e88bfb1034f5cf93deb8710ec30e7a54537ff463951c5976234
108382761a9645a58db86a092908aa70fc3ce728a814b22d8314831ce343940f
180bfe5289396add1808d9ce8fa113e02c0eb823c7b4e9f75c3dc5703a21501d
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e81a50f50c312323629e4eb6906000ef991477c184dbff8e5b53eeafc8e31e0
2071a3274f291c02c034caf6889a9e7267640862d6d22d348507e929534e74f3
21c3d65ef1a0105fb3114d843bd4c68e474e7571db6b0af5ca759fbfec9eca81
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2a6d7a06a4458b56f188177654688a18648aaf4800feee0a4a09a858f46bc920
2ba5faf0489e0918095f3a1dddc7994837e094aec7f0629ab23e7955e17d639c
32ea28e4cc9fb2662d406bc5e859f774b58f927861c31864c33cb81aa8263aac
36d091a5c5b3aa312c51ea63253d6290d7970fc1daf47655f95b98b81618fe57
37f464cf55166ea3cba05eeb9155439a40c142ca30fd3669745ce3efdf200a3a
38dbd74f0b8818c8510cf4b02431747186219616a8928407ec8990c8d018a988
399275d88086e4012aa96f7769747462bee9f414f38ab6df75ac13dbc03ccfe1
3b40a93cfffc7cc88b425c84b80cf85f60577787fb1e9a0a77acbe1f3bd6389d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f18aeab9b9baa3e61c4bc2cd0372e3946f494bd03bff3cad740e5ea817fce2b
3ff8afe5ed8807374585f39d66586c8c790dd6f96c7a4d9946c8f3d9695a34d4
42c9d1df23e2f7d82d90b2bd6bab3b5398e81889cb9bde1d4a530acc663c9c63
42f2f65a52347bf6ed6c0633b5458c48ddc1b439923c92caec18c6d6f111afe3
47cd0963360b4b754c3cadfbe22d63b30b26c891474bffdc860b1e524c0d1b3c
48c6a1c1b83c94f772d3ca8dc0e10f80dc320fb3a640ce8f12bb0dd12a847c2a
4d84802c2cc3550892199289d28a046c4e1d011964c7c7f9d43bdeebecf107de
4e01c98e627574457dc4a7251f0b5a3d8ca22fc72fe7127db1ebd63e36a06a70
4e5ab440329cd7d94538bc256cd00097682d6dcfb803cc0e9e64cfab683831dc
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
55e7c16cece26a11545f539a52d5af51895ee9c97c94fc6b5336d21e8a5ea94b
5948fc8f016a175f6dc4b0e00bc4dbbc93875315d7af4469ab7e4c0c47f4c269
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b12353c5a19cc78fb6c632ce69997c397a3580403b966b7aca9fc5a49e76470
5f8bc26c4789780ae3a330a2d348a7c806e3e019f852d543937745e0512d4e62
5f9e039bdb4cb6ad310aba5a76a742f10612e74d54139abd81636a825ce8e9af
60a33e6cf5151f2d52eddae9685cfa270426aa89d8dbc7dfb854606f1d1a40fe
6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
68e318c58c5a8e85cf16359b0897e1766a64528353a5db53843a4dffbf097baf
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6df905d3e689019ba181027cdbb40d8989f3ebc2e501e27027d9c1a82d024f62
6e223b8d14bf788e379f1e9efbdba145129720675091f310bbb014f04f3c5cdb
72766f736186eb5c7c6d08502f3bf28da0092e8ea85cf3b5413c9daf8dc2d94a
741d434712303f040a32ca9a8aae46045c421611a63b991c8f205599f25ccfac
7b0ef13b754c456f5621d74ca260e49b061f759bcaeb9223e0eaa78ff4359189
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7be5c8e38572372ddf9ace7967a1fe756373d6dee5eefd54a41cbff68683f223
7c8696f504c5e2703ab09bdac94d97f5d73c0f9cba432632f4b70f3047fcd417
7f148a333a7585ab1391cceb303d946f5bf1b38ba6bb8eae863125ccde728bb3
8032d79deba14b8b207f78489b5cb3b7dd8c39e3519688988e075c30aa128157
809765ad9401369a9a87159ade197a7893be54c78de5e0c1995f77efbde4a286
80afdcdab5af95e11f8edac404947668a91582b9799723a8d5272483a010f23d
83b67928c4d43907334640138124200a945183db38f6f96305d0a5e05da3fdd7
83fb7a24beceb1a4fdf940b00d446e9ca94003f1ed53f4aa8a164923e6faa4a1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85617163a0d798f5865addd9cb026438b1096093b4cac1838630ad93ebfdf4b4
85ea4804b8ee1cf5f67f7b52d136c82247eb94a12f48de9786760ff5a7b54364
87289efaf9cc62bd74432c4048229f1f1f1108973a99460d5676c4caa4fb4923
87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447
9178d19c46b5a36fc8d4de24aa7fef3b62e7f69c259f4e81ee3f2d5aba263216
932082305544d3426acaefac13815f07c276046aee77847071d1dfc1754636e4
94f9b18d90180e697e61941f29297edc5d58b27b42450da64da0913340128f7e
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
98e67b7c00d3ed50871865e8acf0381d72b909eb2360b56261061c9be60bde9e
9998a28912966aa8ae78c7bae4b70bce32095ac4cafb972428f96c60bf374a98
9a2b09b1bd7190df58b8462804537f71a64e447921a03e62dc16148f9c433511
9bb1ca038e5b7f0ea47d1dfe4f0480f4ee430e5c033eaf969b08baf66167d7c0
9f7ea50d6e3411cab4b6068984a935273aef90a4644348986a5e4b526a4292f7
a2f4c3fd1718ae1083436a631cefaeb5ec341110a5aab47cebe7e0ee34630709
a432ddc35f43db449327ca5e32c286fc1bd9e92fb4c4e4d001e05a4760ecf1e6
a4c6f490f7db151fb0dd9ce3339d17fdc511dabe0252f5b73bdf67b20268b107
a678c4996f3af19954605ff0cbb95c2a1880c522da930831c8d20c08a101ac62
a6843d5ffd9052e631f84994401389694fd86b7cff2f9910ec6a28814cbb6b03
a71ac528a5f244dcfcf59e0acde7e2c956604c1519af7a28bdce0c4f2e7b52b2
a76b2bc12b0e3c9536c8c0c3af4170cc66c19ff44fb96326aa6b542ee272365f
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
aa355c393e03f831dbdbcc678ba16396aab95930b1bc5b0549695d40cc955ca1
aad18b84e34e15f9dddf39cc08a040e557bce50512b8689f3f7faae963f1429f
ab8666c9c5f434bb652bf6ee88cb6ff9e51b120c0c38648fd3352168bcb96dae
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acb597f6847f2877c81754fdb6a4b483cc05516c2a87865c8d0d02307b670c65
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b016380c1e5281bf5629d39c1dd2d79d1d8eec45e77f69d7f101105b93e813e0
b0f35cc025dc27ea345536d4eafc13e52fe2b1c237fd6c4150d4dbf85c323c27
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5e5c5c8b9ebe9fb7f4a8cde7f2ff4f6652e6beb87585c18e99fb446fbb301a4
b70cea9e957c821b70be13476badce7d101815cb43ac929964c6613553124fac
b9833a558a67d159aa6139bb0b9168560a37f580ae04654ccc7b6b1ce0d75ea6
bad26f37947717a5b9564dd23d44644d869182f7f9830bf5fae2dd26c16fa021
bd6112d6912f3b8e7bf868040f108bc6c339386ace7d11a9522e19b0b1bbcc20
bff143a6cc220d778f407ad5e3d492da7a9835e5fa937a28796605e8a83195c9
c589a082ff90f2b6c3f249068c506cad74d0b7e46846a27a9177e481cdcddb3a
cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40
cddda5bfbb5cfd3c61a5ae0075a6b5719d1eca08ce1575fe1bad14fe7f79a5f8
cf7008a1bb1e7dcffa096b3f0c782f3dd610f847413ae4861a5c03006f093553
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
d5f698fc0fd45b33a248d63e5b46d7cb1d802911b4b5a8a11d63208417892496
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e09e478319343760de07251bf7ebb98a5ad087ddade8cd37299f13dfd0fed1bd
e103929dd758126ea4a090ff0e33b620f3ceb1b81ffad1345023c95661c84d8c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80e2186672b1ebc4c9cf653d86913b2384acd0ded0fdd1bc0b6200fd9621f05
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
ead95f458f5ecb647d28c223f0f896acafdd4734fab3fe7292e8ba1271f8e040
ebcc1ad68f71d2603293b21a5d6335d6a511c31c9fd301a2690be2ce8f714047
ed3a69e3267f056582ed012f7252319adb227fed203a4781eb820ea732aa4594
ed8376e9badc551507bafcee5df98369b04c2091086bd161f641209d558e603c
eec92db3906701a283982a9ea481e806b6fd01fb2efb2c802cba1c376b19c2f5
ef1874f11501aa7118cdfa7af21a9ef1c87301e917881dc941831b122d82b34a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a3764fa2232094be51e1145e6ea64a8ad3e53ba3f663f79e7284a59c4c7bd5
f157146d9a7ab16e9fb8e5eb01eac6200edf5766b6426c3aa79c29872af7df08
f252e382f36692bcdbe514f096120a378a5475ff6079162bcaab562a85cfc206
f295a6c12b881fb7b33847adb08254903faf0d12ab18048a661431ac581ed00b
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f82624464e9e95dfae29e0e54c360aff84dda3c419fc8c3bd10ef668bbe7df9e
ff7ec99660e6be51fa9417ea104406811e53ecd610a9617c7e627917859794d0

www.trustwave.com Open in urlscan Pro 52.151.96.240 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

186 Requests

88 %HTTPS

67 %IPv6

41 Domains

57 Subdomains

53 IPs

10 Countries

6278 kBTransfer

12569 kBSize

39 Cookies

15 Outgoing links

Page URL History

Redirected requests

186 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.trustwave.com Open in urlscan Pro
52.151.96.240 Public Scan

Screenshot
Live screenshot

Full Image

186
Requests

88 %
HTTPS

67 %
IPv6

41
Domains

57
Subdomains

53
IPs

10
Countries

6278 kB
Transfer

12569 kB
Size

39
Cookies

186 HTTP transactions
0 data transactions