orca.security Open in urlscan Pro
192.0.66.102 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://csj7v04.na1.hubspotlinks.com/Ctc/WZ*113/csJ7V04/VVN21p17-RXbN1gt0bhb_57RW3Z50n1596QwBMmLVTq3qn9gW95jsWP6lZ3q7VhY8pk3-cJJBW63P...
Effective URL:
https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&...
Submission: On February 05 via api (February 5th 2024, 6:12:20 pm UTC) from US — Scanned from DE

Summary HTTP 197 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 46 IPs in 5 countries across 34 domains to perform 197 HTTP transactions. The main IP is 192.0.66.102, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is orca.security.
TLS certificate: Issued by Entrust Certification Authority - L1M on August 15th 2023. Valid for: a year.

This is the only time orca.security was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:440... 2606:4700:4400::6812:252e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
70	192.0.66.102 192.0.66.102	2635 (AUTOMATTIC) (AUTOMATTIC)
14	2606:4700::68... 2606:4700::6812:83ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:214... 2600:9000:214f:8200:8:7bee:ac40:93a1	16509 (AMAZON-02) (AMAZON-02)
7	104.17.73.206 104.17.73.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::644 2a04:4e42::644	54113 (FASTLY) (FASTLY)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	88.221.60.75 88.221.60.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a05:d018:56f... 2a05:d018:56f:b800:f42c:e894:1fb0:3740	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:9200:8:8d2f:9e00:21	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1486	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1 3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2b1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6812:1105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:bdf::60 2620:1ec:bdf::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	2.17.100.184 2.17.100.184	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	209.58.139.207 209.58.139.207	7203 (LEASEWEB-...) (LEASEWEB-USA-SFO)
4	18.245.46.27 18.245.46.27	16509 (AMAZON-02) (AMAZON-02)
1 10	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:480... 2a02:26f0:480:21::217:d11c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	3.66.11.58 3.66.11.58	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:266... 2600:9000:266e:5200:10:7994:d200:21	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	172.64.150.44 172.64.150.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	44.207.37.73 44.207.37.73	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:fa87:fff... 2a04:fa87:fffd::c000:4266	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2606:4700::68... 2606:4700::6812:1005	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.186.247.156 35.186.247.156	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:880f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
197	46

2 2606:4700:4400::6812:252e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

csj7v04.na1.hubspotlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

70 192.0.66.102 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

orca.security	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:8200:8:7bee:ac40:93a1 (United States)

ASN16509 (AMAZON-02, US)

euob.itstarsbuilding.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.17.73.206 (None, )

ASN13335 (CLOUDFLARENET, US)

try.orca.security	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.60.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-60-75.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a05:d018:56f:b800:f42c:e894:1fb0:3740 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

obseu.itstarsbuilding.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:9200:8:8d2f:9e00:21 (United States)

ASN16509 (AMAZON-02, US)

ddzuuyx7zj81k.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1486 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2b1f (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:1105 (United States)

ASN13335 (CLOUDFLARENET, US)

js.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.17.100.184 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-184.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

796-pbw-559.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.58.139.207 (Hayward, United States)

ASN7203 (LEASEWEB-USA-SFO, US)

abzbmmyyoz-dsn.algolia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.245.46.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-27.fra56.r.cloudfront.net

5f6b2d0bd0ea9d00689c778b.services.infinigrow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.152.143.207 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:21::217:d11c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.66.11.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-11-58.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:266e:5200:10:7994:d200:21 (United States)

ASN16509 (AMAZON-02, US)

dss6ntp5q2r0o.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.150.44 (United States)

ASN13335 (CLOUDFLARENET, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.207.37.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-37-73.compute-1.amazonaws.com

app.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffd::c000:4266 (Ireland)

ASN2635 (AUTOMATTIC, US)

go.orca.security	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1005 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.247.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:880f (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
78	orca.security orca.security try.orca.security go.orca.security	5 MB
14	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 364	163 KB
12	6sc.co j.6sc.co — Cisco Umbrella Rank: 5532 c.6sc.co — Cisco Umbrella Rank: 8403 ipv6.6sc.co — Cisco Umbrella Rank: 5709 b.6sc.co — Cisco Umbrella Rank: 3792	24 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	701 KB
11	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2	71 KB
9	qualified.com js.qualified.com — Cisco Umbrella Rank: 19342 app.qualified.com — Cisco Umbrella Rank: 20339 assets.qualified.com — Cisco Umbrella Rank: 21719	947 KB
8	itstarsbuilding.com euob.itstarsbuilding.com obseu.itstarsbuilding.com — Cisco Umbrella Rank: 805066	39 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 747 o.clarity.ms — Cisco Umbrella Rank: 7121 c.clarity.ms — Cisco Umbrella Rank: 1351	28 KB
4	infinigrow.com 5f6b2d0bd0ea9d00689c778b.services.infinigrow.com	1 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6518	734 B
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79	4 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	340 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 8358	3 KB
3	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 349 px4.ads.linkedin.com — Cisco Umbrella Rank: 6550	2 KB
2	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4371	2 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 9521	726 B
2	algolia.net abzbmmyyoz-dsn.algolia.net	12 KB
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1465 insight.adsrvr.org — Cisco Umbrella Rank: 637	3 KB
2	cloudfront.net ddzuuyx7zj81k.cloudfront.net dss6ntp5q2r0o.cloudfront.net	28 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3596	8 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2723 pixel.wp.com — Cisco Umbrella Rank: 2679	3 KB
2	hubspotlinks.com 1 redirects csj7v04.na1.hubspotlinks.com	4 KB
1	sentry.io sentry.io — Cisco Umbrella Rank: 170	324 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 247	758 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 490	701 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	2 KB
1	mktoresp.com 796-pbw-559.mktoresp.com	318 B
1	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 8429	1 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 745	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 783	16 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 567	295 B
1	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4275	127 KB
0	twitter.com Failed analytics.twitter.com Failed
0	t.co Failed t.co Failed
197	34

	Domain	Requested by
70	orca.security	csj7v04.na1.hubspotlinks.com orca.security
14	cdn.cookielaw.org	orca.security cdn.cookielaw.org
10	www.google.com	1 redirects orca.security try.orca.security www.gstatic.com www.google.com
8	b.6sc.co	orca.security
7	assets.qualified.com	app.qualified.com
7	www.gstatic.com	www.google.com www.gstatic.com
7	obseu.itstarsbuilding.com	euob.itstarsbuilding.com orca.security
7	try.orca.security	orca.security try.orca.security
4	fonts.gstatic.com	www.google.com
4	5f6b2d0bd0ea9d00689c778b.services.infinigrow.com	ddzuuyx7zj81k.cloudfront.net dss6ntp5q2r0o.cloudfront.net
4	www.google.de	orca.security
4	www.googletagmanager.com	orca.security www.googletagmanager.com euob.itstarsbuilding.com
3	js.zi-scripts.com	csj7v04.na1.hubspotlinks.com js.zi-scripts.com
3	o.clarity.ms	www.clarity.ms
3	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	ws.zoominfo.com	js.zi-scripts.com
2	c.clarity.ms	1 redirects
2	epsilon.6sense.com	j.6sc.co
2	px.ads.linkedin.com	1 redirects snap.licdn.com
2	abzbmmyyoz-dsn.algolia.net	orca.security
2	j.6sc.co	www.googletagmanager.com j.6sc.co
2	www.clarity.ms	csj7v04.na1.hubspotlinks.com www.clarity.ms
2	munchkin.marketo.net	orca.security munchkin.marketo.net
2	csj7v04.na1.hubspotlinks.com	1 redirects
1	sentry.io	assets.qualified.com
1	go.orca.security	js.qualified.com
1	app.qualified.com	js.qualified.com
1	insight.adsrvr.org	js.adsrvr.org
1	c.bing.com	1 redirects
1	dss6ntp5q2r0o.cloudfront.net	ddzuuyx7zj81k.cloudfront.net
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	www.googleadservices.com	www.googletagmanager.com
1	px4.ads.linkedin.com	orca.security
1	pixel.wp.com	orca.security
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	796-pbw-559.mktoresp.com	munchkin.marketo.net
1	js.adsrvr.org	www.googletagmanager.com
1	js.qualified.com	www.googletagmanager.com
1	tracking.g2crowd.com	csj7v04.na1.hubspotlinks.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	ddzuuyx7zj81k.cloudfront.net	csj7v04.na1.hubspotlinks.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	stats.wp.com	orca.security
1	fast.wistia.com	orca.security
1	euob.itstarsbuilding.com	orca.security
0	analytics.twitter.com Failed	orca.security
0	t.co Failed	orca.security
197	51

This site contains links to these domains. Also see Links.

Domain
app.orcasecurity.io
eu.app.orcasecurity.io
au.app.orcasecurity.io
us.gov.app.orcasecurity.io
twitter.com
www.linkedin.com
www.facebook.com
cloud.google.com
www.brighttalk.com
kubernetes.io
aws.amazon.com
azure.microsoft.com
developers.google.com
www.bleepingcomputer.com
policies.google.com
support.orca.security
trustcenter.orca.security
www.youtube.com
www.g2.com
www.onetrust.com

Subject Issuer	Validity	Valid
hubspotlinks.com Cloudflare Inc ECC CA-3	`2023-04-17` - `2024-04-16`	a year	crt.sh
orca.security Entrust Certification Authority - L1M	`2023-08-15` - `2024-08-15`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.itstarsbuilding.com Amazon RSA 2048 M01	`2023-07-18` - `2024-08-16`	a year	crt.sh
try.orca.security Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-16`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-24` - `2024-07-23`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
6sc.co R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
algolia.net Sectigo RSA Organization Validation Secure Server CA	`2024-01-04` - `2025-02-02`	a year	crt.sh
services.infinigrow.com Amazon RSA 2048 M02	`2023-05-27` - `2024-06-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.6sense.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
zi-scripts.com GTS CA 1P5	`2024-01-30` - `2024-04-29`	3 months	crt.sh
app.qualified.com R3	`2024-01-20` - `2024-04-19`	3 months	crt.sh
go.orca.security R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2024-09-07`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email
Frame ID: 8B9AD04016774558A79FF70A03CEB90E
Requests: 166 HTTP requests in this frame

Frame: https://try.orca.security/index.php/form/XDFrame
Frame ID: EE6F1C66A7D5AF803C1F9F86D02875E0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly9vcmNhLnNlY3VyaXR5OjQ0Mw..&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=9oqq2f4j8cg7
Frame ID: 0413C8DE5A3B88BD2A1A6A4FC723151E
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly9vcmNhLnNlY3VyaXR5OjQ0Mw..&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=yhz0rt6b3kv9
Frame ID: C2357983D8501C944DCED3AA79407F77
Requests: 8 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=5hq4tlq&ref=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&upid=wavfaxa&upv=1.1.0
Frame ID: CDFFA2788B80F7FD4495A8FA9B156DF9
Requests: 1 HTTP requests in this frame

Frame: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=b2f0e652-7224-454a-9e1b-abd532103230
Frame ID: 5BC401B3E983FF3659666D3F1E5629B4
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sys:All Google Kubernetes Engine Risk - Complete Cloud Security in Minutes - Orca SecurityBack ButtonFilter Button

Page URL History Show full URLs

https://csj7v04.na1.hubspotlinks.com/Ctc/WZ*113/csJ7V04/VVN21p17-RXbN1gt0bhb_57RW3Z50n1596QwBMmLVTq3qn9gW95jsWP6l... Page URL
https://csj7v04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/WZ*113/csJ7V04/VVN21p17-RXbN1gt0bhb_57RW3Z... HTTP 307
https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_N... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

197
Requests

96 %
HTTPS

57 %
IPv6

34
Domains

51
Subdomains

46
IPs

5
Countries

7785 kB
Transfer

14376 kB
Size

37
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://app.orcasecurity.io/login
Title: Login

Search URL Search Domain Scan URL

URL: https://app.orcasecurity.io/
Title: USA

Search URL Search Domain Scan URL

URL: https://eu.app.orcasecurity.io/
Title: Europe

Search URL Search Domain Scan URL

URL: https://au.app.orcasecurity.io/login
Title: Australia

Search URL Search Domain Scan URL

URL: https://us.gov.app.orcasecurity.io/
Title: US-Gov

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Sys%3AAll%3A%20How%20A%20Simple%20Loophole%20in%20Google%20Kubernetes%20Engine%20Puts%20Clusters%20at%20Risk%20of%20Compromise&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F

Search URL Search Domain Scan URL

URL: https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2024-003
Title: security bulletin

Search URL Search Domain Scan URL

URL: https://www.brighttalk.com/webcast/18490/605535?bt_tok=%7B%7Blead.Id%7D%7D&utm_source=OrcaSecurity&utm_medium=brighttalk&utm_campaign=605535
Title: Attend Threat Briefing

Search URL Search Domain Scan URL

URL: https://cloud.google.com/kubernetes-engine/docs/best-practices/rbac#default-roles-groups
Title: intended behavior

Search URL Search Domain Scan URL

URL: https://kubernetes.io/docs/reference/access-authn-authz/authentication/
Title: system:authenticated

Search URL Search Domain Scan URL

URL: https://kubernetes.io/docs/reference/access-authn-authz/rbac/
Title: granted

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/eks/
Title: Amazon Elastic Kubernetes Service

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/products/kubernetes-service
Title: Azure Kubernetes Service

Search URL Search Domain Scan URL

URL: https://developers.google.com/oauthplayground/
Title: OAuth 2.0 Playground

Search URL Search Domain Scan URL

URL: https://cloud.google.com/logging/docs/audit
Title: audit logs

Search URL Search Domain Scan URL

URL: https://cloud.google.com/architecture/framework/security/shared-responsibility-shared-fate
Title: shared responsibility model

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/misconfigured-amazon-s3-buckets-expose-users-companies-to-stealthy-mitm-attacks/
Title: exploitation

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://support.orca.security/
Title: Support

Search URL Search Domain Scan URL

URL: https://trustcenter.orca.security/
Title: Security Portal

Search URL Search Domain Scan URL

URL: https://twitter.com/OrcaSec

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/orca-security/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/orcasecurity

Search URL Search Domain Scan URL

URL: https://www.g2.com/products/orca-security/reviews

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://csj7v04.na1.hubspotlinks.com/Ctc/WZ*113/csJ7V04/VVN21p17-RXbN1gt0bhb_57RW3Z50n1596QwBMmLVTq3qn9gW95jsWP6lZ3q7VhY8pk3-cJJBW63P7Kt6tJG8xW65TDLJ7v1YqZW5fwRVK3hyTDSW6m3XmC4BByZZW5jJ4Rn78LV12W26lgjb8G84WpW62NpDN2C7Q1mW8cpPyg8h8cZWSZcS3jS3vcW2k7d7M4sRx3dN31Tk0QJMHGXW7_FGJx5hf1jJW4t1xXP7bDMZ9W5Wm--47hmCmtW2rVpRK5x0SPYW125MYL24F-LWW52Q1GL9fgYV8W3gmqKr3xhvTrW3f3ntV5_FtcGW4Q7B0X52slP5W8TKZZV11TP4NW92Sv1634KrBnVpmFH032c6pXW8Jffg46y4gnpW7TnPVn1y_XydW1_9Llj15JW6JW2k3TxZ45_q4JN28dR9r4zJYmW3VtZRC5XzzP_f8swMtl04 Page URL
https://csj7v04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/WZ*113/csJ7V04/VVN21p17-RXbN1gt0bhb_57RW3Z50n1596QwBMmLVTq3qn9gW95jsWP6lZ3q7VhY8pk3-cJJBW63P7Kt6tJG8xW65TDLJ7v1YqZW5fwRVK3hyTDSW6m3XmC4BByZZW5jJ4Rn78LV12W26lgjb8G84WpW62NpDN2C7Q1mW8cpPyg8h8cZWSZcS3jS3vcW2k7d7M4sRx3dN31Tk0QJMHGXW7_FGJx5hf1jJW4t1xXP7bDMZ9W5Wm--47hmCmtW2rVpRK5x0SPYW125MYL24F-LWW52Q1GL9fgYV8W3gmqKr3xhvTrW3f3ntV5_FtcGW4Q7B0X52slP5W8TKZZV11TP4NW92Sv1634KrBnVpmFH032c6pXW8Jffg46y4gnpW7TnPVn1y_XydW1_9Llj15JW6JW2k3TxZ45_q4JN28dR9r4zJYmW3VtZRC5XzzP_f8swMtl04?_ud=6677bb25-34f8-4537-a139-c318226ffe1c&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 115

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1707156734140&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1707156734140&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&e_ipv6=AQK1D6Xi_WL74QAAAY16eIFb8PIS5ciFdZM-7qa0avML7SJCqXLdo2LKG_TQZZ5ZPYjPpIPZw7Jt4FTM3DRwYFr0stBy-A

Request Chain 133

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/653025264/?random=646219291&cv=11&fst=1707156734281&bg=ffffff&guid=ON&async=1&gtm=45be41v0v9102553540za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&label=lhAwCM2ZnfUYEPC_sbcC&hn=www.googleadservices.com&frm=0&tiba=Sys%3AAll%20Google%20Kubernetes%20Engine%20Risk%20-%20Complete%20Cloud%20Security%20in%20Minutes%20-%20Orca%20Security&gtm_ee=1&npa=0&pscdl=noapi&auid=2055165553.1707156734&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&ocp_id=_iTBZZ2FF8Kr78EPrLeo4AY&sscte=1&crd=CIK9sQII7LuxAg&pscrd=Ek9DaEVJZ0t1Q3JnWVE1ZWotdUtiVWxNSDJBUkltQUZLSW82Qlhhb1dDVVZOX1ZvU0xrbnFmNU9LWFRmbW5hMUdzc0g5Q1gwNmswaWdvTEMwGlpDaEVJZ0t1Q3JnWVFzZURXdWUzUDVOXzVBUkl1QUxsSkQ0QTRCMy1wZ2lnbW1vTENJLTcxbl84SXZjOXNZblhnd1BJWHM2cFc1N1J0cHVmeDA4TWg3MTZGMVEiEwid_Om15pSEAxXC1TsCHawbCmwyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC HTTP 302
https://www.google.com/pagead/1p-conversion/653025264/?random=646219291&cv=11&fst=1707156734281&bg=ffffff&guid=ON&async=1&gtm=45be41v0v9102553540za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&label=lhAwCM2ZnfUYEPC_sbcC&hn=www.googleadservices.com&frm=0&tiba=Sys%3AAll%20Google%20Kubernetes%20Engine%20Risk%20-%20Complete%20Cloud%20Security%20in%20Minutes%20-%20Orca%20Security&gtm_ee=1&npa=0&pscdl=noapi&auid=2055165553.1707156734&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CIK9sQII7LuxAg&pscrd=Ek9DaEVJZ0t1Q3JnWVE1ZWotdUtiVWxNSDJBUkltQUZLSW82Qlhhb1dDVVZOX1ZvU0xrbnFmNU9LWFRmbW5hMUdzc0g5Q1gwNmswaWdvTEMwGlpDaEVJZ0t1Q3JnWVFzZURXdWUzUDVOXzVBUkl1QUxsSkQ0QTRCMy1wZ2lnbW1vTENJLTcxbl84SXZjOXNZblhnd1BJWHM2cFc1N1J0cHVmeDA4TWg3MTZGMVEiEwid_Om15pSEAxXC1TsCHawbCmwyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&ocp_id=_iTBZZ2FF8Kr78EPrLeo4AY&cid=CAQSKQAvHhf_puNAoZrWaA4anhxyQHlk-yiHKmZIa98qHgrKKkwbh3pux-32&random=3106953937 HTTP 302
https://www.google.de/pagead/1p-conversion/653025264/?random=646219291&cv=11&fst=1707156734281&bg=ffffff&guid=ON&async=1&gtm=45be41v0v9102553540za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&label=lhAwCM2ZnfUYEPC_sbcC&hn=www.googleadservices.com&frm=0&tiba=Sys%3AAll%20Google%20Kubernetes%20Engine%20Risk%20-%20Complete%20Cloud%20Security%20in%20Minutes%20-%20Orca%20Security&gtm_ee=1&npa=0&pscdl=noapi&auid=2055165553.1707156734&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CIK9sQII7LuxAg&pscrd=Ek9DaEVJZ0t1Q3JnWVE1ZWotdUtiVWxNSDJBUkltQUZLSW82Qlhhb1dDVVZOX1ZvU0xrbnFmNU9LWFRmbW5hMUdzc0g5Q1gwNmswaWdvTEMwGlpDaEVJZ0t1Q3JnWVFzZURXdWUzUDVOXzVBUkl1QUxsSkQ0QTRCMy1wZ2lnbW1vTENJLTcxbl84SXZjOXNZblhnd1BJWHM2cFc1N1J0cHVmeDA4TWg3MTZGMVEiEwid_Om15pSEAxXC1TsCHawbCmwyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&ocp_id=_iTBZZ2FF8Kr78EPrLeo4AY&cid=CAQSKQAvHhf_puNAoZrWaA4anhxyQHlk-yiHKmZIa98qHgrKKkwbh3pux-32&random=3106953937&ipr=y

Request Chain 172

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=329DCA8D69224B54A9866923C46A8350&RedC=c.clarity.ms&MXFR=211F57A1AB3F6E06114543BDAF3F6064 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=329DCA8D69224B54A9866923C46A8350&MUID=0A63576654AF61382551437A557D6013

197 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VVN21p17-RXbN1gt0bhb_57RW3Z50n1596QwBMmLVTq3qn9gW95jsWP6lZ3q7VhY8pk3-cJJBW63P7Kt6tJG8xW65TDLJ7v1YqZW5fwRVK3hyTDSW6m3XmC4BByZZW5jJ4Rn78LV12W26lgjb8G84WpW62NpDN2C7Q1mW8cpPyg8h8cZWSZcS3jS3vcW2k7d7M4sR...
csj7v04.na1.hubspotlinks.com/Ctc/WZ*113/csJ7V04/ 8 KB
3 KB 382ms
324ms Document
text/html 2606:4700:4400::6812:252e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://csj7v04.na1.hubspotlinks.com/Ctc/WZ*113/csJ7V04/VVN21p17-RXbN1gt0bhb_57RW3Z50n1596QwBMmLVTq3qn9gW95jsWP6lZ3q7VhY8pk3-cJJBW63P7Kt6tJG8xW65TDLJ7v1YqZW5fwRVK3hyTDSW6m3XmC4BByZZW5jJ4Rn78LV12W26lgjb8G84WpW62NpDN2C7Q1mW8cpPyg8h8cZWSZcS3jS3vcW2k7d7M4sRx3dN31Tk0QJMHGXW7_FGJx5hf1jJW4t1xXP7bDMZ9W5Wm--47hmCmtW2rVpRK5x0SPYW125MYL24F-LWW52Q1GL9fgYV8W3gmqKr3xhvTrW3f3ntV5_FtcGW4Q7B0X52slP5W8TKZZV11TP4NW92Sv1634KrBnVpmFH032c6pXW8Jffg46y4gnpW7TnPVn1y_XydW1_9Llj15JW6JW2k3TxZ45_q4JN28dR9r4zJYmW3VtZRC5XzzP_f8swMtl04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:252e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 850d1ec7fbf8bb85-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Mon, 05 Feb 2024 18:12:12 GMT
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 5
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-6775f64766-rprvp
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 2143fb0f-77fd-44f7-8643-1ba01af0ed6a
x-request-id: 2143fb0f-77fd-44f7-8643-1ba01af0ed6a
x-robots-tag: none

GET
H2

200

Primary Request / Show response
orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/
Redirect Chain

https://csj7v04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/WZ*113/csJ7V04/VVN21p17-RXbN1gt0bhb_57RW3Z50n1596QwBMmLVTq3qn9gW95jsWP6lZ3q7VhY8pk3-cJJBW63P7Kt6tJG8xW65TDLJ7v1YqZW5fwRVK3hyTD...
https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXf...

245 KB
39 KB

845ms
764ms

Document
text/html

192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email

Requested by

Host: csj7v04.na1.hubspotlinks.com
URL: https://csj7v04.na1.hubspotlinks.com/Ctc/WZ*113/csJ7V04/VVN21p17-RXbN1gt0bhb_57RW3Z50n1596QwBMmLVTq3qn9gW95jsWP6lZ3q7VhY8pk3-cJJBW63P7Kt6tJG8xW65TDLJ7v1YqZW5fwRVK3hyTDSW6m3XmC4BByZZW5jJ4Rn78LV12W26lgjb8G84WpW62NpDN2C7Q1mW8cpPyg8h8cZWSZcS3jS3vcW2k7d7M4sRx3dN31Tk0QJMHGXW7_FGJx5hf1jJW4t1xXP7bDMZ9W5Wm--47hmCmtW2rVpRK5x0SPYW125MYL24F-LWW52Q1GL9fgYV8W3gmqKr3xhvTrW3f3ntV5_FtcGW4Q7B0X52slP5W8TKZZV11TP4NW92Sv1634KrBnVpmFH032c6pXW8Jffg46y4gnpW7TnPVn1y_XydW1_9Llj15JW6JW2k3TxZ45_q4JN28dR9r4zJYmW3VtZRC5XzzP_f8swMtl04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

014005abab6f7d098f9735d845768484fe94a16fef50d4ff04f32bd19cc334f2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval' 796-pbw-559.mktoresp.com .algolianet.com .twitter.com .company-target.com .qualified.com boards.greenhouse.io cdn.cookielaw.org content.hotjar.io ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net .wistia.com embedwistia-a.akamaihd.net .wistia.net .onetrust.com .orca.security googleads.g.doubleclick.net .googleusercontent.com .marketo.net orca.security .wp.com .linkedin.com static.ads-twitter.com .hotjar.com stats.g.doubleclick.net t.co .demandbase.com tracking.g2crowd.com .hotjar.io wss wss://ws.hotjar.com wss://ws.qualified.com www.google-analytics.com .google.com .google.ad .google.ae .google.com.af .google.com.ag .google.al .google.am .google.co.ao .google.com.ar .google.as .google.at .google.com.au .google.az .google.ba .google.com.bd .google.be .google.bf .google.bg .google.com.bh .google.bi .google.bj .google.com.bn .google.com.bo .google.com.br .google.bs .google.bt .google.co.bw .google.by .google.com.bz .google.ca .google.cd .google.cf .google.cg .google.ch .google.ci .google.co.ck .google.cl .google.cm .google.cn .google.com.co .google.co.cr .google.com.cu .google.cv .google.com.cy .google.cz .google.de .google.dj .google.dk .google.dm .google.com.do .google.dz .google.com.ec .google.ee .google.com.eg .google.es .google.com.et .google.fi .google.com.fj .google.fm .google.fr .google.ga .google.ge .google.gg .google.com.gh .google.com.gi .google.gl .google.gm .google.gr .google.com.gt .google.gy .google.com.hk .google.hn .google.hr .google.ht .google.hu .google.co.id .google.ie .google.co.il .google.im .google.co.in .google.iq .google.is .google.it .google.je .google.com.jm .google.jo .google.co.jp .google.co.ke .google.com.kh .google.ki .google.kg .google.co.kr .google.com.kw .google.kz .google.la .google.com.lb .google.li .google.lk .google.co.ls .google.lt .google.lu .google.lv .google.com.ly .google.co.ma .google.md .google.me .google.mg .google.mk .google.ml .google.com.mm .google.mn .google.com.mt .google.mu .google.mv .google.mw .google.com.mx .google.com.my .google.co.mz .google.com.na .google.com.ng .google.com.ni .google.ne .google.nl .google.no .google.com.np .google.nr .google.nu .google.co.nz .google.com.om .google.com.pa .google.com.pe .google.com.pg .google.com.ph .google.com.pk .google.pl .google.pn .google.com.pr .google.ps .google.pt .google.com.py .google.com.qa .google.ro .google.ru .google.rw .google.com.sa .google.com.sb .google.sc .google.se .google.com.sg .google.sh .google.si .google.sk .google.com.sl .google.sn .google.so .google.sm .google.sr .google.st .google.com.sv .google.td .google.tg .google.co.th .google.com.tj .google.tl .google.tm .google.tn .google.to .google.com.tr .google.tt .google.com.tw .google.co.tz .google.com.ua .google.co.ug .google.co.uk .google.com.uy .google.co.uz .google.com.vc .google.co.ve .google.co.vi .google.com.vn .google.vu .google.ws .google.rs .google.co.za .google.co.zm .google.co.zw .google.cat www.googleoptimize.com www.googletagmanager.com www.youtube.com .gravatar.com ad.doubleclick.net analytics.twitter.com boards.cdn.greenhouse.io fonts.gstatic.com mc.yandex.ru pagead2.googlesyndication.com pos.baidu.com translate.googleapis.com .bing.com region1.analytics.google.com api.mkmediaworks.com blob: https://orca.security/5fc9ffbb-97f6-4f2c-b9d4-572461ee66bf cdn.linkedin.oribi.io obseu.segreencolumn.com www.google.cn www.google.com.eg www.google.kg www.google.tm www.gstatic.com www.google.com.bo .adsrvr.org sentry.io euob.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com .clarity.ms www.googleadservices.com 5f6b2d0bd0ea9d00689c778b.services.infinigrow.com lh7-us.googleusercontent.com cm.g.doubleclick.net ssl.google-analytics.com www.facebook.com id.rlcdn.com dsum-sec.casalemedia.com partners.tremorhub.com pixel.rubiconproject.com s.w.org token.rubiconproject.com rapidsec.com munchkin.marketo.net o95209.ingest.sentry.io s3.eu-west-1.amazonaws.com translate-pa.googleapis.com .linkedin.com .algolia.net orca-2024.go-vip.net .6sc.co .6sense.com js.zi-scripts.com ws.zoominfo.com secure.adnxs.com; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' boards.greenhouse.io cdn.cookielaw.org ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net euob.segreencolumn.com fast.wistia.com fast.wistia.net go.orca.security googleads.g.doubleclick.net js.qualified.com munchkin.marketo.net orca.security pi.pardot.com script.hotjar.com static.ads-twitter.com static.hotjar.com stats.wp.com tag.demandbase.com tracking.g2crowd.com try.orca.security www.google-analytics.com www.googleoptimize.com www.googletagmanager.com connect.facebook.net www.google.com www.gstatic.com js.adsrvr.org edge.marker.io obseu.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com www.clarity.ms www.googleadservices.com tpc.googlesyndication.com snap.licdn.com .6sc.co .6sense.com; script-src-elem 'self' data: 'unsafe-inline' app.vwo.com boards.greenhouse.io cdn.cookielaw.org cdnjs.cloudflare.com connect.facebook.net ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net .wistia.com .wistia.net .orca.security googleads.g.doubleclick.net .qualified.com munchkin.marketo.net orca.security .hotjar.com ssl.google-analytics.com static.ads-twitter.com .wp.com .demandbase.com tpc.googlesyndication.com tracking.g2crowd.com .googleapis.com .google.com www.google-analytics.com www.googleadservices.com www.googleoptimize.com www.googletagmanager.com yoast.com rapidsec.com s3.eu-central-1.amazonaws.com www.gstatic.com www.youtube.com js.adsrvr.org edge.marker.io api.company-target.com euob.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com .clarity.ms obseu.segreencolumn.com snap.licdn.com shortstack.services.atlassian.com .google.ca .6sc.co .6sense.com js.zi-scripts.com; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline' orca.security .orca.security fonts.googleapis.com; style-src-elem 'self' data: 'unsafe-inline' .qualified.com fonts.googleapis.com .orca.security orca.security www.googletagmanager.com www.gstatic.com p.typekit.net .wp.com; style-src-attr 'unsafe-inline'; font-src 'self' data: assets.qualified.com fast.wistia.com fast.wistia.net fonts.gstatic.com github.com .fontawesome.com orca.security themes.googleusercontent.com use.typekit.net fonts.cdnfonts.com static.zip.co fonts.googleapis.com at.alicdn.com .orca.security .wp.com; media-src 'self' app.qualified.com .wistia.com embedwistia-a.akamaihd.net .wistia.net ssl.gstatic.com blob: data: www.youtube.com; object-src 'self' .wistia.com embedwistia-a.akamaihd.net orca.security; child-src 'self' app.qualified.com boards.greenhouse.io fast.wistia.com fast.wistia.net go.orca.security s.company-target.com try.orca.security www.youtube.com blob: .google.com .adsrvr.org insight.adsrvr.cn; frame-src 'self' 5gtvu7km85.execute-api.us-east-1.amazonaws.com .google.com app.qualified.com .opendns.com boards.greenhouse.io fast.wistia.com fast.wistia.net .orca.security orca.security s.company-target.com td.doubleclick.net tpc.googlesyndication.com www.googletagmanager.com www.youtube.com .adsrvr.cn .adsrvr.org app.marker.io lsrelay-config-production.s3.amazonaws.com obseu.segreencolumn.com obseu.itstarsbuilding.com schools-blocked.s3-website-us-east-1.amazonaws.com login.microsoftonline.us widgets.wp.com; worker-src blob:; frame-ancestors 'self'; form-action 'self' .orca.security orca.security; manifest-src 'self' orca.security .orca.security; report-uri https://osweb25b8034a79abb3.report-uri.com/r/t/csp/reportOnly
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://csj7v04.na1.hubspotlinks.com/Ctc/WZ*113/csJ7V04/VVN21p17-RXbN1gt0bhb_57RW3Z50n1596QwBMmLVTq3qn9gW95jsWP6lZ3q7VhY8pk3-cJJBW63P7Kt6tJG8xW65TDLJ7v1YqZW5fwRVK3hyTDSW6m3XmC4BByZZW5jJ4Rn78LV12W26lgjb8G84WpW62NpDN2C7Q1mW8cpPyg8h8cZWSZcS3jS3vcW2k7d7M4sRx3dN31Tk0QJMHGXW7_FGJx5hf1jJW4t1xXP7bDMZ9W5Wm--47hmCmtW2rVpRK5x0SPYW125MYL24F-LWW52Q1GL9fgYV8W3gmqKr3xhvTrW3f3ntV5_FtcGW4Q7B0X52slP5W8TKZZV11TP4NW92Sv1634KrBnVpmFH032c6pXW8Jffg46y4gnpW7TnPVn1y_XydW1_9Llj15JW6JW2k3TxZ45_q4JN28dR9r4zJYmW3VtZRC5XzzP_f8swMtl04
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=300, must-revalidate
content-encoding: br
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' 796-pbw-559.mktoresp.com *.algolianet.com *.twitter.com *.company-target.com *.qualified.com boards.greenhouse.io cdn.cookielaw.org content.hotjar.io ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net *.wistia.com embedwistia-a.akamaihd.net *.wistia.net *.onetrust.com *.orca.security googleads.g.doubleclick.net *.googleusercontent.com *.marketo.net orca.security *.wp.com *.linkedin.com static.ads-twitter.com *.hotjar.com stats.g.doubleclick.net t.co *.demandbase.com tracking.g2crowd.com *.hotjar.io wss wss://ws.hotjar.com wss://ws.qualified.com www.google-analytics.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat www.googleoptimize.com www.googletagmanager.com www.youtube.com *.gravatar.com ad.doubleclick.net analytics.twitter.com boards.cdn.greenhouse.io fonts.gstatic.com mc.yandex.ru pagead2.googlesyndication.com pos.baidu.com translate.googleapis.com *.bing.com region1.analytics.google.com api.mkmediaworks.com blob: https://orca.security/5fc9ffbb-97f6-4f2c-b9d4-572461ee66bf cdn.linkedin.oribi.io obseu.segreencolumn.com www.google.cn www.google.com.eg www.google.kg www.google.tm www.gstatic.com www.google.com.bo *.adsrvr.org sentry.io euob.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com *.clarity.ms www.googleadservices.com 5f6b2d0bd0ea9d00689c778b.services.infinigrow.com lh7-us.googleusercontent.com cm.g.doubleclick.net ssl.google-analytics.com www.facebook.com id.rlcdn.com dsum-sec.casalemedia.com partners.tremorhub.com pixel.rubiconproject.com s.w.org token.rubiconproject.com rapidsec.com munchkin.marketo.net o95209.ingest.sentry.io s3.eu-west-1.amazonaws.com translate-pa.googleapis.com *.linkedin.com *.algolia.net orca-2024.go-vip.net *.6sc.co *.6sense.com js.zi-scripts.com ws.zoominfo.com secure.adnxs.com; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' boards.greenhouse.io cdn.cookielaw.org ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net euob.segreencolumn.com fast.wistia.com fast.wistia.net go.orca.security googleads.g.doubleclick.net js.qualified.com munchkin.marketo.net orca.security pi.pardot.com script.hotjar.com static.ads-twitter.com static.hotjar.com stats.wp.com tag.demandbase.com tracking.g2crowd.com try.orca.security www.google-analytics.com www.googleoptimize.com www.googletagmanager.com connect.facebook.net www.google.com www.gstatic.com js.adsrvr.org edge.marker.io obseu.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com www.clarity.ms www.googleadservices.com tpc.googlesyndication.com snap.licdn.com *.6sc.co *.6sense.com; script-src-elem 'self' data: 'unsafe-inline' app.vwo.com boards.greenhouse.io cdn.cookielaw.org cdnjs.cloudflare.com connect.facebook.net ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net *.wistia.com *.wistia.net *.orca.security googleads.g.doubleclick.net *.qualified.com munchkin.marketo.net orca.security *.hotjar.com ssl.google-analytics.com static.ads-twitter.com *.wp.com *.demandbase.com tpc.googlesyndication.com tracking.g2crowd.com *.googleapis.com *.google.com www.google-analytics.com www.googleadservices.com www.googleoptimize.com www.googletagmanager.com yoast.com rapidsec.com s3.eu-central-1.amazonaws.com www.gstatic.com www.youtube.com js.adsrvr.org edge.marker.io api.company-target.com euob.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com *.clarity.ms obseu.segreencolumn.com snap.licdn.com shortstack.services.atlassian.com *.google.ca *.6sc.co *.6sense.com js.zi-scripts.com; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline' orca.security *.orca.security fonts.googleapis.com; style-src-elem 'self' data: 'unsafe-inline' *.qualified.com fonts.googleapis.com *.orca.security orca.security www.googletagmanager.com www.gstatic.com p.typekit.net *.wp.com; style-src-attr 'unsafe-inline'; font-src 'self' data: assets.qualified.com fast.wistia.com fast.wistia.net fonts.gstatic.com github.com *.fontawesome.com orca.security themes.googleusercontent.com use.typekit.net fonts.cdnfonts.com static.zip.co fonts.googleapis.com at.alicdn.com *.orca.security *.wp.com; media-src 'self' app.qualified.com *.wistia.com embedwistia-a.akamaihd.net *.wistia.net ssl.gstatic.com blob: data: www.youtube.com; object-src 'self' *.wistia.com embedwistia-a.akamaihd.net orca.security; child-src 'self' app.qualified.com boards.greenhouse.io fast.wistia.com fast.wistia.net go.orca.security s.company-target.com try.orca.security www.youtube.com blob: *.google.com *.adsrvr.org insight.adsrvr.cn; frame-src 'self' 5gtvu7km85.execute-api.us-east-1.amazonaws.com *.google.com app.qualified.com *.opendns.com boards.greenhouse.io fast.wistia.com fast.wistia.net *.orca.security orca.security s.company-target.com td.doubleclick.net tpc.googlesyndication.com www.googletagmanager.com www.youtube.com *.adsrvr.cn *.adsrvr.org app.marker.io lsrelay-config-production.s3.amazonaws.com obseu.segreencolumn.com obseu.itstarsbuilding.com schools-blocked.s3-website-us-east-1.amazonaws.com login.microsoftonline.us widgets.wp.com; worker-src blob:; frame-ancestors 'self'; form-action 'self' *.orca.security orca.security; manifest-src 'self' orca.security *.orca.security; report-uri https://osweb25b8034a79abb3.report-uri.com/r/t/csp/reportOnly
content-type: text/html; charset=UTF-8
date: Mon, 05 Feb 2024 18:12:13 GMT
feature-policy: *
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://orca.security/wp-json/>; rel="https://api.w.org/" <https://orca.security/wp-json/wp/v2/posts/62652>; rel="alternate"; type="application/json" <https://orca.security/?p=62652>; rel=shortlink
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000;includeSubdomains;preload
vary: Accept-Encoding
x-cache: miss
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-permitted-cross-domain-policies: none
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn1 123 243 443
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 850d1eca1f1ebb85-FRA
date: Mon, 05 Feb 2024 18:12:12 GMT
link: <https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email>; rel="canonical"
location: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 33
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-6775f64766-zpjh9
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 32bdba5e-642e-4d81-9cd2-60d0d23cc5db
x-request-id: 32bdba5e-642e-4d81-9cd2-60d0d23cc5db
x-robots-tag: none

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/a3c4add2-fbd3-4f71-9383-50362de53378/ 12 KB
3 KB 82ms
40ms Script
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/a3c4add2-fbd3-4f71-9383-50362de53378/OtAutoBlock.js

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f51fac826bb43d5d239f767a2ec88b8da836610fb9cd6960aea9d6e4ffcf0d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 26138
content-md5: wAg1rUmqf4PH7EHGj+DLpw==
content-length: 3170
x-ms-lease-status: unlocked
last-modified: Mon, 13 Nov 2023 14:30:28 GMT
server: cloudflare
etag: 0x8DBE455156899BB
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ecb151c0-f01e-003b-7b3e-167c27000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 850d1ed0cc369c0c-FRA
expires: Tue, 06 Feb 2024 18:12:13 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 73ms
32ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dulN1EiikhiO8GlkrdtHlg==
age: 51875
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6838
x-ms-lease-status: unlocked
last-modified: Thu, 01 Feb 2024 20:33:09 GMT
server: cloudflare
etag: 0x8DC236500E5107B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e712dae4-801e-006c-3f84-55d214000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 850d1ed0cc399c0c-FRA

GET
H2 200 7432380ce3d59e6e299bcd0897e20b99.js Show response
euob.itstarsbuilding.com/sxp/i/ 100 KB
37 KB 92ms
27ms Script
text/javascript 2600:9000:214f:8200:8:7bee:ac40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://euob.itstarsbuilding.com/sxp/i/7432380ce3d59e6e299bcd0897e20b99.js
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8200:8:7bee:ac40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 85fa9e907131c0a08bd1323f6da094bb52e87d395a4830a494ba3e640ca8a233

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:08:23 GMT
content-encoding: gzip
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA53-C1
age: 3991
etag: "18fb4-sCyDjWAy1ChG0sKJs7L0xv0I9Oc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 37355
x-amz-cf-id: ntrogMVpufdhie9qm5Mk5Q8Uaf9djvgwHfsWb6UQsePQH8JKYgQu3Q==
expires: Tue, 06 Feb 2024 05:05:42 GMT

GET
H2 200 style.min.css
orca.security/wp-includes/css/dist/block-library/ 108 KB
15 KB 21ms
20ms Stylesheet
text/css 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/css/dist/block-library/style.min.css?ver=f5a50cdade277d9240a5a2d9f9f354b6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:19 GMT
server: nginx
x-rq: hhn1 123 242 443
etag: W/"65b94ec3-1ae43"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 mediaelementplayer-legacy.min.css
orca.security/wp-includes/js/mediaelement/ 11 KB
3 KB 21ms
20ms Stylesheet
text/css 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:20 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"65b94ec4-2bf8"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 wp-mediaelement.min.css
orca.security/wp-includes/js/mediaelement/ 4 KB
1 KB 21ms
21ms Stylesheet
text/css 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=f5a50cdade277d9240a5a2d9f9f354b6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:20 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"65b94ec4-105a"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 algolia-theme.css
orca.security/wp-content/themes/orca-2023/dist/css/ 22 KB
5 KB 22ms
21ms Stylesheet
text/css 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/dist/css/algolia-theme.css?ver=3d63cbaa5be84ba84c2f

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fb8189d5d2e3f2f0e73091ea2f1751bfb4e493de73849950bfa5e66fc0d616e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Mon, 05 Feb 2024 08:17:51 GMT
server: nginx
x-rq: hhn1 123 242 443
etag: W/"65c099af-56e6"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 frontend.css
orca.security/wp-content/themes/orca-2023/dist/css/ 387 KB
50 KB 22ms
21ms Stylesheet
text/css 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/dist/css/frontend.css?ver=6df12e57908ee89c36db

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

62b094c8c6de4d9922f7df6ce3ef08cd6945cb34700145c37dd4e4fb8b324687

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Mon, 05 Feb 2024 08:17:51 GMT
server: nginx
x-rq: hhn1 123 242 443
etag: W/"65c099af-60d18"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 jquery.min.js Show response
orca.security/wp-includes/js/jquery/ 86 KB
31 KB 22ms
21ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:20 GMT
server: nginx
x-rq: hhn1 123 242 443
etag: W/"65b94ec4-15601"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
orca.security/wp-includes/js/jquery/ 13 KB
5 KB 22ms
22ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:20 GMT
server: nginx
x-rq: hhn1 123 242 443
etag: W/"65b94ec4-3509"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 logo-fully-white.svg
orca.security/wp-content/uploads/2021/07/ 6 KB
6 KB 30ms
26ms Image
image/svg+xml 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2021/07/logo-fully-white.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e6d5bb155c0f8d862a1ce1cef045b3762649307c88a2543d6f76a4b735523855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 28 443
last-modified: Wed, 29 Nov 2023 09:17:59 GMT
server: nginx
etag: "bb7bbd21415442da"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5986

GET
H2 200 orca-security-logo-color-1.svg
orca.security/wp-content/uploads/2023/11/ 3 KB
4 KB 30ms
26ms Image
image/svg+xml 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2023/11/orca-security-logo-color-1.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1039079733f5bd1fb167a570c65e6843547b9380c8d45d3ec3ba665a9dc15e28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 83 443
last-modified: Wed, 29 Nov 2023 09:25:48 GMT
server: nginx
etag: "58364109b6fae5f6"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3495

GET
H2 200 roi-nisimi_avatar.png
orca.security/wp-content/uploads/2023/01/ 10 KB
11 KB 23ms
22ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2023/01/roi-nisimi_avatar.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4cae1cc5eefd5fb8146763989410ff670a85361736c2036df2ded4f2debd683a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 88 443
last-modified: Fri, 28 Jul 2023 08:56:08 GMT
server: nginx
etag: "025f24ecf0b28468"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10750

GET
H2 200 sys-all-risk-blog-1980.png
orca.security/wp-content/uploads/2024/01/ 2 MB
2 MB 33ms
33ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/sys-all-risk-blog-1980.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0f091ad4ec7279f8064b7266498a3bfffa41bef28a1596cdf247bf4e20ba9728

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 88 443
last-modified: Wed, 24 Jan 2024 14:18:31 GMT
server: nginx
etag: "181d98a4a98e5829"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2270802

GET
H2 200 image8.png
orca.security/wp-content/uploads/2024/01/ 26 KB
26 KB 23ms
22ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image8.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0b79b5450461dfdff15bca8cc14cb070e56e46f290a87d233957ff70de6aff00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 30 443
last-modified: Wed, 24 Jan 2024 14:00:57 GMT
server: nginx
etag: "2d70836d16a1a29b"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 26184

GET
H2 200 image9.png
orca.security/wp-content/uploads/2024/01/ 51 KB
52 KB 28ms
28ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image9.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

833d70c8d590a8c80f780f17f708c83ddb34539b172373bdaac0e07b4f2ff61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 196 443
last-modified: Wed, 24 Jan 2024 14:00:59 GMT
server: nginx
etag: "ccc0036ba7db18c5"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 52646

GET
H2 200 image16.png
orca.security/wp-content/uploads/2024/01/ 54 KB
54 KB 28ms
23ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image16.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

23b900b7d086263e2461cfa3f39e9097e5b648302c8a2e315a12c92769e76a6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 195 443
last-modified: Wed, 24 Jan 2024 14:00:58 GMT
server: nginx
etag: "4e031f4ed6f0cbc6"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 55442

GET
H2 200 image23.png
orca.security/wp-content/uploads/2024/01/ 106 KB
106 KB 30ms
27ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image23.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

eee0a1315b29e79349d15715f1c319021e2b4151cd2793d7ef3161bc83f536cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 142 443
last-modified: Wed, 24 Jan 2024 14:18:30 GMT
server: nginx
etag: "238d4bdce8d79392"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 108436

GET
H2 200 image1.png
orca.security/wp-content/uploads/2024/01/ 60 KB
60 KB 30ms
27ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ecdc1d4115757ea915f4d482d7f3bd7ca8f85ca121d3efcf14b0edcbe41e2da6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 83 443
last-modified: Wed, 24 Jan 2024 14:18:29 GMT
server: nginx
etag: "4e6cc6f89303f719"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 61518

GET
H2 200 image21.png
orca.security/wp-content/uploads/2024/01/ 58 KB
59 KB 30ms
27ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image21.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f3d785bd33332b154fffa5f2ff673b80b0d6f442f8d51993b9f9b74868515941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 200 443
last-modified: Wed, 24 Jan 2024 14:18:29 GMT
server: nginx
etag: "068ec775c3040e52"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 59886

GET
H2 200 image18.png
orca.security/wp-content/uploads/2024/01/ 93 KB
94 KB 31ms
27ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image18.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f94bb8ade3a70bcbba3056c89b05a721b2d4ccd3c7c8a9bce68969b72b6c718e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 196 443
last-modified: Wed, 24 Jan 2024 14:18:30 GMT
server: nginx
etag: "e1eabdbd5d4c0ffa"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 95550

GET
H2 200 image6.png
orca.security/wp-content/uploads/2024/01/ 76 KB
76 KB 31ms
28ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image6.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f362aca684bfecd3f29fe2418aae24101bb2e01a7efa7f27fb430d4c9099710e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 140 443
last-modified: Wed, 24 Jan 2024 14:01:01 GMT
server: nginx
etag: "37f8d5a7600b16a3"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 77622

GET
H2 200 image14.png
orca.security/wp-content/uploads/2024/01/ 76 KB
76 KB 31ms
28ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image14.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e2f99d9465b9add1e23c255b5da65d0a7c7049a14a04e83fd2852a5901fc6479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 83 443
last-modified: Wed, 24 Jan 2024 14:00:59 GMT
server: nginx
etag: "f7c6ff1cfe5e8a89"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 77444

GET
H2 200 image15.png
orca.security/wp-content/uploads/2024/01/ 90 KB
91 KB 31ms
28ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image15.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dbe6a90b8767ed69619a94bb45ab6032e259b586feba7a7c5fde10247fb104ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 30 443
last-modified: Wed, 24 Jan 2024 14:18:31 GMT
server: nginx
etag: "043381eaad4951b0"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 92364

GET
H2 200 image22.png
orca.security/wp-content/uploads/2024/01/ 103 KB
103 KB 32ms
29ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image22.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cdb8dc751d758da8fd7abd4fbdfefb74b725e5873b9f4d10b66fb1b9c9dfb12f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 27 443
last-modified: Wed, 24 Jan 2024 14:18:30 GMT
server: nginx
etag: "96698a126fc76c24"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 105288

GET
H2 200 image12.png
orca.security/wp-content/uploads/2024/01/ 64 KB
64 KB 55ms
52ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image12.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5ccc433b60125c4ee2d6cb1f0ab5595149089d85eb948a1c87545cbed4dc34a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 84 443
last-modified: Wed, 24 Jan 2024 14:00:59 GMT
server: nginx
etag: "651ab8107f291cbe"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 65488

GET
H2 200 image13.png
orca.security/wp-content/uploads/2024/01/ 131 KB
131 KB 55ms
52ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image13.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1d4f3dfef155615fb776fc785b7b9ced8730c73edb5f9fe31d2e851b9152cdc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 196 443
last-modified: Wed, 24 Jan 2024 14:18:30 GMT
server: nginx
etag: "d7162876a18d0481"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 133944

GET
H2 200 image17.png
orca.security/wp-content/uploads/2024/01/ 81 KB
82 KB 55ms
52ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image17.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

93a6d4a8d628e676cb27decae1dc21bf84474d4c85a53540e276454f71ab1bec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 195 443
last-modified: Wed, 24 Jan 2024 14:18:29 GMT
server: nginx
etag: "1e297f0a1582d65b"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 83188

GET
H2 200 image3.png
orca.security/wp-content/uploads/2024/01/ 216 KB
217 KB 55ms
53ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e7b0025c8803ae756064287f63df76c04aec91c10f5df0dbaabce889da1aefa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 27 443
last-modified: Wed, 24 Jan 2024 14:18:30 GMT
server: nginx
etag: "3100f771b99b4630"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 221668

GET
H2 200 image11.png
orca.security/wp-content/uploads/2024/01/ 207 KB
208 KB 56ms
53ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image11.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

83e59212a2f6ffee45e02b9e255b653d5addf2ab8b2bec2c849febc5e30066e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 28 443
last-modified: Wed, 24 Jan 2024 14:18:30 GMT
server: nginx
etag: "fa5749f42a64c76a"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 212226

GET
H2 200 image19.png
orca.security/wp-content/uploads/2024/01/ 26 KB
26 KB 56ms
53ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image19.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5ed9770a8fd437502f6db8d286aa05f7d7a98e13d73894b9a490aadafccbc915

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 139 443
last-modified: Wed, 24 Jan 2024 14:00:59 GMT
server: nginx
etag: "2284d5b0374f691c"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 26560

GET
H2 200 image4.png
orca.security/wp-content/uploads/2024/01/ 90 KB
91 KB 56ms
53ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image4.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7f408bfa71318426794fc5d8e93f787d33a82c56da78462416447704e3f4f8dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 198 443
last-modified: Wed, 24 Jan 2024 14:54:07 GMT
server: nginx
etag: "cc426851bddd79db"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 92612

GET
H2 200 image5.png
orca.security/wp-content/uploads/2024/01/ 100 KB
100 KB 56ms
54ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image5.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ed6b6475aad52b60e31dda38a29183c4317b106ebe1ffe4b73ec598ca2e26f5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 27 443
last-modified: Wed, 24 Jan 2024 14:00:59 GMT
server: nginx
etag: "fc72ed47e4d42afd"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 101890

GET
H2 200 image2.png
orca.security/wp-content/uploads/2024/01/ 26 KB
26 KB 56ms
54ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image2.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ba983bb89208d2adc55c9dde67e675fff58fe78020fca6c396d290ec6806780a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 200 443
last-modified: Wed, 24 Jan 2024 14:54:07 GMT
server: nginx
etag: "feb3df0857006d1f"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 26170

GET
H2 200 image7.png
orca.security/wp-content/uploads/2024/01/ 26 KB
27 KB 56ms
54ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image7.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7c092f31325cd1d5358048ec2ced529fce513fd9b091c01226f071d9ea29cee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 195 443
last-modified: Wed, 24 Jan 2024 14:00:59 GMT
server: nginx
etag: "20419d563beda2da"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 27112

GET
H2 200 image20.png
orca.security/wp-content/uploads/2024/01/ 11 KB
11 KB 56ms
54ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image20.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

955b798f1bd2eaae28eeae57adb9c8ce7b0f57dd4c061a43f0f7466b6a383e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 86 443
last-modified: Wed, 24 Jan 2024 14:00:58 GMT
server: nginx
etag: "df735895d62761f0"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11006

GET
H2 200 image10.jpg
orca.security/wp-content/uploads/2024/01/ 37 KB
37 KB 57ms
54ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image10.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dde9e66b252d0aac6863570dcdfe01ac587e6655b253f0f6c04e9d76e3440f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 200 443
last-modified: Wed, 24 Jan 2024 14:18:29 GMT
server: nginx
etag: "c5e68d2b4298b506"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 37518

GET
H2 200 featured-blue.svg
orca.security/wp-content/themes/orca-2023/assets/svg/ 1 KB
1023 B 56ms
54ms Image
image/svg+xml 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/themes/orca-2023/assets/svg/featured-blue.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f7347c2b3c0649df0a10fdd68d29cc0ff17a250992a2f5f5cce375f71a9aa8d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 09 Nov 2023 22:49:01 GMT
server: nginx
x-rq: hhn1 123 242 443
etag: W/"654d61dd-5a9"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000

GET
H2 200 featured-white.svg
orca.security/wp-content/themes/orca-2023/assets/svg/ 592 B
617 B 57ms
55ms Image
image/svg+xml 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/themes/orca-2023/assets/svg/featured-white.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f88eb9b6ea2ddecf6dab3e397c92e757e562f78dad657c7c96ba193966abea32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 09 Nov 2023 22:49:01 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"654d61dd-250"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000

GET
H2 200 avatar_bar-kaduri.png
orca.security/wp-content/uploads/2022/01/ 11 KB
12 KB 57ms
55ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2022/01/avatar_bar-kaduri.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

06fbf76bf46d824c5ff33fdddbaebc08954ed04c125ddb8c7f210309fcd4c88f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 84 443
last-modified: Mon, 31 Jul 2023 07:51:12 GMT
server: nginx
etag: "92903c72572d9a03"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11748

GET
H2 200 avatar_orca_Deborah-Galea.png
orca.security/wp-content/uploads/2021/11/ 6 KB
6 KB 57ms
55ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2021/11/avatar_orca_Deborah-Galea.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b2b83686b998dca41fa8259ef256b506f1182507b7d2cf8740a506c4acc4189f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 140 443
last-modified: Thu, 17 Aug 2023 04:10:03 GMT
server: nginx
etag: "db9bb5b2ca337c60"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6064

GET
H2 200 Platform-Demo-Dashboard.png
orca.security/wp-content/uploads/2023/12/ 197 KB
198 KB 57ms
55ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2023/12/Platform-Demo-Dashboard.png?resize=2048,1291

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

005399c6c3716a18a1225732e29d7dcce77c8a093021161c0e00f4d6dda7e442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 30 443
last-modified: Wed, 06 Dec 2023 09:34:59 GMT
server: nginx
etag: "a0d3e2a079e8d286"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 202186

GET
H2 200 forms2.min.js Show response
try.orca.security/js/forms2/js/ 199 KB
67 KB 303ms
139ms Script
application/x-javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://try.orca.security/js/forms2/js/forms2.min.js?ver=0.1.0

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be64da47ffc5fc1e40ba8205a0974330a76815e151e84ba365a750a7c96f1d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Jan 2024 00:21:30 GMT
server: cloudflare
etag: "2660616-31ad2-60e27d4627680"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 850d1ed22ca1bbce-FRA

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 755 KB
127 KB 84ms
20ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js?ver=0.1.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6821decebfe34cf4525fb7d688c79ae4320cff99bb00093c8c783ec98281faf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 2132
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 129760
x-served-by: cache-iad-kjyo7100177-IAD, cache-fra-etou8220091-FRA
x-browser-version: 121
last-modified: Mon, 05 Feb 2024 14:35:38 GMT
server: AmazonS3
x-timer: S1707156734.691151,VS0,VE0
etag: "8dc154dc72761504c9bb193d984d8df9"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: cf0148798ac0e5e722440e82170450d8e6c03045
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 22, 70

GET
H2 200 wp-polyfill-inert.min.js Show response
orca.security/wp-includes/js/dist/vendor/ 8 KB
3 KB 28ms
24ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:19 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"65b94ec3-1feb"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 regenerator-runtime.min.js Show response
orca.security/wp-includes/js/dist/vendor/ 6 KB
3 KB 28ms
24ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:19 GMT
server: nginx
x-rq: hhn1 123 242 443
etag: W/"65b94ec3-19e1"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 wp-polyfill.min.js Show response
orca.security/wp-includes/js/dist/vendor/ 112 KB
36 KB 28ms
24ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:19 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"65b94ec3-1c1b7"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 hooks.min.js Show response
orca.security/wp-includes/js/dist/ 5 KB
2 KB 29ms
24ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:20 GMT
server: nginx
x-rq: hhn1 123 242 443
etag: W/"65b94ec4-1213"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 i18n.min.js Show response
orca.security/wp-includes/js/dist/ 9 KB
4 KB 29ms
25ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:20 GMT
server: nginx
x-rq: hhn1 123 242 443
etag: W/"65b94ec4-24e5"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 url.min.js Show response
orca.security/wp-includes/js/dist/ 9 KB
4 KB 29ms
25ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/dist/url.min.js?ver=b4979979018b684be209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

65f976cffe2202ce71f130a2a4496ca28762a5323229d71ae014d1205c4ffdad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:20 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"65b94ec4-259d"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 api-fetch.min.js Show response
orca.security/wp-includes/js/dist/ 5 KB
3 KB 29ms
25ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/dist/api-fetch.min.js?ver=0fa4dabf8bf2c7adf21a

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

01c0908883c6fbc352a302170f1a8863b306b4f71cc11daea1da4c37f6d0acc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:19 GMT
server: nginx
x-rq: hhn1 123 242 443
etag: W/"65b94ec3-1510"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 frontend.js Show response
orca.security/wp-content/themes/orca-2023/dist/js/ 117 KB
35 KB 29ms
26ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/dist/js/frontend.js?ver=6df12e57908ee89c36db

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

81cf9d1b824e048e06d4527737e0fed697c5c508620da288ad24a0df22ebca21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Mon, 05 Feb 2024 08:17:51 GMT
server: nginx
x-rq: hhn1 123 242 443
etag: W/"65c099af-1d407"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 top-nav-search-algolia.js Show response
orca.security/wp-content/themes/orca-2023/dist/js/ 197 KB
48 KB 30ms
26ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/dist/js/top-nav-search-algolia.js?ver=cdaff79ecccd0bdb94e6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

db1871ffa95c0cf965a3c672a924d2122a1faaf164961b82bc7b1b3273385a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Mon, 05 Feb 2024 08:17:51 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"65c099af-3141f"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 e-202406.js Show response
stats.wp.com/ 7 KB
3 KB 86ms
22ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202406.js
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14377-1704402356565.5398
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Mon, 03 Feb 2025 14:06:59 GMT

GET
H2 200 interactivity.min.js Show response
orca.security/wp-includes/js/dist/ 32 KB
12 KB 57ms
55ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/dist/interactivity.min.js?ver=f5a50cdade277d9240a5a2d9f9f354b6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

34019d3364166a309440c0b3e94391105694660f5ed76dc836eed8e4aedc1fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:20 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"65b94ec4-7e7a"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 view.min.js Show response
orca.security/wp-includes/blocks/image/ 6 KB
2 KB 57ms
56ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/blocks/image/view.min.js?ver=32caaf5e7c6834efef4c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ce3471ccd08187d7fe1e76cd7c67d991cb7d15a0a27b8b50b4ea7389520edba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:18 GMT
server: nginx
x-rq: hhn1 123 242 443
etag: W/"65b94ec2-1623"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 a3c4add2-fbd3-4f71-9383-50362de53378.json Show response
cdn.cookielaw.org/consent/a3c4add2-fbd3-4f71-9383-50362de53378/ 5 KB
2 KB 96ms
52ms XHR
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/a3c4add2-fbd3-4f71-9383-50362de53378/a3c4add2-fbd3-4f71-9383-50362de53378.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160dfc817c65edbb6c32670c6434046ad7ab624ac9bcfd9c1aa6694f3c922483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 39399
content-md5: Vkyox7nSV1/GNQmPlms2oA==
content-length: 1794
x-ms-lease-status: unlocked
last-modified: Mon, 13 Nov 2023 14:30:28 GMT
server: cloudflare
etag: 0x8DBE455153C8775
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7de5c640-001e-0062-623e-16fba4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 850d1ed15c50902e-FRA
expires: Tue, 06 Feb 2024 18:12:13 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 301 KB
96 KB 99ms
41ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

34937899dbccd667a2caecf6b0e20a99825d237bbaa221d736179188977633e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98244
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 05 Feb 2024 18:12:13 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
2 KB 86ms
23ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 18:12:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
DATA 200
OK truncated
/ 482 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c01c3ea6d9369a98891f5f9bc59955329dc6df20da11121a935c24fa2b27ccd9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 189 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd967e1dbbe051fd7cc1029643231f25794da1cfabaa31efeae11c019c3d0e5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 research-pod-pattern.svg
orca.security/wp-content/themes/orca-2023/dist/svg/ 15 KB
2 KB 39ms
39ms Image
image/svg+xml 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/themes/orca-2023/dist/svg/research-pod-pattern.svg

Requested by

Host: orca.security
URL: https://orca.security/wp-content/themes/orca-2023/dist/css/frontend.css?ver=6df12e57908ee89c36db

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7babae28966f56b9b1c0a4ddb58fd902dbbc5e08faa3c6db5605d7ec5b6380f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orca.security/wp-content/themes/orca-2023/dist/css/frontend.css?ver=6df12e57908ee89c36db
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Mon, 05 Feb 2024 08:17:51 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"65c099af-3d38"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000

GET
H2 404 orca-research-pod.svg
orca.security/wp-content/themes/orca-2023/dist/images/ 99 KB
99 KB 664ms
663ms Image
text/html 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/themes/orca-2023/dist/images/orca-research-pod.svg

Requested by

Host: orca.security
URL: https://orca.security/wp-content/themes/orca-2023/dist/css/frontend.css?ver=6df12e57908ee89c36db

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

474bf9951bb2b59cf8314291b62fd55d077c07264fcb8f60c89bc2171f9067a7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval' 796-pbw-559.mktoresp.com .algolianet.com .twitter.com .company-target.com .qualified.com boards.greenhouse.io cdn.cookielaw.org content.hotjar.io ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net .wistia.com embedwistia-a.akamaihd.net .wistia.net .onetrust.com .orca.security googleads.g.doubleclick.net .googleusercontent.com .marketo.net orca.security .wp.com .linkedin.com static.ads-twitter.com .hotjar.com stats.g.doubleclick.net t.co .demandbase.com tracking.g2crowd.com .hotjar.io wss wss://ws.hotjar.com wss://ws.qualified.com www.google-analytics.com .google.com .google.ad .google.ae .google.com.af .google.com.ag .google.al .google.am .google.co.ao .google.com.ar .google.as .google.at .google.com.au .google.az .google.ba .google.com.bd .google.be .google.bf .google.bg .google.com.bh .google.bi .google.bj .google.com.bn .google.com.bo .google.com.br .google.bs .google.bt .google.co.bw .google.by .google.com.bz .google.ca .google.cd .google.cf .google.cg .google.ch .google.ci .google.co.ck .google.cl .google.cm .google.cn .google.com.co .google.co.cr .google.com.cu .google.cv .google.com.cy .google.cz .google.de .google.dj .google.dk .google.dm .google.com.do .google.dz .google.com.ec .google.ee .google.com.eg .google.es .google.com.et .google.fi .google.com.fj .google.fm .google.fr .google.ga .google.ge .google.gg .google.com.gh .google.com.gi .google.gl .google.gm .google.gr .google.com.gt .google.gy .google.com.hk .google.hn .google.hr .google.ht .google.hu .google.co.id .google.ie .google.co.il .google.im .google.co.in .google.iq .google.is .google.it .google.je .google.com.jm .google.jo .google.co.jp .google.co.ke .google.com.kh .google.ki .google.kg .google.co.kr .google.com.kw .google.kz .google.la .google.com.lb .google.li .google.lk .google.co.ls .google.lt .google.lu .google.lv .google.com.ly .google.co.ma .google.md .google.me .google.mg .google.mk .google.ml .google.com.mm .google.mn .google.com.mt .google.mu .google.mv .google.mw .google.com.mx .google.com.my .google.co.mz .google.com.na .google.com.ng .google.com.ni .google.ne .google.nl .google.no .google.com.np .google.nr .google.nu .google.co.nz .google.com.om .google.com.pa .google.com.pe .google.com.pg .google.com.ph .google.com.pk .google.pl .google.pn .google.com.pr .google.ps .google.pt .google.com.py .google.com.qa .google.ro .google.ru .google.rw .google.com.sa .google.com.sb .google.sc .google.se .google.com.sg .google.sh .google.si .google.sk .google.com.sl .google.sn .google.so .google.sm .google.sr .google.st .google.com.sv .google.td .google.tg .google.co.th .google.com.tj .google.tl .google.tm .google.tn .google.to .google.com.tr .google.tt .google.com.tw .google.co.tz .google.com.ua .google.co.ug .google.co.uk .google.com.uy .google.co.uz .google.com.vc .google.co.ve .google.co.vi .google.com.vn .google.vu .google.ws .google.rs .google.co.za .google.co.zm .google.co.zw .google.cat www.googleoptimize.com www.googletagmanager.com www.youtube.com .gravatar.com ad.doubleclick.net analytics.twitter.com boards.cdn.greenhouse.io fonts.gstatic.com mc.yandex.ru pagead2.googlesyndication.com pos.baidu.com translate.googleapis.com .bing.com region1.analytics.google.com api.mkmediaworks.com blob: https://orca.security/5fc9ffbb-97f6-4f2c-b9d4-572461ee66bf cdn.linkedin.oribi.io obseu.segreencolumn.com www.google.cn www.google.com.eg www.google.kg www.google.tm www.gstatic.com www.google.com.bo .adsrvr.org sentry.io euob.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com .clarity.ms www.googleadservices.com 5f6b2d0bd0ea9d00689c778b.services.infinigrow.com lh7-us.googleusercontent.com cm.g.doubleclick.net ssl.google-analytics.com www.facebook.com id.rlcdn.com dsum-sec.casalemedia.com partners.tremorhub.com pixel.rubiconproject.com s.w.org token.rubiconproject.com rapidsec.com munchkin.marketo.net o95209.ingest.sentry.io s3.eu-west-1.amazonaws.com translate-pa.googleapis.com .linkedin.com .algolia.net orca-2024.go-vip.net .6sc.co .6sense.com js.zi-scripts.com ws.zoominfo.com secure.adnxs.com; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' boards.greenhouse.io cdn.cookielaw.org ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net euob.segreencolumn.com fast.wistia.com fast.wistia.net go.orca.security googleads.g.doubleclick.net js.qualified.com munchkin.marketo.net orca.security pi.pardot.com script.hotjar.com static.ads-twitter.com static.hotjar.com stats.wp.com tag.demandbase.com tracking.g2crowd.com try.orca.security www.google-analytics.com www.googleoptimize.com www.googletagmanager.com connect.facebook.net www.google.com www.gstatic.com js.adsrvr.org edge.marker.io obseu.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com www.clarity.ms www.googleadservices.com tpc.googlesyndication.com snap.licdn.com .6sc.co .6sense.com; script-src-elem 'self' data: 'unsafe-inline' app.vwo.com boards.greenhouse.io cdn.cookielaw.org cdnjs.cloudflare.com connect.facebook.net ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net .wistia.com .wistia.net .orca.security googleads.g.doubleclick.net .qualified.com munchkin.marketo.net orca.security .hotjar.com ssl.google-analytics.com static.ads-twitter.com .wp.com .demandbase.com tpc.googlesyndication.com tracking.g2crowd.com .googleapis.com .google.com www.google-analytics.com www.googleadservices.com www.googleoptimize.com www.googletagmanager.com yoast.com rapidsec.com s3.eu-central-1.amazonaws.com www.gstatic.com www.youtube.com js.adsrvr.org edge.marker.io api.company-target.com euob.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com .clarity.ms obseu.segreencolumn.com snap.licdn.com shortstack.services.atlassian.com .google.ca .6sc.co .6sense.com js.zi-scripts.com; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline' orca.security .orca.security fonts.googleapis.com; style-src-elem 'self' data: 'unsafe-inline' .qualified.com fonts.googleapis.com .orca.security orca.security www.googletagmanager.com www.gstatic.com p.typekit.net .wp.com; style-src-attr 'unsafe-inline'; font-src 'self' data: assets.qualified.com fast.wistia.com fast.wistia.net fonts.gstatic.com github.com .fontawesome.com orca.security themes.googleusercontent.com use.typekit.net fonts.cdnfonts.com static.zip.co fonts.googleapis.com at.alicdn.com .orca.security .wp.com; media-src 'self' app.qualified.com .wistia.com embedwistia-a.akamaihd.net .wistia.net ssl.gstatic.com blob: data: www.youtube.com; object-src 'self' .wistia.com embedwistia-a.akamaihd.net orca.security; child-src 'self' app.qualified.com boards.greenhouse.io fast.wistia.com fast.wistia.net go.orca.security s.company-target.com try.orca.security www.youtube.com blob: .google.com .adsrvr.org insight.adsrvr.cn; frame-src 'self' 5gtvu7km85.execute-api.us-east-1.amazonaws.com .google.com app.qualified.com .opendns.com boards.greenhouse.io fast.wistia.com fast.wistia.net .orca.security orca.security s.company-target.com td.doubleclick.net tpc.googlesyndication.com www.googletagmanager.com www.youtube.com .adsrvr.cn .adsrvr.org app.marker.io lsrelay-config-production.s3.amazonaws.com obseu.segreencolumn.com obseu.itstarsbuilding.com schools-blocked.s3-website-us-east-1.amazonaws.com login.microsoftonline.us widgets.wp.com; worker-src blob:; frame-ancestors 'self'; form-action 'self' .orca.security orca.security; manifest-src 'self' orca.security .orca.security; report-uri https://osweb25b8034a79abb3.report-uri.com/r/t/csp/reportOnly
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orca.security/wp-content/themes/orca-2023/dist/css/frontend.css?ver=6df12e57908ee89c36db
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
date: Mon, 05 Feb 2024 18:12:14 GMT
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' 796-pbw-559.mktoresp.com *.algolianet.com *.twitter.com *.company-target.com *.qualified.com boards.greenhouse.io cdn.cookielaw.org content.hotjar.io ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net *.wistia.com embedwistia-a.akamaihd.net *.wistia.net *.onetrust.com *.orca.security googleads.g.doubleclick.net *.googleusercontent.com *.marketo.net orca.security *.wp.com *.linkedin.com static.ads-twitter.com *.hotjar.com stats.g.doubleclick.net t.co *.demandbase.com tracking.g2crowd.com *.hotjar.io wss wss://ws.hotjar.com wss://ws.qualified.com www.google-analytics.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat www.googleoptimize.com www.googletagmanager.com www.youtube.com *.gravatar.com ad.doubleclick.net analytics.twitter.com boards.cdn.greenhouse.io fonts.gstatic.com mc.yandex.ru pagead2.googlesyndication.com pos.baidu.com translate.googleapis.com *.bing.com region1.analytics.google.com api.mkmediaworks.com blob: https://orca.security/5fc9ffbb-97f6-4f2c-b9d4-572461ee66bf cdn.linkedin.oribi.io obseu.segreencolumn.com www.google.cn www.google.com.eg www.google.kg www.google.tm www.gstatic.com www.google.com.bo *.adsrvr.org sentry.io euob.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com *.clarity.ms www.googleadservices.com 5f6b2d0bd0ea9d00689c778b.services.infinigrow.com lh7-us.googleusercontent.com cm.g.doubleclick.net ssl.google-analytics.com www.facebook.com id.rlcdn.com dsum-sec.casalemedia.com partners.tremorhub.com pixel.rubiconproject.com s.w.org token.rubiconproject.com rapidsec.com munchkin.marketo.net o95209.ingest.sentry.io s3.eu-west-1.amazonaws.com translate-pa.googleapis.com *.linkedin.com *.algolia.net orca-2024.go-vip.net *.6sc.co *.6sense.com js.zi-scripts.com ws.zoominfo.com secure.adnxs.com; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' boards.greenhouse.io cdn.cookielaw.org ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net euob.segreencolumn.com fast.wistia.com fast.wistia.net go.orca.security googleads.g.doubleclick.net js.qualified.com munchkin.marketo.net orca.security pi.pardot.com script.hotjar.com static.ads-twitter.com static.hotjar.com stats.wp.com tag.demandbase.com tracking.g2crowd.com try.orca.security www.google-analytics.com www.googleoptimize.com www.googletagmanager.com connect.facebook.net www.google.com www.gstatic.com js.adsrvr.org edge.marker.io obseu.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com www.clarity.ms www.googleadservices.com tpc.googlesyndication.com snap.licdn.com *.6sc.co *.6sense.com; script-src-elem 'self' data: 'unsafe-inline' app.vwo.com boards.greenhouse.io cdn.cookielaw.org cdnjs.cloudflare.com connect.facebook.net ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net *.wistia.com *.wistia.net *.orca.security googleads.g.doubleclick.net *.qualified.com munchkin.marketo.net orca.security *.hotjar.com ssl.google-analytics.com static.ads-twitter.com *.wp.com *.demandbase.com tpc.googlesyndication.com tracking.g2crowd.com *.googleapis.com *.google.com www.google-analytics.com www.googleadservices.com www.googleoptimize.com www.googletagmanager.com yoast.com rapidsec.com s3.eu-central-1.amazonaws.com www.gstatic.com www.youtube.com js.adsrvr.org edge.marker.io api.company-target.com euob.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com *.clarity.ms obseu.segreencolumn.com snap.licdn.com shortstack.services.atlassian.com *.google.ca *.6sc.co *.6sense.com js.zi-scripts.com; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline' orca.security *.orca.security fonts.googleapis.com; style-src-elem 'self' data: 'unsafe-inline' *.qualified.com fonts.googleapis.com *.orca.security orca.security www.googletagmanager.com www.gstatic.com p.typekit.net *.wp.com; style-src-attr 'unsafe-inline'; font-src 'self' data: assets.qualified.com fast.wistia.com fast.wistia.net fonts.gstatic.com github.com *.fontawesome.com orca.security themes.googleusercontent.com use.typekit.net fonts.cdnfonts.com static.zip.co fonts.googleapis.com at.alicdn.com *.orca.security *.wp.com; media-src 'self' app.qualified.com *.wistia.com embedwistia-a.akamaihd.net *.wistia.net ssl.gstatic.com blob: data: www.youtube.com; object-src 'self' *.wistia.com embedwistia-a.akamaihd.net orca.security; child-src 'self' app.qualified.com boards.greenhouse.io fast.wistia.com fast.wistia.net go.orca.security s.company-target.com try.orca.security www.youtube.com blob: *.google.com *.adsrvr.org insight.adsrvr.cn; frame-src 'self' 5gtvu7km85.execute-api.us-east-1.amazonaws.com *.google.com app.qualified.com *.opendns.com boards.greenhouse.io fast.wistia.com fast.wistia.net *.orca.security orca.security s.company-target.com td.doubleclick.net tpc.googlesyndication.com www.googletagmanager.com www.youtube.com *.adsrvr.cn *.adsrvr.org app.marker.io lsrelay-config-production.s3.amazonaws.com obseu.segreencolumn.com obseu.itstarsbuilding.com schools-blocked.s3-website-us-east-1.amazonaws.com login.microsoftonline.us widgets.wp.com; worker-src blob:; frame-ancestors 'self'; form-action 'self' *.orca.security orca.security; manifest-src 'self' orca.security *.orca.security; report-uri https://osweb25b8034a79abb3.report-uri.com/r/t/csp/reportOnly
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;includeSubdomains;preload
content-encoding: br
x-permitted-cross-domain-policies: none
x-powered-by: WordPress VIP <https://wpvip.com>
x-cache: EXPIRED
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1; mode=block
x-rq: hhn1 123 242 443
referrer-policy: no-referrer
server: nginx
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
feature-policy: *
link: <https://orca.security/wp-json/>; rel="https://api.w.org/"

GET
H2 200 mulish-v12-latin-600.woff2
orca.security/wp-content/themes/orca-2023/assets/fonts/mulish/ 11 KB
11 KB 51ms
45ms Font
application/font-woff2 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/assets/fonts/mulish/mulish-v12-latin-600.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

39a40c3f9c0f4b126a8484a03da4f80f6eee667072e86015a425c814e8843b15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

Referer: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 123 243 443
last-modified: Thu, 09 Nov 2023 22:49:01 GMT
server: nginx
etag: "654d61dd-2bf0"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11248

GET
H2 200 mulish-v12-latin-regular.woff2
orca.security/wp-content/themes/orca-2023/assets/fonts/mulish/ 11 KB
11 KB 51ms
45ms Font
application/font-woff2 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/assets/fonts/mulish/mulish-v12-latin-regular.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ad234f0985f2142bb1fa3a281ddf2511d320f84f73422df2b2384f115b4b9131

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

Referer: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 123 242 443
last-modified: Thu, 09 Nov 2023 22:49:01 GMT
server: nginx
etag: "654d61dd-2be0"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11232

GET
H2 200 manrope-v13-latin-500.woff2
orca.security/wp-content/themes/orca-2023/assets/fonts/manrope/ 13 KB
13 KB 51ms
45ms Font
application/font-woff2 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/assets/fonts/manrope/manrope-v13-latin-500.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

45bc49e6099227777b8bc79c88e210c2c53a530c40b3ab0141a25b1f15b581fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

Referer: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 123 243 443
last-modified: Thu, 09 Nov 2023 22:49:01 GMT
server: nginx
etag: "654d61dd-3460"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13408

GET
H2 200 mulish-v12-latin-500.woff2
orca.security/wp-content/themes/orca-2023/assets/fonts/mulish/ 11 KB
11 KB 51ms
46ms Font
application/font-woff2 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/assets/fonts/mulish/mulish-v12-latin-500.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

faf6e6e3573dc6f4be5e7efe63ccd97dbe4b5a63de4ca70f8587566ca91063e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

Referer: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 123 242 443
last-modified: Thu, 09 Nov 2023 22:49:01 GMT
server: nginx
etag: "654d61dd-2bb4"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11188

GET
H2 200 orca.ttf
orca.security/wp-content/themes/orca-2023/assets/fonts/orca/ 5 KB
3 KB 51ms
46ms Font
application/font-ttf 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/assets/fonts/orca/orca.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7b205f4a91ffaf2772eacbe701f3a4072c0875e6749b28ba1eecad9906fb8f41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

Referer: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 09 Nov 2023 22:49:01 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"654d61dd-125c"
vary: Accept-Encoding
x-cache: HIT
content-type: application/font-ttf
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000

GET
H2 200 mulish-v12-latin-italic.woff2
orca.security/wp-content/themes/orca-2023/assets/fonts/mulish/ 12 KB
12 KB 51ms
46ms Font
application/font-woff2 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/assets/fonts/mulish/mulish-v12-latin-italic.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4908c7d8cbedbe4eeecdd60bd0a3e838a1844eb2091fd687ccea805d2176b2cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

Referer: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 123 243 443
last-modified: Thu, 09 Nov 2023 22:49:01 GMT
server: nginx
etag: "654d61dd-2eb8"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11960

GET
H2 200 mulish-v12-latin-700.woff2
orca.security/wp-content/themes/orca-2023/assets/fonts/mulish/ 35 KB
35 KB 51ms
46ms Font
application/font-woff2 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/assets/fonts/mulish/mulish-v12-latin-700.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

363afd630a0ffee17e99b5becafd03af75e353cee12162b372b8c921fb70fb71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

Referer: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 123 242 443
last-modified: Thu, 09 Nov 2023 22:49:01 GMT
server: nginx
etag: "654d61dd-8c84"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 35972

GET
H2 200 mulish-v12-latin-300.woff2
orca.security/wp-content/themes/orca-2023/assets/fonts/mulish/ 11 KB
11 KB 51ms
46ms Font
application/font-woff2 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/assets/fonts/mulish/mulish-v12-latin-300.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

48a1c5357f10501a6c576d99d9dae33a11d3b9fe26f4b135ba3e5f5a757d95e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

Referer: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 123 243 443
last-modified: Thu, 09 Nov 2023 22:49:01 GMT
server: nginx
etag: "654d61dd-2b38"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11064

GET
H2 200 sys-all-real-world-blog-1980.png
orca.security/wp-content/uploads/2024/01/ 105 KB
105 KB 21ms
21ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/sys-all-real-world-blog-1980.png?w=364

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5359c1effe74a75b7c56aadedaf40fc347e4803ed40b48ba21b5a2b89b9c5adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 195 443
last-modified: Wed, 24 Jan 2024 15:20:27 GMT
server: nginx
etag: "92919e1f2bb5da53"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 107396

GET
H2 200 sys-all-risk-blog-1980.png
orca.security/wp-content/uploads/2024/01/ 111 KB
111 KB 21ms
21ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/sys-all-risk-blog-1980.png?w=364

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

615fb10a6705cadeb9a62d38cefbc3e3c745366e69536c0e4bb18d0c0bff8e90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 88 443
last-modified: Wed, 24 Jan 2024 15:27:30 GMT
server: nginx
etag: "c87773624eb3f50a"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 113564

GET
H2 200 BLOG-3-Cloud-Security-Threats-to-Watch-1980px.jpg
orca.security/wp-content/uploads/2023/12/ 38 KB
38 KB 21ms
21ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2023/12/BLOG-3-Cloud-Security-Threats-to-Watch-1980px.jpg?w=364

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6ad21910ff0e53c0df3de8960e92cd8f245cef49bf51506f2e0c993d30b7adf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 32 443
last-modified: Wed, 24 Jan 2024 15:24:24 GMT
server: nginx
etag: "aefc118938070881"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 38934

GET
H2 200 blog_generic_tile.jpg
orca.security/wp-content/uploads/2021/03/ 3 KB
4 KB 21ms
21ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2021/03/blog_generic_tile.jpg?w=362

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0542c5a98349aa30b87a9923c5ccb2dc35014ecf902e82c8e32faec9e4ac3751

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 139 443
last-modified: Wed, 06 Dec 2023 09:10:30 GMT
server: nginx
etag: "b28ecb4338eaabe0"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3542

GET
H2 200 Blog-graphic_Orca-Gartner-CIEM-Report_Feature.jpg
orca.security/wp-content/uploads/2023/05/ 5 KB
5 KB 22ms
21ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2023/05/Blog-graphic_Orca-Gartner-CIEM-Report_Feature.jpg?w=364

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d9a468175191421dd4614dc35cc6209983abdf4691f0eb73c9e622b734d45a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 139 443
last-modified: Wed, 06 Dec 2023 09:10:30 GMT
server: nginx
etag: "4acfc848266abb5b"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4974

GET
H2 200 Blog-graphic_Tag-Cyber-Report-2023_Feature.jpg
orca.security/wp-content/uploads/2023/08/ 9 KB
9 KB 22ms
22ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2023/08/Blog-graphic_Tag-Cyber-Report-2023_Feature.jpg?w=364

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

16f11b299f5229f0087fc6c3ef30e126342f7749b8c5f49b9bd7228064e460a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 83 443
last-modified: Wed, 06 Dec 2023 09:10:30 GMT
server: nginx
etag: "7773c2401d577e4b"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 8946

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 90ms
45ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 850d1ed22c4903a6-FRA
access-control-allow-headers: Content-Type

GET
H2 200 group-divider-wave-2.svg
orca.security/wp-content/themes/orca-2023/dist/images/ 232 B
471 B 20ms
20ms Image
image/svg+xml 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/themes/orca-2023/dist/images/group-divider-wave-2.svg

Requested by

Host: orca.security
URL: https://orca.security/wp-content/themes/orca-2023/dist/css/frontend.css?ver=6df12e57908ee89c36db

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1db6ceb28ebc8d2a17ae00c0be97bcbaad06bb5949d37ef9d5f5562420de0f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

Referer: https://orca.security/wp-content/themes/orca-2023/dist/css/frontend.css?ver=6df12e57908ee89c36db
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 123 243 443
last-modified: Mon, 05 Feb 2024 08:17:51 GMT
server: nginx
etag: "65c099af-e8"
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 232

GET
H2 200 tick.svg
orca.security/wp-content/themes/orca-2023/dist/svg/ 307 B
546 B 20ms
19ms Image
image/svg+xml 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/themes/orca-2023/dist/svg/tick.svg

Requested by

Host: orca.security
URL: https://orca.security/wp-content/themes/orca-2023/dist/css/frontend.css?ver=6df12e57908ee89c36db

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7d5c0fb38611921f53d2572bec0da1dc619d2b98dfebe69614fcd12f03ff5fa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

Referer: https://orca.security/wp-content/themes/orca-2023/dist/css/frontend.css?ver=6df12e57908ee89c36db
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 123 243 443
last-modified: Mon, 05 Feb 2024 08:17:51 GMT
server: nginx
etag: "65c099af-133"
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 307

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 53ms
52ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 18:12:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Wed, 15 May 2024 18:12:13 GMT

GET
H2 200 ct Show response
obseu.itstarsbuilding.com/ 5 KB
2 KB 183ms
73ms Script
text/javascript 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.itstarsbuilding.com/ct?id=46596&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1707156733872&hl=2&op=0&ag=331356233&rand=746721555190720890206799762670078322183500920123697898565601230957218281521262868101&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDQxMTVdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjQsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjozMzM0OTcwMzgyLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDUsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsNSwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCw1LDAsMCwwLDAsMCwwLDAsMiwwIl0sWy0xLCItIl0sWy0yLCI1LGVBSFdYMS9mM3F6Q3Zia3V5bVF3Z2xJYUYzcEVzUkVFVHBvVmRGVkJRUXBSY1JCRlNLSUlnaVJJcjBLaEpScXBTQXRDQWtRSHBJenliYlhwbVpyLzUvZDk2YnpjdVNBUEovR3QiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJwYWVvam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiLFwib2c6dGl0bGVcIixcIm9nOmRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwiLSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNCJdLFstMTgsIlswLDAsMCwxXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiLDE2MDAsMTIwMF0iXSxbLTIwLCItIl0sWy0yMSwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjEwMDAwMDAwLFwidWpoc1wiOjEwMDAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNzA3MTU2NzMzODM1LC0xXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy0zOCwibCwtMSwtMSwxNzQsMCwzOSwwLDAsNDIsNzkwLC0xLDAsMTI2NC44LDEyNjQuOCwxMzQ5LDEzNTAiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsMyxmYWxzZSx0cnVlLG51bGwsMCx0cnVlLHRydWVdIl0sWy00MCwiMzMiXSxbLTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNDMsIjAwMDAwMDAxMDEwMDAwMDEwMDExMTAxMTAwMTAxMTAxMDAwMDAxIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIjYyMCw2NzcsMCwwLDAsNTYyLDAsMCw2NDgsMCwwLDAsMCwwLDAsMCwwLDAsMCw2ODQsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00NywiRXVyb3BlL0Jlcmxpbixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMTAwIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIzMjk5OTEzNjlcIixcIl8xXCIsXCIxOTE5NjY4MzI0XCJdLFwiZFwiOltdLFwiYlwiOltcIjQwNzM2OTg4NjhcIixcIjMwNjg5NzExODZcIl0sXCJzXCI6MX0iXSxbLTU1LCIyIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTU3LCJXRTBaVjF4T2NWaFhYVlZjU3hjRldsWlVTVXhOWEYwSEdXSllTaGxZU1VsVlFHUVpFVnhQV0ZVWldFMFpCVmhYVmxkQVZGWk1TZ2NaRVFNT0F3Z01DUTRJQVJBVkdRVllWMVpYUUZSV1RFb0hBd2dCQXdvSkVCVllUUmw0UzB0WVFCZGNYQmtSVVUxTlNVb0RGaFpjVEZaYkYxQk5TazFZUzBwYlRGQlZYVkJYWGhkYVZsUVdTa0ZKRmxBV0RnMEtDd29CQ1ZwY0NsME1BRndQWEFzQUFGdGFYUWtCQUE1Y0N3bGJBQUFYVTBvRENBTVBEd2dNRFJBVldFMFpUUmRjUVVsV1MwMUtHUkZSVFUxSlNnTVdGbHhNVmxzWFVFMUtUVmhMU2x0TVVGVmRVRmRlRjFwV1ZCWktRVWtXVUJZT0RRb0xDZ0VKV2x3S1hRd0FYQTljQ3c9PSJdLFstNTgsIi0iXSxbLTU5LCJkZWZhdWx0Il0sWy02MCwyMjJdLFstNjEsIntcIndnc2xcIjpcIjA7XCIsXCJwY2ZcIjpcImJncmE4dW5vcm1cIn0iXSxbLTYyLCI4MCJdLFstNjMsIjAiXSxbLTY0LCJbMCxcIlwiLFtdXSJdLFstNjUsIi0iXSxbLTY2LCJnZW9sb2NhdGlvbixzdG9yYWdlYWNjZXNzLGdhbWVwYWQsY2hlY3QsbWlkaSxkaXNwbGF5Y2FwdHVyZSx1c2IsbG9jYWxmb250cyxwaWN0dXJlaW5waWN0dXJlLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LG90cGNyZWRlbnRpYWxzLGNodWFmb3JtZmFjdG9yLGVuY3J5cHRlZG1lZGlhLGNoc2F2ZWRhdGEsY2h1YWZ1bGx2ZXJzaW9ubGlzdCxjaHVhd293NjQsY2hkb3dubGluayxjaHByZWZlcnNjb2xvcnNjaGVtZSxzeW5jeGhyLGNodWFtb2RlbCxjaHByZWZlcnNyZWR1Y2VkdHJhbnNwYXJlbmN5LHNlcmlhbCxjYW1lcmEsY2hwcmVmZXJzcmVkdWNlZG1vdGlvbixwcml2YXRlc3RhdGV0b2tlbmlzc3VhbmNlLGlkZW50aXR5Y3JlZGVudGlhbHNnZXQsY2h1YWZ1bGx2ZXJzaW9uLGZ1bGxzY3JlZW4sY2hkcHIsdW5sb2FkLGtleWJvYXJkbWFwLGNodWFwbGF0Zm9ybSxneXJvc2NvcGUsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LGNodWEsbWFnbmV0b21ldGVyLGFjY2VsZXJvbWV0ZXIscHJpdmF0ZXN0YXRldG9rZW5yZWRlbXB0aW9uLGNodWFhcmNoLHhyc3BhdGlhbHRyYWNraW5nLGlkbGVkZXRlY3Rpb24sY2h1YXBsYXRmb3JtdmVyc2lvbixjaHdpZHRoLGNsaXBib2FyZHJlYWQsY2h2aWV3cG9ydHdpZHRoLHBheW1lbnQsY2h2aWV3cG9ydGhlaWdodCxjaHJ0dCxhdXRvcGxheSxjcm9zc29yaWdpbmlzb2xhdGVkLGhpZCxjaHVhYml0bmVzcyxzY3JlZW53YWtlbG9jayxjbGlwYm9hcmR3cml0ZSxjaGRldmljZW1lbW9yeSxtaWNyb3Bob25lIl0sWy02NywiMjUzMjMxMjg4ODoxOSJdLFstNjgsIi0iXSxbImRkYiIsIjAsNSwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMSw1LDAsNCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCw0LDAsMCwxLDAsMCwwLDE5LDAiXSxbImJuY2giLDYzXSxbImFibmNoIiw2M11d&dep=0&pre=0&sdd=%7B%7D&cri=g07y2ZoTPV&pto=1387&ver=58&gac=-&mei=&ap=&fe=1&duid=1.1707156733.UYTjZoU06Dr9RYcm&suid=1.1707156733.fueDXE4IMmf9JFyF&tuid=1.1707156733.kb3Q4N7E2burpXrL&fbc=-&gtm=W10%3D&it=78%2C1025%2C209&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=
Requested by: Host: euob.itstarsbuilding.com
URL: https://euob.itstarsbuilding.com/sxp/i/7432380ce3d59e6e299bcd0897e20b99.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e0011c21f560ab70909db0c489427690aacea59bd7e3bc8aeffa7063e2c68980

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Mon, 05 Feb 2024 18:12:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1675
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202310.2.0/ 426 KB
103 KB 36ms
36ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

838f4b697deefb701f31eb892e6dde74a92dd7c65d4d56f967bb79c17a66d79e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3zwKFeg02sA5dMnkMN3c/A==
age: 57884
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 105024
x-ms-lease-status: unlocked
last-modified: Tue, 05 Dec 2023 03:37:34 GMT
server: cloudflare
etag: 0x8DBF54385213BD6
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9da7b195-801e-001e-0647-27d55b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 850d1ed2ce7f9c0c-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 302 KB
94 KB 46ms
46ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZJX9BKF7WR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4bd542c7687a0e1805747c90bf86077c71dc40ce6bbdbb087cd64c4337a138bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96556
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 05 Feb 2024 18:12:13 GMT

GET
H2 200 attributionSnippet.js Show response
ddzuuyx7zj81k.cloudfront.net/1.0.0/ 6 KB
2 KB 71ms
20ms Script
application/javascript 2600:9000:2057:9200:8:8d2f:9e00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ddzuuyx7zj81k.cloudfront.net/1.0.0/attributionSnippet.js
Requested by: Host: csj7v04.na1.hubspotlinks.com
URL: https://csj7v04.na1.hubspotlinks.com/Ctc/WZ*113/csJ7V04/VVN21p17-RXbN1gt0bhb_57RW3Z50n1596QwBMmLVTq3qn9gW95jsWP6lZ3q7VhY8pk3-cJJBW63P7Kt6tJG8xW65TDLJ7v1YqZW5fwRVK3hyTDSW6m3XmC4BByZZW5jJ4Rn78LV12W26lgjb8G84WpW62NpDN2C7Q1mW8cpPyg8h8cZWSZcS3jS3vcW2k7d7M4sRx3dN31Tk0QJMHGXW7_FGJx5hf1jJW4t1xXP7bDMZ9W5Wm--47hmCmtW2rVpRK5x0SPYW125MYL24F-LWW52Q1GL9fgYV8W3gmqKr3xhvTrW3f3ntV5_FtcGW4Q7B0X52slP5W8TKZZV11TP4NW92Sv1634KrBnVpmFH032c6pXW8Jffg46y4gnpW7TnPVn1y_XydW1_9Llj15JW6JW2k3TxZ45_q4JN28dR9r4zJYmW3VtZRC5XzzP_f8swMtl04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:8:8d2f:9e00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a26c6b08f043efef7e236eb6464e096f0d0a995c35c5f6074d4cc1c695cbe9b0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: BzkI61eYFyewX6x0l7i6i82MeoDOtTMn
content-encoding: gzip
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
date: Mon, 05 Feb 2024 06:36:38 GMT
last-modified: Mon, 18 Jul 2022 15:25:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 41738
etag: W/"03d2c7ecc77b0dbf04fecc51b018a287"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 2M1W8TTAW37BS0Tpylq4IyH46TyQUuzNdEwHt1W6l0UWNB1bLpe22w==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 43 KB
16 KB 119ms
34ms Script
application/javascript 2a02:26f0:3500:16::215:1486
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 14:42:29 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=27048
accept-ranges: bytes
content-length: 15732

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 89ms
26ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220093-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/653025264/ 3 KB
2 KB 110ms
62ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/653025264/?random=1707156733892&cv=11&fst=1707156733892&bg=ffffff&guid=ON&async=1&gtm=45He41v0v812157982za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&hn=www.googleadservices.com&frm=0&tiba=Sys%3AAll%20Google%20Kubernetes%20Engine%20Risk%20-%20Complete%20Cloud%20Security%20in%20Minutes%20-%20Orca%20Security&npa=0&pscdl=noapi&auid=2055165553.1707156734&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623e3852c1989c9235033682fbc0b982575a5bace72edb365cacbeaacad52a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1520
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3724.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
1 KB 191ms
134ms Script
text/javascript 2606:4700:4400::6812:2b1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/3724.js?p=https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email&e=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:14 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
x-xss-protection: 1; mode=block
x-request-id: 828d921d-f326-4bfc-bd01-5208809c438f
x-runtime: 0.003341
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
cf-ray: 850d1ed348fe65df-FRA

GET
H2 200 qualified.js Show response
js.qualified.com/ 628 KB
154 KB 520ms
466ms Script
text/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.qualified.com/qualified.js?token=gndr1NireXGRNRuC

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2d8bf5b0772b229545b280469bd369be63583d4209c3e0c0436c28b6754c131

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:14 GMT
content-encoding: gzip
via: 1.1 spaces-router (devel)
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: MISS
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 6e5b2db4-cfaa-3d31-9fbf-a14bd3d0a8d7
pragma: no-cache
x-runtime: 0.025528
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"c2d8bf5b0772b229545b280469bd369b"
x-download-options: noopen
vary: Accept,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 850d1ed33b2d4db1-FRA
expires: Mon, 05 Feb 2024 22:12:14 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 73ms
19ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 07:53:59 GMT
Content-Encoding: gzip
Via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
Last-Modified: Wed, 17 Jan 2024 00:44:59 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 38606
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: M_RCJ-Fe5lH6wdqRnkgE_dIl3lYe6VM7P-JQ229LKcERDcSxwkIfMQ==

GET
H2 200 jjtdo160k2 Show response
www.clarity.ms/tag/ 1018 B
1 KB 187ms
141ms Script
application/x-javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/jjtdo160k2
Requested by: Host: csj7v04.na1.hubspotlinks.com
URL: https://csj7v04.na1.hubspotlinks.com/Ctc/WZ*113/csJ7V04/VVN21p17-RXbN1gt0bhb_57RW3Z50n1596QwBMmLVTq3qn9gW95jsWP6lZ3q7VhY8pk3-cJJBW63P7Kt6tJG8xW65TDLJ7v1YqZW5fwRVK3hyTDSW6m3XmC4BByZZW5jJ4Rn78LV12W26lgjb8G84WpW62NpDN2C7Q1mW8cpPyg8h8cZWSZcS3jS3vcW2k7d7M4sRx3dN31Tk0QJMHGXW7_FGJx5hf1jJW4t1xXP7bDMZ9W5Wm--47hmCmtW2rVpRK5x0SPYW125MYL24F-LWW52Q1GL9fgYV8W3gmqKr3xhvTrW3f3ntV5_FtcGW4Q7B0X52slP5W8TKZZV11TP4NW92Sv1634KrBnVpmFH032c6pXW8Jffg46y4gnpW7TnPVn1y_XydW1_9Llj15JW6JW2k3TxZ45_q4JN28dR9r4zJYmW3VtZRC5XzzP_f8swMtl04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 90b6978787e0c0f87185cdad7d27af111e5451ff908ba2967102875fd9f9a4b3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: -1
date: Mon, 05 Feb 2024 18:12:14 GMT
x-azure-ref: 20240205T181213Z-dryh0n89dt003bn84nx2e5dvw000000001s0000000004pey
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1018
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 2aa3d219-295b-4023-ba43-3c4bfa09c5a7.js Show response
j.6sc.co/j/ 4 KB
2 KB 588ms
480ms Script
application/javascript 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/j/2aa3d219-295b-4023-ba43-3c4bfa09c5a7.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-184.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1acd2ddce44226de9ce45da431ad15a4d8512202bf04d9922dd876e2c845de7a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: rIcVh1GRdggcHOX5GHUwfI7EvVym_rU8
content-encoding: gzip
date: Mon, 05 Feb 2024 18:12:14 GMT
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
x-amz-meta-content-type: application/json
content-length: 1458
pragma: no-cache
last-modified: Mon, 08 Jan 2024 20:57:47 GMT
server: AmazonS3
etag: "de9073de708de22d699ee5d86f3a0eb7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: bdnJ9QOgyDCjzlYkn-_m9LNsJuNZvY6nMKfWDjLKeGHdgSlQXWgrmg==
expires: Mon, 05 Feb 2024 18:12:14 GMT

POST
H/1.1 200
OK visitWebPage
796-pbw-559.mktoresp.com/webevents/ 2 B
318 B 690ms
123ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://796-pbw-559.mktoresp.com/webevents/visitWebPage?_mchNc=1707156733900&_mchCn=&_mchId=796-PBW-559&_mchTk=_mch-orca.security-1707156733900-85791&_mchHo=orca.security&_mchPo=&_mchRu=%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=utm_campaign%3D2024.Q4_Noiseless_Newsletter__-__utm_medium%3Demail__-___hsmi%3D292730673__-___hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU__-__utm_content%3D292730673__-__utm_source%3Dhs_email
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 18:12:14 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 46694f6a-1742-44a2-a1f1-a3c38b15cd22

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/a3c4add2-fbd3-4f71-9383-50362de53378/10406ee8-b1d5-4a31-b330-04b7441eefd3/ 74 KB
14 KB 41ms
41ms Fetch
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/a3c4add2-fbd3-4f71-9383-50362de53378/10406ee8-b1d5-4a31-b330-04b7441eefd3/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8f6428d72ad132b9dfa15bfe9c9023323fc4e180e62d5f02b54eff2f2eebce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 05 Feb 2024 18:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 38948
content-md5: gycSmHhjk0z5LYh+7k8xwA==
content-length: 14639
x-ms-lease-status: unlocked
last-modified: Mon, 13 Nov 2023 14:30:43 GMT
server: cloudflare
etag: 0x8DBE4551E5CEAF4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1eb232c4-301e-0069-253e-1600cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 850d1ed33e77902e-FRA
expires: Tue, 06 Feb 2024 18:12:13 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 76ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZJX9BKF7WR&gtm=45je41v0v892696919z8812157982za200&_p=1707156733597&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1756857297.1707156734&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1707156734&sct=1&seg=0&dl=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&dt=Sys%3AAll%20Google%20Kubernetes%20Engine%20Risk%20-%20Complete%20Cloud%20Security%20in%20Minutes%20-%20Orca%20Security&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=Blog%20Pages&tfd=1572
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZJX9BKF7WR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 18:12:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://orca.security
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 87ms
30ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZJX9BKF7WR&cid=1756857297.1707156734&gtm=45je41v0v892696919z8812157982za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZJX9BKF7WR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 18:12:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://orca.security
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 102ms
54ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZJX9BKF7WR&cid=1756857297.1707156734&gtm=45je41v0v892696919z8812157982za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=2147417697

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 18:12:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK queries
abzbmmyyoz-dsn.algolia.net/1/indexes/*/ Frame 0
0 548ms
172ms Preflight
text/plain 209.58.139.207
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to

Full URL

https://abzbmmyyoz-dsn.algolia.net/1/indexes/*/queries?x-algolia-agent=Algolia%20for%20JavaScript%20(4.22.0)%3B%20Browser%3B%20instantsearch.js%20(4.63.0)%3B%20JS%20Helper%20(3.16.1)

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.58.139.207 Hayward, United States, ASN7203 (LEASEWEB-USA-SFO, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-algolia-api-key,x-algolia-application-id
Access-Control-Request-Method: POST
Origin: https://orca.security
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: x-algolia-application-id, connection, origin, x-algolia-api-key, content-type, content-length, x-algolia-signature, x-algolia-user-id, x-algolia-usertoken, x-algolia-tagfilters, DNT, X-Mx-ReqToken, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Authorization, Accept, Pragma
Access-Control-Allow-Methods: GET, PUT, DELETE, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=86400
Connection: keep-alive
Content-Disposition: inline; filename=a.txt
Content-Length: 0
Content-Type: text/plain
Date: Mon, 05 Feb 2024 18:12:14 GMT
Expires: Tue, 06 Feb 2024 18:12:14 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 31ms
21ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=226218700&post=62652&tz=-8&srv=orca.security&hp=vip&j=1%3A13.0&host=orca.security&ref=&fcp=1265&utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&utm_content=292730673&utm_source=hs_email&rand=0.4650561034778109
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 05 Feb 2024 18:12:14 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 getForm Show response
try.orca.security/index.php/form/ 3 KB
1 KB 776ms
776ms Script
application/javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://try.orca.security/index.php/form/getForm?munchkinId=796-PBW-559&form=1486&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F&callback=jQuery371030593519528809443_1707156733951&_=1707156733952
Requested by: Host: try.orca.security
URL: https://try.orca.security/js/forms2/js/forms2.min.js?ver=0.1.0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c67edceec71205b1f01e66f7efe0eda424984fa2b0c55ac5803cdbd24b9c3299

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-form-service-request-id: 13fe#18d7a78812e
x-marketo-source: Form Service
cf-ray: 850d1ed41fd0bbce-FRA
cached: false

GET
H2 200 getForm Show response
try.orca.security/index.php/form/ 3 KB
2 KB 689ms
689ms Script
application/javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://try.orca.security/index.php/form/getForm?munchkinId=796-PBW-559&form=1047&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F&callback=jQuery371030593519528809443_1707156733953&_=1707156733954
Requested by: Host: try.orca.security
URL: https://try.orca.security/js/forms2/js/forms2.min.js?ver=0.1.0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87f7df8fe494dd048407a83219d86a77157d0b2fcefcdf095ad34bbb67ac91ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-form-service-request-id: 184a6#18d7a788130
x-marketo-source: Form Service
cf-ray: 850d1ed41fd7bbce-FRA
cached: false

POST
H/1.1 200
OK queries Show response
abzbmmyyoz-dsn.algolia.net/1/indexes/*/ 34 KB
12 KB 175ms
174ms XHR
application/json 209.58.139.207
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to

Full URL

https://abzbmmyyoz-dsn.algolia.net/1/indexes/*/queries?x-algolia-agent=Algolia%20for%20JavaScript%20(4.22.0)%3B%20Browser%3B%20instantsearch.js%20(4.63.0)%3B%20JS%20Helper%20(3.16.1)

Requested by

Host: orca.security
URL: https://orca.security/wp-content/themes/orca-2023/dist/js/top-nav-search-algolia.js?ver=cdaff79ecccd0bdb94e6

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.58.139.207 Hayward, United States, ASN7203 (LEASEWEB-USA-SFO, US),

Reverse DNS

Software

nginx /

Resource Hash

38e238eeec5fbae356cd734a9e75fe8f4467b0dd87f78fa0512150bf65ee3170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

x-algolia-application-id: ABZBMMYYOZ
Referer
x-algolia-api-key: f34560540828ce88849184b90fcd7967
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

Date: Mon, 05 Feb 2024 18:12:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Accept-Encoding: deflate, gzip
X-Alg-PT: 1
Server: nginx
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Disposition: inline; filename=a.txt
Connection: keep-alive
Timing-Allow-Origin: *

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

OPTIONS
H2 204 setcookie2
5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/ Frame 0
0 239ms
181ms Preflight 18.245.46.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/setcookie2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-27.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://orca.security
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Length,Content-Type
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD
access-control-allow-origin: https://orca.security
access-control-max-age: 43200
date: Mon, 05 Feb 2024 18:12:14 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 fd87ab1d9a433dd02274380a706bf7d2.cloudfront.net (CloudFront)
x-amz-apigw-id: SrK3xGjiPHcEU6Q=
x-amz-cf-id: TGBvO4BdLN8P7jxd8kivzrqXVFm-k2LQIvl3ow_LFv9kVU2jjMENEg==
x-amz-cf-pop: FRA56-P9
x-amzn-requestid: e2d6967d-5a55-4cfb-b6ab-c23d8f03677d
x-amzn-trace-id: Root=1-65c124fe-026bc6841a46357528efc4fd;Sampled=0;lineage=ccf2bc8d:0
x-cache: Miss from cloudfront

POST
H2 200 setcookie2 Show response
5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/ 15 B
693 B 512ms
465ms Fetch
application/json 18.245.46.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/setcookie2
Requested by: Host: ddzuuyx7zj81k.cloudfront.net
URL: https://ddzuuyx7zj81k.cloudfront.net/1.0.0/attributionSnippet.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-27.fra56.r.cloudfront.net
Software: /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 05 Feb 2024 18:12:14 GMT
via: 1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
x-amzn-trace-id: Root=1-65c124fe-43393ba42875b0c94fe0baac;Sampled=0;lineage=ccf2bc8d:0
x-amzn-requestid: da2336df-818a-4e6a-b071-980d0820d7cb
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://orca.security
access-control-allow-credentials: true
x-amz-apigw-id: SrK32HF0vHcEgDA=
content-length: 15
x-amz-cf-id: fnA5LNvy8vIUZifj_JgD_nNzxmSElXdJrvv-LiGOkve0ImV_SqEtgw==

GET
H2 200 otFloatingRoundedCorner.json Show response
cdn.cookielaw.org/scripttemplates/202310.2.0/assets/ 10 KB
3 KB 35ms
34ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.2.0/assets/otFloatingRoundedCorner.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3260db446188242293e04a658411e44c6175108bc5d8b7e7676e8786d4f0501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 05 Feb 2024 18:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2Y4BaIugw6ewXFLkp9h9fg==
age: 13312
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2627
x-ms-lease-status: unlocked
last-modified: Tue, 05 Dec 2023 03:37:28 GMT
server: cloudflare
etag: 0x8DBF54381A0CE39
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 1e42c8d3-601e-004b-485c-27c5d0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 850d1ed46fa7902e-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202310.2.0/assets/v2/ 63 KB
14 KB 33ms
32ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.2.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8f71867a6991d5a1ba2b9cd33000e8d8691f6ba8864516946b62087de93aa85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 05 Feb 2024 18:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9LM0+2zXH90ABPPSdPNeWw==
age: 2784
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13595
x-ms-lease-status: unlocked
last-modified: Tue, 05 Dec 2023 03:37:29 GMT
server: cloudflare
etag: 0x8DBF543822D49AF
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 79293141-901e-0094-7a5a-278eea000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 850d1ed46fad902e-FRA

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202310.2.0/assets/ 5 KB
2 KB 36ms
35ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.2.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7429ba59299387d5b2445949464b6b58111c47c8363459c1dfe16a541ff0c397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 05 Feb 2024 18:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: HZ4CF8sFCthNRNvjE80iGw==
age: 13232
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1766
x-ms-lease-status: unlocked
last-modified: Tue, 05 Dec 2023 03:37:29 GMT
server: cloudflare
etag: 0x8DBF54381B7D553
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ecd479ab-701e-0078-6998-279a7b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 850d1ed46fae902e-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202310.2.0/assets/ 21 KB
4 KB 33ms
33ms Fetch
text/css 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 05 Feb 2024 18:12:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 13232
x-ms-lease-status: unlocked
last-modified: Tue, 05 Dec 2023 03:37:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: e78f1be5-d01e-0085-3797-27145e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 850d1ed46faf902e-FRA

GET adsct
t.co/i/ 0
0

GET adsct
analytics.twitter.com/i/ 0
0

GET
H2 200 /
www.google.com/pagead/1p-user-list/653025264/ 42 B
455 B 79ms
31ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/653025264/?random=1707156733892&cv=11&fst=1707156000000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v812157982za200&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&frm=0&tiba=Sys%3AAll%20Google%20Kubernetes%20Engine%20Risk%20-%20Complete%20Cloud%20Security%20in%20Minutes%20-%20Orca%20Security&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_5Fw7Y-aZmvY_Ac2Swxe2xgs9k0SGuA&random=1255702108&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 18:12:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/653025264/ 42 B
154 B 33ms
32ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/653025264/?random=1707156733892&cv=11&fst=1707156000000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v812157982za200&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&frm=0&tiba=Sys%3AAll%20Google%20Kubernetes%20Engine%20Risk%20-%20Complete%20Cloud%20Security%20in%20Minutes%20-%20Orca%20Security&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_5Fw7Y-aZmvY_Ac2Swxe2xgs9k0SGuA&random=1255702108&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 18:12:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1707156734140&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1707156734140&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4...

0
480 B

247ms
174ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1707156734140&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&e_ipv6=AQK1D6Xi_WL74QAAAY16eIFb8PIS5ciFdZM-7qa0avML7SJCqXLdo2LKG_TQZZ5ZPYjPpIPZw7Jt4FTM3DRwYFr0stBy-A
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:14 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 89EFE239916846D393B81754490924BF Ref B: FRAEDGE1317 Ref C: 2024-02-05T18:12:14Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-ltx1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQpma9EKRj/Bt8ftVh8w==

Redirect headers

date: Mon, 05 Feb 2024 18:12:13 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 3285499A04D34382BE53595D8EB789D6 Ref B: DUS30EDGE0714 Ref C: 2024-02-05T18:12:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1707156734140&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&e_ipv6=AQK1D6Xi_WL74QAAAY16eIFb8PIS5ciFdZM-7qa0avML7SJCqXLdo2LKG_TQZZ5ZPYjPpIPZw7Jt4FTM3DRwYFr0stBy-A
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQpma5NYFNQW4htNguzA==

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
699 B 192ms
121ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 05 Feb 2024 18:12:13 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 2F5586D205114D69A62AFA8747E78B9B Ref B: DUS30EDGE0714 Ref C: 2024-02-05T18:12:14Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://orca.security
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYQpma427QwNyVHVoUVBA==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
75 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-653025264

Requested by

Host: euob.itstarsbuilding.com
URL: https://euob.itstarsbuilding.com/sxp/i/7432380ce3d59e6e299bcd0897e20b99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02f2b180fafc944c4f23dfb37711e5427c90ee3bb9b5339e6e82283aa51cd7b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76616
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 05 Feb 2024 18:12:14 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
75 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-653025264&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ebbff6510a780fae81a8a10f1f529fde2e10de0069fba99d4267124e59d5f7f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76638
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 05 Feb 2024 18:12:14 GMT

GET
H2 200 tc_imp.gif
obseu.itstarsbuilding.com/tracker/ 43 B
79 B 48ms
48ms Image
image/gif 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obseu.itstarsbuilding.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126ae9c630ec4089999225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a1788642117071a10acf9f29f674e8384885125381faa7e7500806dd96395073902269407060c32060c94eb681b77be26bb25cb43e2913bf05365ad5f2b7a1bdb53ed46f497d7df3ebb2907fe7fcafc0139dd0e3943791593870563a660b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a7958677a0dbdf5cec489d5b3772aeb9cce4b46d8fd9e16c893008c3e5db6e4d57e56b7df9c21464b8d1f27d8e53a94eb2d51dc34fcd992c926d3dc29d228d66c481befb9df3f1477fe425b7bbfd2a5728ae9621cca648a11d0245971e509acf8ed8c0ffc921cf2bc78ebe9e63a36c7c25896f3b9593800327dee576e610fc82029579a132474659c938b842d5d0ae78a88b3fd11bf6c0dbd76285554322ed55055a331469d1a35eb546dbde842fa0923aadc27c8ccedaa840a3bdec4e61708ff84f79f7b01c4b0cf3faf433e62cdfae0180bd7be625e56c980689458ef42aa84264b9f79f64363d67002a0d5b14bc8ed42f875ce4480e415886f50b95851177abe99be1be11be9e95b8f19ceaa30e3d55943d83ee1a2b82371645bf353b231a8e7bed1473bd8fbc3be01e9427f8ee70cccb71e27d6c5f757d2167d88ab8d9562d35c7701b90d6d9b8d6973c5fe3ead82bdcc92178aebb10651d9ae78e0543ed4ddc1dc461be63da6ac68d57b2c757f4decc8ff7143db1a46e3dc67ba484b2ac159c6a331513d12c1e3ff2fc1acdbf41c7c1d8a70190d6de6f1c2b55ea68b90fab49a0c33cc7711c7f53307e7ce8469cd2215fab1bb5b5e9278bdd478d6861ea406e269bf4c3480fb824b7cc4598153b1258a0297fdabddd7a980f6bdb8153e18ccfe3921c8b1b0c7544b62e7a0c8e9a1e02a820f5a9905ed38ab9501905f6782a1a19dd0b42b0cb9d4448c53c35aac3954bdbc9a8d34b60e622b16c775fcc4e2263d6cc19478ad0ffcbe1ba10fd39a468c926c2861ed9eef02a2bf28547cb82a3b3c7f1cad032428dfa38539b3b8e179e58e1f836aecfcfc96cb386d5f8fb5a6695e1e6fe40dd49895216621474d7913936dc62f640d48a36ad1f34ff6c5ece33b3926275a56773105981f5d82d86d9423f78472cd4d9c1a793289611bcb02f3f96821308665d7b6d7aba77a1f16956e0a6d7c5e3a7a3aabbcc2bfc90e37b70171807752c121f836c3e5ba8a1f1e634a8943e5080844db296518792c2cd9aeab31ff8439c148646dad0d5bf9e2b7ab3a6c2ca7b670d229bd1cae23512a08d48601ead6ea3266e1de653ba3ecb3721ee1d34cdc9feafd5a5d284c223c30788882ddc8ed0c965b8caa6614c9d8c996bfc63eeb5d65066d68f2793f8736ffd4059fe4c0d334538ebcf270dba08712626fa2dc390ac2d14e42c451875cee2ebba6b8b027d6ba1eaa989cd39af036b495e627d817f2a2af83b13b68c9a202d3e49377625de442b4ed8ad331f6ae9ca41846456a3e6818718fdd37d23a44756eaae209fdc&cri=g07y2ZoTPV&ts=286&cb=1707156734158
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Mon, 05 Feb 2024 18:12:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 44ms
44ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jjtdo160k2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:14 GMT
content-encoding: br
last-modified: Wed, 24 Jan 2024 14:33:55 GMT
etag: W/"0x8DC1CE97EB406F9"
vary: Accept-Encoding
x-azure-ref: 20240205T181214Z-dryh0n89dt003bn84nx2e5dvw000000001s0000000004ph7
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 53bd29fa-901e-0009-7069-576b08000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
BLOB 200
OK 36e383a2-97ac-49c7-8398-4c8dc6a979d5
https://orca.security/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://orca.security/36e383a2-97ac-49c7-8398-4c8dc6a979d5
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4a948a23e2d04e587644db224d73ca646841d52fb62c5176a0c5fa4beb2bcff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 261
Content-Type

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
623 B 33ms
32ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 05 Feb 2024 18:12:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 36422
x-ms-lease-status: unlocked
last-modified: Mon, 05 Feb 2024 03:34:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: cd2f223d-101e-009a-45ef-57a75a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 850d1ed4b8ad9c0c-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
508 B 32ms
31ms Fetch
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 05 Feb 2024 18:12:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 9457
x-ms-lease-status: unlocked
last-modified: Mon, 05 Feb 2024 08:11:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: d20cfaae-a01e-008f-1f46-58b0e9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 850d1ed4c80c902e-FRA

GET
H2 200 orca-security-logo-color.png
cdn.cookielaw.org/logos/dcf8fc76-8b70-468b-b48a-fba6d56d1473/a3c4add2-fbd3-4f71-9383-50362de53378/f7124552-7f1a-4036-ac4c-3aa5a38b34f6/ 4 KB
4 KB 31ms
30ms Image
image/png 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/dcf8fc76-8b70-468b-b48a-fba6d56d1473/a3c4add2-fbd3-4f71-9383-50362de53378/f7124552-7f1a-4036-ac4c-3aa5a38b34f6/orca-security-logo-color.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee5b2d55502f6214cbf45878d363cbf9304ee7cc6def3f561de93c7b6f71b0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 05 Feb 2024 18:12:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 4Ni50z3v+cUUi4EhnHO0mQ==
age: 75088
content-length: 3663
x-ms-lease-status: unlocked
last-modified: Mon, 13 Nov 2023 14:28:50 GMT
server: cloudflare
etag: 0x8DBE454DB125952
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: a8747f8a-d01e-0013-363d-161d8f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 850d1ed4e8d49c0c-FRA

GET
H2 200 orca-security-logo-color.png
cdn.cookielaw.org/logos/dcf8fc76-8b70-468b-b48a-fba6d56d1473/a3c4add2-fbd3-4f71-9383-50362de53378/2771c3fc-ed10-440d-811e-c8c8689bfda4/ 4 KB
4 KB 32ms
32ms Image
image/png 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/dcf8fc76-8b70-468b-b48a-fba6d56d1473/a3c4add2-fbd3-4f71-9383-50362de53378/2771c3fc-ed10-440d-811e-c8c8689bfda4/orca-security-logo-color.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee5b2d55502f6214cbf45878d363cbf9304ee7cc6def3f561de93c7b6f71b0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 05 Feb 2024 18:12:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 4Ni50z3v+cUUi4EhnHO0mQ==
age: 75088
content-length: 3663
x-ms-lease-status: unlocked
last-modified: Mon, 13 Nov 2023 14:28:50 GMT
server: cloudflare
etag: 0x8DBE454DAD86687
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: f8444c4e-b01e-0067-373d-16297f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 850d1ed4e8d59c0c-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 34ms
34ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 05 Feb 2024 18:12:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 44094
x-ms-lease-status: unlocked
last-modified: Mon, 05 Feb 2024 03:34:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 835cbc65-e01e-008e-3ee7-57ef35000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 850d1ed4e8d79c0c-FRA

GET
BLOB 200
OK 777c3aa8-a6d7-4698-9f92-f8c3fe042f5f
https://orca.security/ 529 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://orca.security/777c3aa8-a6d7-4698-9f92-f8c3fe042f5f
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdb565b4c1e72eef8ba9d4065670a81a271a3f1fd05c9a999300889873596ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 529
Content-Type

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/653025264/ 3 KB
2 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/653025264/?random=1707156734275&cv=11&fst=1707156734275&bg=ffffff&guid=ON&async=1&gtm=45be41v0v9102553540za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&hn=www.googleadservices.com&frm=0&tiba=Sys%3AAll%20Google%20Kubernetes%20Engine%20Risk%20-%20Complete%20Cloud%20Security%20in%20Minutes%20-%20Orca%20Security&npa=0&pscdl=noapi&auid=2055165553.1707156734&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-653025264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0eeccc71d03aaf90c9601ded8c5eb608822168133d5ef3e0bc0e3592ff90f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 18:12:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1561
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/653025264/ 3 KB
2 KB 134ms
67ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/653025264/?random=1707156734281&cv=11&fst=1707156734281&bg=ffffff&guid=ON&async=1&gtm=45be41v0v9102553540za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&label=lhAwCM2ZnfUYEPC_sbcC&hn=www.googleadservices.com&frm=0&tiba=Sys%3AAll%20Google%20Kubernetes%20Engine%20Risk%20-%20Complete%20Cloud%20Security%20in%20Minutes%20-%20Orca%20Security&gtm_ee=1&npa=0&pscdl=noapi&auid=2055165553.1707156734&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-653025264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

f6022d38e15c383e4bb8a154b49e435a19b8e4fd611b4a5bef52d9b4924cc9f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 18:12:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
293 B 650ms
266ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://orca.security
Date: Mon, 05 Feb 2024 18:12:14 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 /
www.google.com/pagead/1p-user-list/653025264/ 42 B
108 B 34ms
33ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/653025264/?random=1707156734275&cv=11&fst=1707156000000&bg=ffffff&guid=ON&async=1&gtm=45be41v0v9102553540za200&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&frm=0&tiba=Sys%3AAll%20Google%20Kubernetes%20Engine%20Risk%20-%20Complete%20Cloud%20Security%20in%20Minutes%20-%20Orca%20Security&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_20vU4sXwyGBV49tgpwukXCGXUGQlz-R_ZN6OLjSJ-KrPiGb-&random=1520636554&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 18:12:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/653025264/ 42 B
108 B 32ms
31ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/653025264/?random=1707156734275&cv=11&fst=1707156000000&bg=ffffff&guid=ON&async=1&gtm=45be41v0v9102553540za200&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&frm=0&tiba=Sys%3AAll%20Google%20Kubernetes%20Engine%20Risk%20-%20Complete%20Cloud%20Security%20in%20Minutes%20-%20Orca%20Security&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_20vU4sXwyGBV49tgpwukXCGXUGQlz-R_ZN6OLjSJ-KrPiGb-&random=1520636554&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 18:12:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/653025264/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/653025264/?random=646219291&cv=11&fst=1707156734281&bg=ffffff&guid=ON&async=1&gtm=45be41v0v9102553540za200&gcd=13l3l3l3l1&dma_cps=sy...
https://www.google.com/pagead/1p-conversion/653025264/?random=646219291&cv=11&fst=1707156734281&bg=ffffff&guid=ON&async=1&gtm=45be41v0v9102553540za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u...
https://www.google.de/pagead/1p-conversion/653025264/?random=646219291&cv=11&fst=1707156734281&bg=ffffff&guid=ON&async=1&gtm=45be41v0v9102553540za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_...

42 B
64 B

37ms
37ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/653025264/?random=646219291&cv=11&fst=1707156734281&bg=ffffff&guid=ON&async=1&gtm=45be41v0v9102553540za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&label=lhAwCM2ZnfUYEPC_sbcC&hn=www.googleadservices.com&frm=0&tiba=Sys%3AAll%20Google%20Kubernetes%20Engine%20Risk%20-%20Complete%20Cloud%20Security%20in%20Minutes%20-%20Orca%20Security&gtm_ee=1&npa=0&pscdl=noapi&auid=2055165553.1707156734&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CIK9sQII7LuxAg&pscrd=Ek9DaEVJZ0t1Q3JnWVE1ZWotdUtiVWxNSDJBUkltQUZLSW82Qlhhb1dDVVZOX1ZvU0xrbnFmNU9LWFRmbW5hMUdzc0g5Q1gwNmswaWdvTEMwGlpDaEVJZ0t1Q3JnWVFzZURXdWUzUDVOXzVBUkl1QUxsSkQ0QTRCMy1wZ2lnbW1vTENJLTcxbl84SXZjOXNZblhnd1BJWHM2cFc1N1J0cHVmeDA4TWg3MTZGMVEiEwid_Om15pSEAxXC1TsCHawbCmwyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&ocp_id=_iTBZZ2FF8Kr78EPrLeo4AY&cid=CAQSKQAvHhf_puNAoZrWaA4anhxyQHlk-yiHKmZIa98qHgrKKkwbh3pux-32&random=3106953937&ipr=y

Requested by

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 18:12:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Feb 2024 18:12:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/653025264/?random=646219291&cv=11&fst=1707156734281&bg=ffffff&guid=ON&async=1&gtm=45be41v0v9102553540za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&label=lhAwCM2ZnfUYEPC_sbcC&hn=www.googleadservices.com&frm=0&tiba=Sys%3AAll%20Google%20Kubernetes%20Engine%20Risk%20-%20Complete%20Cloud%20Security%20in%20Minutes%20-%20Orca%20Security&gtm_ee=1&npa=0&pscdl=noapi&auid=2055165553.1707156734&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CIK9sQII7LuxAg&pscrd=Ek9DaEVJZ0t1Q3JnWVE1ZWotdUtiVWxNSDJBUkltQUZLSW82Qlhhb1dDVVZOX1ZvU0xrbnFmNU9LWFRmbW5hMUdzc0g5Q1gwNmswaWdvTEMwGlpDaEVJZ0t1Q3JnWVFzZURXdWUzUDVOXzVBUkl1QUxsSkQ0QTRCMy1wZ2lnbW1vTENJLTcxbl84SXZjOXNZblhnd1BJWHM2cFc1N1J0cHVmeDA4TWg3MTZGMVEiEwid_Om15pSEAxXC1TsCHawbCmwyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&ocp_id=_iTBZZ2FF8Kr78EPrLeo4AY&cid=CAQSKQAvHhf_puNAoZrWaA4anhxyQHlk-yiHKmZIa98qHgrKKkwbh3pux-32&random=3106953937&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 64 KB
17 KB 58ms
58ms Script
application/javascript 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/j/2aa3d219-295b-4023-ba43-3c4bfa09c5a7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

2d699428fb1a87452cb15775f3e9a531b9c8a98bfa41be2a24be4814ff0a5baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 18:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 22:26:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "65836a29-fee9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 17567
expires: Mon, 05 Feb 2024 18:12:14 GMT

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
701 B 101ms
32ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 18:12:14 GMT
an-x-request-uuid: 326ba463-fc9b-4232-872e-0c6bb235570d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://orca.security
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.133; 217.114.215.133; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
191 B 36ms
35ms XHR
text/html 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:14 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://orca.security
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 36 B
336 B 114ms
22ms XHR
text/html 2a02:26f0:480:21::217:d11c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:21::217:d11c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ee7e17b90de54189aa08beab196e8aece1604d228884022423ffd4d101754948

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 18:12:14 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://orca.security
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2001:1b60:1010:3:1011:dddc:808a:a77c
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1707156734765_389993820_872596518_25_1189_18_39_219";dur=1
content-length: 36
expires: Mon, 05 Feb 2024 18:12:14 GMT

GET
H2 200 forms2.css
try.orca.security/js/forms2/css/ 13 KB
3 KB 67ms
66ms Stylesheet
text/css 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://try.orca.security/js/forms2/css/forms2.css

Requested by

Host: try.orca.security
URL: https://try.orca.security/js/forms2/js/forms2.min.js?ver=0.1.0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 05 Jan 2024 00:21:30 GMT
server: cloudflare
age: 3830
etag: "282892-3437-60e27d4627680"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 850d1ed86ec4bbce-FRA
content-length: 2623
expires: Mon, 05 Feb 2024 22:12:14 GMT

GET
H2 200 forms2-theme-plain.css
try.orca.security/js/forms2/css/ 828 B
392 B 59ms
58ms Stylesheet
text/css 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://try.orca.security/js/forms2/css/forms2-theme-plain.css

Requested by

Host: try.orca.security
URL: https://try.orca.security/js/forms2/js/forms2.min.js?ver=0.1.0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 05 Jan 2024 00:21:30 GMT
server: cloudflare
age: 1148
etag: "282894-33c-60e27d4627680"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 850d1ed86eccbbce-FRA
content-length: 246
expires: Mon, 05 Feb 2024 22:12:14 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 242ms
241ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=null&visitor=7d7e02b1-3e49-4c43-8fe9-d3d592dcad28&session=91aa74d8-5fc3-4b13-89f0-61908192aac9&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2005%20Feb%202024%2018%3A12%3A14%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Orca%20Research%20Pod%20has%20discovered%20a%20risk%20in%20Google%20Kubernetes%20Engine%20(GKE)%20that%20would%20allow%20an%20attacker%20with%20any%20Google%20account%20to%20take%20over%20a%20Kubernetes%20cluster.%20Learn%20about%20this%20risk%20dubbed%20Sys%3AAll%20and%20the%20recommended%20actions%20to%20take.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sys%3AAll%20Google%20Kubernetes%20Engine%20Risk%20-%20Complete%20Cloud%20Security%20in%20Minutes%20-%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&pageViewId=f025a4a3-d1ba-478c-8c30-f08ea1944060&an_uid=0&webTagId=2aa3d219-295b-4023-ba43-3c4bfa09c5a7&v=1.1.14

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:15 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 229ms
229ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=null&visitor=7d7e02b1-3e49-4c43-8fe9-d3d592dcad28&session=91aa74d8-5fc3-4b13-89f0-61908192aac9&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%2212faf3ac449b44ed37787fef7b8b3d09%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2005%20Feb%202024%2018%3A12%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2005%20Feb%202024%2018%3A12%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22071f14bfa9ca7a7453a4b3ef228849e6d72181c5%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2005%20Feb%202024%2018%3A12%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2005%20Feb%202024%2018%3A12%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2005%20Feb%202024%2018%3A12%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2005%20Feb%202024%2018%3A12%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2005%20Feb%202024%2018%3A12%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2005%20Feb%202024%2018%3A12%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%222aa3d219-295b-4023-ba43-3c4bfa09c5a7%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2005%20Feb%202024%2018%3A12%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2005%20Feb%202024%2018%3A12%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2005%20Feb%202024%2018%3A12%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableMapCookieCapture%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2005%20Feb%202024%2018%3A12%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2005%20Feb%202024%2018%3A12%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Orca%20Research%20Pod%20has%20discovered%20a%20risk%20in%20Google%20Kubernetes%20Engine%20(GKE)%20that%20would%20allow%20an%20attacker%20with%20any%20Google%20account%20to%20take%20over%20a%20Kubernetes%20cluster.%20Learn%20about%20this%20risk%20dubbed%20Sys%3AAll%20and%20the%20recommended%20actions%20to%20take.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sys%3AAll%20Google%20Kubernetes%20Engine%20Risk%20-%20Complete%20Cloud%20Security%20in%20Minutes%20-%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&pageViewId=f025a4a3-d1ba-478c-8c30-f08ea1944060&an_uid=0&webTagId=2aa3d219-295b-4023-ba43-3c4bfa09c5a7&v=1.1.14

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:15 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 218ms
218ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=null&visitor=7d7e02b1-3e49-4c43-8fe9-d3d592dcad28&session=91aa74d8-5fc3-4b13-89f0-61908192aac9&event=ipv6&q=%7B%22address%22%3A%222001%3A1b60%3A1010%3A3%3A1011%3Adddc%3A808a%3Aa77c%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Orca%20Research%20Pod%20has%20discovered%20a%20risk%20in%20Google%20Kubernetes%20Engine%20(GKE)%20that%20would%20allow%20an%20attacker%20with%20any%20Google%20account%20to%20take%20over%20a%20Kubernetes%20cluster.%20Learn%20about%20this%20risk%20dubbed%20Sys%3AAll%20and%20the%20recommended%20actions%20to%20take.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sys%3AAll%20Google%20Kubernetes%20Engine%20Risk%20-%20Complete%20Cloud%20Security%20in%20Minutes%20-%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&pageViewId=f025a4a3-d1ba-478c-8c30-f08ea1944060&an_uid=0&webTagId=2aa3d219-295b-4023-ba43-3c4bfa09c5a7&v=1.1.14

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:15 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 Blog_New-FinServ-Grapphic-ABM_Feature.jpg
orca.security/wp-content/uploads/2023/07/ 43 KB
43 KB 21ms
21ms Image
image/jpeg 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2023/07/Blog_New-FinServ-Grapphic-ABM_Feature.jpg?w=750

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5a345c0ddcb58eb16dc2976ec3bfb089eead694fe41fd04de0b276e416caf908

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:14 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 142 443
last-modified: Wed, 06 Dec 2023 09:41:12 GMT
server: nginx
etag: "9ec824e70016a6aa"
vary: Accept
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=300
accept-ranges: bytes
content-length: 44121

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
873 B 29ms
29ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=captchaCallback

Requested by

Host: try.orca.security
URL: https://try.orca.security/js/forms2/js/forms2.min.js?ver=0.1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

da678f65d7cf9d50409be667aaeba20218dfb261478a13b6602d117b09e08a5b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 05 Feb 2024 18:12:14 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 769 B
726 B 220ms
176ms XHR
application/json 3.66.11.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.11.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-11-58.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 810fa2a3b55e453ecd985550d03ec94f57c492a7052f8f271e58110e8dd720eb

Request headers

Referer
accept-language: de-DE,de;q=0.9
Authorization: Token 071f14bfa9ca7a7453a4b3ef228849e6d72181c5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
X-6s-CustomID: WebTag 2aa3d219-295b-4023-ba43-3c4bfa09c5a7

Response headers

x-trace-id: 8710578634896935065
date: Mon, 05 Feb 2024 18:12:15 GMT
content-encoding: gzip
server: nginx
vary: Origin, Accept-Encoding
content-type: application/json
x-6si-region: eu-central-1a
access-control-allow-origin: https://orca.security
access-control-expose-headers: X-6si-Region
access-control-allow-credentials: true
timing-allow-origin: https://6sense.com, https://www.ssga.com
content-length: 408

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 86ms
25ms Preflight 3.66.11.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.11.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-11-58.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://orca.security
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://orca.security
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
date: Mon, 05 Feb 2024 18:12:14 GMT
server: nginx
timing-allow-origin: https://6sense.com, https://www.ssga.com
x-6si-region: eu-central-1a
x-trace-id: 6801588387272334590

GET
H2 200 XDFrame Show response
try.orca.security/index.php/form/ Frame EE6F 2 KB
758 B 159ms
159ms Document
text/html 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://try.orca.security/index.php/form/XDFrame

Requested by

Host: try.orca.security
URL: https://try.orca.security/js/forms2/js/forms2.min.js?ver=0.1.0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75b2428ffe32319631a13395b0b3361b35809973273d90a0cfa4f50491559fea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 850d1ed90fefbbce-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 05 Feb 2024 18:12:15 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 infinigrow.js Show response
dss6ntp5q2r0o.cloudfront.net/2.9.0/ 74 KB
25 KB 73ms
22ms Script
application/javascript 2600:9000:266e:5200:10:7994:d200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dss6ntp5q2r0o.cloudfront.net/2.9.0/infinigrow.js
Requested by: Host: ddzuuyx7zj81k.cloudfront.net
URL: https://ddzuuyx7zj81k.cloudfront.net/1.0.0/attributionSnippet.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:5200:10:7994:d200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 05:44:10 GMT
content-encoding: gzip
via: 1.1 1eee8db55908814c8f0cde754e3bee5a.cloudfront.net (CloudFront)
last-modified: Sun, 24 Jun 2018 15:14:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P8
age: 44885
etag: W/"2f70fa2239343e20deb5c199873fbed1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ladIYJOYxNWJzqLOcq1m8LskRmfMMtlHChG2aApWinm2ti17WuLiGQ==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ 491 KB
196 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaCallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9da5c4d7969780a833c887b65df58a3b6abe8fdac34dfaafd12fb821dfe88a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 10:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200286
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Feb 2025 10:21:02 GMT

OPTIONS
H2 204 tp2
5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/com.snowplowanalytics.snowplow/ Frame 0
0 459ms
459ms Preflight 18.245.46.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-27.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://orca.security
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Length,Content-Type
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD
access-control-allow-origin: https://orca.security
access-control-max-age: 43200
date: Mon, 05 Feb 2024 18:12:15 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 fd87ab1d9a433dd02274380a706bf7d2.cloudfront.net (CloudFront)
x-amz-apigw-id: SrK38EkGPHcEnIQ=
x-amz-cf-id: msAOKGLLZZpNi2ETPACmHU0iN2r29zgklBMiZ5aU3JcaV4M3enWmdA==
x-amz-cf-pop: FRA56-P9
x-amzn-requestid: 6d836060-e08d-44e8-80fb-f003d7df1513
x-amzn-trace-id: Root=1-65c124ff-1c8e823949e644574f90554f;Sampled=0;lineage=ccf2bc8d:0
x-cache: Miss from cloudfront

POST
H2 200 tp2 Show response
5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/com.snowplowanalytics.snowplow/ 2 B
696 B 459ms
459ms XHR
text/plain 18.245.46.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: dss6ntp5q2r0o.cloudfront.net
URL: https://dss6ntp5q2r0o.cloudfront.net/2.9.0/infinigrow.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-27.fra56.r.cloudfront.net
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 05 Feb 2024 18:12:15 GMT
via: 1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 2
x-amzn-remapped-server: akka-http/10.0.9
x-amz-cf-pop: FRA56-P9
x-amzn-requestid: f78adfe1-7ceb-4233-8e32-fc1f54874aa6
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
x-amz-apigw-id: SrK4AH55vHcEWOg=
content-length: 2
x-amzn-trace-id: Root=1-65c124ff-7c6745b31bad3ae1078afc3f;Sampled=0;lineage=ccf2bc8d:0
vary: Origin
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://orca.security
access-control-allow-credentials: true
x-amzn-remapped-date: Mon, 05 Feb 2024 18:12:15 GMT
x-amz-cf-id: hhY2_kU59h-uFYLy8VeKFutPDY7YNfg4OmOPiOBlQioqRSB4vDpMmQ==

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0413 44 KB
28 KB 44ms
44ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly9vcmNhLnNlY3VyaXR5OjQ0Mw..&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=9oqq2f4j8cg7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

10d65e1483f320e29425a1ba7b3241b27c564417db4cdf95331dfac905440052

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-g4L9k8oo258QRC8j85mfnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-g4L9k8oo258QRC8j85mfnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 18:12:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame C235 44 KB
28 KB 57ms
57ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly9vcmNhLnNlY3VyaXR5OjQ0Mw..&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=yhz0rt6b3kv9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ee5aa271d61b24419f0e414cb72d3c522782f6d1edca1e26da1eaa40455bad66

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-E3lES4ufI2rXmRWr7kB5BQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-E3lES4ufI2rXmRWr7kB5BQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 18:12:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 forms2.min.js Show response
try.orca.security/js/forms2/js/ Frame EE6F 199 KB
66 KB 46ms
46ms Script
application/x-javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://try.orca.security/js/forms2/js/forms2.min.js

Requested by

Host: try.orca.security
URL: https://try.orca.security/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be64da47ffc5fc1e40ba8205a0974330a76815e151e84ba365a750a7c96f1d1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=111;
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:15 GMT
strict-transport-security: max-age=111;
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Jan 2024 00:21:30 GMT
server: cloudflare
cf-cache-status: HIT
age: 1149
etag: "28289a-31ad2-60e27d4627680"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 850d1eda5a25bbce-FRA
expires: Mon, 05 Feb 2024 22:12:15 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame 0413 55 KB
24 KB 66ms
23ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly9vcmNhLnNlY3VyaXR5OjQ0Mw..&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=9oqq2f4j8cg7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 16:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Feb 2025 16:09:13 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame 0413 491 KB
196 KB 97ms
54ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9da5c4d7969780a833c887b65df58a3b6abe8fdac34dfaafd12fb821dfe88a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 10:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200286
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Feb 2025 10:21:02 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame C235 55 KB
24 KB 55ms
26ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 16:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Feb 2025 16:09:13 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame C235 491 KB
196 KB 50ms
21ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9da5c4d7969780a833c887b65df58a3b6abe8fdac34dfaafd12fb821dfe88a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 10:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200286
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Feb 2025 10:21:02 GMT

POST
H2 200 mon Show response
obseu.itstarsbuilding.com/ 0
145 B 50ms
49ms XHR
application/json 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.itstarsbuilding.com/mon
Requested by: Host: euob.itstarsbuilding.com
URL: https://euob.itstarsbuilding.com/sxp/i/7432380ce3d59e6e299bcd0897e20b99.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://orca.security
date: Mon, 05 Feb 2024 18:12:15 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obseu.itstarsbuilding.com/ 0
16 B 50ms
50ms XHR
application/json 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.itstarsbuilding.com/mon
Requested by: Host: euob.itstarsbuilding.com
URL: https://euob.itstarsbuilding.com/sxp/i/7432380ce3d59e6e299bcd0897e20b99.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://orca.security
date: Mon, 05 Feb 2024 18:12:15 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H3 200 NJoY_V4jI6PkkmceXDBS3pUujDrlmaNXUDelo4JV6T4.js Show response
www.google.com/js/bg/ Frame 0413 17 KB
7 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/NJoY_V4jI6PkkmceXDBS3pUujDrlmaNXUDelo4JV6T4.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

349a18fd5e2323a3e492671e5c3052de952e8c3ae599a3575037a5a38255e93e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly9vcmNhLnNlY3VyaXR5OjQ0Mw..&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=9oqq2f4j8cg7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 05:55:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 130602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6860
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Feb 2025 05:55:33 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0413 2 KB
2 KB 20ms
20ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:51:38 GMT
x-content-type-options: nosniff
age: 516037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 06 Feb 2024 18:51:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0413 15 KB
15 KB 96ms
49ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 45625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2025 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0413 15 KB
16 KB 69ms
21ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 550981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 09:09:14 GMT

GET
H3 200 NJoY_V4jI6PkkmceXDBS3pUujDrlmaNXUDelo4JV6T4.js Show response
www.google.com/js/bg/ Frame C235 17 KB
7 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/NJoY_V4jI6PkkmceXDBS3pUujDrlmaNXUDelo4JV6T4.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

349a18fd5e2323a3e492671e5c3052de952e8c3ae599a3575037a5a38255e93e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly9vcmNhLnNlY3VyaXR5OjQ0Mw..&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=yhz0rt6b3kv9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 05:55:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 130602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6860
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Feb 2025 05:55:33 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame C235 2 KB
2 KB 21ms
21ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:51:38 GMT
x-content-type-options: nosniff
age: 516037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 06 Feb 2024 18:51:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C235 15 KB
15 KB 80ms
43ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 45625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2025 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C235 15 KB
15 KB 64ms
27ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 550981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 09:09:14 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0413 102 B
135 B 28ms
28ms Other
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

88da3de1dc2c227432343cdf8c04ff54cc97013a9c57a1f1eda56ea5a37e8b9c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly9vcmNhLnNlY3VyaXR5OjQ0Mw..&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=9oqq2f4j8cg7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 05 Feb 2024 18:12:15 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame C235 102 B
135 B 28ms
28ms Other
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

88da3de1dc2c227432343cdf8c04ff54cc97013a9c57a1f1eda56ea5a37e8b9c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly9vcmNhLnNlY3VyaXR5OjQ0Mw..&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=yhz0rt6b3kv9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 05 Feb 2024 18:12:15 GMT

GET
H2 200 zi-tag.js Show response
js.zi-scripts.com/ 8 KB
3 KB 465ms
399ms Script
application/javascript 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: csj7v04.na1.hubspotlinks.com
URL: https://csj7v04.na1.hubspotlinks.com/Ctc/WZ*113/csJ7V04/VVN21p17-RXbN1gt0bhb_57RW3Z50n1596QwBMmLVTq3qn9gW95jsWP6lZ3q7VhY8pk3-cJJBW63P7Kt6tJG8xW65TDLJ7v1YqZW5fwRVK3hyTDSW6m3XmC4BByZZW5jJ4Rn78LV12W26lgjb8G84WpW62NpDN2C7Q1mW8cpPyg8h8cZWSZcS3jS3vcW2k7d7M4sRx3dN31Tk0QJMHGXW7_FGJx5hf1jJW4t1xXP7bDMZ9W5Wm--47hmCmtW2rVpRK5x0SPYW125MYL24F-LWW52Q1GL9fgYV8W3gmqKr3xhvTrW3f3ntV5_FtcGW4Q7B0X52slP5W8TKZZV11TP4NW92Sv1634KrBnVpmFH032c6pXW8Jffg46y4gnpW7TnPVn1y_XydW1_9Llj15JW6JW2k3TxZ45_q4JN28dR9r4zJYmW3VtZRC5XzzP_f8swMtl04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfae35edc61595bd27d16c01ddc44ef00c152c0006e16f836101d3b6a6621d01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:15 GMT
x-amz-version-id: lFoq_FZJwJ3rDVe9.7kNMZjc5YKK6r5L
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Mon, 11 Dec 2023 12:17:02 GMT
server: cloudflare
via: 1.1 9e2832101d2afe9c375402906a247c04.cloudfront.net (CloudFront)
x-amz-cf-pop: BAH53-C1
etag: W/"15c02cdee0df6c26ba3d8c62d912c66c"
age: 51389
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cf-ray: 850d1eddae71453a-TXL
x-amz-cf-id: uEL0E2D0VkOxw6szkhxQkWi5o1G4tY9PI4yaxfPwueddcpjvPt32EQ==

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=329DCA8D69224B54A9866923C46A8350&RedC=c.clarity.ms&MXFR=211F57A1AB3F6E06114543BDAF3F6064
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=329DCA8D69224B54A9866923C46A8350&MUID=0A63576654AF61382551437A557D6013

42 B
440 B

90ms
90ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=329DCA8D69224B54A9866923C46A8350&MUID=0A63576654AF61382551437A557D6013
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 18:12:15 GMT
last-modified: Wed, 10 Jan 2024 21:11:32 GMT
server: Microsoft-IIS/10.0
etag: "d765ee95944da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 05 Feb 2024 18:12:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BC97B38D92EF4A0893F240EA66B6A14C Ref B: FRAEDGE2022 Ref C: 2024-02-05T18:12:15Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=329DCA8D69224B54A9866923C46A8350&MUID=0A63576654AF61382551437A557D6013
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame CDFF 0
60 B 151ms
49ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=5hq4tlq&ref=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&upid=wavfaxa&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Mon, 05 Feb 2024 18:12:15 GMT
server: Kestrel

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
293 B 120ms
120ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://orca.security
Date: Mon, 05 Feb 2024 18:12:15 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H/1.1 200
OK messenger Show response
app.qualified.com/w/1/gndr1NireXGRNRuC/ Frame 5BC4 6 KB
3 KB 525ms
257ms Document
text/html 44.207.37.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=b2f0e652-7224-454a-9e1b-abd532103230

Requested by

Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=gndr1NireXGRNRuC

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

44.207.37.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-207-37-73.compute-1.amazonaws.com

Software

Resource Hash

d9d5f94dcf738f569100d6bb18a12bb8a02c2ecd51fdc3ec9c10d47f2ada2011

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Length: 1776
Content-Security-Policy
Content-Type: text/html; charset=utf-8
Date: Mon, 05 Feb 2024 18:12:16 GMT
Etag: W/"d9d5f94dcf738f569100d6bb18a12bb8"
Link: <https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css>; rel=preload; as=style; nopush,<https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css>; rel=preload; as=style; nopush
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Via: 1.1 spaces-router (devel)
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 4930e4bb-398e-e534-2680-b7908d86d539
X-Runtime: 0.136172
X-Xss-Protection: 1; mode=block

GET
H2 404 dc.js
go.orca.security/dcjs/898611/14/ 0
0 328ms
175ms Script
text/html 2a04:fa87:fffd::c000:4266
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://go.orca.security/dcjs/898611/14/dc.js
Requested by: Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=gndr1NireXGRNRuC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4266 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 231ms
231ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=null&visitor=7d7e02b1-3e49-4c43-8fe9-d3d592dcad28&session=91aa74d8-5fc3-4b13-89f0-61908192aac9&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Feb%202024%2018%3A12%3A15%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Feb%202024%2018%3A12%3A14%20GMT%22%2C%22timeSpent%22%3A%221007%22%2C%22totalTimeSpent%22%3A%221007%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Orca%20Research%20Pod%20has%20discovered%20a%20risk%20in%20Google%20Kubernetes%20Engine%20(GKE)%20that%20would%20allow%20an%20attacker%20with%20any%20Google%20account%20to%20take%20over%20a%20Kubernetes%20cluster.%20Learn%20about%20this%20risk%20dubbed%20Sys%3AAll%20and%20the%20recommended%20actions%20to%20take.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sys%3AAll%20Google%20Kubernetes%20Engine%20Risk%20-%20Complete%20Cloud%20Security%20in%20Minutes%20-%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&pageViewId=f025a4a3-d1ba-478c-8c30-f08ea1944060&an_uid=0&webTagId=2aa3d219-295b-4023-ba43-3c4bfa09c5a7&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:15 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 146 B
440 B 476ms
476ms Fetch
application/json 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7e1c5c4ee0c63ce32f240c1d3fc9558795338e7c91d6213f3f2d0d779c5978e4

Request headers

visited_url: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email
Referer
accept-language: de-DE,de;q=0.9
Authorization: Bearer 9e1255e6651669142601
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 05 Feb 2024 18:12:17 GMT
via: 1.1 a477b8537c9bc4c10a3c144386a7b5be.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: TXL52-C1
x-powered-by: Express
etag: W/"92-IHB7W3lwt7u9yyBCiFg2M+HIFUg"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 850d1ee61fa24528-TXL
x-amz-cf-id: SScNtomUP9WrBdobcWrc8VeC3YHP7vMRzgYH6MwVK2KiGAI1IfcLng==
apigw-requestid: SrK4QgeWvHcESLw=

OPTIONS
H2 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 956ms
912ms Preflight 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://orca.security
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: SrK4KhKMPHcES6g=
cf-cache-status: DYNAMIC
cf-ray: 850d1ee06a584528-TXL
date: Mon, 05 Feb 2024 18:12:16 GMT
server: cloudflare
vary: Access-Control-Request-Headers
via: 1.1 c0f6d569dc3603537a21705f48d93398.cloudfront.net (CloudFront)
x-amz-cf-id: 48jmF20U4Al_1efKdfsupwcK3XBW0TpAuy6IKnn3liqVfy7O6gyJhA==
x-amz-cf-pop: BAH53-C1
x-cache: Miss from cloudfront
x-powered-by: Express

POST
H2 200 mon Show response
obseu.itstarsbuilding.com/ 0
39 B 48ms
48ms XHR
application/json 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.itstarsbuilding.com/mon
Requested by: Host: euob.itstarsbuilding.com
URL: https://euob.itstarsbuilding.com/sxp/i/7432380ce3d59e6e299bcd0897e20b99.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://orca.security
date: Mon, 05 Feb 2024 18:12:16 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 messenger-94e6eccc.chunk.css
assets.qualified.com/packs/css/vendors~widget/sandboxed/ Frame 5BC4 35 KB
7 KB 55ms
45ms Stylesheet
text/css 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb3487cae40a55bf31dc6e6191ab0d88ec8c8f85c62bf28ad25ad0a40c16a611

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:16 GMT
x-amz-version-id: ouwp40r80ysIJyX4o_ME_bNG21PwikVK
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: CR4NWEZ1WNYTRC8E
age: 1836
x-amz-server-side-encryption: AES256
x-amz-id-2: p1Hf+XBcKXbmTQ35pkd1rFcQtGXQvXPU89nVxcc3o5sqanm8ZSqYD4pN8EOyK0HImphDH4+G164=
last-modified: Fri, 01 Dec 2023 04:59:42 GMT
server: cloudflare
etag: W/"a788ecf510f83ee517cbaf79306145dd"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 850d1ee18fbc4db1-FRA
expires: Mon, 05 Feb 2024 22:12:16 GMT

GET
H2 200 messenger-ea37ea0f.chunk.css
assets.qualified.com/packs/css/widget/sandboxed/ Frame 5BC4 5 KB
1 KB 53ms
44ms Stylesheet
text/css 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:16 GMT
x-amz-version-id: 7eEDxHVcKxpZAWyuobxbBs.f3mWO4a8K
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: P44W4ACAWY28Z6BR
age: 1833
x-amz-server-side-encryption: AES256
x-amz-id-2: 0+h5Xw6N4NnbEyhoBX9q90PYZxaSSsrWbr2MDlAyY9Hxu3FWLAhZhL0z30KxCqKv34DqltCVKRs=
last-modified: Sat, 13 Jan 2024 03:51:48 GMT
server: cloudflare
etag: W/"22d5f23e695250d3c5a5b1e76a015c5e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 850d1ee18fc04db1-FRA
expires: Mon, 05 Feb 2024 22:12:16 GMT

GET
H2 200 messenger~runtime-3cc840d000eed43610b6.js Show response
assets.qualified.com/packs/js/widget/sandboxed/ Frame 5BC4 2 KB
2 KB 36ms
31ms Script
application/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget/sandboxed/messenger~runtime-3cc840d000eed43610b6.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=b2f0e652-7224-454a-9e1b-abd532103230
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7eefb0efa5d3a37aedc9ec27f817241fd8998bedaf732cce1bb6b49f060691c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:16 GMT
x-amz-version-id: KhY8zmn1BncCrpnKQlPrNekpReRVk45A
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 0CZH3AMAB1ZQVY6T
age: 6613
x-amz-server-side-encryption: AES256
x-amz-id-2: ZCqpllZGns1LpCihPoYLI+fUCp5bn6svGmRdwXZm/aoIq9hTUy4lpPC9UK7r/C25/iWEJDo6CWpqnq+kgucl2R9rDb0NOQ3x
last-modified: Sat, 03 Feb 2024 06:08:22 GMT
server: cloudflare
etag: W/"abd37240f3e07a2d2fecf9dd55bfdb45"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 850d1ee18fc14db1-FRA
expires: Mon, 05 Feb 2024 22:12:16 GMT

GET
H2 200 messenger-37a312c272c0510eaa42.chunk.js Show response
assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/ Frame 5BC4 1 MB
367 KB 41ms
36ms Script
application/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-37a312c272c0510eaa42.chunk.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=b2f0e652-7224-454a-9e1b-abd532103230
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b007938dee162db8233e01d9567aba2274fcb45f1cf62a2615680ccb2b69e7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:16 GMT
x-amz-version-id: a7M1teWqPXrpgXek8eOg1u.ZQOWU3KHY
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 0CZTAJKAAQYAB2E2
age: 6613
x-amz-server-side-encryption: AES256
x-amz-id-2: XVU0uZC6i1Y6btRseSGw+46zXhdoBshvuT2Oid10hkQkIPlCnGSJts9phd6N6UhjE3MYajCrw6R+2Txuz362hxRCyp1Vhn3HRy6OQkDqT7c=
last-modified: Sat, 03 Feb 2024 06:08:22 GMT
server: cloudflare
etag: W/"3e2a5ae3ef40f1d1488d7a432a95eafe"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 850d1ee18fc24db1-FRA
expires: Mon, 05 Feb 2024 22:12:16 GMT

GET
H2 200 messenger-0096ce6a668390da5b4a.chunk.js Show response
assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/ Frame 5BC4 929 KB
213 KB 36ms
36ms Script
application/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/messenger-0096ce6a668390da5b4a.chunk.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=b2f0e652-7224-454a-9e1b-abd532103230
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e96a89af30a12ac0607331177a399c5b9d19c657f498f06cd5b1f947023119b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:16 GMT
x-amz-version-id: 3g2v_ILECgQurqvp2ffPkJD.ua1NFMw8
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: E9AJAXP7NZT48HRK
age: 6612
x-amz-server-side-encryption: AES256
x-amz-id-2: 0+W1YT2dnJiSbHJ9o6h2Pc2dAdbO7NrS66iCSpmk7tfKixBifyJoSOqwaGFLBsS+XuxdVJ95ijip8bmbIbnae1j3VBdhMh1gcTntNVB2iew=
last-modified: Sat, 03 Feb 2024 06:08:22 GMT
server: cloudflare
etag: W/"705b3c52b0bb1ddb6af5d63eb932bd38"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 850d1ee1b80d4db1-FRA
expires: Mon, 05 Feb 2024 22:12:16 GMT

GET
H2 200 Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame 5BC4 97 KB
97 KB 82ms
30ms Font
font/woff2 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/media/fonts/inter/Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=b2f0e652-7224-454a-9e1b-abd532103230
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer: https://app.qualified.com/
Origin: https://app.qualified.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:16 GMT
x-amz-version-id: xiJdzT7XsoZbQ3MwKf6YzakmHD3P47Oy
cf-cache-status: HIT
x-amz-request-id: 9S40J6XVN02W9XW2
age: 5742780
x-amz-server-side-encryption: AES256
content-length: 98868
x-amz-id-2: oGmR9ikJhbftQpwXKYpN5vHHUyHCoL5QUXa21HDJW9Wr9qw3pv3NyBpbZJ8ChD6715p2mqqoiDQ=
last-modified: Fri, 01 Dec 2023 04:59:47 GMT
server: cloudflare
etag: "dc131113894217b5031000575d9de002"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 850d1ee1d94c1e3e-FRA
expires: Wed, 05 Feb 2025 00:12:16 GMT

GET
H2 200 Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame 5BC4 103 KB
104 KB 102ms
50ms Font
font/woff2 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/media/fonts/inter/Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=b2f0e652-7224-454a-9e1b-abd532103230
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5

Request headers

Referer: https://app.qualified.com/
Origin: https://app.qualified.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:16 GMT
x-amz-version-id: 36YvGivbsHjAoawOZR_CMZ3.HfwAMHK1
cf-cache-status: HIT
x-amz-request-id: N95SJVTAKEXDMS0W
age: 8268056
x-amz-server-side-encryption: AES256
content-length: 105804
x-amz-id-2: KtTLC7+80gzG+/N6TfTR6o8OBwtxrwbzOA7KtMJjFUE04r1p39f2/UyZuTebTvCY2weOgOAWDgQ=
last-modified: Wed, 01 Nov 2023 22:33:50 GMT
server: cloudflare
etag: "007ad31a53f4ab3f58ee74f2308482ce"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 850d1ee1c9491e3e-FRA
expires: Wed, 05 Feb 2025 00:12:16 GMT

POST
H2 200 / Show response
sentry.io/api/1332833/envelope/ Frame 5BC4 2 B
324 B 189ms
137ms Fetch
application/json 35.186.247.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1332833/envelope/?sentry_key=b5158ee3382d49b28a864fb2b91bcaaf&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1

Requested by

Host: assets.qualified.com
URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-37a312c272c0510eaa42.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

156.247.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.qualified.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 05 Feb 2024 18:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 290ms
290ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=null&visitor=7d7e02b1-3e49-4c43-8fe9-d3d592dcad28&session=91aa74d8-5fc3-4b13-89f0-61908192aac9&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Feb%202024%2018%3A12%3A16%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Feb%202024%2018%3A12%3A15%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222008%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Orca%20Research%20Pod%20has%20discovered%20a%20risk%20in%20Google%20Kubernetes%20Engine%20(GKE)%20that%20would%20allow%20an%20attacker%20with%20any%20Google%20account%20to%20take%20over%20a%20Kubernetes%20cluster.%20Learn%20about%20this%20risk%20dubbed%20Sys%3AAll%20and%20the%20recommended%20actions%20to%20take.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sys%3AAll%20Google%20Kubernetes%20Engine%20Risk%20-%20Complete%20Cloud%20Security%20in%20Minutes%20-%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&pageViewId=f025a4a3-d1ba-478c-8c30-f08ea1944060&an_uid=0&webTagId=2aa3d219-295b-4023-ba43-3c4bfa09c5a7&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:16 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 mon Show response
obseu.itstarsbuilding.com/ 0
39 B 49ms
49ms XHR
application/json 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.itstarsbuilding.com/mon
Requested by: Host: euob.itstarsbuilding.com
URL: https://euob.itstarsbuilding.com/sxp/i/7432380ce3d59e6e299bcd0897e20b99.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://orca.security
date: Mon, 05 Feb 2024 18:12:17 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H3 200 / Show response
ws.zoominfo.com/pixel/KoeEOMZRk0HPEBurl41R/ 3 KB
2 KB 350ms
322ms Fetch
text/javascript 2606:4700::6810:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/KoeEOMZRk0HPEBurl41R/?iszitag=true

Requested by

Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

48693e19105787eda1cb6a108a8a9cb87c51d6e47466f9de06f80ddd4c93edd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

visited-url: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email
Referer: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email
_vtok: MjE3LjExNC4yMTUuMTMz
_zitok: 4c238958d48e9dde74931707156737
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/javascript

Response headers

date: Mon, 05 Feb 2024 18:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://orca.security
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400
cf-ray: 850d1eea9fb5906c-FRA

OPTIONS
H2 200 /
ws.zoominfo.com/pixel/KoeEOMZRk0HPEBurl41R/ Frame 0
0 213ms
164ms Preflight
text/html 2606:4700::6810:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/KoeEOMZRk0HPEBurl41R/?iszitag=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _vtok,_zitok,content-type,visited-url
Access-Control-Request-Method: GET
Origin: https://orca.security
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin: https://orca.security
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 850d1ee96bee9b1b-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 05 Feb 2024 18:12:17 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
293 B 123ms
122ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://orca.security
Date: Mon, 05 Feb 2024 18:12:17 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 282ms
282ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=null&visitor=7d7e02b1-3e49-4c43-8fe9-d3d592dcad28&session=91aa74d8-5fc3-4b13-89f0-61908192aac9&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Feb%202024%2018%3A12%3A17%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Feb%202024%2018%3A12%3A16%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%223008%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Orca%20Research%20Pod%20has%20discovered%20a%20risk%20in%20Google%20Kubernetes%20Engine%20(GKE)%20that%20would%20allow%20an%20attacker%20with%20any%20Google%20account%20to%20take%20over%20a%20Kubernetes%20cluster.%20Learn%20about%20this%20risk%20dubbed%20Sys%3AAll%20and%20the%20recommended%20actions%20to%20take.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sys%3AAll%20Google%20Kubernetes%20Engine%20Risk%20-%20Complete%20Cloud%20Security%20in%20Minutes%20-%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&pageViewId=f025a4a3-d1ba-478c-8c30-f08ea1944060&an_uid=0&webTagId=2aa3d219-295b-4023-ba43-3c4bfa09c5a7&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:17 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 300ms
300ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=null&visitor=7d7e02b1-3e49-4c43-8fe9-d3d592dcad28&session=91aa74d8-5fc3-4b13-89f0-61908192aac9&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Feb%202024%2018%3A12%3A18%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Feb%202024%2018%3A12%3A17%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224009%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Orca%20Research%20Pod%20has%20discovered%20a%20risk%20in%20Google%20Kubernetes%20Engine%20(GKE)%20that%20would%20allow%20an%20attacker%20with%20any%20Google%20account%20to%20take%20over%20a%20Kubernetes%20cluster.%20Learn%20about%20this%20risk%20dubbed%20Sys%3AAll%20and%20the%20recommended%20actions%20to%20take.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sys%3AAll%20Google%20Kubernetes%20Engine%20Risk%20-%20Complete%20Cloud%20Security%20in%20Minutes%20-%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&pageViewId=f025a4a3-d1ba-478c-8c30-f08ea1944060&an_uid=0&webTagId=2aa3d219-295b-4023-ba43-3c4bfa09c5a7&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:18 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 mon Show response
obseu.itstarsbuilding.com/ 0
39 B 48ms
47ms XHR
application/json 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.itstarsbuilding.com/mon
Requested by: Host: euob.itstarsbuilding.com
URL: https://euob.itstarsbuilding.com/sxp/i/7432380ce3d59e6e299bcd0897e20b99.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://orca.security
date: Mon, 05 Feb 2024 18:12:19 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 266ms
265ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=null&visitor=7d7e02b1-3e49-4c43-8fe9-d3d592dcad28&session=91aa74d8-5fc3-4b13-89f0-61908192aac9&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Feb%202024%2018%3A12%3A19%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Feb%202024%2018%3A12%3A18%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%225009%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Orca%20Research%20Pod%20has%20discovered%20a%20risk%20in%20Google%20Kubernetes%20Engine%20(GKE)%20that%20would%20allow%20an%20attacker%20with%20any%20Google%20account%20to%20take%20over%20a%20Kubernetes%20cluster.%20Learn%20about%20this%20risk%20dubbed%20Sys%3AAll%20and%20the%20recommended%20actions%20to%20take.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sys%3AAll%20Google%20Kubernetes%20Engine%20Risk%20-%20Complete%20Cloud%20Security%20in%20Minutes%20-%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&pageViewId=f025a4a3-d1ba-478c-8c30-f08ea1944060&an_uid=0&webTagId=2aa3d219-295b-4023-ba43-3c4bfa09c5a7&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:12:19 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET img.gif
b.6sc.co/v1/beacon/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.co
URL: https://t.co/i/adsct?bci=3&eci=2&event_id=f39b1706-07bf-4925-a879-38f7be2ff1c8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1189107a-2c05-4a94-a36d-01543aa9f948&tw_document_href=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4qyy&type=javascript&version=2.3.29

Domain: analytics.twitter.com
URL: https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=f39b1706-07bf-4925-a879-38f7be2ff1c8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1189107a-2c05-4a94-a36d-01543aa9f948&tw_document_href=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4qyy&type=javascript&version=2.3.29

Domain: b.6sc.co
URL: https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=null&visitor=7d7e02b1-3e49-4c43-8fe9-d3d592dcad28&session=91aa74d8-5fc3-4b13-89f0-61908192aac9&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2005%20Feb%202024%2018%3A12%3A20%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2005%20Feb%202024%2018%3A12%3A19%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226010%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Orca%20Research%20Pod%20has%20discovered%20a%20risk%20in%20Google%20Kubernetes%20Engine%20(GKE)%20that%20would%20allow%20an%20attacker%20with%20any%20Google%20account%20to%20take%20over%20a%20Kubernetes%20cluster.%20Learn%20about%20this%20risk%20dubbed%20Sys%3AAll%20and%20the%20recommended%20actions%20to%20take.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sys%3AAll%20Google%20Kubernetes%20Engine%20Risk%20-%20Complete%20Cloud%20Security%20in%20Minutes%20-%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&pageViewId=f025a4a3-d1ba-478c-8c30-f08ea1944060&an_uid=0&webTagId=2aa3d219-295b-4023-ba43-3c4bfa09c5a7&v=1.1.14

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.orca.security/	1970-01-20 20:22:12	Name: _gcl_au Value: 1.1.2055165553.1707156734
.orca.security/	1970-01-21 03:48:36	Name: _mkto_trk Value: id:796-PBW-559&token:_mch-orca.security-1707156733900-85791
.try.orca.security/	1970-01-20 18:12:38	Name: __cf_bm Value: Etcwuw8AFIpIRD2LooCtLdQPEEnMvbFi5gM7Z7CwDpo-1707156733-1-AXZXl7ykFn/w+lsk4GZVmUngTeHeM/K4oJlEQaZNdXY4whLgVSPqCxuwvcTkc9ldeHKI1SOQKfneBsFbOH0HUiM=
.orca.security/	1970-01-21 03:48:36	Name: _ga_ZJX9BKF7WR Value: GS1.1.1707156734.1.0.1707156734.60.0.0
.orca.security/	1970-01-21 03:48:36	Name: _ga Value: GA1.1.1756857297.1707156734
obseu.itstarsbuilding.com/	1970-01-21 02:16:27	Name: cg_uuid Value: 7171f974d6247f61b39757e6c72cbe3d
www.clarity.ms/	1970-01-21 02:58:12	Name: CLID Value: f1017219650940e0ad4bc295a342a3e5.20240205.20250204
tracking.g2crowd.com/	1970-01-20 18:32:46	Name: _session_id Value: 48ed38e7f69604c58c82bc8bf36e950e
.g2crowd.com/	1970-01-20 18:12:38	Name: __cf_bm Value: kiB8IlaLu8c5GN0bZeONGKftkYfGnZBrZNfNTIBj.mk-1707156734-1-AXCBYWQ0jwXe3tEXP7afWVisEcp3uNqOdHmWC6PQ3vA4YfVlW4anrmH4a0gokpz2QzpYwzK8hPFnQUU9bJgUYgE=
.orca.security/	1970-01-21 02:58:12	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Feb+05+2024+19%3A12%3A14+GMT%2B0100+(Central+European+Standard+Time)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fsys-all-google-kubernetes-engine-risk%2F%3Futm_campaign%3D2024.Q4_Noiseless_Newsletter%26utm_medium%3Demail%26_hsmi%3D292730673%26_hsenc%3Dp2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU%26utm_content%3D292730673%26utm_source%3Dhs_email&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CC0005%3A0
.orca.security/	1970-01-21 02:58:12	Name: _clck Value: 7g02rd%7C2%7Cfj0%7C0%7C1496
.doubleclick.net/	1970-01-21 03:34:12	Name: IDE Value: AHWqTUlKrW6A_aFsEdVO-b3rSpUN5SaL4l8Bfa2K0NMsEKI2gdcF7ZCBA1pYQ6S2
.linkedin.com/	1970-01-21 02:58:12	Name: bcookie Value: "v=2&8619a505-93ca-4ee3-8bca-828dbe45e867"
.linkedin.com/	1970-01-20 22:31:48	Name: li_gc Value: MTswOzE3MDcxNTY3MzQ7MjswMjHE462IaQ7e6LfVNU6t8LTv5gA4ciMq9NyEEcOY5MIS3Q==
.linkedin.com/	1970-01-20 18:14:03	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3152:u=1:x=1:i=1707156734:t=1707243134:v=2:sig=AQHtWsnAsye2rZcLhFC9ZFGrmvhQmhTD"
.orca.security/	1970-01-21 03:48:36	Name: __q_state_gndr1NireXGRNRuC Value: eyJ1dWlkIjoiYjJmMGU2NTItNzIyNC00NTRhLTllMWItYWJkNTMyMTAzMjMwIiwiY29va2llRG9tYWluIjoib3JjYS5zZWN1cml0eSJ9
.adnxs.com/	1970-01-21 03:48:36	Name: receive-cookie-deprecation Value: 1
orca.security/	1970-01-20 18:22:41	Name: _an_uid Value: 0
orca.security/	1970-01-21 03:48:36	Name: _gd_visitor Value: 7d7e02b1-3e49-4c43-8fe9-d3d592dcad28
orca.security/	1970-01-20 18:12:51	Name: _gd_session Value: 91aa74d8-5fc3-4b13-89f0-61908192aac9
try.orca.security/	1969-12-31 23:59:59	Name: BIGipServerab57web-nginx-app_https Value: !NpbDiQQPOUtoQLCkCIQPm+cqSAXSEXZWJ/cvKnVlZjasx5B3faFoQKD8luUXY0WMlO2YK2yOGseO8/M=
.5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/	1969-12-31 23:59:59	Name: _mkto_trk Value: id%3A796-PBW-559%26token%3A_mch-orca.security-1707156733900-85791
.5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/	1970-01-20 18:12:40	Name: __ig_cookies Value: true
.orca.security/	1970-01-20 18:12:38	Name: _sp_ses.8996 Value: *
.orca.security/	1970-01-21 03:48:36	Name: _sp_id.8996 Value: 7255addd-e9b2-4285-a5d5-627331dd3d5e.1707156735.1.1707156735.1707156735.9b22702a-2928-4e79-8670-0f17bf5570e9
.orca.security/	1970-01-20 18:14:03	Name: _clsk Value: ld9x89%7C1707156734993%7C1%7C1%7Co.clarity.ms%2Fcollect
.6sc.co/	1970-01-21 03:48:36	Name: 6suuid Value: b4641102bc660100ff24c1652100000022593701
.bing.com/	1970-01-21 03:34:12	Name: MUID Value: 0A63576654AF61382551437A557D6013
.c.bing.com/	1970-01-20 18:22:41	Name: MR Value: 0
.c.bing.com/	1970-01-21 03:34:12	Name: SRM_B Value: 0A63576654AF61382551437A557D6013
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 03:34:12	Name: MUID Value: 0A63576654AF61382551437A557D6013
.c.clarity.ms/	1970-01-20 18:22:41	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 18:12:37	Name: ANONCHK Value: 0
.orca.security/	1970-01-21 02:58:12	Name: _zitok Value: 4c238958d48e9dde74931707156737
.zoominfo.com/	1970-01-20 18:12:38	Name: __cf_bm Value: 0hS3rYZGi1ENozXPMIrsLnGf9PPVh3i5dQakiEsAbb8-1707156737-1-Aayt+g836kR/eoVjbon4vRK67ymizikxzeg3TiIE0GZyS8nqNF+XinEPJZ0qa2hBHDZ+ovvHWKZ3jFumCCAVv18=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: WLv5JLeJEArdgwlbwyJn5zt_lAwFCRfSCzpuLIfVmOw-1707156737996-0-604800000

61 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: '*'.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email(Line 3161) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
worker	verbose	URL: blob:https://orca.security/36e383a2-97ac-49c7-8398-4c8dc6a979d5(Line 1) Message: Error
network	error	URL: https://orca.security/wp-content/themes/orca-2023/dist/images/orca-research-pod.svg Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://go.orca.security/dcjs/898611/14/dc.js Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/sys-all-google-kubernetes-engine-risk/?utm_campaign=2024.Q4_Noiseless_Newsletter&utm_medium=email&_hsmi=292730673&_hsenc=p2ANqtz-9Keatk2MLCAtGTubuBY_J5hsu1DCnXfVbFH0rRZOTMhZNs2Cul1CLK6SNeOmDtzl2ZfPmXn5503Vm_jMjUfz6b3FY2iDSFgcRjZirkKmlqH-utzMU&utm_content=292730673&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5f6b2d0bd0ea9d00689c778b.services.infinigrow.com
796-pbw-559.mktoresp.com
abzbmmyyoz-dsn.algolia.net
analytics.twitter.com
app.qualified.com
assets.qualified.com
b.6sc.co
c.6sc.co
c.bing.com
c.clarity.ms
cdn.cookielaw.org
csj7v04.na1.hubspotlinks.com
ddzuuyx7zj81k.cloudfront.net
dss6ntp5q2r0o.cloudfront.net
epsilon.6sense.com
euob.itstarsbuilding.com
fast.wistia.com
fonts.gstatic.com
geolocation.onetrust.com
go.orca.security
googleads.g.doubleclick.net
insight.adsrvr.org
ipv6.6sc.co
j.6sc.co
js.adsrvr.org
js.qualified.com
js.zi-scripts.com
munchkin.marketo.net
o.clarity.ms
obseu.itstarsbuilding.com
orca.security
pixel.wp.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
secure.adnxs.com
sentry.io
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
stats.wp.com
t.co
tracking.g2crowd.com
try.orca.security
ws.zoominfo.com
www.clarity.ms
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
analytics.twitter.com
b.6sc.co
t.co
104.17.73.206
108.138.15.119
13.107.42.14
142.250.186.130
146.75.120.157
172.64.150.44
18.245.46.27
192.0.66.102
192.0.76.3
192.28.144.124
2.17.100.184
2001:4860:4802:34::36
209.58.139.207
2600:9000:2057:9200:8:8d2f:9e00:21
2600:9000:214f:8200:8:7bee:ac40:93a1
2600:9000:266e:5200:10:7994:d200:21
2606:4700:4400::6812:2089
2606:4700:4400::6812:252e
2606:4700:4400::6812:2b1f
2606:4700::6810:880f
2606:4700::6812:1005
2606:4700::6812:1105
2606:4700::6812:83ec
2620:1ec:21::14
2620:1ec:bdf::60
2620:1ec:c11::200
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9a
2a02:26f0:3500:16::215:1486
2a02:26f0:480:21::217:d11c
2a04:4e42::644
2a04:fa87:fffd::c000:4266
2a05:d018:56f:b800:f42c:e894:1fb0:3740
3.66.11.58
35.186.247.156
37.252.171.52
44.207.37.73
52.152.143.207
52.223.40.198
68.219.88.97
88.221.60.75
005399c6c3716a18a1225732e29d7dcce77c8a093021161c0e00f4d6dda7e442
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
014005abab6f7d098f9735d845768484fe94a16fef50d4ff04f32bd19cc334f2
01c0908883c6fbc352a302170f1a8863b306b4f71cc11daea1da4c37f6d0acc1
02f2b180fafc944c4f23dfb37711e5427c90ee3bb9b5339e6e82283aa51cd7b8
0542c5a98349aa30b87a9923c5ccb2dc35014ecf902e82c8e32faec9e4ac3751
06fbf76bf46d824c5ff33fdddbaebc08954ed04c125ddb8c7f210309fcd4c88f
0b79b5450461dfdff15bca8cc14cb070e56e46f290a87d233957ff70de6aff00
0f091ad4ec7279f8064b7266498a3bfffa41bef28a1596cdf247bf4e20ba9728
1039079733f5bd1fb167a570c65e6843547b9380c8d45d3ec3ba665a9dc15e28
10d65e1483f320e29425a1ba7b3241b27c564417db4cdf95331dfac905440052
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
160dfc817c65edbb6c32670c6434046ad7ab624ac9bcfd9c1aa6694f3c922483
16f11b299f5229f0087fc6c3ef30e126342f7749b8c5f49b9bd7228064e460a5
1acd2ddce44226de9ce45da431ad15a4d8512202bf04d9922dd876e2c845de7a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d4f3dfef155615fb776fc785b7b9ced8730c73edb5f9fe31d2e851b9152cdc8
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1db6ceb28ebc8d2a17ae00c0be97bcbaad06bb5949d37ef9d5f5562420de0f24
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
23b900b7d086263e2461cfa3f39e9097e5b648302c8a2e315a12c92769e76a6d
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d699428fb1a87452cb15775f3e9a531b9c8a98bfa41be2a24be4814ff0a5baf
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
34019d3364166a309440c0b3e94391105694660f5ed76dc836eed8e4aedc1fb5
34937899dbccd667a2caecf6b0e20a99825d237bbaa221d736179188977633e5
349a18fd5e2323a3e492671e5c3052de952e8c3ae599a3575037a5a38255e93e
363afd630a0ffee17e99b5becafd03af75e353cee12162b372b8c921fb70fb71
38e238eeec5fbae356cd734a9e75fe8f4467b0dd87f78fa0512150bf65ee3170
39a40c3f9c0f4b126a8484a03da4f80f6eee667072e86015a425c814e8843b15
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e96a89af30a12ac0607331177a399c5b9d19c657f498f06cd5b1f947023119b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45bc49e6099227777b8bc79c88e210c2c53a530c40b3ab0141a25b1f15b581fe
474bf9951bb2b59cf8314291b62fd55d077c07264fcb8f60c89bc2171f9067a7
48693e19105787eda1cb6a108a8a9cb87c51d6e47466f9de06f80ddd4c93edd8
48a1c5357f10501a6c576d99d9dae33a11d3b9fe26f4b135ba3e5f5a757d95e9
4908c7d8cbedbe4eeecdd60bd0a3e838a1844eb2091fd687ccea805d2176b2cd
4bd542c7687a0e1805747c90bf86077c71dc40ce6bbdbb087cd64c4337a138bb
4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3
4cae1cc5eefd5fb8146763989410ff670a85361736c2036df2ded4f2debd683a
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5359c1effe74a75b7c56aadedaf40fc347e4803ed40b48ba21b5a2b89b9c5adb
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
5a345c0ddcb58eb16dc2976ec3bfb089eead694fe41fd04de0b276e416caf908
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ccc433b60125c4ee2d6cb1f0ab5595149089d85eb948a1c87545cbed4dc34a3
5ed9770a8fd437502f6db8d286aa05f7d7a98e13d73894b9a490aadafccbc915
5f51fac826bb43d5d239f767a2ec88b8da836610fb9cd6960aea9d6e4ffcf0d1
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
615fb10a6705cadeb9a62d38cefbc3e3c745366e69536c0e4bb18d0c0bff8e90
623e3852c1989c9235033682fbc0b982575a5bace72edb365cacbeaacad52a6e
62b094c8c6de4d9922f7df6ce3ef08cd6945cb34700145c37dd4e4fb8b324687
65f976cffe2202ce71f130a2a4496ca28762a5323229d71ae014d1205c4ffdad
6821decebfe34cf4525fb7d688c79ae4320cff99bb00093c8c783ec98281faf8
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6ad21910ff0e53c0df3de8960e92cd8f245cef49bf51506f2e0c993d30b7adf2
6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb
7429ba59299387d5b2445949464b6b58111c47c8363459c1dfe16a541ff0c397
75b2428ffe32319631a13395b0b3361b35809973273d90a0cfa4f50491559fea
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
7b205f4a91ffaf2772eacbe701f3a4072c0875e6749b28ba1eecad9906fb8f41
7babae28966f56b9b1c0a4ddb58fd902dbbc5e08faa3c6db5605d7ec5b6380f3
7c092f31325cd1d5358048ec2ced529fce513fd9b091c01226f071d9ea29cee9
7d5c0fb38611921f53d2572bec0da1dc619d2b98dfebe69614fcd12f03ff5fa3
7e1c5c4ee0c63ce32f240c1d3fc9558795338e7c91d6213f3f2d0d779c5978e4
7eefb0efa5d3a37aedc9ec27f817241fd8998bedaf732cce1bb6b49f060691c1
7f408bfa71318426794fc5d8e93f787d33a82c56da78462416447704e3f4f8dd
810fa2a3b55e453ecd985550d03ec94f57c492a7052f8f271e58110e8dd720eb
81cf9d1b824e048e06d4527737e0fed697c5c508620da288ad24a0df22ebca21
833d70c8d590a8c80f780f17f708c83ddb34539b172373bdaac0e07b4f2ff61c
838f4b697deefb701f31eb892e6dde74a92dd7c65d4d56f967bb79c17a66d79e
83e59212a2f6ffee45e02b9e255b653d5addf2ab8b2bec2c849febc5e30066e3
85fa9e907131c0a08bd1323f6da094bb52e87d395a4830a494ba3e640ca8a233
87f7df8fe494dd048407a83219d86a77157d0b2fcefcdf095ad34bbb67ac91ad
88da3de1dc2c227432343cdf8c04ff54cc97013a9c57a1f1eda56ea5a37e8b9c
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
90b6978787e0c0f87185cdad7d27af111e5451ff908ba2967102875fd9f9a4b3
93a6d4a8d628e676cb27decae1dc21bf84474d4c85a53540e276454f71ab1bec
955b798f1bd2eaae28eeae57adb9c8ce7b0f57dd4c061a43f0f7466b6a383e9a
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b007938dee162db8233e01d9567aba2274fcb45f1cf62a2615680ccb2b69e7a
9da5c4d7969780a833c887b65df58a3b6abe8fdac34dfaafd12fb821dfe88a52
a26c6b08f043efef7e236eb6464e096f0d0a995c35c5f6074d4cc1c695cbe9b0
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0
ad234f0985f2142bb1fa3a281ddf2511d320f84f73422df2b2384f115b4b9131
b2b83686b998dca41fa8259ef256b506f1182507b7d2cf8740a506c4acc4189f
b4a948a23e2d04e587644db224d73ca646841d52fb62c5176a0c5fa4beb2bcff
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
ba983bb89208d2adc55c9dde67e675fff58fe78020fca6c396d290ec6806780a
be64da47ffc5fc1e40ba8205a0974330a76815e151e84ba365a750a7c96f1d1d
bfae35edc61595bd27d16c01ddc44ef00c152c0006e16f836101d3b6a6621d01
c01c3ea6d9369a98891f5f9bc59955329dc6df20da11121a935c24fa2b27ccd9
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c2d8bf5b0772b229545b280469bd369be63583d4209c3e0c0436c28b6754c131
c67edceec71205b1f01e66f7efe0eda424984fa2b0c55ac5803cdbd24b9c3299
c8f6428d72ad132b9dfa15bfe9c9023323fc4e180e62d5f02b54eff2f2eebce0
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cd967e1dbbe051fd7cc1029643231f25794da1cfabaa31efeae11c019c3d0e5d
cdb565b4c1e72eef8ba9d4065670a81a271a3f1fd05c9a999300889873596ab4
cdb8dc751d758da8fd7abd4fbdfefb74b725e5873b9f4d10b66fb1b9c9dfb12f
ce3471ccd08187d7fe1e76cd7c67d991cb7d15a0a27b8b50b4ea7389520edba7
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
d9a468175191421dd4614dc35cc6209983abdf4691f0eb73c9e622b734d45a16
d9d5f94dcf738f569100d6bb18a12bb8a02c2ecd51fdc3ec9c10d47f2ada2011
da678f65d7cf9d50409be667aaeba20218dfb261478a13b6602d117b09e08a5b
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
db1871ffa95c0cf965a3c672a924d2122a1faaf164961b82bc7b1b3273385a5c
dbe6a90b8767ed69619a94bb45ab6032e259b586feba7a7c5fde10247fb104ab
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dde9e66b252d0aac6863570dcdfe01ac587e6655b253f0f6c04e9d76e3440f63
e0011c21f560ab70909db0c489427690aacea59bd7e3bc8aeffa7063e2c68980
e0eeccc71d03aaf90c9601ded8c5eb608822168133d5ef3e0bc0e3592ff90f05
e2f99d9465b9add1e23c255b5da65d0a7c7049a14a04e83fd2852a5901fc6479
e3260db446188242293e04a658411e44c6175108bc5d8b7e7676e8786d4f0501
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d5bb155c0f8d862a1ce1cef045b3762649307c88a2543d6f76a4b735523855
e7b0025c8803ae756064287f63df76c04aec91c10f5df0dbaabce889da1aefa8
e8f71867a6991d5a1ba2b9cd33000e8d8691f6ba8864516946b62087de93aa85
eb3487cae40a55bf31dc6e6191ab0d88ec8c8f85c62bf28ad25ad0a40c16a611
ebbff6510a780fae81a8a10f1f529fde2e10de0069fba99d4267124e59d5f7f8
ecdc1d4115757ea915f4d482d7f3bd7ca8f85ca121d3efcf14b0edcbe41e2da6
ed6b6475aad52b60e31dda38a29183c4317b106ebe1ffe4b73ec598ca2e26f5d
ee5aa271d61b24419f0e414cb72d3c522782f6d1edca1e26da1eaa40455bad66
ee5b2d55502f6214cbf45878d363cbf9304ee7cc6def3f561de93c7b6f71b0a2
ee7e17b90de54189aa08beab196e8aece1604d228884022423ffd4d101754948
eee0a1315b29e79349d15715f1c319021e2b4151cd2793d7ef3161bc83f536cb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f362aca684bfecd3f29fe2418aae24101bb2e01a7efa7f27fb430d4c9099710e
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3d785bd33332b154fffa5f2ff673b80b0d6f442f8d51993b9f9b74868515941
f6022d38e15c383e4bb8a154b49e435a19b8e4fd611b4a5bef52d9b4924cc9f4
f7347c2b3c0649df0a10fdd68d29cc0ff17a250992a2f5f5cce375f71a9aa8d5
f88eb9b6ea2ddecf6dab3e397c92e757e562f78dad657c7c96ba193966abea32
f94bb8ade3a70bcbba3056c89b05a721b2d4ccd3c7c8a9bce68969b72b6c718e
faf6e6e3573dc6f4be5e7efe63ccd97dbe4b5a63de4ca70f8587566ca91063e1
fb8189d5d2e3f2f0e73091ea2f1751bfb4e493de73849950bfa5e66fc0d616e5
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

orca.security Open in urlscan Pro 192.0.66.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

197 Requests

96 %HTTPS

57 %IPv6

34 Domains

51 Subdomains

46 IPs

5 Countries

7785 kBTransfer

14376 kBSize

37 Cookies

28 Outgoing links

Page URL History

Redirected requests

197 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

orca.security Open in urlscan Pro
192.0.66.102 Public Scan

Screenshot
Live screenshot

Full Image

197
Requests

96 %
HTTPS

57 %
IPv6

34
Domains

51
Subdomains

46
IPs

5
Countries

7785 kB
Transfer

14376 kB
Size

37
Cookies

197 HTTP transactions
3 data transactions