urlscan.io logo urlscan.io
SecurityTrails logo

sysdig.com Open in urlscan Pro
141.193.213.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://email.techenrch.com/c/1MSNaBv5Pb6vhV0bmhekkIIOsy
Effective URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Submission: On December 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 40 IPs in 7 countries across 29 domains to perform 93 HTTP transactions. The main IP is 141.193.213.20, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is sysdig.com. The Cisco Umbrella rank of the primary domain is 295985.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 26th 2022. Valid for: a year.
This is the only time sysdig.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.225.78.46 16509 (AMAZON-02)
1 1 13.225.78.74 16509 (AMAZON-02)
1 1 13.224.189.9 16509 (AMAZON-02)
23 141.193.213.20 209242 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 104.17.73.206 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 13.224.189.8 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 13.224.189.61 16509 (AMAZON-02)
1 13.224.189.6 16509 (AMAZON-02)
1 13.32.27.15 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a04:4e42:400... 54113 (FASTLY)
1 3 142.251.208.102 15169 (GOOGLE)
1 2 52.49.44.4 16509 (AMAZON-02)
1 13.56.94.172 16509 (AMAZON-02)
1 151.101.129.140 54113 (FASTLY)
1 52.20.195.32 14618 (AMAZON-AES)
1 13.224.189.42 16509 (AMAZON-02)
1 13.224.189.122 16509 (AMAZON-02)
2 2 52.213.183.212 16509 (AMAZON-02)
1 2 13.225.78.125 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 13.225.78.2 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:402... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2a03:2880:f10... 32934 (FACEBOOK)
1 1 2a00:1450:400... 15169 (GOOGLE)
6 34.194.33.160 14618 (AMAZON-AES)
1 46.137.15.158 16509 (AMAZON-02)
1 2001:678:cb4:... 56396 (AMOBEE)
1 52.208.228.206 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.235.48.117 14618 (AMAZON-AES)
93 40
1    13.225.78.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-46.fra2.r.cloudfront.net
email.techenrch.com
1    13.225.78.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-74.fra2.r.cloudfront.net
email.techenrch.com
1    13.224.189.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-9.fra2.r.cloudfront.net
meritdirect.msgfocus.com
23    141.193.213.20 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
sysdig.com
3    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    104.17.73.206 (None, )

ASN13335 (CLOUDFLARENET, US)
go.sysdig.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a02:26f0:3500:18::1724:a29d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com
1    13.224.189.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-8.fra2.r.cloudfront.net
static.oktopost.com
2    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
3    13.224.189.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-61.fra2.r.cloudfront.net
app.cdn.lookbookhq.com
cdn-app.pathfactory.com
1    13.224.189.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-6.fra2.r.cloudfront.net
tag.demandbase.com
1    13.32.27.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-15.fra56.r.cloudfront.net
static.hotjar.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
3    142.251.208.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f6.1e100.net
11915097.fls.doubleclick.net
2    52.49.44.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-44-4.eu-west-1.compute.amazonaws.com
cnv.event.prod.bidr.io
1    13.56.94.172 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-56-94-172.us-west-1.compute.amazonaws.com
tracking.intentsify.io
1    151.101.129.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
1    52.20.195.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-195-32.compute-1.amazonaws.com
okt.to
1    13.224.189.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-42.fra2.r.cloudfront.net
script.hotjar.com
1    13.224.189.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-122.fra2.r.cloudfront.net
vars.hotjar.com
2    52.213.183.212 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-183-212.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    13.225.78.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-125.fra2.r.cloudfront.net
segments.company-target.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    13.225.78.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-2.fra2.r.cloudfront.net
api.company-target.com
1    2a02:26f0:3500:887::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
1    2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
6    34.194.33.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-33-160.compute-1.amazonaws.com
jukebox.pathfactory.com
1    46.137.15.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-15-158.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
r.turn.com
1    52.208.228.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-228-206.eu-west-1.compute.amazonaws.com
ws34.hotjar.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    34.235.48.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-48-117.compute-1.amazonaws.com
spcollector.pathfactory.com
Apex Domain
Subdomains		 Transfer
24 sysdig.com
sysdig.com — Cisco Umbrella Rank: 295985
go.sysdig.com — Cisco Umbrella Rank: 898620
1 MB
10 pathfactory.com
cdn-app.pathfactory.com — Cisco Umbrella Rank: 67805
jukebox.pathfactory.com — Cisco Umbrella Rank: 46922
spcollector.pathfactory.com — Cisco Umbrella Rank: 71415
243 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
475 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
region1.google-analytics.com — Cisco Umbrella Rank: 2623
20 KB
5 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 643
script.hotjar.com — Cisco Umbrella Rank: 811
vars.hotjar.com — Cisco Umbrella Rank: 936
in.hotjar.com — Cisco Umbrella Rank: 1734
ws34.hotjar.com — Cisco Umbrella Rank: 66564
74 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 72
24 KB
4 bidr.io
cnv.event.prod.bidr.io — Cisco Umbrella Rank: 8998
match.prod.bidr.io — Cisco Umbrella Rank: 480
2 KB
4 doubleclick.net
11915097.fls.doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
2 KB
3 company-target.com
segments.company-target.com — Cisco Umbrella Rank: 1272
api.company-target.com — Cisco Umbrella Rank: 3484
3 KB
3 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 4183
consentcdn.cookiebot.com — Cisco Umbrella Rank: 4785
84 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
202 B
2 google.de
www.google.de — Cisco Umbrella Rank: 6041
adservice.google.de — Cisco Umbrella Rank: 8549
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
112 KB
2 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 1712
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
183 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 73
55 KB
2 techenrch.com
email.techenrch.com
686 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 757
7 KB
1 turn.com
r.turn.com — Cisco Umbrella Rank: 3099
398 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 567
98 B
1 okt.to
okt.to — Cisco Umbrella Rank: 28570
100 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1569
157 B
1 intentsify.io
tracking.intentsify.io — Cisco Umbrella Rank: 66537
214 B
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1448
8 KB
1 demandbase.com
tag.demandbase.com — Cisco Umbrella Rank: 4719
19 KB
1 lookbookhq.com
app.cdn.lookbookhq.com — Cisco Umbrella Rank: 51929
214 KB
1 oktopost.com
static.oktopost.com — Cisco Umbrella Rank: 34027
4 KB
1 msgfocus.com
meritdirect.msgfocus.com
472 B
93 29
Domain Requested by
23 sysdig.com sysdig.com
6 jukebox.pathfactory.com cdn-app.pathfactory.com
6 fonts.gstatic.com fonts.googleapis.com
www.google.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
sysdig.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com sysdig.com
www.gstatic.com
www.google.com
3 11915097.fls.doubleclick.net 1 redirects www.googletagmanager.com
adservice.google.com
3 fonts.googleapis.com sysdig.com
cdn-app.pathfactory.com
2 spcollector.pathfactory.com cdn-app.pathfactory.com
2 www.facebook.com sysdig.com
2 region1.google-analytics.com www.googletagmanager.com
2 segments.company-target.com 1 redirects sysdig.com
2 match.prod.bidr.io 2 redirects
2 cnv.event.prod.bidr.io 1 redirects sysdig.com
2 cdn-app.pathfactory.com sysdig.com
2 connect.facebook.net sysdig.com
connect.facebook.net
2 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
2 consent.cookiebot.com www.googletagmanager.com
consent.cookiebot.com
2 www.googletagmanager.com sysdig.com
www.googletagmanager.com
2 www.youtube.com sysdig.com
www.youtube.com
2 email.techenrch.com 2 redirects
1 maxcdn.bootstrapcdn.com cdn-app.pathfactory.com
1 ws34.hotjar.com script.hotjar.com
1 r.turn.com 11915097.fls.doubleclick.net
1 in.hotjar.com script.hotjar.com
1 adservice.google.de 1 redirects
1 www.google.de sysdig.com
1 adservice.google.com 11915097.fls.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 consentcdn.cookiebot.com consent.cookiebot.com
1 api.company-target.com tag.demandbase.com
1 id.rlcdn.com sysdig.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 okt.to static.oktopost.com
1 alb.reddit.com sysdig.com
1 tracking.intentsify.io sysdig.com
1 www.redditstatic.com sysdig.com
1 static.hotjar.com sysdig.com
1 tag.demandbase.com sysdig.com
1 app.cdn.lookbookhq.com sysdig.com
1 static.oktopost.com www.googletagmanager.com
1 go.sysdig.com sysdig.com
1 meritdirect.msgfocus.com 1 redirects
93 44
Subject Issuer Validity Valid
*.sysdig.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-26 -
2023-09-26		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
go.sysdig.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-11		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-04 -
2023-06-06		 a year crt.sh
*.oktopost.com
Amazon		 2022-09-28 -
2023-10-27		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-08 -
2023-04-08		 a year crt.sh
*.pathfactory.com
Amazon		 2022-07-11 -
2023-08-09		 a year crt.sh
tag.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2022-08-17 -
2023-09-18		 a year crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-28 -
2022-12-27		 3 months crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-05-15		 6 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.intentsify.io
Amazon		 2022-07-06 -
2023-08-04		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-05-14		 6 months crt.sh
okt.to
R3		 2022-11-12 -
2023-02-10		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
api.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2022-09-16 -
2023-10-18		 a year crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-15 -
2023-06-17		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-02 -
2023-04-01		 a year crt.sh

This page contains 8 frames:

Primary Page: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Frame ID: 529EEFBD08599783A1C313598C47EB86
Requests: 91 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdNcz8cAAAAAJuTxEErvwDxSyMsMZTAgCJqmIov&co=aHR0cHM6Ly9zeXNkaWcuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=ttwdx4ty90q8
Frame ID: CA4CFFC0254BED6CB97DADEA006B4617
Requests: 7 HTTP requests in this frame

Frame: https://11915097.fls.doubleclick.net/activityi;dc_pre=CN6ux4WXiPwCFUETGAodMOwHEw;src=11915097;type=syslp_22;cat=sysdi00g;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7492362712985.523
Frame ID: 7ABC21E3D10519A8BD95A8A6239CBF26
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: 19A73DE12B8FF6F02847CBB27D9AFFB0
Requests: 1 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: C1D3C6BE3C605753035F0B1B036664A4
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CN6ux4WXiPwCFUETGAodMOwHEw;src=11915097;type=syslp_22;cat=sysdi00g;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7492362712985.523;~oref=https://sysdig.com/
Frame ID: 3DB52A615A7E0826AD26CBA031507ED3
Requests: 1 HTTP requests in this frame

Frame: https://11915097.fls.doubleclick.net/ddm/fls/r/dc_pre=CN6ux4WXiPwCFUETGAodMOwHEw;src=11915097;type=syslp_22;cat=sysdi00g;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7492362712985.523;~oref=https://sysdig.com/
Frame ID: 2EA860E0AC2BB8E2AED0DFCDC339425C
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2B66B1D875618CEDB4B33F4F42E83B01
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Threat news: TeamTNT targeting misconfigured kubelet – Sysdig

Page URL History Show full URLs

  1. http://email.techenrch.com/c/1MSNaBv5Pb6vhV0bmhekkIIOsy HTTP 301
    https://email.techenrch.com/c/1MSNaBv5Pb6vhV0bmhekkIIOsy HTTP 302
    https://meritdirect.msgfocus.com/c/1MSNaBv5Pb6vhV0bmhekkIIOsy HTTP 302
    https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtn... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 75%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

93
Requests

98 %
HTTPS

45 %
IPv6

29
Domains

44
Subdomains

40
IPs

7
Countries

2623 kB
Transfer

10120 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://email.techenrch.com/c/1MSNaBv5Pb6vhV0bmhekkIIOsy HTTP 301
    https://email.techenrch.com/c/1MSNaBv5Pb6vhV0bmhekkIIOsy HTTP 302
    https://meritdirect.msgfocus.com/c/1MSNaBv5Pb6vhV0bmhekkIIOsy HTTP 302
    https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59
  • https://11915097.fls.doubleclick.net/activityi;src=11915097;type=syslp_22;cat=sysdi00g;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7492362712985.523 HTTP 302
  • https://11915097.fls.doubleclick.net/activityi;dc_pre=CN6ux4WXiPwCFUETGAodMOwHEw;src=11915097;type=syslp_22;cat=sysdi00g;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7492362712985.523
Request Chain 60
  • https://cnv.event.prod.bidr.io/log/cnv?tag_id=47&buzz_key=intentsify&value=&segment_key=&order=[ORDER]&ord=[CACHEBUSTER] HTTP 303
  • https://cnv.event.prod.bidr.io/log/cnv?tag_id=47&buzz_key=intentsify&value=&segment_key=&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1
Request Chain 72
  • https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
  • https://segments.company-target.com/log?vendor=choca&user_id=AAHB1k7HQ1AAACBPvotZIw HTTP 303
  • https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAHB1k7HQ1AAACBPvotZIw&verifyHash=a4df7fbe6dc6b2b99f47f528be459bb1d3d0ed45
Request Chain 88
  • https://adservice.google.de/ddm/fls/i/dc_pre=CN6ux4WXiPwCFUETGAodMOwHEw;src=11915097;type=syslp_22;cat=sysdi00g;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7492362712985.523;~oref=https://sysdig.com/ HTTP 302
  • https://11915097.fls.doubleclick.net/ddm/fls/r/dc_pre=CN6ux4WXiPwCFUETGAodMOwHEw;src=11915097;type=syslp_22;cat=sysdi00g;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7492362712985.523;~oref=https://sysdig.com/

93 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sysdig.com/blog/teamtnt-kubelet-credentials/
Redirect Chain
  • http://email.techenrch.com/c/1MSNaBv5Pb6vhV0bmhekkIIOsy
  • https://email.techenrch.com/c/1MSNaBv5Pb6vhV0bmhekkIIOsy
  • https://meritdirect.msgfocus.com/c/1MSNaBv5Pb6vhV0bmhekkIIOsy
  • https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
116 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
4fa46cb89843aab60c22f31a6615fa7ac3e553db4984a32a9ba5402190ea9e8d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
77c852b40bf55c74-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 20 Dec 2022 12:18:52 GMT
link
<https://sysdig.com/wp-json/>; rel="https://api.w.org/" <https://sysdig.com/wp-json/wp/v2/posts/54428>; rel="alternate"; type="application/json" <https://sysdig.com/?p=54428>; rel=shortlink
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
MISS
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

date
Tue, 20 Dec 2022 12:18:51 GMT
location
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
p3p
policyref="http://www.adestra.com/w3c/p3p.xml",CP="NON DSP COR CURo ADMo DEVo TAIo IVAo IVDo OUR DELo IND UNI NAV"
server
CloudFront
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
x-amz-cf-id
7eopyjWUn0aqH99c8qhTUwjifP8bwYqlpPGaw5KS-oiPf1ZwXA-a0Q==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Jost:wght@400;500;700&family=Lexend+Deca:wght@400;500;600;700;800&display=swap
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4550f8694af5aac45263a02cd4923818ce3260f5f3c4cc3216e40f70d4020ebb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Dec 2022 12:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 12:18:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Dec 2022 12:18:53 GMT
classic-themes.min.css
sysdig.com/wp-includes/css/ 		217 B
290 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sysdig.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Oct 2022 13:45:16 GMT
server
cloudflare
age
41512
etag
W/"6357e86c-d9"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77c852b83c565c74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
main-v4.css
sysdig.com/wp-content/cache/min/1/wp-content/themes/sysdig/public/styles/ 		3 MB
250 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sysdig.com/wp-content/cache/min/1/wp-content/themes/sysdig/public/styles/main-v4.css?ver=1671493126
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d98789cb7e4336db421d70e3f1737ce7222bf6c57e9cb0e18e2c3f4ee902717

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 19 Dec 2022 23:38:46 GMT
server
cloudflare
age
41512
etag
W/"63a0f606-2f49ee"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77c852b83c5d5c74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
sysdig.com/wp-includes/js/jquery/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sysdig.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 19 Sep 2022 14:16:24 GMT
server
cloudflare
age
41512
etag
W/"632879b8-15e54"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77c852b83c615c74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-migrate.min.js
sysdig.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sysdig.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
cloudflare
age
44646
etag
W/"5fb4e3fe-2bd8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77c852bdcf0c9253-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
forms2.min.js
go.sysdig.com/js/forms2/js/ 		208 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.sysdig.com/js/forms2/js/forms2.min.js?ver=20200729-2010
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Tue, 04 Oct 2022 18:03:49 GMT
server
cloudflare
etag
"6c1104-33e51-5ea394834ab40"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
cf-ray
77c852c05bcb68fe-FRA
sysdig-logo.svg
sysdig.com/wp-content/uploads/2019/10/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sysdig.com/wp-content/uploads/2019/10/sysdig-logo.svg
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a9f43834301d02ee5d9e8ebe5489774a873accb010b4f5ee9ff71f3649675ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 12 Nov 2022 17:59:39 GMT
server
cloudflare
age
44647
etag
W/"636fdf0b-10d4"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77c852c1feb39253-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
default.css
sysdig.com/wp-content/cache/min/1/wp-content/plugins/syntax-highlighting-code-block/vendor/scrivo/highlight-php/styles/ 		763 B
571 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sysdig.com/wp-content/cache/min/1/wp-content/plugins/syntax-highlighting-code-block/vendor/scrivo/highlight-php/styles/default.css?ver=1671493199
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a07ce5525b188a58c8dd6eaafd13ad6ce50bd8fe929515a8a8ecb1e0fd32e829

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 19 Dec 2022 23:39:59 GMT
server
cloudflare
age
35201
etag
W/"63a0f64f-2fb"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77c852ba18c59253-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
slick.min.js
sysdig.com/wp-content/themes/sysdig/public/scripts/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sysdig.com/wp-content/themes/sysdig/public/scripts/slick.min.js?ver=1.8.1
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f597b3072933b9aa5b21f299d20be675286898777ae6bfc778cae4e36bfff5ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 19 Dec 2022 23:35:54 GMT
server
cloudflare
age
44647
etag
W/"63a0f55a-a6da"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77c852c3289a9253-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
popper.min.js
sysdig.com/wp-content/themes/sysdig/assets/scripts/vendor/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sysdig.com/wp-content/themes/sysdig/assets/scripts/vendor/popper.min.js?ver=6.1.1
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4d00640b93ccce21719f7146a3aa2393456c28f5439d12454d839412e0c69f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 12 Nov 2022 17:59:55 GMT
server
cloudflare
age
44647
etag
W/"636fdf1b-4acc"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77c852c389379253-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.min.js
sysdig.com/wp-content/themes/sysdig/assets/scripts/vendor/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sysdig.com/wp-content/themes/sysdig/assets/scripts/vendor/bootstrap.min.js?ver=4.0.0
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
65f97dab23e8383e4f9e5b07722014f704b9cb5dc820086014ec715c55e75e33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 12 Nov 2022 17:59:55 GMT
server
cloudflare
age
44647
etag
W/"636fdf1b-bf06"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77c852c3893a9253-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ekko-lightbox.min.js
sysdig.com/wp-content/themes/sysdig/assets/scripts/vendor/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sysdig.com/wp-content/themes/sysdig/assets/scripts/vendor/ekko-lightbox.min.js?ver=20220602-1330
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd1d9db78b52c623e27c9f3914f08d2130c3dbb5a9d6b49e4e22b9adf5e9720b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 12 Nov 2022 17:59:55 GMT
server
cloudflare
age
44647
etag
W/"636fdf1b-3b15"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77c852c3893b9253-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
iframe_api
www.youtube.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api?ver=6.1.1
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7f05d878ed95db8473d919873ef9f9c66d990a41126362ed39a11eb9715204f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Tue, 20 Dec 2022 12:18:54 GMT
main-v4.js
sysdig.com/wp-content/themes/sysdig/public/scripts/ 		1 MB
447 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sysdig.com/wp-content/themes/sysdig/public/scripts/main-v4.js?ver=1671492953
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b2ae5a31d74df50646e2db1e43df0c0bd4cac77a6e31d877fda17549a853863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 19 Dec 2022 23:35:53 GMT
server
cloudflare
age
44647
etag
W/"63a0f559-17da8f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77c852c3893c9253-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rddl.js
sysdig.com/wp-content/themes/sysdig/public/scripts/ 		219 B
376 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sysdig.com/wp-content/themes/sysdig/public/scripts/rddl.js?ver=1668471350
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cb54ad833cf33491a1eaf49bc4db1e9add2e9873e686381fed19232de1cffd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Nov 2022 00:15:50 GMT
server
cloudflare
age
44647
etag
W/"6372da36-db"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77c852c3893e9253-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rb-marketo-forms.js
sysdig.com/wp-content/themes/sysdig/assets/scripts/dev/components/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sysdig.com/wp-content/themes/sysdig/assets/scripts/dev/components/rb-marketo-forms.js?ver=20221201-1611
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4790b967ba28f5d84290d3c65ef70e9e00437661d8713e89ed56d252cad9576

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 02 Dec 2022 23:49:26 GMT
server
cloudflare
age
44647
etag
W/"638a8f06-9bcc"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77c852c389409253-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
api.js
www.google.com/recaptcha/ 		884 B
994 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdNcz8cAAAAAJuTxEErvwDxSyMsMZTAgCJqmIov&ver=2022-03-02
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3f415902f3668db8378ba42dbce744e1eb198d9cbe3859497f93300b3b86a5e5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
581
x-xss-protection
1; mode=block
expires
Tue, 20 Dec 2022 12:18:53 GMT
lazyload.min.js
sysdig.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sysdig.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 19 Dec 2022 23:38:03 GMT
server
cloudflare
age
44647
etag
W/"63a0f5db-2063"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77c852c389419253-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		3 KB
485 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,900&display=swap
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c35f0e407e74fac902acbdf235b14b81584251e8eab8d622f2b9f8612880ab7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Dec 2022 12:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 12:12:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Dec 2022 12:18:54 GMT
gtm.js
www.googletagmanager.com/ 		439 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KHGG4KL
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
28713cf622d4c16d69f37421a02b7d97c1c66632cc6f3aee1ad1bdc020a52b34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107315
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Dec 2022 12:18:54 GMT
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3720ded76aefd39c1893dc1c02242225335df9e84fff0c0008cd877c83f2cb85

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa84613a220dd1554d2f056571f2fed752a834cbb5e424b42b23cea6ecd551a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a307520f0ed1fb08c34a06ac3f8d538262b8c3b200ed529530fd99ad32f77572

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		70 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32b791c741af6c4a0a31ad08cf1a9df9c2d01a28e38c0cc2ac107f2cbc5999c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac6a5f140324248dfe61ece42a34ae42d3886f580433fc608e159ba997f68e6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd0cc30366bb7cb77ccfcb563c3b8cf335ac3ad60a4d4b19a05290653ce03f69

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3095a36c90f5d3df2bc3129532936e42a98b3f76e12f2d324996e8445a90d951

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0416db83b54556d04f065dc4a4bb6958a4e11a1c5cfa1aab7864342cfd07ba7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 		407 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdNcz8cAAAAAJuTxEErvwDxSyMsMZTAgCJqmIov&ver=2022-03-02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sysdig.com/
Origin
https://sysdig.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 10:59:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4749
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166478
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 10:59:45 GMT
truncated
/ 		188 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcbb43a8796fb400d80bec0b2a884a53cd7f6a558b0820c874b31b53963eec6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8c5fa487ffe136937bb1b14282151c0a988398ea2f6fc69886ac36556768294

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e841d9203634d198a4f5951f5bae57c22e07eb547636d57d920b961008e0260d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
224e406cc03fe392cb027cb418c2db9ffbd7f1523c516317d609953e56c8da3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
816f3f5c54a8def8ce66a4a7057a967ae0c0f73adbc923cd4122ed0fb68d5f53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		143 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1aa95fe8388d2d3a9c0eaa6674be9cf37ac7306af4c3933fdedcdd5549e167fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		263 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd9f79b6d9c64b11dcf8832f0fcec103a4a6fb5e4a5b404b73ca7489b5a46c6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		251 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57760bc8908e772fec8aa47c676a5f36ce20fbfb35decc3c34121c606a004e08

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
footer.svg
sysdig.com/wp-content/themes/sysdig/assets/images/ 		2 KB
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sysdig.com/wp-content/themes/sysdig/assets/images/footer.svg
Requested by
Host: sysdig.com
URL: https://sysdig.com/wp-content/cache/min/1/wp-content/themes/sysdig/public/styles/main-v4.css?ver=1671493126
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac4570fae0d7ada9d4106149dd881227692e448248fe05414baddcb34045b12d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/wp-content/cache/min/1/wp-content/themes/sysdig/public/styles/main-v4.css?ver=1671493126
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Nov 2022 00:15:39 GMT
server
cloudflare
age
44646
etag
W/"6372da2b-874"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77c852c45aa79253-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
K2F1fZFYk-dHSE0UPPuwQ5qnJy8.woff2
fonts.gstatic.com/s/lexenddeca/v17/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lexenddeca/v17/K2F1fZFYk-dHSE0UPPuwQ5qnJy8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Jost:wght@400;500;700&family=Lexend+Deca:wght@400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2aa9b929e6ed9e06d10610f05ea3b4bb9b202dfc90a6833a50a1c04329b18a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sysdig.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 08:15:51 GMT
x-content-type-options
nosniff
age
187384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36200
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:29:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 08:15:51 GMT
92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v14/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oTd4g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Jost:wght@400;500;700&family=Lexend+Deca:wght@400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sysdig.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:03:37 GMT
x-content-type-options
nosniff
age
72918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26304
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:29:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 16:03:37 GMT
www-widgetapi.js
www.youtube.com/s/player/34f9b71c/www-widgetapi.vflset/ 		162 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/34f9b71c/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api?ver=6.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b04406ab28a88a04e286448850d93efe32d0ae95a20e675ba191d0b9a3be9af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 09:51:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
8873
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54193
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 01:14:57 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 20 Dec 2023 09:51:02 GMT
anchor
www.google.com/recaptcha/api2/ Frame CA4C 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdNcz8cAAAAAJuTxEErvwDxSyMsMZTAgCJqmIov&co=aHR0cHM6Ly9zeXNkaWcuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=ttwdx4ty90q8
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3f91f486d5eb0e765340784cc8d857a1e2e5bb7a0b407042e07fc69018f53f48
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tocQycZjDsvQ6K3kAkT2EQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sysdig.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22414
content-security-policy
script-src 'report-sample' 'nonce-tocQycZjDsvQ6K3kAkT2EQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 12:18:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
search.svg
sysdig.com/wp-content/themes/sysdig/assets/images/ 		319 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sysdig.com/wp-content/themes/sysdig/assets/images/search.svg
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
61dcd181a2473ea5b65f36b2e751d389273250600ff07d436f5666e474276841

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Nov 2022 00:15:39 GMT
server
cloudflare
age
43570
etag
W/"6372da2b-13f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77c852ca3d4e9253-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
globe.svg
sysdig.com/wp-content/themes/sysdig/assets/images/ 		981 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sysdig.com/wp-content/themes/sysdig/assets/images/globe.svg
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
721ff16ebc362b1e82075a4ae87d11d7c1434f4dfc0ee2a94734b844ce363298

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Nov 2022 00:15:39 GMT
server
cloudflare
age
43570
etag
W/"6372da2b-3d5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77c852ca3d509253-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
facebook-3-logo-1-1.png
sysdig.com/wp-content/uploads/ 		612 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sysdig.com/wp-content/uploads/facebook-3-logo-1-1.png
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f4ccf585d6afbfcb8d8e9e8f7a453e2ae7bf28c307e144675acbc878de22bc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:55 GMT
cf-cache-status
HIT
age
43570
cf-polished
origFmt=png, origSize=1610
content-disposition
inline; filename="facebook-3-logo-1-1.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
612
cf-bgj
imgq:100,h2pri
last-modified
Sat, 12 Nov 2022 17:59:27 GMT
server
cloudflare
etag
"636fdeff-64a"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77c852ca3d529253-FRA
Vector-1-2.png
sysdig.com/wp-content/uploads/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sysdig.com/wp-content/uploads/Vector-1-2.png
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e388cd96c1f5eb830b51ed692d85c200379d39157b2c7e58317129e37b007292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:55 GMT
cf-cache-status
HIT
age
43570
cf-polished
origFmt=png, origSize=4662
content-disposition
inline; filename="Vector-1-2.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3214
cf-bgj
imgq:100,h2pri
last-modified
Sat, 12 Nov 2022 17:59:23 GMT
server
cloudflare
etag
"636fdefb-1236"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77c852ca3d549253-FRA
twitter-3-logo-2.png
sysdig.com/wp-content/uploads/ 		834 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sysdig.com/wp-content/uploads/twitter-3-logo-2.png
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb219cd497e87b62214e32218a86b4c358316761550bc11c59a8697d44ed11bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:55 GMT
cf-cache-status
HIT
age
43570
cf-polished
origFmt=png, origSize=2153
content-disposition
inline; filename="twitter-3-logo-2.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
834
cf-bgj
imgq:100,h2pri
last-modified
Sat, 12 Nov 2022 17:59:36 GMT
server
cloudflare
etag
"636fdf08-869"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77c852ca3d559253-FRA
blog-post-background-image-1.jpg
sysdig.com/wp-content/themes/sysdig/assets/images/v4/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sysdig.com/wp-content/themes/sysdig/assets/images/v4/blog-post-background-image-1.jpg
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6427615495704f775a478bcf331cefafc2d23fbb6c01b99e8b7ed79b0df022f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:55 GMT
cf-cache-status
HIT
age
38380
cf-polished
origFmt=jpeg, origSize=382424
content-disposition
inline; filename="blog-post-background-image-1.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
87234
cf-bgj
imgq:100,h2pri
last-modified
Tue, 15 Nov 2022 00:15:39 GMT
server
cloudflare
etag
"6372da2b-5d5d8"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77c852ca3d579253-FRA
Blog-images_Malware-analysis_featured.png
sysdig.com/wp-content/uploads/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sysdig.com/wp-content/uploads/Blog-images_Malware-analysis_featured.png
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
450c6ba1286244d69221d56b8bc8a507fc6d84b76ebf14a55349682bdad40ca0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:55 GMT
cf-cache-status
MISS
last-modified
Sat, 12 Nov 2022 17:59:17 GMT
server
cloudflare
etag
"636fdef5-1e6a0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77c852ca3d5a9253-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
124576
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHGG4KL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 20 Dec 2022 11:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3260
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 20 Dec 2022 13:24:37 GMT
uc.js
consent.cookiebot.com/ 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js?cbid=653f7b39-5fed-4106-b750-66bd54840c53&consentmode-dataredaction=undefined
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHGG4KL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a29d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ecea9fd901f0e775209188c51d1fce00cb090107eecf9ed05bc13757419eaac8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date
Tue, 20 Dec 2022 12:18:57 GMT
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 07:27:34 GMT
etag
"3cf18f5ec4ed91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=166
accept-ranges
bytes
content-length
32025
expires
Tue, 20 Dec 2022 12:21:43 GMT
oktrk.js
static.oktopost.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.oktopost.com/oktrk.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHGG4KL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-8.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 14:11:10 GMT
content-encoding
gzip
via
1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified
Mon, 27 Jan 2020 09:47:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
79668
etag
W/"57315c24d6fec75c4d46a8cc3fa6e0d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
1FhrdOwnRYHcx2dCHuaEF1Wb0jwYhqdssljJ8dXug-uVOgziQureRQ==
8286.js
script.crazyegg.com/pages/scripts/0093/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0093/8286.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHGG4KL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
089ddd41ecc84a9f2a7542c9ffc27cf72beb988f5c6e8b593a82b30e755ed582

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:57 GMT
content-encoding
gzip
cf-cache-status
HIT
age
11820
cf-polished
origSize=6088
ce-version
11.5.14
cf-bgj
minify
last-modified
Tue, 20 Dec 2022 09:01:57 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
77c852d4aec89b88-FRA
jukebox.js
app.cdn.lookbookhq.com/production/jukebox/current/ 		802 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.cdn.lookbookhq.com/production/jukebox/current/jukebox.js
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-61.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
db36a42eaf92d457d1c001d4976a367adefc9b4c84c872ba1ae29b7efbd7d122

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
date
Tue, 20 Dec 2022 05:49:11 GMT
last-modified
Wed, 07 Dec 2022 01:55:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
23387
etag
W/"72026e9bb9a7e5dad6ce2615b9d2e0ae"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=43200
x-amz-cf-id
mo7eV4vlvVWm64Kl_xijlUWUXZMDW1GAw560cPJ2tQ14vToqdrpRuA==
4ad951b45ca3eb64.min.js
tag.demandbase.com/ 		67 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.demandbase.com/4ad951b45ca3eb64.min.js
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-6.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8312294dd0b9cea0a5c13d06ec41446849889fa6b16e8a27c41039e2d33e5442
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
F8rSAT6igJ_nnGwU1UjBr.FP.ztKVA.t
content-encoding
gzip
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
date
Tue, 20 Dec 2022 11:56:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA2-C1
age
1360
x-cache
Hit from cloudfront
last-modified
Wed, 26 Oct 2022 09:33:16 GMT
server
AmazonS3
etag
W/"b1409e04dbf64934c4cb5971639f6292"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id
lSa1COzNoHUGjyfOkyV2Eg-dlygDN2f6VeySFCavVpcERpReiAzh4Q==
hotjar-1499430.js
static.hotjar.com/c/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1499430.js?sv=6
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-15.fra56.r.cloudfront.net
Software
/
Resource Hash
c169195f454f80041d88eef8df03c6ff1ceba4220254cf8fc0e5c7da33346227
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Tue, 20 Dec 2022 12:18:57 GMT
via
1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
35
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/e3cb7e64f3e137f24d2f3e1b8bcc5500
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
eQor6Keeg7D_3isIl42Oa4Yy0PfB6NFRRqN9w_Lm_2Ly0gkQGJ0dHA==
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 20 Dec 2022 12:18:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27298
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
DyntG5x9NyMvs4eJSsg4Wmt71UFU40WF0SmOEknlVLLw8C+xuGv7/zWcq6U520fvKUk3wfbKl1CbjbnH5q8gkQ==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel.js
www.redditstatic.com/ads/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
4b4e80032e1c164685d3ff6eb4c606785ebaebaa648d3984478b0cc8d114190b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:57 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Mon, 07 Nov 2022 16:45:46 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"3528fd00b652f61a266eb584d96f4fcc"
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7722
jukebox.js
cdn-app.pathfactory.com/production/jukebox/current/ 		802 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-app.pathfactory.com/production/jukebox/current/jukebox.js
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-61.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
db36a42eaf92d457d1c001d4976a367adefc9b4c84c872ba1ae29b7efbd7d122

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
date
Tue, 20 Dec 2022 05:49:11 GMT
last-modified
Wed, 07 Dec 2022 01:55:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
23387
etag
W/"72026e9bb9a7e5dad6ce2615b9d2e0ae"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=43200
x-amz-cf-id
GDQKnPvMDBhsjDGfyPz6qgzKt_BNc0JYS5vqM9G9e3GWBbx8Y7V5mA==
activityi;dc_pre=CN6ux4WXiPwCFUETGAodMOwHEw;src=11915097;type=syslp_22;cat=sysdi00g;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%...
11915097.fls.doubleclick.net/ Frame 7ABC
Redirect Chain
  • https://11915097.fls.doubleclick.net/activityi;src=11915097;type=syslp_22;cat=sysdi00g;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_7...
  • https://11915097.fls.doubleclick.net/activityi;dc_pre=CN6ux4WXiPwCFUETGAodMOwHEw;src=11915097;type=syslp_22;cat=sysdi00g;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%...
552 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://11915097.fls.doubleclick.net/activityi;dc_pre=CN6ux4WXiPwCFUETGAodMOwHEw;src=11915097;type=syslp_22;cat=sysdi00g;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7492362712985.523?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHGG4KL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f6.1e100.net
Software
cafe /
Resource Hash
ac3993145a046b37f2716cf10db0558b4f7e500f7822e2d9aa56da8b21028ab6
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sysdig.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
299
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 12:18:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 12:18:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://11915097.fls.doubleclick.net/activityi;dc_pre=CN6ux4WXiPwCFUETGAodMOwHEw;src=11915097;type=syslp_22;cat=sysdi00g;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7492362712985.523?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cnv
cnv.event.prod.bidr.io/log/
Redirect Chain
  • https://cnv.event.prod.bidr.io/log/cnv?tag_id=47&buzz_key=intentsify&value=&segment_key=&order=[ORDER]&ord=[CACHEBUSTER]
  • https://cnv.event.prod.bidr.io/log/cnv?tag_id=47&buzz_key=intentsify&value=&segment_key=&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1
43 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnv.event.prod.bidr.io/log/cnv?tag_id=47&buzz_key=intentsify&value=&segment_key=&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
HTTP/1.1
Server
52.49.44.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-44-4.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 20 Dec 2022 12:18:58 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cnv.event.prod.bidr.io/log/cnv?tag_id=47&buzz_key=intentsify&value=&segment_key=&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1
Date
Tue, 20 Dec 2022 12:18:58 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame CA4C 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdNcz8cAAAAAJuTxEErvwDxSyMsMZTAgCJqmIov&co=aHR0cHM6Ly9zeXNkaWcuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=ttwdx4ty90q8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 09:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 09:05:04 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame CA4C 		407 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdNcz8cAAAAAJuTxEErvwDxSyMsMZTAgCJqmIov&co=aHR0cHM6Ly9zeXNkaWcuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=ttwdx4ty90q8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 10:59:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166478
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 10:59:45 GMT
https%3A%2F%2Fsysdig.com%2Fblog%2Fteamtnt-kubelet-credentials%2F%3Futm_source%3Dant%26utm_medium%3Demail%26utm_teamtnt-blog
tracking.intentsify.io/page-tracking/intentsify-sysdig/ 		0
214 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.intentsify.io/page-tracking/intentsify-sysdig/https%3A%2F%2Fsysdig.com%2Fblog%2Fteamtnt-kubelet-credentials%2F%3Futm_source%3Dant%26utm_medium%3Demail%26utm_teamtnt-blog
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.56.94.172 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-94-172.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 12:18:58 GMT
cache-control
private, no-cache, no-store, must-revalidate
x-powered-by
Express
expires
-1
rp.gif
alb.reddit.com/ 		42 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1671538737493&id=t2_4ddlqsao&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=c9cd9dce-ddba-44b5-a26e-7609f8ebdca7&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_1967aea8
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:58 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
ping
okt.to/ 		0
100 B 		Script
General
Check archive.org
Download Go to
Full URL
https://okt.to/ping?uri=%2Fblog%2Fteamtnt-kubelet-credentials%2F%3Futm_source%3Dant%26utm_medium%3Demail%26utm_teamtnt-blog&aid=001lebyvn8lpmwe&ts=1671538737496
Requested by
Host: static.oktopost.com
URL: https://static.oktopost.com/oktrk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.20.195.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-195-32.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:58 GMT
strict-transport-security
max-age=31536000;
content-type
text/javascript;charset=UTF-8
modules.bc1117deb4413903e9ac.js
script.hotjar.com/ 		264 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.bc1117deb4413903e9ac.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1499430.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-42.fra2.r.cloudfront.net
Software
/
Resource Hash
53d3f2331f338e23f4449f952a9ac5a7b2a904e30dc5b9c360eb89993b1a86fe
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 08:10:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
360532
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68859
last-modified
Fri, 16 Dec 2022 08:09:37 GMT
etag
"f13ff1e59c6576e6eab8ec5da41ce435"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
8ARujFSTzpZhjCvw_M-uff8WBySpy92S8X-wazbLcBkxFshzwHo78w==
sysdig.com.json
script.crazyegg.com/pages/data-scripts/0093/8286/site/ 		766 B
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0093/8286/site/sysdig.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0093/8286.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2382e66c889d1eec8c931d9e39d6aa912b5beecb704526f2d8d9b07fa4bde15f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:57 GMT
content-encoding
gzip
cf-cache-status
HIT
age
12953
ce-version
11.5.14
content-length
410
last-modified
Tue, 20 Dec 2022 08:43:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77c852d7a9cf9b2d-FRA
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=1936154386&t=pageview&_s=1&dl=https%3A%2F%2Fsysdig.com%2Fblog%2Fteamtnt-kubelet-credentials%2F%3Futm_source%3Dant%26utm_medium%3Demail%26utm_teamtnt-blog&ul=en-us&de=UTF-8&dt=Threat%20news%3A%20TeamTNT%20targeting%20misconfigured%20kubelet%20%E2%80%93%20Sysdig&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAEK~&jid=1653053707&gjid=334546180&cid=1789963567.1671538738&tid=UA-40398182-9&_gid=279177888.1671538738&_r=1&gtm=2wgbu0KHGG4KL&z=1545990012
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sysdig.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 12:18:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sysdig.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
destination
www.googletagmanager.com/gtag/ 		232 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-HZX3EBKYE5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHGG4KL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a66509e39ebf3adbde0aeb70bce7c2382eb0b1b2553d187ae6ee0d7d3abc280e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79416
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 20 Dec 2022 12:18:57 GMT
box-5e66f98b4ee957db209dc6f63e3d59dd.html
vars.hotjar.com/ Frame 19A7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1499430.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-122.fra2.r.cloudfront.net
Software
/
Resource Hash
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://sysdig.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2329731
cache-control
max-age=31536000
content-encoding
br
content-length
1035
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 13:10:06 GMT
etag
"e0652b84b7b3b650769c759fc520c3f8"
last-modified
Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
x-amz-cf-id
LPOAs89WjLxDsifpUknBow0ZxPc6eDE7IITgzu7wbp5LFDMqPVANtw==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-robots-tag
none
468577213746622
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/468577213746622?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8251a2b30c83ae4f086c518a69d9ec9514d48629f7e8d07af0692d5e47316df5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 20 Dec 2022 12:18:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
1AUWkVwG58q25dgdyXPcmitFAeoODkLPvQP94T/JIdJm7Px0wx3Aju106Crr3b0u5srWWe2Cn8z8v0t1g+nOGw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
validateCookie
segments.company-target.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/demandbase
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
  • https://segments.company-target.com/log?vendor=choca&user_id=AAHB1k7HQ1AAACBPvotZIw
  • https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAHB1k7HQ1AAACBPvotZIw&verifyHash=a4df7fbe6dc6b2b99f47f528be459bb1d3d0ed45
26 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAHB1k7HQ1AAACBPvotZIw&verifyHash=a4df7fbe6dc6b2b99f47f528be459bb1d3d0ed45
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
HTTP/1.1
Server
13.225.78.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-125.fra2.r.cloudfront.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 12:18:59 GMT
Via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Content-Type
image/gif
Vary
Origin
Connection
keep-alive
trace-id
dc9ad9d81c39d7d4
X-Amz-Cf-Id
TgVFD8Xabq6dAsNiRCG85vmKcIkq9-fdi1YQoqgwyABwbm1lbfDpsA==

Redirect headers

Date
Tue, 20 Dec 2022 12:18:58 GMT
Via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
Vary
Origin
X-Cache
Miss from cloudfront
Location
/validateCookie?vendor=choca&user_id=AAHB1k7HQ1AAACBPvotZIw&verifyHash=a4df7fbe6dc6b2b99f47f528be459bb1d3d0ed45
Connection
keep-alive
trace-id
a1225cd904f6140a
Content-Length
0
X-Amz-Cf-Id
izj5TbMIR-MdLzpDtx-Wiuqr760fU-SF3IpCyGVWzhBBQHBjHdXHiQ==
464526.gif
id.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/464526.gif
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:58 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ip.json
api.company-target.com/api/v2/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fsysdig.com%2Fblog%2Fteamtnt-kubelet-credentials%2F%3Futm_source%3Dant%26utm_medium%3Demail%26utm_teamtnt-blog&page_title=Threat%20news%3A%20TeamTNT%20targeting%20misconfigured%20kubelet%20%E2%80%93%20Sysdig
Requested by
Host: tag.demandbase.com
URL: https://tag.demandbase.com/4ad951b45ca3eb64.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-2.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
a4fac1714b9b273592a87815f0a74020b8c6aca459e7f2cb443f43e35b7eaaa7

Request headers

Referer
https://sysdig.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 20 Dec 2022 12:18:58 GMT
identification-source
CENTRAL
content-encoding
gzip
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
request-id
134688ca-c55f-4ac3-9710-43c93d035655
pragma
no-cache
server
nginx
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://sysdig.com
access-control-expose-headers
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding, Origin
api-version
v2
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
4Cz12xjFD-go18W9u226NqGYzG7Iv0KQdiqjLrdc8JnJS6viwqZLAg==
expires
Mon, 19 Dec 2022 12:18:57 GMT
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame C1D3 		627 B
692 B 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=653f7b39-5fed-4106-b750-66bd54840c53&consentmode-dataredaction=undefined
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:887::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer
https://sysdig.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=31535935
content-encoding
gzip
content-length
392
content-type
text/html
date
Tue, 20 Dec 2022 12:18:58 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Wed, 20 Dec 2023 12:17:53 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
cc.js
consent.cookiebot.com/653f7b39-5fed-4106-b750-66bd54840c53/ 		221 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/653f7b39-5fed-4106-b750-66bd54840c53/cc.js?renew=false&referer=sysdig.com&dnt=false&init=false
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=653f7b39-5fed-4106-b750-66bd54840c53&consentmode-dataredaction=undefined
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a29d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a5d0f49e862322ae5bbf99324a7315a9e3aef03afd400245b1d8e0e64af9a2a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:57 GMT
content-encoding
gzip
last-modified
Tue, 20 Dec 2022 12:18:57 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
private, max-age=1200
content-length
52860
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
collect
stats.g.doubleclick.net/j/ 		4 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-40398182-9&cid=1789963567.1671538738&jid=1653053707&gjid=334546180&_gid=279177888.1671538738&_u=YEBAAEAAAAAAACAEK~&z=318716806
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sysdig.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 20 Dec 2022 12:18:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sysdig.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=1936154386&t=event&ni=1&_s=2&dl=https%3A%2F%2Fsysdig.com%2Fblog%2Fteamtnt-kubelet-credentials%2F%3Futm_source%3Dant%26utm_medium%3Demail%26utm_teamtnt-blog&ul=en-us&de=UTF-8&dt=Threat%20news%3A%20TeamTNT%20targeting%20misconfigured%20kubelet%20%E2%80%93%20Sysdig&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHBAAEABAAAAACAEK~&jid=&gjid=&cid=1789963567.1671538738&tid=UA-40398182-9&_gid=279177888.1671538738&gtm=2wgbu0KHGG4KL&cd1=112350113&cd2=Credit%20Suisse%20Realwerte%201%20GmbH%20%26%20Co%20KG&cd3=Financial%20Services&cd4=Investment%20Services&cd5=Enterprise&cd6=Over%20%245B&cd7=Enterprise%20Business&cd8=Financial%20Services&cd9=Credit%20Suisse%20Realwerte%201&cd10=Frankfurt&cd11=HE&cd12=Germany&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&z=1960998033
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 06:42:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
20183
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
adservice.google.com/ddm/fls/i/dc_pre=CN6ux4WXiPwCFUETGAodMOwHEw;src=11915097;type=syslp_22;cat=sysdi00g;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=... Frame 3DB5 		551 B
767 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CN6ux4WXiPwCFUETGAodMOwHEw;src=11915097;type=syslp_22;cat=sysdi00g;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7492362712985.523;~oref=https://sysdig.com/
Requested by
Host: 11915097.fls.doubleclick.net
URL: https://11915097.fls.doubleclick.net/activityi;dc_pre=CN6ux4WXiPwCFUETGAodMOwHEw;src=11915097;type=syslp_22;cat=sysdi00g;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7492362712985.523?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b87a629b952c938b14a524c9d5df2ce6a953f6132339044ffd42ee4f56537592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://11915097.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
300
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 12:18:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame CA4C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 19:40:09 GMT
x-content-type-options
nosniff
age
405529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 22 Dec 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CA4C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdNcz8cAAAAAJuTxEErvwDxSyMsMZTAgCJqmIov&co=aHR0cHM6Ly9zeXNkaWcuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=ttwdx4ty90q8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 09:20:58 GMT
x-content-type-options
nosniff
age
356280
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Dec 2023 09:20:58 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CA4C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdNcz8cAAAAAJuTxEErvwDxSyMsMZTAgCJqmIov&co=aHR0cHM6Ly9zeXNkaWcuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=ttwdx4ty90q8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 22:15:01 GMT
x-content-type-options
nosniff
age
396237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 22:15:01 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame CA4C 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdNcz8cAAAAAJuTxEErvwDxSyMsMZTAgCJqmIov&co=aHR0cHM6Ly9zeXNkaWcuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=ttwdx4ty90q8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdNcz8cAAAAAJuTxEErvwDxSyMsMZTAgCJqmIov&co=aHR0cHM6Ly9zeXNkaWcuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=ttwdx4ty90q8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:18:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 20 Dec 2022 12:18:58 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-40398182-9&cid=1789963567.1671538738&jid=1653053707&_u=YEBAAEAAAAAAACAEK~&z=381493447
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 12:18:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-40398182-9&cid=1789963567.1671538738&jid=1653053707&_u=YEBAAEAAAAAAACAEK~&z=381493447
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 12:18:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
343 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HZX3EBKYE5&gtm=2oebu0&_p=1936154386&gcs=G100&gdid=dMWZhNz&cid=947472960.1671538739&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=Threat%20news%3A%20TeamTNT%20targeting%20misconfigured%20kubelet%20%E2%80%93%20Sysdig&sid=1671538739&sct=1&seg=0&dl=https%3A%2F%2Fsysdig.com%2Fblog%2Fteamtnt-kubelet-credentials%2F%3Futm_source%3Dant%26utm_medium%3Demail%26utm_teamtnt-blog&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_template=single%20single-post%20single-format-standard&ep.published_date=2022-09-19&ep.author=Alberto%20Pellitteri&ep.page_url=https%3A%2F%2Fsysdig.com%2Fblog%2Fteamtnt-kubelet-credentials%2F%3Futm_source%3Dant%26utm_medium%3Demail%26utm_teamtnt-blog&up.client_id=1789963567.1671538738
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-HZX3EBKYE5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 12:18:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sysdig.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=468577213746622&ev=PageView&dl=https%3A%2F%2Fsysdig.com%2Fblog%2Fteamtnt-kubelet-credentials%2F%3Futm_source%3Dant%26utm_medium%3Demail%26utm_teamtnt-blog&rl=&if=false&ts=1671538739158&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1671538739147.555479502&it=1671538737628&coo=false&rqm=GET
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 20 Dec 2022 12:18:59 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
11915097.fls.doubleclick.net/ddm/fls/r/dc_pre=CN6ux4WXiPwCFUETGAodMOwHEw;src=11915097;type=syslp_22;cat=sysdi00g;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_... Frame 2EA8
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CN6ux4WXiPwCFUETGAodMOwHEw;src=11915097;type=syslp_22;cat=sysdi00g;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_c...
  • https://11915097.fls.doubleclick.net/ddm/fls/r/dc_pre=CN6ux4WXiPwCFUETGAodMOwHEw;src=11915097;type=syslp_22;cat=sysdi00g;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%...
339 B
213 B 		Document
General
Check archive.org
Download Go to
Full URL
https://11915097.fls.doubleclick.net/ddm/fls/r/dc_pre=CN6ux4WXiPwCFUETGAodMOwHEw;src=11915097;type=syslp_22;cat=sysdi00g;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7492362712985.523;~oref=https://sysdig.com/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CN6ux4WXiPwCFUETGAodMOwHEw;src=11915097;type=syslp_22;cat=sysdi00g;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7492362712985.523;~oref=https://sysdig.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f6.1e100.net
Software
cafe /
Resource Hash
d8100340d1eea0866eadd85aeeedec594b9a5a097321788b2166f41d2be915a2
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
188
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 12:18:59 GMT
expires
Tue, 20 Dec 2022 12:18:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 12:18:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://11915097.fls.doubleclick.net/ddm/fls/r/dc_pre=CN6ux4WXiPwCFUETGAodMOwHEw;src=11915097;type=syslp_22;cat=sysdi00g;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7492362712985.523;~oref=https://sysdig.com/
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
init
jukebox.pathfactory.com/api/public/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jukebox.pathfactory.com/api/public/v1/init?image=&title=&url=https%3A%2F%2Fsysdig.com%2Fblog%2Fteamtnt-kubelet-credentials%2F%3Futm_source%3Dant%26utm_medium%3Demail%26utm_teamtnt-blog&clientId=LB-727F1CFC-10479
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.33.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-33-160.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://sysdig.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin
https://sysdig.com
access-control-expose-headers
access-control-max-age
7200
date
Tue, 20 Dec 2022 12:18:59 GMT
init
jukebox.pathfactory.com/api/public/v1/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jukebox.pathfactory.com/api/public/v1/init?image=&title=&url=https%3A%2F%2Fsysdig.com%2Fblog%2Fteamtnt-kubelet-credentials%2F%3Futm_source%3Dant%26utm_medium%3Demail%26utm_teamtnt-blog&clientId=LB-727F1CFC-10479
Requested by
Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/jukebox.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.33.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-33-160.compute-1.amazonaws.com
Software
/
Resource Hash
c7127a245de9e108c0284e72c2ee7fb462a7c501fddce588b277e451185b2bd1
Security Headers
Name Value
Content-Security-Policy
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://sysdig.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Dec 2022 12:19:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
content-encoding
gzip
x-request-id
144524e1-d808-49da-b714-c0852651e3f2
x-runtime
0.213892
referrer-policy
no-referrer-when-downgrade
etag
W/"c7127a245de9e108c0284e72c2ee7fb4"
access-control-max-age
7200
access-control-allow-methods
GET, PUT, POST, PATCH, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sysdig.com
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
visit-data
in.hotjar.com/api/v2/client/sites/1499430/ 		148 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1499430/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.bc1117deb4413903e9ac.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.15.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-15-158.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5

Request headers

Referer
https://sysdig.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 20 Dec 2022 12:18:59 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
/
www.facebook.com/tr/ Frame 2B66 		0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://sysdig.com
Referer
https://sysdig.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://sysdig.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 12:19:00 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
beacon
r.turn.com/r/ Frame 2EA8 		43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/beacon?b2=z78vPzw_k9Dya_6dcT1gf9opovRAvsSbXk5OZbUXM0CoiCNF-DQbzo9dsFYp7ujS6ssJolIT8HZEJxyoF88fdw&cid=
Requested by
Host: 11915097.fls.doubleclick.net
URL: https://11915097.fls.doubleclick.net/ddm/fls/r/dc_pre=CN6ux4WXiPwCFUETGAodMOwHEw;src=11915097;type=syslp_22;cat=sysdi00g;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7492362712985.523;~oref=https://sysdig.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://11915097.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 20 Dec 2022 12:18:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
content
ws34.hotjar.com/api/v2/sites/1499430/recordings/ 		66 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws34.hotjar.com/api/v2/sites/1499430/recordings/content
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.bc1117deb4413903e9ac.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.228.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-228-206.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e2848b5a21b8307f91ac51d1bbf9faab2dc73902f63d137dac2f9694b011e74a

Request headers

Referer
https://sysdig.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 20 Dec 2022 12:19:00 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
Requested by
Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/jukebox.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:19:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617
age
28441431
cdn-cachedat
2021-06-03 22:46:19
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b43941af4bb8e32ed6d04a6a37617f28
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
77c852ec7fefbb91-FRA
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		4 KB
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700
Requested by
Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/jukebox.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Dec 2022 12:19:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 10:50:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Dec 2022 12:19:01 GMT
sp.min.js
cdn-app.pathfactory.com/libraries/snowplow/2.17.3/ 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-app.pathfactory.com/libraries/snowplow/2.17.3/sp.min.js
Requested by
Host: sysdig.com
URL: https://sysdig.com/blog/teamtnt-kubelet-credentials/?utm_source=ant&utm_medium=email&utm_teamtnt-blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-61.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a876a773b46aea97d22c1f84dac918fbc98ee3c1e1729f21cef7911de52f141e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
date
Tue, 20 Dec 2022 06:12:41 GMT
last-modified
Tue, 04 Oct 2022 12:39:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
21981
etag
W/"adc64ce76490600da947214718dc8528"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
TpEBcn3b_tUw5UPyl3KeECU0zMUKjySq5pJUZKimX5e9lPJAxwMelw==
website_forms
jukebox.pathfactory.com/api/public/v1/ 		0
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jukebox.pathfactory.com/api/public/v1/website_forms?visitorUuid=db21879d-a201-47d2-b1b8-d4dd9bf632bc&url=https%3A%2F%2Fsysdig.com%2Fblog%2Fteamtnt-kubelet-credentials%2F%3Futm_source%3Dant%26utm_medium%3Demail%26utm_teamtnt-blog&clientId=LB-727F1CFC-10479
Requested by
Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox/current/jukebox.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.33.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-33-160.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://sysdig.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

x-runtime
0.015637
date
Tue, 20 Dec 2022 12:19:01 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
access-control-max-age
7200
access-control-allow-methods
GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin
https://sysdig.com
access-control-expose-headers
cache-control
no-cache
access-control-allow-credentials
true
vary
Origin
x-request-id
34245e82-e075-45e4-ab2d-20c391f62f27
website_forms
jukebox.pathfactory.com/api/public/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jukebox.pathfactory.com/api/public/v1/website_forms?visitorUuid=db21879d-a201-47d2-b1b8-d4dd9bf632bc&url=https%3A%2F%2Fsysdig.com%2Fblog%2Fteamtnt-kubelet-credentials%2F%3Futm_source%3Dant%26utm_medium%3Demail%26utm_teamtnt-blog&clientId=LB-727F1CFC-10479
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.33.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-33-160.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://sysdig.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin
https://sysdig.com
access-control-expose-headers
access-control-max-age
7200
date
Tue, 20 Dec 2022 12:19:01 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sysdig.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:33:08 GMT
x-content-type-options
nosniff
age
492353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:33:08 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sysdig.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:33:00 GMT
x-content-type-options
nosniff
age
492361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:33:00 GMT
tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://spcollector.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.48.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-48-117.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://sysdig.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://sysdig.com
Access-Control-Max-Age
5
Connection
keep-alive
Content-Length
0
Date
Tue, 20 Dec 2022 12:19:01 GMT
Server
akka-http/10.0.9
tp2
spcollector.pathfactory.com/com.snowplowanalytics.snowplow/ 		2 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spcollector.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/libraries/snowplow/2.17.3/sp.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.48.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-48-117.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://sysdig.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Tue, 20 Dec 2022 12:19:02 GMT
Server
akka-http/10.0.9
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://sysdig.com
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
tp2
jukebox.pathfactory.com/com.snowplowanalytics.snowplow/ 		0
785 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jukebox.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/libraries/snowplow/2.17.3/sp.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.33.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-33-160.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy
X-Content-Type-Options nosniff

Request headers

Referer
https://sysdig.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

x-runtime
0.011264
date
Tue, 20 Dec 2022 12:19:01 GMT
content-security-policy
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
content-encoding
gzip
access-control-max-age
7200
access-control-allow-methods
GET, PUT, POST, PATCH, OPTIONS
content-type
text/html
access-control-allow-origin
https://sysdig.com
access-control-expose-headers
cache-control
no-cache
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
x-request-id
d685d1d9-976d-4df4-a495-de3686cedb13
tp2
jukebox.pathfactory.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jukebox.pathfactory.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.33.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-33-160.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://sysdig.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, PUT, POST, PATCH, OPTIONS
access-control-allow-origin
https://sysdig.com
access-control-expose-headers
access-control-max-age
7200
date
Tue, 20 Dec 2022 12:19:01 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HZX3EBKYE5&gtm=2oebu0&_p=1936154386&gcs=G100&gdid=dMWZhNz&cid=1789963567.1671538738&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1671538739&sct=1&seg=0&dl=https%3A%2F%2Fsysdig.com%2Fblog%2Fteamtnt-kubelet-credentials%2F%3Futm_source%3Dant%26utm_medium%3Demail%26utm_teamtnt-blog&dt=Threat%20news%3A%20TeamTNT%20targeting%20misconfigured%20kubelet%20%E2%80%93%20Sysdig&en=demandbase_load&epn.demandbase_sid=112350113&ep.demandbase_company_name=Credit%20Suisse%20Realwerte%201%20GmbH%20%26%20Co%20KG&ep.demandbase_industry=Financial%20Services&ep.demandbase_sub_industry=Investment%20Services&ep.demandbase_employee_range=Enterprise&ep.demandbase_revenue_range=Over%20%245B&ep.demandbase_audience=Enterprise%20Business&ep.demandbase_audience_segment=Financial%20Services&ep.demandbase_marketing_alias=Credit%20Suisse%20Realwerte%201&ep.demandbase_city=Frankfurt&ep.demandbase_state=&ep.demandbase_country_name=Germany&_et=8
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-HZX3EBKYE5&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 12:19:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sysdig.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1936154386&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsysdig.com%2Fblog%2Fteamtnt-kubelet-credentials%2F%3Futm_source%3Dant%26utm_medium%3Demail%26utm_teamtnt-blog&ul=en-us&de=UTF-8&dt=Threat%20news%3A%20TeamTNT%20targeting%20misconfigured%20kubelet%20%E2%80%93%20Sysdig&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cs=ant&cm=email&ec=NO%20BOUNCE&ea=No%20Bounce%20Timer&el=NO-BOUNCE-TIMER_FROM_https%3A%2F%2Fsysdig.com%2Fblog%2Fteamtnt-kubelet-credentials%2F%3Futm_source%3Dant%26utm_medium%3Demail%26utm_teamtnt-blog_REFERRER__MARKETOID_&_u=aHBAAEABAAAAACAEKk~&cid=739943529.1671538756&tid=UA-40398182-9&_gid=627206934.1671538756&gtm=2wgbu0KHGG4KL&gcs=G100&z=532770979
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sysdig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 06:42:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
20201
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| oncontentvisibilityautostatechange object| dataLayer function| $ function| jQuery object| sysdigLocalizedObject object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| lazyLoadOptions object| MktoForms2 function| Popper object| bootstrap object| scriptUrl object| ttPolicy object| YT object| YTConfig boolean| yt_embedsEnableIframeSrcWithIntent function| onYTReady function| LazyLoad object| recaptcha object| closure_lm_93544 object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| webpackChunksysdig_site object| reactiveElementVersions object| litHtmlVersions object| litElementVersions object| formIds object| uniqueFormIds boolean| isSubmittable boolean| validRecaptcha object| mktoFormConfig string| MKTOFORM_ID_PREFIX string| MKTOFORM_ID_ATTRNAME function| init function| mktoFormChain function| whenReady function| onValidate function| onSubmit function| onSuccess function| fireAnalyticsTracking function| updateDisabledProperty function| clearErrors function| buildErrorMessage function| destyleMktoForm function| setRowClasses function| setPlaceholders function| addDisclaimer function| addRecaptchaMessage function| addResetButtonAndStatusIcons function| addEventListeners function| setSelectClass function| setCheckboxStatus function| movePrivacyCheckboxes function| moveCheckboxRow function| setTrialType function| setPrimaryUseCases function| showOnlySelectedCheckboxes function| setupApiFields function| setupNewsletterForm function| setupQueryParameters function| getQueryVariable function| onFormRender function| showForm function| hideSpinner function| checkEmailBlacklist function| checkEmail function| validateRecaptcha function| displayRecaptchaErrorMessage function| isHumanScore function| sendToLogger function| displayEmailValidationError function| displayPartnerEmailValidationError function| checkForLink function| escapeHtml function| removeHTTP function| formFieldSafeList function| sanitizeFormValues function| checkFormValuesForLinks function| checkGoogleAnalytics function| testFormLoad function| showErrorMessage string| GoogleAnalyticsObject function| ga string| OktopostTrackerObject function| _oktrk function| lbhq function| hj object| _hjSettings function| fbq function| _fbq function| rdt function| appendScriptTag string| currentWebsiteUrl string| serverUrl string| link string| pfObject function| pf string| axel number| a object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL object| gaplugins object| gaGlobal object| gaData object| rddl object| Demandbase object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| CookieConsent string| CE_USER_COMMON_SCRIPT_URL undefined| CE_USER_THIRDPARTY_SCRIPT_URL object| CookiebotDialog object| CookieConsentDialog boolean| jukeboxInitialized object| GlobalSnowplowNamespace function| jukeboxTracker object| Snowplow

27 Cookies

Domain/Path Name / Value
tracking.intentsify.io/page-tracking/intentsify-sysdig Name: userId
Value: 0f39c862-999d-4e47-b4ad-7c69b8e7baef
meritdirect.msgfocus.com/ Name: adestra_ctrk
Value: 1MSNaBv5Pb6vhV0bmhekkIIOsy
go.sysdig.com/ Name: BIGipServerab34web-nginx-app_https
Value: !837gzre0T3gkFirn/+ZT2Dlakae2C6k+MuGDxJp+0DCgL8nY2gi91+JMFpIYE05wj4TTkbgVs6sJbB0=
.go.sysdig.com/ Name: __cf_bm
Value: B6VRyK_xWmwclmjHyas3iCdKp9WR_3COzd1gPJU9NPs-1671538734-0-AbpKaKnwmgeERWxnn4FpzyizuPB9XTVqWwyVFwVMBhHT4bAPvmAuSx9IXWlFz01/HrRZT1jFzM7IJslWLwkn9hI=
.youtube.com/ Name: YSC
Value: OcMVO5exwzg
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: nvn7JaCoaN8
.sysdig.com/ Name: _rdt_uuid
Value: 1671538737491.c9cd9dce-ddba-44b5-a26e-7609f8ebdca7
.sysdig.com/ Name: _ga
Value: GA1.2.1789963567.1671538738
.sysdig.com/ Name: _gid
Value: GA1.2.279177888.1671538738
.sysdig.com/ Name: _gat_UA-40398182-9
Value: 1
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidr.io/ Name: bito
Value: AAHB1k7HQ1AAACBPvotZIw
.company-target.com/ Name: tuuid
Value: c030a71b-de90-47a5-be83-c5d554f1bdd3
.company-target.com/ Name: tuuid_lu
Value: 1671538738
.sysdig.com/ Name: _fbp
Value: fb.1.1671538739147.555479502
.sysdig.com/ Name: _hjSessionUser_1499430
Value: eyJpZCI6ImQ5NGU2NTgzLTQxN2ItNWIyYy04ODY5LTdjNTMwYjgzNmNlMSIsImNyZWF0ZWQiOjE2NzE1Mzg3MzkyMDUsImV4aXN0aW5nIjpmYWxzZX0=
.sysdig.com/ Name: _hjFirstSeen
Value: 1
sysdig.com/ Name: _hjIncludedInSessionSample
Value: 1
.sysdig.com/ Name: _hjSession_1499430
Value: eyJpZCI6IjYyNmM0ZjJiLWQ3YTAtNDM1Yy1hMDAxLTAwMzA2NmZiMGU4NyIsImNyZWF0ZWQiOjE2NzE1Mzg3Mzk2MzgsImluU2FtcGxlIjp0cnVlfQ==
sysdig.com/ Name: _hjIncludedInPageviewSample
Value: 1
.sysdig.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUnzj12sC_7HF0qweOuN_KLh1KT0_6O9qQXrXcZ2c4OAd7LOLOWs4gCa38q5Q-U
.turn.com/ Name: uid
Value: 3546809387800752805
.sysdig.com/ Name: vid
Value: db21879d-a201-47d2-b1b8-d4dd9bf632bc
.sysdig.com/ Name: _pf_ses.c79e
Value: *
.sysdig.com/ Name: _pf_id.c79e
Value: db21879d-a201-47d2-b1b8-d4dd9bf632bc.1671538741.1.1671538741.1671538741.c2b86c41-b2bd-4efc-9656-bc5bfb533e50
jukebox.pathfactory.com/ Name: _session_id
Value: NXBvNm92SStLUFhzNWE0VkxGZTQ1KzJGR1JxRElTQnQ5ZmdJdHdMWnh6WWVjNDhtSFRlQ0ZvWXFxK3R0NzkyWWg1dW14TkpmbzgyVzdENnJlSHNYdmJxN3N1S1VHaGVHZ05jNy9SdVVaYml5dnJ0QUliYkQzUFZWTE5OVVFyZC8yK243eXRXdzhVTDI1TVFWcjQwVjZpS3kzdjVlTGpDM25iUWxNbGoxdkpZSVBzbDlrZzRsREdRZjJzaFllWXJVLS1Vb3p1ZlRHS1dJZVZ4a2tteUxJTGdRPT0%3D--2650831c07f01e5d2cf72fab00ab85cc470f0012

1 Console Messages

Source Level URL
Text
network error URL: https://id.rlcdn.com/464526.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11915097.fls.doubleclick.net
adservice.google.com
adservice.google.de
alb.reddit.com
api.company-target.com
app.cdn.lookbookhq.com
cdn-app.pathfactory.com
cnv.event.prod.bidr.io
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
email.techenrch.com
fonts.googleapis.com
fonts.gstatic.com
go.sysdig.com
id.rlcdn.com
in.hotjar.com
jukebox.pathfactory.com
match.prod.bidr.io
maxcdn.bootstrapcdn.com
meritdirect.msgfocus.com
okt.to
r.turn.com
region1.google-analytics.com
script.crazyegg.com
script.hotjar.com
segments.company-target.com
spcollector.pathfactory.com
static.hotjar.com
static.oktopost.com
stats.g.doubleclick.net
sysdig.com
tag.demandbase.com
tracking.intentsify.io
vars.hotjar.com
ws34.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.redditstatic.com
www.youtube.com
104.17.73.206
13.224.189.122
13.224.189.42
13.224.189.6
13.224.189.61
13.224.189.8
13.224.189.9
13.225.78.125
13.225.78.2
13.225.78.46
13.225.78.74
13.32.27.15
13.56.94.172
141.193.213.20
142.251.208.102
151.101.129.140
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
2606:4700::6812:bcf
2606:4700::6813:9308
2a00:1450:4001:800::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a00:1450:400d:807::2003
2a00:1450:4025:401::9c
2a02:26f0:3500:18::1724:a29d
2a02:26f0:3500:887::f09
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
2a04:4e42:400::396
34.194.33.160
34.235.48.117
35.244.174.68
46.137.15.158
52.20.195.32
52.208.228.206
52.213.183.212
52.49.44.4
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0416db83b54556d04f065dc4a4bb6958a4e11a1c5cfa1aab7864342cfd07ba7f
0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849
089ddd41ecc84a9f2a7542c9ffc27cf72beb988f5c6e8b593a82b30e755ed582
09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4
0c35f0e407e74fac902acbdf235b14b81584251e8eab8d622f2b9f8612880ab7
1aa95fe8388d2d3a9c0eaa6674be9cf37ac7306af4c3933fdedcdd5549e167fc
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d98789cb7e4336db421d70e3f1737ce7222bf6c57e9cb0e18e2c3f4ee902717
1f4ccf585d6afbfcb8d8e9e8f7a453e2ae7bf28c307e144675acbc878de22bc8
224e406cc03fe392cb027cb418c2db9ffbd7f1523c516317d609953e56c8da3c
2382e66c889d1eec8c931d9e39d6aa912b5beecb704526f2d8d9b07fa4bde15f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28713cf622d4c16d69f37421a02b7d97c1c66632cc6f3aee1ad1bdc020a52b34
2aa9b929e6ed9e06d10610f05ea3b4bb9b202dfc90a6833a50a1c04329b18a1c
3095a36c90f5d3df2bc3129532936e42a98b3f76e12f2d324996e8445a90d951
32b791c741af6c4a0a31ad08cf1a9df9c2d01a28e38c0cc2ac107f2cbc5999c2
3720ded76aefd39c1893dc1c02242225335df9e84fff0c0008cd877c83f2cb85
3b2ae5a31d74df50646e2db1e43df0c0bd4cac77a6e31d877fda17549a853863
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3cb54ad833cf33491a1eaf49bc4db1e9add2e9873e686381fed19232de1cffd7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f415902f3668db8378ba42dbce744e1eb198d9cbe3859497f93300b3b86a5e5
3f91f486d5eb0e765340784cc8d857a1e2e5bb7a0b407042e07fc69018f53f48
450c6ba1286244d69221d56b8bc8a507fc6d84b76ebf14a55349682bdad40ca0
4550f8694af5aac45263a02cd4923818ce3260f5f3c4cc3216e40f70d4020ebb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4b4e80032e1c164685d3ff6eb4c606785ebaebaa648d3984478b0cc8d114190b
4fa46cb89843aab60c22f31a6615fa7ac3e553db4984a32a9ba5402190ea9e8d
53d3f2331f338e23f4449f952a9ac5a7b2a904e30dc5b9c360eb89993b1a86fe
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
57760bc8908e772fec8aa47c676a5f36ce20fbfb35decc3c34121c606a004e08
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
61dcd181a2473ea5b65f36b2e751d389273250600ff07d436f5666e474276841
6427615495704f775a478bcf331cefafc2d23fbb6c01b99e8b7ed79b0df022f7
65f97dab23e8383e4f9e5b07722014f704b9cb5dc820086014ec715c55e75e33
6b04406ab28a88a04e286448850d93efe32d0ae95a20e675ba191d0b9a3be9af
721ff16ebc362b1e82075a4ae87d11d7c1434f4dfc0ee2a94734b844ce363298
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
7a9f43834301d02ee5d9e8ebe5489774a873accb010b4f5ee9ff71f3649675ee
7f05d878ed95db8473d919873ef9f9c66d990a41126362ed39a11eb9715204f3
7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5
816f3f5c54a8def8ce66a4a7057a967ae0c0f73adbc923cd4122ed0fb68d5f53
8251a2b30c83ae4f086c518a69d9ec9514d48629f7e8d07af0692d5e47316df5
8312294dd0b9cea0a5c13d06ec41446849889fa6b16e8a27c41039e2d33e5442
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
a07ce5525b188a58c8dd6eaafd13ad6ce50bd8fe929515a8a8ecb1e0fd32e829
a307520f0ed1fb08c34a06ac3f8d538262b8c3b200ed529530fd99ad32f77572
a4fac1714b9b273592a87815f0a74020b8c6aca459e7f2cb443f43e35b7eaaa7
a5d0f49e862322ae5bbf99324a7315a9e3aef03afd400245b1d8e0e64af9a2a4
a66509e39ebf3adbde0aeb70bce7c2382eb0b1b2553d187ae6ee0d7d3abc280e
a876a773b46aea97d22c1f84dac918fbc98ee3c1e1729f21cef7911de52f141e
ac3993145a046b37f2716cf10db0558b4f7e500f7822e2d9aa56da8b21028ab6
ac4570fae0d7ada9d4106149dd881227692e448248fe05414baddcb34045b12d
ac6a5f140324248dfe61ece42a34ae42d3886f580433fc608e159ba997f68e6c
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4d00640b93ccce21719f7146a3aa2393456c28f5439d12454d839412e0c69f3
b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
b87a629b952c938b14a524c9d5df2ce6a953f6132339044ffd42ee4f56537592
b8c5fa487ffe136937bb1b14282151c0a988398ea2f6fc69886ac36556768294
bd1d9db78b52c623e27c9f3914f08d2130c3dbb5a9d6b49e4e22b9adf5e9720b
c169195f454f80041d88eef8df03c6ff1ceba4220254cf8fc0e5c7da33346227
c4790b967ba28f5d84290d3c65ef70e9e00437661d8713e89ed56d252cad9576
c7127a245de9e108c0284e72c2ee7fb462a7c501fddce588b277e451185b2bd1
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd0cc30366bb7cb77ccfcb563c3b8cf335ac3ad60a4d4b19a05290653ce03f69
d8100340d1eea0866eadd85aeeedec594b9a5a097321788b2166f41d2be915a2
db36a42eaf92d457d1c001d4976a367adefc9b4c84c872ba1ae29b7efbd7d122
dcbb43a8796fb400d80bec0b2a884a53cd7f6a558b0820c874b31b53963eec6e
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd9f79b6d9c64b11dcf8832f0fcec103a4a6fb5e4a5b404b73ca7489b5a46c6a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2848b5a21b8307f91ac51d1bbf9faab2dc73902f63d137dac2f9694b011e74a
e388cd96c1f5eb830b51ed692d85c200379d39157b2c7e58317129e37b007292
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e841d9203634d198a4f5951f5bae57c22e07eb547636d57d920b961008e0260d
ecea9fd901f0e775209188c51d1fce00cb090107eecf9ed05bc13757419eaac8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
f597b3072933b9aa5b21f299d20be675286898777ae6bfc778cae4e36bfff5ba
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fa84613a220dd1554d2f056571f2fed752a834cbb5e424b42b23cea6ecd551a0
fb219cd497e87b62214e32218a86b4c358316761550bc11c59a8697d44ed11bc