darktrace.com Open in urlscan Pro
52.17.119.105  Public Scan

24 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

• https://cm.everesttech.net/cm/dd?d_uuid=24192998572208471632560768826065043672 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZerVUAAAAIUwAgO-

Request Chain 92

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1709888848473&li_adsId=c86e9f5c-82c8-4227-b046-34e9b356831f&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365 HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1709888848473&li_adsId=c86e9f5c-82c8-4227-b046-34e9b356831f&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D67174%26time%3D1709888848473%26li_adsId%3Dc86e9f5c-82c8-4227-b046-34e9b356831f%26url%3Dhttps%253A%252F%252Fdarktrace.com%252Fblog%252Fbreakdown-of-a-multi-account-compromise-within-office-365%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1709888848473&li_adsId=c86e9f5c-82c8-4227-b046-34e9b356831f&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1709888848473&li_adsId=c86e9f5c-82c8-4227-b046-34e9b356831f&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&cookiesTest=true&liSync=true&e_ipv6=AQL0x85HXe8TEAAAAY4dUUW4cRuOWsK70MBs31_d_E8QCVjAeNXWoLBDHKA-vZ05XcAILgXU

Request Chain 97

• https://9120626.fls.doubleclick.net/activityi;src=9120626;type=unive0;cat=darkt00;ord=4094839931211;npa=1;auiddc=2065841198.1709888848;u1=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365;pscdl=noapi;gtm=45fe4360za220;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365 HTTP 302
• https://9120626.fls.doubleclick.net/activityi;dc_pre=CPe-uKuo5IQDFXAIogMdVuMBSA;src=9120626;type=unive0;cat=darkt00;ord=4094839931211;npa=1;auiddc=2065841198.1709888848;u1=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365;pscdl=noapi;gtm=45fe4360za220;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365

Request Chain 114

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/401176436/?random=1083259386&cv=11&fst=1709888848653&bg=ffffff&guid=ON&async=1&gtm=45be4360v892185516za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&label=iWNrCOfMzv0DEPTupb8B&hn=www.googleadservices.com&frm=0&tiba=Breakdown%20of%20a%20multi-account%20compromise%20within%20Office%20365%20%7C%20Darktrace%20Blog&npa=1&pscdl=noapi&auid=2065841198.1709888848&uamb=0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek5DaEFJZ0l1cnJ3WVFoS25rLVk2Z3ZhQndFaVlBUWExSnpoMlM3TUxUNlI0ME1rZ3JlZVlVOU1WaXZOblFmNk9vTmJKc1pha19IdjliemcaWENoQUlnSXVycndZUTk3R1FzTG5WeE9KeUVpNEFfR1lyTWxrWE1EMGxHYURfSTlKTmJnYndGdmxFOHpHeEpjN1BlRENlVzBpVGJLZlVkOFBMUjd4R0lHc0QiEwjTwr6rqOSEAxW4RB0JHTK5CGkyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC HTTP 302
• https://www.google.com/pagead/1p-conversion/401176436/?random=1083259386&cv=11&fst=1709888848653&bg=ffffff&guid=ON&async=1&gtm=45be4360v892185516za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&label=iWNrCOfMzv0DEPTupb8B&hn=www.googleadservices.com&frm=0&tiba=Breakdown%20of%20a%20multi-account%20compromise%20within%20Office%20365%20%7C%20Darktrace%20Blog&npa=1&pscdl=noapi&auid=2065841198.1709888848&uamb=0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek5DaEFJZ0l1cnJ3WVFoS25rLVk2Z3ZhQndFaVlBUWExSnpoMlM3TUxUNlI0ME1rZ3JlZVlVOU1WaXZOblFmNk9vTmJKc1pha19IdjliemcaWENoQUlnSXVycndZUTk3R1FzTG5WeE9KeUVpNEFfR1lyTWxrWE1EMGxHYURfSTlKTmJnYndGdmxFOHpHeEpjN1BlRENlVzBpVGJLZlVkOFBMUjd4R0lHc0QiEwjTwr6rqOSEAxW4RB0JHTK5CGkyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&cid=CAQSKQB7FLtqhs6uW_Huc7UOoF3RSKXhykiGagkiVmtkFCZLfZkLGNWm43hB&random=1192280869 HTTP 302
• https://www.google.de/pagead/1p-conversion/401176436/?random=1083259386&cv=11&fst=1709888848653&bg=ffffff&guid=ON&async=1&gtm=45be4360v892185516za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&label=iWNrCOfMzv0DEPTupb8B&hn=www.googleadservices.com&frm=0&tiba=Breakdown%20of%20a%20multi-account%20compromise%20within%20Office%20365%20%7C%20Darktrace%20Blog&npa=1&pscdl=noapi&auid=2065841198.1709888848&uamb=0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek5DaEFJZ0l1cnJ3WVFoS25rLVk2Z3ZhQndFaVlBUWExSnpoMlM3TUxUNlI0ME1rZ3JlZVlVOU1WaXZOblFmNk9vTmJKc1pha19IdjliemcaWENoQUlnSXVycndZUTk3R1FzTG5WeE9KeUVpNEFfR1lyTWxrWE1EMGxHYURfSTlKTmJnYndGdmxFOHpHeEpjN1BlRENlVzBpVGJLZlVkOFBMUjd4R0lHc0QiEwjTwr6rqOSEAxW4RB0JHTK5CGkyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&cid=CAQSKQB7FLtqhs6uW_Huc7UOoF3RSKXhykiGagkiVmtkFCZLfZkLGNWm43hB&random=1192280869&ipr=y

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request breakdown-of-a-multi-account-compromise-within-office-365 Show response darktrace.com/blog/	160 KB 43 KB	285ms 109ms	Document text/html	52.17.119.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.17.119.105 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-17-119-105.eu-west-1.compute.amazonaws.com Software / Resource Hash 37ef5c04efaf15e118d407872ad7520ff7c94e3b9979da9467ed55bbca2f5f9e Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 2943 content-encoding gzip content-length 43443 content-security-policy frame-ancestors 'self' content-type text/html date Fri, 08 Mar 2024 09:07:27 GMT referrer-policy strict-origin-when-cross-origin strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding,x-wf-forwarded-proto x-cache HIT, HIT x-cache-hits 3, 1 x-cluster-name eu-west-1-prod-hosting-red x-content-type-options nosniff x-frame-options SAMEORIGIN x-lambda-id 67beeb6f-8a38-498c-80db-a699e4c306d8 x-permitted-cross-domain-policies none x-served-by cache-iad-kcgs7200087-IAD, cache-dub4347-DUB x-timer S1709888847.335393,VS0,VE2 x-xss-protection 1; mode=block
GET H2	200	web-phoenix.4371d9a38.min.css assets-global.website-files.com/626ff19cdd07d1258d49238d/css/	649 KB 118 KB	284ms 49ms	Stylesheet text/css	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.4371d9a38.min.css Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 561683d688eb732b093300557a12cb03da83dd684d2ea7023ad9d56330134cf1 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-amz-version-id Qhu2e70n6CwS7oMRSl_XvgbKY3Lm0.9K content-encoding gzip via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) date Thu, 07 Mar 2024 15:24:22 GMT age 63858 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 119708 last-modified Tue, 05 Mar 2024 16:22:10 GMT server AmazonS3 etag "6540a4b72240d12cc93ab9a21b9f5e17" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id W-mwE3lNF4Q5AtLmHCwTwjtqDsHJ8CGo4wVS0b6tPdDvkxabO9RTPw==
GET H2	200	api.js Show response www.google.com/recaptcha/	1 KB 1 KB	134ms 48ms	Script text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 3252500be7b91b993ef2af4039c11871773ea1dbda57868f3dbfcd388eb2a66d Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:27 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 08 Mar 2024 09:07:27 GMT
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 7 KB	133ms 51ms	Script application/javascript	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d85e4dcb52ce714c7136eb95a32765325205a4aabdb51932bd9024c400be665d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 08 Mar 2024 09:07:27 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 /RTAD1TAPuPWblD15GN1pg== age 17907 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 6842 x-ms-lease-status unlocked last-modified Thu, 07 Mar 2024 20:52:31 GMT server cloudflare etag 0x8DC3EE8820BCF86 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id b581cd2d-601e-0006-2605-710a3c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8611acd0fe62bb79-FRA
GET H2	200	launch-581b2cfa7858.min.js Show response assets.adobedtm.com/ea4e25aa0549/f752722fa920/	155 KB 47 KB	210ms 40ms	Script application/x-javascript	2a02:26f0:3500:591::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 09cd1ebb7ad8640ea9940b7228d2efe90c5b7d2d4874f3ee77a3723d25e3c2f4 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-encoding gzip last-modified Thu, 29 Feb 2024 13:58:53 GMT server AkamaiNetStorage etag "b951e271284e2320ef7869f752202279:1709215133.145761" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://darktrace.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 47907 expires Fri, 08 Mar 2024 10:07:28 GMT
GET H2	200	25522132.js Show response js-eu1.hs-scripts.com/	2 KB 1 KB	253ms 83ms	Script application/javascript	172.65.208.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-scripts.com/25522132.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4ac6bc4da0abccfda8925d2d7eef036c4edcdb917199a428eb08b8dfaa8a2b0 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT x-hubspot-correlation-id 5f186fbe-2de0-498e-95f5-f3e2822b5652 x-evy-trace-route-service-name envoyset-translator cf-polished origSize=2524 x-envoy-upstream-service-time 7 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 5f186fbe-2de0-498e-95f5-f3e2822b5652 cf-bgj minify last-modified Fri, 08 Mar 2024 07:41:16 GMT server cloudflare x-trace 2B473832E74181DB1A1BE8532A4FA6D223EFE07AAA000000000000000000 access-control-max-age 3600 vary origin, Accept-Encoding content-type application/javascript;charset=utf-8 access-control-allow-origin https://darktrace.com x-evy-trace-served-by-pod fra04/hubapi-td/envoy-proxy-6d5967b5f5-lxsjf x-evy-trace-virtual-host all access-control-allow-credentials true cf-ray 8611acd40b31450a-TXL
GET H2	200	weglot.min.js Show response cdn.weglot.com/	119 KB 42 KB	154ms 53ms	Script application/javascript	2606:4700::6812:720 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.weglot.com/weglot.min.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:720 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39c3108383ffb834ba5f85b80d9411655bfabcac31f7fdd73e30a9bfc44cffd1 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:27 GMT content-encoding gzip via 1.1 ad8435b5d8ce6330cfea09301a17c5b8.cloudfront.net (CloudFront) x-amz-version-id null cf-cache-status HIT strict-transport-security max-age=15552000; includeSubDomains; preload x-amz-cf-pop CDG50-C2 age 1240 x-cache Miss from cloudfront last-modified Wed, 21 Feb 2024 13:18:49 GMT server cloudflare etag W/"b702264b56ebab890747713bffecb270" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=1800 cf-ray 8611acd1198337ca-FRA x-amz-cf-id 464GEc3jpHmGWxsw0xNSLnOq1frBASSaJaULIH1Sacq0W4CHcj51Jw== expires Fri, 08 Mar 2024 09:37:27 GMT
GET H2	200	jquery-ui.css code.jquery.com/ui/1.13.2/themes/base/	35 KB 8 KB	132ms 42ms	Stylesheet text/css	2a04:4e42::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/ui/1.13.2/themes/base/jquery-ui.css Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash c8c2157918c9fed0bb9dcc56c96b52dc7af70b05ca0228e467eaf91777751ad7 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:27 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 15086645 x-cache HIT, HIT content-length 8356 x-served-by cache-lga21933-LGA, cache-fra-etou8220046-FRA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1709888848.525783,VS0,VE0 etag W/"28feccc0-8d03" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 55, 20268
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	132ms 41ms	Script application/javascript	2a04:4e42::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:27 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 2346466 x-cache HIT, HIT content-length 30875 x-served-by cache-lga21931-LGA, cache-fra-etou8220046-FRA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1709888848.525755,VS0,VE0 etag W/"28feccc0-15d9d" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 15, 445940
GET H2	200	9d4e9aed-5f41-4ac6-9664-348ac7434c4c.js Show response t.gatorleads.co.uk/Scripts/ssl/	14 KB 7 KB	209ms 40ms	Script text/javascript	37.221.223.30 SPOTLER Spotler N...
General Check archive.org Show headers Download Go to Full URL https://t.gatorleads.co.uk/Scripts/ssl/9d4e9aed-5f41-4ac6-9664-348ac7434c4c.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 37.221.223.30 , United Kingdom, ASN51514 (SPOTLER Spotler Network, NL), Reverse DNS mail30.tgml2.co.uk Software Caddy / Resource Hash 2640b6bbf6b7cd7844db1890c44b3be228e70ab0e0eb91012405513b599d6abc Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-encoding gzip x-backend web43 age 7257 x-cache HIT 1283 spuk-var01 cad-forwarded-for 80.255.7.108 content-length 6883 x-client-ip 10.118.6.11 server Caddy vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public access-control-allow-credentials true x-client-id 10.118.6.11 t-caddyhead 101 accept-ranges bytes
GET H2	200	socialshare.js Show response cdn.jsdelivr.net/npm/@finsweet/attributes-socialshare@1/	9 KB 4 KB	221ms 58ms	Script application/javascript	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@finsweet/attributes-socialshare@1/socialshare.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eafd7e17be354753ca120ef03d28aa45a37c423e89e9f2602e8fd5a24400f150 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 43193 x-jsd-version 1.3.1 content-encoding br x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230139-FRA x-jsd-version-type version server cloudflare etag W/"2385-rwl9CAsmlk954AGumYBzecK5wJE" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3ILcp4sVhRDe%2FOzq0qUv1OMKdqQb7JN8V0vmom%2BlgvjLxE5S7JBzNmnkfUcXAuWSfrCsFJDqAHCiV0mwtbN8OL2o%2Fp%2BdWmR2%2BWzjV4OMIsoL3NBPNMUobG48LzYxgd5T6lVSMjl8S%2FAF%2FEUz1k%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 8611acd41b291e10-FRA
GET H2	200	62c4e22e866dec1fe2712cb3_Darktrace%20Logo%20B%3AO%20-%20Vector.svg assets-global.website-files.com/626ff19cdd07d1258d49238d/	8 KB 3 KB	365ms 131ms	Image image/svg+xml	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/62c4e22e866dec1fe2712cb3_Darktrace%20Logo%20B%3AO%20-%20Vector.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ef6b6ed623b9789747d2e491b3ad692793d461be2f27bdf0c531b2d953fa670d Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 06 Dec 2023 12:01:51 GMT x-amz-version-id U3NyuUAtCMgfEVbn9mSuYAOoErDsuB9M content-encoding br via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 8024737 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 06 Jul 2022 01:15:27 GMT server AmazonS3 etag W/"c34059ce90d8a25cb81c8342bac3caad" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-id GHINPwbnWqccFLckye0xWoZOjsDZGpSUltSHyGiCeNeSRbmItM9fug==
GET H2	200	62c4e24dc156cb0b0f553f00_Darktrace%20Logo%20W%3AO%20-%20Vector.svg assets-global.website-files.com/626ff19cdd07d1258d49238d/	4 KB 2 KB	363ms 129ms	Image image/svg+xml	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/62c4e24dc156cb0b0f553f00_Darktrace%20Logo%20W%3AO%20-%20Vector.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fb569f6cb17f458762401b465a42bef12e5d53c5159fe280fdeebce485918f15 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 06 Dec 2023 12:01:51 GMT x-amz-version-id atk2MPCHNIcTHrkcjIHBKdHEDkFTRJJf content-encoding br via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 8024737 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 06 Jul 2022 01:15:59 GMT server AmazonS3 etag W/"5991991ddb298b4d5a41b64e945abc05" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-id n3J_ckSJwVdQEfu0GMMeaFRvsKN4iAPLHJ_r_5bi3eTVo45-CAK3Cw==
GET H2	200	62d2a054683aff457f8ffc84_6-1.png assets-global.website-files.com/626ff4d25aca2edf4325ff97/	226 KB 227 KB	49ms 49ms	Image image/png	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/62d2a054683aff457f8ffc84_6-1.png Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b4a6e6dfbf126d489ce7433a2ae3b7e71bb172d3cb93714f7abffe5d594acc87 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-amz-version-id EK_mHwedJsafgJE_5KZDMKxlEbVudT65 date Fri, 08 Mar 2024 09:07:27 GMT via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 1030 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-storage-class INTELLIGENT_TIERING content-length 231614 last-modified Sat, 16 Jul 2022 11:35:36 GMT server AmazonS3 etag "f5f81aac4f45531e4d4344aaaa9df68f" content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id f-asE24-FBfJblADSuPIzlYoIV2ArcGFpfPFkzs4lfLJ3VRn-uiS4A==
GET H2	200	62d2a054a73d9020b38b1283_6-2.png assets-global.website-files.com/626ff4d25aca2edf4325ff97/	219 KB 219 KB	75ms 75ms	Image image/png	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/62d2a054a73d9020b38b1283_6-2.png Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bb058a8c93edffddf1b4073937b1cbb6df508b0850ecfc0474279369d93e89c5 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-amz-version-id cMiomGasb.WOjVABESExeE6DV5puJn7z date Fri, 08 Mar 2024 09:07:27 GMT via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 54381 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-storage-class INTELLIGENT_TIERING content-length 223875 last-modified Sat, 16 Jul 2022 11:35:36 GMT server AmazonS3 etag "bb21be3c343ab83db6e26803843e31f2" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id dFZpqkrbHkm4b84aT_8-xLqqm2gNkYXsB3ABMhwbzQ7WQ57azJktSw==
GET H2	200	62d2a0545bbb74080355bd4d_6-3.png assets-global.website-files.com/626ff4d25aca2edf4325ff97/	125 KB 125 KB	140ms 137ms	Image image/png	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/62d2a0545bbb74080355bd4d_6-3.png Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7e3dc41003043e4164e9c76d1533038eb8e7638c9f8e58416add6603a037cdcb Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-amz-version-id ZaNoDCmg0zffdEn_n7GMbMCOwO2uGJfU date Fri, 08 Mar 2024 09:07:27 GMT via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 1030 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 127874 last-modified Sat, 16 Jul 2022 11:35:36 GMT server AmazonS3 etag "ccc04f255321ad112c2e16af0d076816" content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id Bfv1t46pAFseyKnM9Mip2K5dZX0eRX4jK4SxYNLpoqhJEgNf0nST1w==
GET H2	200	62d2a054b7f9bc2b4d1f8927_6-4.png assets-global.website-files.com/626ff4d25aca2edf4325ff97/	194 KB 195 KB	126ms 125ms	Image image/png	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/62d2a054b7f9bc2b4d1f8927_6-4.png Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0518fa4585f69b5ad5f34abf951a588b437589d470e19cd6799fe019d1e655bf Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-amz-version-id KBwpThceZqajSRI8j4KlxZXdP93ODJhm date Fri, 08 Mar 2024 09:07:27 GMT via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 1030 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-storage-class INTELLIGENT_TIERING content-length 198528 last-modified Sat, 16 Jul 2022 11:35:36 GMT server AmazonS3 etag "14c70516228eae2b582ca7aa735a0840" content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id K38zO8b-CxrjRJHpT8x2NqbjzTOGyfcfoGNunBdbWPwjFrniWZAc3g==
GET H2	200	62d2a0559c13578da2a3f558_6-5.png assets-global.website-files.com/626ff4d25aca2edf4325ff97/	305 KB 306 KB	144ms 143ms	Image image/png	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/62d2a0559c13578da2a3f558_6-5.png Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5b75047971232f5cb69d7f74b90d9fcf74001ec99661c179b922088b39a52104 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-amz-version-id n1EwEB3qkya_l6dELXysN5Z5ruUxedoa date Fri, 08 Mar 2024 09:07:27 GMT via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 54381 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-storage-class INTELLIGENT_TIERING content-length 312623 last-modified Sat, 16 Jul 2022 11:35:36 GMT server AmazonS3 etag "843693997d1916a6062b6dd7e6e2a40b" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id ILf2JEVaZymC8aD2XJeCUmdusmmS9CBag16LWiSxpT-PzhReV4GGCA==
GET H2	200	62d2a0555bbb74325455bd4e_6-6.jpeg assets-global.website-files.com/626ff4d25aca2edf4325ff97/	122 KB 122 KB	144ms 143ms	Image image/jpeg	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/62d2a0555bbb74325455bd4e_6-6.jpeg Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b6d57f1e6de4bf034bc4d4c0921ca56ff6eb7538dabcc3d65881f8357ef21cb9 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-amz-version-id M.O.lLA8dYXzHoRrzetx8WxNnYs2OeIm date Fri, 08 Mar 2024 09:07:27 GMT via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 54381 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 124418 last-modified Sat, 16 Jul 2022 11:35:36 GMT server AmazonS3 etag "4971129f5efb10956b3b218590e64f0a" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id xp8mLdSsiZkIKmiWL2YYysVTZZq5RqZC4AVf_fsUDmOc8R61mDO-yg==
GET H2	200	62d2a055459b107314afa419_6-7.jpeg assets-global.website-files.com/626ff4d25aca2edf4325ff97/	126 KB 127 KB	144ms 143ms	Image image/jpeg	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/62d2a055459b107314afa419_6-7.jpeg Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9fd6af359fa524be9ab470db9d72bc200ca12c0dd7fe03288d4117bd3395253a Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-amz-version-id THyxUKqVOEqpDO3637j_ViGYgRUiEvrN date Fri, 08 Mar 2024 09:07:27 GMT via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 82886 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 129323 last-modified Sat, 16 Jul 2022 11:35:37 GMT server AmazonS3 etag "8d63f191132e610c9889493512b7e3e8" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id S12qyUUKriMmZotf0ax-nO1MdcsNR4xsZGXpWTfB55Eg08F2GsmZVQ==
GET H2	200	62d2a055cb5c409f028a5f7e_6-8.jpeg assets-global.website-files.com/626ff4d25aca2edf4325ff97/	155 KB 156 KB	144ms 143ms	Image image/jpeg	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/62d2a055cb5c409f028a5f7e_6-8.jpeg Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1658a077048f287cd727db2401bc6fb0013c6c1319dbebeae208fe9eb2821b2c Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-amz-version-id MIF81As3H.vHj8qh1aXnyhkFQ0Li3hdc date Fri, 08 Mar 2024 09:07:27 GMT via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 1030 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-storage-class INTELLIGENT_TIERING content-length 159008 last-modified Sat, 16 Jul 2022 11:35:37 GMT server AmazonS3 etag "4804ad3607c37b3b7a0db8e116afe74b" content-type image/jpeg access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id ZzZ2U7jYhaM0AQ9KxoS8AkXUQNCf_tYjii42XqX7DuYJe8Z8pvp-jQ==
GET H2	200	62ea8f67df96d8d5acc8a61b_office365%20figure%209.jpg assets-global.website-files.com/626ff4d25aca2edf4325ff97/	177 KB 178 KB	143ms 142ms	Image image/jpeg	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/62ea8f67df96d8d5acc8a61b_office365%20figure%209.jpg Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a3944207be9523b9169a77cf1729f12301810b6f82cf074fb1d88a82a7c2c89a Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 08 Jan 2024 09:09:19 GMT x-amz-version-id Mx1sQ._HKhR1.dYdfMD57E_JsfaS0Bh2 via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 5183889 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 181456 last-modified Wed, 03 Aug 2022 15:08:25 GMT server AmazonS3 etag "e34302bc8ebdb1a8436065082d8fbef4" content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id tjv0H7rDPSrF5t7tiWDausmyoodmXJUPYYs5bDPesbzYnGLvEirOSQ==
GET H2	200	62ea8f98af5592de3e1237ad_office365%20figure%2010.jpg assets-global.website-files.com/626ff4d25aca2edf4325ff97/	214 KB 215 KB	143ms 142ms	Image image/jpeg	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/62ea8f98af5592de3e1237ad_office365%20figure%2010.jpg Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7b26ca4288fbc333ca316b4ac0e02f726f1d6eb6f5cf647d4450b49740a4a904 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 08 Jan 2024 09:09:19 GMT x-amz-version-id mOMvEkeJ8XJA612i2WtgZMFEApfisK0h via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 5183889 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 219434 last-modified Wed, 03 Aug 2022 15:09:14 GMT server AmazonS3 etag "f0da54d006d848b3cc7cc90c4ad70168" content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id ZM0AOlOhYOYwAdHxlKVXYAsn2SU70_uHaX2N5-_crl9tkcGKbmXftg==
GET H2	200	62ea8fb7156de825ddb787c5_office365%20mitre%20and%20ioc.jpg assets-global.website-files.com/626ff4d25aca2edf4325ff97/	180 KB 181 KB	144ms 143ms	Image image/jpeg	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/62ea8fb7156de825ddb787c5_office365%20mitre%20and%20ioc.jpg Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f94b469b1e2597173a165049fe27ea274af976f67f25ef58a47e54edf1b46e8e Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 08 Jan 2024 09:09:19 GMT x-amz-version-id 2qxFJZA.QgXCmxJCQuPdCEtZVmSILuDv via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 5183889 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 184350 last-modified Wed, 03 Aug 2022 15:09:45 GMT server AmazonS3 etag "4a9dec5be26c9bab4e0a341c133da5d0" content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id eYJpIj-SurUKeY5brPc44rTmRJWzJF6tjf_-u1IUrd45rgrsUyP-LQ==
GET H2	200	6439504aac7642d452f73227_Orrange%20Arrow.svg assets-global.website-files.com/626ff19cdd07d1258d49238d/	515 B 973 B	142ms 142ms	Image image/svg+xml	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/6439504aac7642d452f73227_Orrange%20Arrow.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4132d7151489539efda9fcd764f395c17bcf6d28f2b77787ea49d2acaf987c9b Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 29 Jan 2024 12:51:55 GMT x-amz-version-id EsH5slD6K9c8haLetnad.x967jb3Dp0C via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 3356133 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 515 last-modified Fri, 14 Apr 2023 13:08:27 GMT server AmazonS3 etag "dbf50e460599d6583e104fddeb06617d" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id NBnPOoRT6hk2Zt9ASeN5O9douS0xHswiGyHQSKMM9Nr_spKayMKfeg==
GET H2	200	jquery-3.5.1.min.dc5e7f18c8.js Show response d3e54v103j8qbb.cloudfront.net/js/	87 KB 30 KB	218ms 47ms	Script application/javascript	52.222.232.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=626ff19cdd07d1258d49238d Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.232.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-232-99.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Referer https://darktrace.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 06:00:18 GMT content-encoding br via 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront) age 11230 x-amz-cf-pop FRA56-P4 x-cache Hit from cloudfront last-modified Mon, 20 Jul 2020 17:53:02 GMT server AmazonS3 etag W/"dc5e7f18c8d36ac1d3d4753a87c98d0a" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=84600, must-revalidate vary Accept-Encoding x-amz-cf-id n2wMR6vtvo6Gbu8hxX3njxElYk51gxtE-3uSizHQilOwKhFyD4BJAQ==
GET H2	200	web-phoenix.6f0596bb3.js Show response assets-global.website-files.com/626ff19cdd07d1258d49238d/js/	2 MB 267 KB	98ms 95ms	Script text/javascript	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/js/web-phoenix.6f0596bb3.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c5dba9e8effec39cc4edb84a31800bc86f7db38afefc6a6feebe5b8fd36fb057 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-amz-version-id lZmR5bDL_PEO2jyO1Y6RhTvXDjlOjfWe content-encoding gzip via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) date Thu, 07 Mar 2024 17:25:43 GMT age 56505 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 272889 last-modified Wed, 06 Mar 2024 17:54:42 GMT server AmazonS3 etag "a63a17290186a7e38d5d97c6a360f23d" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id oI6GsVfURKfGS_WZ_r54ZmMTOumE4DGZcA7CbXATvUzlW_ylXwNrzg==
GET H2	200	jquery-ui.min.js Show response code.jquery.com/ui/1.13.2/	249 KB 66 KB	49ms 46ms	Script application/javascript	2a04:4e42::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/ui/1.13.2/jquery-ui.min.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:27 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 1305717 x-cache HIT, HIT content-length 67628 x-served-by cache-lga13623-LGA, cache-fra-etou8220046-FRA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1709888848.852424,VS0,VE0 etag W/"28feccc0-3e46c" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 49, 24669
GET H2	200	gsap.min.js Show response cdnjs.cloudflare.com/ajax/libs/gsap/3.11.4/	69 KB 25 KB	219ms 50ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.4/gsap.min.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b36764faf17f2803c4ef3a5ea18b0187dc9ae66b13ec253c71ddb3178d2ccf52 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 659048 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 25169 last-modified Thu, 22 Dec 2022 06:00:31 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "63a3f27f-6251" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FuZqjREeaCURLgFCohIlF5%2FEBuGZTiboZ2PPCVkP%2BP399UKegpfdDfOa47hdpBUS1f%2FZpiF1sNHOGGlqzi%2FdDdpssYnuIyQ2gechfT5Tn5o9gJt5qZswsJbOPcOjrFT2esNwsp7zv3f9DgLaColUZVnt"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8611acd41e319978-FRA expires Wed, 26 Feb 2025 09:07:28 GMT
GET H2	200	form-123.js Show response hubspotonwebflow.com/assets/js/	12 KB 2 KB	233ms 63ms	Script application/javascript	76.76.21.61 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hubspotonwebflow.com/assets/js/form-123.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash 8323a2d9c9e1f89ab87c4463fccb464202b4990a9a7b235f7e056b0689b135f7 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Referer https://darktrace.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-encoding br strict-transport-security max-age=63072000 server Vercel x-vercel-id fra1::t6bcb-1709888848015-34b669b80df7 age 819304 x-matched-path /assets/js/form-123.js etag W/"45a5b8fce72454a16ad1f1ebaf6d1feb" x-vercel-cache HIT content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate content-disposition inline; filename="form-123.js"
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/	494 KB 197 KB	210ms 42ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://darktrace.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 19:55:35 GMT content-encoding gzip x-content-type-options nosniff age 306713 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 200579 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 04 Mar 2025 19:55:35 GMT
GET H2	200	20244352-54bc-40a3-80e3-0daa9d221c87.json Show response cdn.cookielaw.org/consent/20244352-54bc-40a3-80e3-0daa9d221c87/	6 KB 3 KB	145ms 61ms	XHR application/x-javascript	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/20244352-54bc-40a3-80e3-0daa9d221c87/20244352-54bc-40a3-80e3-0daa9d221c87.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ed951ca234a2aae2ddef8ef3167b9c632c4581f8c44903934c3113507c4c840 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 08 Mar 2024 09:07:27 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 14596 content-md5 O32+igPEVrnpWERNPp4ZoQ== content-length 2032 x-ms-lease-status unlocked last-modified Wed, 17 May 2023 08:45:55 GMT server cloudflare etag 0x8DB56B321096755 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 514d3509-601e-0039-7dcb-0bc29f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8611acd37a9e37da-FRA expires Sat, 09 Mar 2024 09:07:27 GMT
GET H2	200	234baeaaccaa2f09e0dc6c004f571bbd6.json Show response cdn.weglot.com/projects-settings/	3 KB 1 KB	145ms 58ms	Fetch application/json	2606:4700::6812:720 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.weglot.com/projects-settings/234baeaaccaa2f09e0dc6c004f571bbd6.json Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:720 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0013269f7060bdc8e7ea9eefefa274b1f210ce684a7a496944083112c61b5acb Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:27 GMT x-amz-version-id null content-encoding gzip cf-cache-status HIT via 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront) strict-transport-security max-age=15552000; includeSubDomains; preload x-amz-cf-pop FRA60-P4 age 342983 x-cache Hit from cloudfront last-modified Mon, 04 Mar 2024 09:24:32 GMT server cloudflare etag W/"7e3e68a9a977bffed3c33986daecbaae" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/json access-control-allow-origin * cache-control public, max-age=60 cf-ray 8611acd38f884d79-FRA x-amz-cf-id S43Q61nro1wBcHkR66B4cPkP8_1QoITaRG4K79tiMjeU9NPaXHBLYw== expires Fri, 08 Mar 2024 09:08:27 GMT
GET H2	200	/ ir.darktrace.com/	0 0	315ms 148ms	Other text/html	104.16.61.2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ir.darktrace.com/ Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.61.2 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers
GET H2	200	resources darktrace.com/	0 65 KB	65ms 65ms	Other text/html	52.17.119.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://darktrace.com/resources Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.17.119.105 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-17-119-105.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:27 GMT content-security-policy frame-ancestors 'self' content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff x-permitted-cross-domain-policies none age 273 x-cache HIT, HIT x-cluster-name eu-west-1-prod-hosting-red content-length 65702 x-xss-protection 1; mode=block x-served-by cache-iad-kjyo7100119-IAD, cache-dub4327-DUB referrer-policy strict-origin-when-cross-origin x-timer S1709888848.862685,VS0,VE0 x-lambda-id e246fedd-b0f3-4edf-9eed-e65a312dc41e x-frame-options SAMEORIGIN vary Accept-Encoding,x-wf-forwarded-proto content-type text/html accept-ranges bytes x-cache-hits 1, 4
GET H2	200	6411aa96cb32ec1f5fcb7bac_Primary%20CTA%204.webp assets-global.website-files.com/626ff19cdd07d1258d49238d/	82 KB 83 KB	130ms 129ms	Image image/webp	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/6411aa96cb32ec1f5fcb7bac_Primary%20CTA%204.webp Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.4371d9a38.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 35554656118ced47368a42899d05e4449d1b7583a8f45851baa58f88debc9bf9 Request headers accept-language de-DE,de;q=0.9 Referer https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.4371d9a38.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-amz-version-id TMsl_ozp.N89vHlK2cE2laBz_RYI9tQt date Fri, 08 Mar 2024 06:43:34 GMT via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 8667 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 84336 last-modified Wed, 15 Mar 2023 11:23:45 GMT server AmazonS3 etag "c163a21b325f21772c0d432ae780ad7a" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id T0bIGxOqqkRGQ_8i4GX4Ok632LEZ6NtNCG6WJib-I0Nn3mf5Ft3_yg==
GET H2	200	653a61805495885dea4c7c26_TypeType%20-%20TT%20Interphases%20Pro%20Variable.ttf assets.website-files.com/626ff19cdd07d1258d49238d/	699 KB 282 KB	325ms 172ms	Font application/x-font-ttf	2600:9000:235a:ee00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/626ff19cdd07d1258d49238d/653a61805495885dea4c7c26_TypeType%20-%20TT%20Interphases%20Pro%20Variable.ttf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.4371d9a38.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:235a:ee00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8afb99c212f9301fc21a4de17bbe809db4e68f42fcb714d5424348130b134cd0 Request headers Referer https://assets-global.website-files.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Thu, 26 Oct 2023 13:41:52 GMT x-amz-version-id dJ.Uhur2TehXFrfw2GueSqrB2cNfjHF5 content-encoding br via 1.1 45e3ccd889272a7e8732f0eda13e87ca.cloudfront.net (CloudFront) age 11561137 x-amz-cf-pop FRA60-P9 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 26 Oct 2023 12:54:25 GMT server AmazonS3 etag W/"7c62d05274e726a95062f6431987436f" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id 4lCkoGkm0geJM1HkEkZ-wtY7w3n7cYalF2r_GWhaayrafa0HTOyfYw==
GET H2	200	65096b03d03a6b0358e8da01_StyreneDTWeb-Medium.ttf assets.website-files.com/626ff19cdd07d1258d49238d/	277 KB 70 KB	363ms 211ms	Font application/x-font-ttf	2600:9000:235a:ee00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/626ff19cdd07d1258d49238d/65096b03d03a6b0358e8da01_StyreneDTWeb-Medium.ttf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.4371d9a38.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:235a:ee00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2c889d861594cdd57090584b2bd3c3b5d8462ca2b445eeac5c0d0a27df119267 Request headers Referer https://assets-global.website-files.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 10 Nov 2023 06:24:24 GMT x-amz-version-id GivM0vfJcmH8N5fK3KVlsfeIBa4RjLmY content-encoding br via 1.1 45e3ccd889272a7e8732f0eda13e87ca.cloudfront.net (CloudFront) age 10291384 x-amz-cf-pop FRA60-P9 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 26 Oct 2023 12:50:39 GMT server AmazonS3 etag W/"babf393833722d9411d447268d573ae9" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id ddgMOXteKUsy-n9luOrIejZ1TS80mgpH49Ahe3ov-yLfqDXgAVooYQ==
GET H2	200	65096b03ea49bfa053e5141f_StyreneDTWeb-Light.ttf assets.website-files.com/626ff19cdd07d1258d49238d/	275 KB 68 KB	310ms 159ms	Font application/x-font-ttf	2600:9000:235a:ee00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/626ff19cdd07d1258d49238d/65096b03ea49bfa053e5141f_StyreneDTWeb-Light.ttf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.4371d9a38.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:235a:ee00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8b5d0e889b75f14e89091dcccc71c42fcf277157ec9d025f0b844bb310089e54 Request headers Referer https://assets-global.website-files.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 20 Dec 2023 03:39:00 GMT x-amz-version-id 6UaLZoIOLmbBP_RM8iD3oNqk1bRmZfbn content-encoding br via 1.1 45e3ccd889272a7e8732f0eda13e87ca.cloudfront.net (CloudFront) age 6845309 x-amz-cf-pop FRA60-P9 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 26 Oct 2023 12:50:39 GMT server AmazonS3 etag W/"39f90c2e582307b6caccac78618ed801" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id 8qJ3u5kGHM1WEnQFFFZAOCHhacv-K9MPdzqWvkZ6pbOr-5C0YR3N6Q==
GET H2	200	65096b0385d01b33d733f794_StyreneDTWeb-Bold.ttf assets.website-files.com/626ff19cdd07d1258d49238d/	277 KB 69 KB	202ms 51ms	Font application/x-font-ttf	2600:9000:235a:ee00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/626ff19cdd07d1258d49238d/65096b0385d01b33d733f794_StyreneDTWeb-Bold.ttf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.4371d9a38.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:235a:ee00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 560945bf1cdf86e11d526e733b7024c831b64eaadba6dcaecc9e3ad41fd0d218 Request headers Referer https://assets-global.website-files.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 06 Dec 2023 12:02:11 GMT x-amz-version-id _DBFqgMlj41c3gV8GQuK703saqLs7X9E content-encoding br via 1.1 45e3ccd889272a7e8732f0eda13e87ca.cloudfront.net (CloudFront) age 8024717 x-amz-cf-pop FRA60-P9 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 26 Oct 2023 12:50:39 GMT server AmazonS3 etag W/"efd59cc0c47afd281c1a1a7f66967f19" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id 0nLjNfaLPk-48w5nwyziSPiD6Y9a3EPXYqXcLNxOm6OfOqpu_We7HA==
GET H2	200	653a6123777c2c80867a9985_TypeType---TT-Interphases-Pro-Regular.ttf assets.website-files.com/626ff19cdd07d1258d49238d/	136 KB 63 KB	258ms 107ms	Font application/x-font-ttf	2600:9000:235a:ee00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/626ff19cdd07d1258d49238d/653a6123777c2c80867a9985_TypeType---TT-Interphases-Pro-Regular.ttf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.4371d9a38.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:235a:ee00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a6fd219289d32bb4cdc8e8831a6f56c5cc0e4246f324bb598277e0c9036753d4 Request headers Referer https://assets-global.website-files.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 06 Feb 2024 12:33:11 GMT x-amz-version-id NJIFYhHvd_JhfneaV.NKkfauDoawdMS3 content-encoding br via 1.1 45e3ccd889272a7e8732f0eda13e87ca.cloudfront.net (CloudFront) age 2666058 x-amz-cf-pop FRA60-P9 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 06 Feb 2024 11:33:39 GMT server AmazonS3 etag W/"c1b8cbcc934aea3e53c8fc4904d8060d" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id lNUbT_I8WR7eK8J4gavKS99e50a7b3tsF9hlBGvfbhwYN2XEtKTyoA==
GET H2	200	653a612397d1d29107966886_TypeType---TT-Interphases-Pro-Medium.ttf assets.website-files.com/626ff19cdd07d1258d49238d/	136 KB 65 KB	289ms 137ms	Font application/x-font-ttf	2600:9000:235a:ee00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/626ff19cdd07d1258d49238d/653a612397d1d29107966886_TypeType---TT-Interphases-Pro-Medium.ttf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.4371d9a38.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:235a:ee00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 79b026bd6742c6610deedd72d90edd9c81c9a193765d36ca378ea5ea126c598f Request headers Referer https://assets-global.website-files.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 17 Jan 2024 10:16:08 GMT x-amz-version-id sl6Orh2OoetuS0nUqY6wxcUZKAB7XLSy content-encoding br via 1.1 45e3ccd889272a7e8732f0eda13e87ca.cloudfront.net (CloudFront) age 4402280 x-amz-cf-pop FRA60-P9 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 17 Jan 2024 09:53:39 GMT server AmazonS3 etag W/"9ceffdc8b55617bcce0da0274d7281f2" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id spQsDB_nyMBtkRS45jhwmCzZD113GM5hvU7oFUZvFC4wwwUTKYhfkA==
GET H2	200	6465ee11484f58b13a613163_Arow%20Desktop.svg assets-global.website-files.com/626ff19cdd07d1258d49238d/	551 B 1006 B	129ms 127ms	Image image/svg+xml	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/6465ee11484f58b13a613163_Arow%20Desktop.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 17764635f4f70e406ddc60a0e6cbdf246af1c9a49956c6edf88f13a39e1ef53f Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 31 Dec 2023 13:30:48 GMT x-amz-version-id Gd8pbU25UzGFBVMemk1P5cPbpr8RimWc via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 5859400 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 551 last-modified Thu, 18 May 2023 09:21:23 GMT server AmazonS3 etag "d5f42c0ea122d9a614a222735b946165" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id RbvkcuZIl3ga60rtdZZNL2RWAabUTkNiMaaegh-4tYpzZibMgJyEtw==
GET H2	200	64d3b3c4759b8597405a0e9b_SOC-Indcident%20Analysis.webp assets-global.website-files.com/626ff19cdd07d1258d49238d/	61 KB 62 KB	129ms 128ms	Image image/webp	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/64d3b3c4759b8597405a0e9b_SOC-Indcident%20Analysis.webp Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8ba97c56e4da5586bda0cd177f1436c21b1dbe15cf0d8a1ef6161f3c356fd9e0 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-amz-version-id O9Si43wOsmeeSbOPlAtBmxTLxWyi3UU8 date Fri, 08 Mar 2024 07:03:21 GMT via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 7447 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 62572 last-modified Wed, 09 Aug 2023 15:43:59 GMT server AmazonS3 etag "bdbcf7a0ab2f260f61a44fffc40d06b0" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id P4gwEXQ4CBcHX4VXh4MhLs6u1SHinEMLVF5xjgGlcEWVfJflVZotUg==
GET H2	200	6454d3090c26dacc6d886840_Blog%20Hero%20Deco.svg assets-global.website-files.com/626ff19cdd07d1258d49238d/	475 B 934 B	129ms 128ms	Image image/svg+xml	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/6454d3090c26dacc6d886840_Blog%20Hero%20Deco.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 05580beab81991e3bc00c261992d6579a28696fde9eb6e623988bb74fa2e4e97 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Thu, 28 Sep 2023 09:45:17 GMT x-amz-version-id RaZnocDTNEsNafZTA0Px2yKrOq5VsKuG via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 13994531 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 475 last-modified Fri, 05 May 2023 09:57:30 GMT server AmazonS3 etag "225587c38d6374e81434a981f1976960" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id 4cL3DsxWp67cesxfEQaXFQYJ5Nn0Ova144JHvHH_XKVvXk3J2OhrYQ==
GET H2	200	6409b2f3f0c862332f902d03_LinkedIn%20Dark.svg assets-global.website-files.com/626ff19cdd07d1258d49238d/	670 B 1 KB	129ms 128ms	Image image/svg+xml	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/6409b2f3f0c862332f902d03_LinkedIn%20Dark.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fc6e0c4111cd38963ea6b4a56e332b87f188f6785c45065351a7d7b959c31287 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sat, 13 Jan 2024 02:14:50 GMT x-amz-version-id a58NbSzcmrrDM3qq8HMvbNJmXiwWvhO1 via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 4776758 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 670 last-modified Thu, 09 Mar 2023 10:20:37 GMT server AmazonS3 etag "c66a503f70a97b74d80b3598fe5cda47" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id ZqAC-BdpO84ak9kp7qv0BcA1MezxRXh1my_wz_sKBhb6S5XObHqSxg==
GET H2	200	64d65d6b1dd9d70da0ce73c6_X%20Logo.svg assets-global.website-files.com/626ff19cdd07d1258d49238d/	561 B 1018 B	129ms 128ms	Image image/svg+xml	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/64d65d6b1dd9d70da0ce73c6_X%20Logo.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 667d18bc97b1072affa375044924419adae01f7e5de46c6acb8fb12ef984a57a Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 15 Jan 2024 09:21:44 GMT x-amz-version-id 5Sh.IdvkC9Us0aCgO2vCYrWR1muZ5nce via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 4578344 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 561 last-modified Fri, 11 Aug 2023 16:10:20 GMT server AmazonS3 etag "d023c215c6a9c737580da184db9e5b6f" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id yLloCb2FbdePYCbP84VUNMXCAUvCtfwtsD3kLAs_yp1AIyAQOxBTcw==
GET H2	200	6409b2f376b5be7e02ad8a6f_Facebook%20Dark.svg assets-global.website-files.com/626ff19cdd07d1258d49238d/	469 B 929 B	129ms 129ms	Image image/svg+xml	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/6409b2f376b5be7e02ad8a6f_Facebook%20Dark.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5709c24c903fdd841258a235316578adfc91781ea0d4a408a8cc3425441ec5bc Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 28 Jul 2023 05:36:33 GMT x-amz-version-id zJxc1Q5jm_uENcuo9vhAmlywHXE_4cT8 via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 19366255 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 469 last-modified Thu, 09 Mar 2023 10:20:36 GMT server AmazonS3 etag "83dc56bf7b08efe89c31c5dfa74f1370" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id xJ32_sic5FBCzMw3ziQE3xHx57_t5iMgA7XKtn-DohJVKqGR_3hCHA==
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	59 B 295 B	147ms 56ms	XHR application/json	2606:4700:4400::ac40:9b77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept application/json Referer https://darktrace.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * cf-ray 8611acd47b061cbd-FRA access-control-allow-headers Content-Type
GET H2	200	weglot.min.css cdn.weglot.com/	28 KB 5 KB	65ms 64ms	Stylesheet text/css	2606:4700::6812:720 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.weglot.com/weglot.min.css?v=4 Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:720 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6cbf5b3bbfcd2f23a688b189310c36484be77a86a6a59ab11d2666a255d172d0 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT x-amz-version-id null content-encoding gzip cf-cache-status HIT via 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront) strict-transport-security max-age=15552000; includeSubDomains; preload x-amz-cf-pop FRA60-P4 age 8580293 x-cache Hit from cloudfront last-modified Tue, 21 Nov 2023 14:36:53 GMT server cloudflare etag W/"396483c84619a8b59a272ec60b4059c4" vary Accept-Encoding access-control-allow-methods GET content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 8611acd3ed8537ca-FRA x-amz-cf-id RfdztzJ3XMmxratvKGAUcmELEkHKU5fnxa321c1qF0xDRt9ixf1oJA== expires Sat, 08 Mar 2025 09:07:28 GMT
GET H2	200	63ed0f0ada5efe3a133cce15_Microsoft.svg assets-global.website-files.com/626ff19cdd07d1258d49238d/	596 B 1 KB	42ms 41ms	Image image/svg+xml	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/63ed0f0ada5efe3a133cce15_Microsoft.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ff8fdba235a52afebf963747ef3453db2570d9c9b197bfae61abae31a834e76a Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Thu, 21 Dec 2023 21:57:05 GMT x-amz-version-id UTz2LRgTvYYQpiwp4Z2FfOUjlPK04JYW via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 6693024 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 596 last-modified Wed, 15 Feb 2023 16:57:47 GMT server AmazonS3 etag "895fa5a0cbd9324cda94f277528f6d25" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id 6I82tDe5KOvofUuysy4QVilYRZZGrBIzrl8iS-fHR000jSmt6ZIUuw==
GET H2	200	63ed0f0a0b148f2aceb3ed58_Amazon_Web_Services_Logo%201.svg assets-global.website-files.com/626ff19cdd07d1258d49238d/	6 KB 3 KB	43ms 43ms	Image image/svg+xml	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/63ed0f0a0b148f2aceb3ed58_Amazon_Web_Services_Logo%201.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 48a2f987d12f59b0a05a306f32ce3524dc90592fcedd8e3944b447c870a0b70d Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 06 Dec 2023 12:02:06 GMT x-amz-version-id VRyonKE2UvGPHCFw6_vS7ICISoHCfsH6 content-encoding br via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 8024723 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 15 Feb 2023 16:57:48 GMT server AmazonS3 etag W/"8f99f1772d24c5ee1373d73c1982be6f" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-id MuOA5eu2TO5fpWiZU03G_vptkGJwrhRoXLyC05LPatcA3JH6XFeJxA==
GET H2	200	63ed0f0a744efa6f16bc3e8e_McLaren.svg assets-global.website-files.com/626ff19cdd07d1258d49238d/	366 B 822 B	44ms 44ms	Image image/svg+xml	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/63ed0f0a744efa6f16bc3e8e_McLaren.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 98cb7feb41e1fae0e841419e687d40b80a572e4e2f2bd5441793b552d7b79bba Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 29 Jan 2024 07:51:58 GMT x-amz-version-id fj_GaG9WRIia1tvQ8hFdU8JX35tm.nki via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) age 3374131 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 366 last-modified Wed, 15 Feb 2023 16:57:48 GMT server AmazonS3 etag "bd08d5981298492ee47b85dce24ac136" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id Msnd4AvrTuY3vhQqOABa0XFA1LMRmh0jRceDfGfMkQ1RhhH3dJhrxQ==
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/202304.1.0/	401 KB 97 KB	51ms 51ms	Script application/javascript	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1114132a79b42ce8e5064f57a1560a3b3f0e1659afc33e4698bab53e1301fbfd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 08 Mar 2024 09:07:28 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 f9AvZgohx9TU9t078cCRXA== age 7336 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 99020 x-ms-lease-status unlocked last-modified Thu, 11 May 2023 06:31:14 GMT server cloudflare etag 0x8DB51E951BA9202 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id f3f50414-c01e-006d-731c-128dc8000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8611acd4db0dbb79-FRA
GET H2	200	/ Show response t.gatorleads.co.uk/Tracking/TrackUrlGet/	26 B 227 B	43ms 43ms	Script application/x-javascript	37.221.223.30 SPOTLER Spotler N...
General Check archive.org Show headers Download Go to Full URL https://t.gatorleads.co.uk/Tracking/TrackUrlGet/?clientid=9d4e9aed-5f41-4ac6-9664-348ac7434c4c&cust1=&cust2=&cust3=&pageUrl=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&pageTitle=Breakdown%20of%20a%20multi-account%20compromise%20within%20Off&referrerUrl=&trackingdata=&sessionId=&pageType=Page&schedule=&utmvalues=&callback=window.wowCallback0 Requested by Host: t.gatorleads.co.uk URL: https://t.gatorleads.co.uk/Scripts/ssl/9d4e9aed-5f41-4ac6-9664-348ac7434c4c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 37.221.223.30 , United Kingdom, ASN51514 (SPOTLER Spotler Network, NL), Reverse DNS mail30.tgml2.co.uk Software Caddy / Resource Hash f8a448136be59e2c194e98ec7ef8dcb262e8433e1fd7598e38d29f53865ae711 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-encoding gzip x-backend web41 age 0 x-cache MISS spuk-var01 cad-forwarded-for 80.255.7.108 content-length 142 x-client-ip 10.118.6.11 server Caddy vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control private access-control-allow-credentials true x-client-id 10.118.6.11 t-caddyhead 101 accept-ranges bytes
GET H2	200	25522132.js Show response js-eu1.hs-analytics.net/analytics/1709883600000/	66 KB 21 KB	199ms 107ms	Script text/javascript	172.65.238.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-analytics.net/analytics/1709883600000/25522132.js Requested by Host: js-eu1.hs-scripts.com URL: https://js-eu1.hs-scripts.com/25522132.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1a84b40b5b75903a0990b06978d9d6acb998fe2644aa29f4322db495c689262 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-encoding br cf-cache-status REVALIDATED x-amz-request-id D6CDBPT3FEKYYYSJ x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 135330f8-a370-4f6d-83d9-d8a4e61d9b9b x-envoy-upstream-service-time 18 x-amz-id-2 3vsqVtxPq9IpeRuNlCFg61pS4wVrDuXQ5VwxRNnKIj5hySV7JnxdKTpWm4WK2aL0aVPOXHZ+VcA= x-evy-trace-listener listener_https x-request-id 135330f8-a370-4f6d-83d9-d8a4e61d9b9b x-evy-trace-route-configuration listener_https/all last-modified Thu, 29 Feb 2024 11:31:33 GMT server cloudflare etag W/"630792014fe2edf6c84302ba1f6e3b30" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod fra04/analytics-js-proxy-td/envoy-proxy-775cb58c56-f7n2k cache-control max-age=300,public access-control-allow-credentials false cf-ray 8611acd5b83e58d8-TXL expires Fri, 08 Mar 2024 09:12:28 GMT
GET H2	200	web-interactives-embed.js Show response js-eu1.hubspot.com/	84 KB 25 KB	193ms 103ms	Script application/javascript	172.65.236.181 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hubspot.com/web-interactives-embed.js Requested by Host: js-eu1.hs-scripts.com URL: https://js-eu1.hs-scripts.com/25522132.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.236.181 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 989d0ff16db0110879e677d9ef14c48e83b028831830566393225fb0c39fe2fd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://darktrace.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers content-encoding br x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.932/bundles/project.js&cfRay=860db4367e4baca4-TXL x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"35c4e3d2f89657082d5372c7bc6e79d3" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control max-age=600 x-hs-target-asset web-interactives-embed/static-2.932/bundles/project.js date Fri, 08 Mar 2024 09:07:28 GMT x-amz-version-id cAhbXPz2og2F4B.zBTxw9oB4G3dvep2P via 1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P6 x-hubspot-correlation-id 06b6c8ad-374d-428b-96f3-bc4b095b12ac x-cache Hit from cloudfront cache-tag staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod x-envoy-upstream-service-time 1 x-evy-trace-route-configuration listener_https/all x-request-id 06b6c8ad-374d-428b-96f3-bc4b095b12ac last-modified Wed, 28 Feb 2024 14:13:53 UTC server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVlqnm8%2BGJgD218jIQ%2FfaLr%2FOC%2FWoEIIWBoyFb0iQ%2BDh9gGPFi2hteZED5I5bJMKSJJUA0bd%2BF2WXjXh9qAiLjejOJZCcSU4O5So8mWGROPty8LPDIbl7MNQINPBeqYaN5GBYA%3D%3D"}],"group":"cf-nel","max_age":604800} x-hs-cache-status HIT x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-57464f64dd-kd2wt cf-ray 8611acd5bfe158e4-TXL x-amz-cf-id co-t5cCY2UgvpfZQl_UoY1fNUtwaOsfyfTCo4fR4hOW3lbayPpoacw==
GET H2	200	banner.js Show response js-eu1.hs-banner.com/v2/25522132/	70 KB 23 KB	226ms 133ms	Script text/javascript	172.65.202.201 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-banner.com/v2/25522132/banner.js Requested by Host: js-eu1.hs-scripts.com URL: https://js-eu1.hs-scripts.com/25522132.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9b68c0974c24a5337cedf2895fbb2277d37dce02e4c098f5097d371c8abac0b1 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT x-amz-version-id UAHS92gu0eSNWfPlK4cGZfb0Jd8yl8aj content-encoding br cf-cache-status REVALIDATED x-amz-request-id K2D3Q70XKVK641GR x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id de58674f-8c7c-400f-a28f-6e880726008b x-envoy-upstream-service-time 42 x-amz-id-2 B4nhiGffqy1Rz+wYp36JoIDic1tKlrsl7vnQSA4X0Y6y8wwhBH23H8pStLOxkJy2Udp2yH8srog= x-evy-trace-listener listener_https x-request-id de58674f-8c7c-400f-a28f-6e880726008b x-evy-trace-route-configuration listener_https/all last-modified Wed, 06 Mar 2024 15:56:27 GMT server cloudflare etag W/"ce4ff7fe96b70bfa3ca375c362f59d67" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://darktrace.com x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod fra04/analytics-js-proxy-td/envoy-proxy-775cb58c56-f7n2k vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 8611acd5bb9358ea-TXL expires Fri, 08 Mar 2024 09:12:28 GMT
GET H2	200	fb.js Show response js-eu1.hsadspixel.net/	6 KB 4 KB	188ms 92ms	Script application/javascript	172.65.219.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hsadspixel.net/fb.js Requested by Host: js-eu1.hs-scripts.com URL: https://js-eu1.hs-scripts.com/25522132.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.219.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18ec75ec63363e1f44deb8104668739eef989b888a91edf8e80ac18c7b310628 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT x-amz-version-id 1rjQ8ILUrgixhF9SqbMxNGEnLmGdYllq via 1.1 75102a66d781b0fa0df5617ce2738546.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT x-amz-cf-pop FRA60-P6 age 481 x-amz-server-side-encryption AES256 x-evy-trace-route-service-name envoyset-translator content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.536/bundles/pixels-release.js&cfRay=860e2194bd4b4522-TXL x-cache Hit from cloudfront x-hubspot-correlation-id b5cbd2dd-4593-4856-8724-cdf0b831d914 cache-tag staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod content-encoding br x-envoy-upstream-service-time 0 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id b5cbd2dd-4593-4856-8724-cdf0b831d914 last-modified Tue, 05 Mar 2024 20:58:15 UTC server cloudflare etag W/"c3cbef25afeb62f426ef3ac85aedaa53" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-hs-cache-status HIT x-evy-trace-virtual-host all cache-control max-age=600 x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-57464f64dd-kd2wt cf-ray 8611acd5b8fcaca9-TXL x-amz-cf-id GtLGyc9G_hvIK9Bb7MrGmzUpaNpbOTjK82wxgpaudMjgRQFu0XxIVw== x-hs-target-asset adsscriptloaderstatic/static-1.536/bundles/pixels-release.js
GET H2	200	collectedforms.js Show response js-eu1.hscollectedforms.net/	69 KB 25 KB	203ms 100ms	Script application/javascript	172.65.192.122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hscollectedforms.net/collectedforms.js Requested by Host: js-eu1.hs-scripts.com URL: https://js-eu1.hs-scripts.com/25522132.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 44dbbb0a1da3d1a2b3f637ba2eff82150de83164b3caf824fc0fc46633588de3 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://darktrace.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT x-amz-version-id VTCx5Wpr_CjwKFe_1K6ShUsHQL37oHcJ via 1.1 d72cc6b7011ac53cd6e4d65e0d9f5ac4.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status EXPIRED x-amz-cf-pop FRA60-P6 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id a07fd3a3-1fc2-4d09-b7f7-54161ed39281 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.468/bundles/project.js&cfRay=860d8a379ef644f2-TXL x-cache Hit from cloudfront cache-tag staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod content-encoding br x-envoy-upstream-service-time 0 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id a07fd3a3-1fc2-4d09-b7f7-54161ed39281 last-modified Wed, 21 Feb 2024 09:36:07 UTC server cloudflare etag W/"0892458d49ed5681928e6be69131caa7" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all x-hs-cache-status HIT cache-control s-maxage=600, max-age=300 x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-57464f64dd-x844g cf-ray 8611acd5c80958e4-TXL x-amz-cf-id ydPuooNp1SPYStObuNoJ4AsR3n_5IhFb5VvCdttNv0znpOd5ezx2mQ== x-hs-target-asset collected-forms-embed-js/static-1.468/bundles/project.js
GET H2	200	id Show response dpm.demdex.net/	368 B 915 B	184ms 64ms	XHR application/json	34.242.210.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=4AE530AF633C985D0A495E93%40AdobeOrg&d_nsid=0&ts=1709888848174 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.242.210.124 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-242-210-124.eu-west-1.compute.amazonaws.com Software / Resource Hash 92a6260d4cd70310b86f5c7c8e6d3befe85ff370560c598b976572d4a184dbae Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://darktrace.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers dcs dcs-prod-irl1-1-v058-0dd12f938.edge-irl1.demdex.com 3 ms pragma no-cache date Fri, 08 Mar 2024 09:07:28 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-tid xEllHucMTBI= vary Origin content-type application/json;charset=utf-8 p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" access-control-allow-origin https://darktrace.com cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private access-control-allow-credentials true content-length 312 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	AppMeasurement.min.js Show response assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/	34 KB 12 KB	56ms 55ms	Script application/x-javascript	2a02:26f0:3500:591::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-encoding gzip last-modified Thu, 22 Sep 2022 16:16:49 GMT server AkamaiNetStorage etag "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://darktrace.com cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 12384 expires Fri, 08 Mar 2024 10:07:28 GMT
GET H2	200	AppMeasurement_Module_ActivityMap.min.js Show response assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/	3 KB 2 KB	62ms 62ms	Script application/x-javascript	2a02:26f0:3500:591::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-encoding gzip last-modified Thu, 22 Sep 2022 16:16:49 GMT server AkamaiNetStorage etag "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://darktrace.com cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 1598 expires Fri, 08 Mar 2024 10:07:28 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	190 KB 70 KB	156ms 69ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=DC-9120626 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ef431f1ba903c544348666c1f2083326bcf5b1955e2cca01e71876dd91e404f1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 71086 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 08 Mar 2024 09:07:28 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	48 KB 17 KB	146ms 40ms	Script application/javascript	2a02:26f0:480:f::213:7ec6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 5cd16f5174d4f1eaf208272602ce6316ddf308953db343d03f9b5d0ea273351f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-edgeconnect-origin-mex-latency 645 date Fri, 08 Mar 2024 09:07:28 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 06 Mar 2024 17:13:32 GMT x-cdn AKAM x-edgeconnect-midmile-rtt 1 x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=20603 accept-ranges bytes content-length 17198
GET DATA	200 OK	truncated /	255 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9948ae846979246ddfe993e604739594ce0e7cdfa77657412b9b0090009dcf23 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 5197	47 KB 29 KB	144ms 144ms	Document text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=d4eilhakddzv Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 8493b88f1455e912b1b56096fed083c15fd3cf749d2cf58a25827f15e636962c Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-39x9AR0UIrP9O0P35RCCZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-39x9AR0UIrP9O0P35RCCZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 08 Mar 2024 09:07:28 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 7671	47 KB 29 KB	119ms 119ms	Document text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=no2qr72mid8t Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 896210f6ac11f237e594c61bb458039d5bba41b797f62ca332b9d9b01f929395 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-ztdgfFVMeNvaqreB-VQhpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-ztdgfFVMeNvaqreB-VQhpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 08 Mar 2024 09:07:28 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame D301	46 KB 29 KB	79ms 78ms	Document text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=g9yzi0zb49mm Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash d06e51cb1f8735b123acd22af87f093c0e2820084cb3634479961bbb407eac7d Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-3IE7Df2sN-0ENtvtWZd9DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-3IE7Df2sN-0ENtvtWZd9DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 08 Mar 2024 09:07:28 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 713B	46 KB 29 KB	67ms 67ms	Document text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=xegyrg4n1zjt Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 5db6f485ce89542bda5e865f4b49d163d51f274874ad85fa397a4cf3ae0a1044 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-0z1Ir3BijeIC6Evi1z7ljA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-0z1Ir3BijeIC6Evi1z7ljA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 08 Mar 2024 09:07:28 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 2F48	46 KB 29 KB	131ms 130ms	Document text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=b610dvquf50g Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash ac3f6a37b1d283dc2ad0f476e420c0b516678546801d069431622e3c69cb25c9 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-fm338jCJpqMv3NZbBFcHZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-fm338jCJpqMv3NZbBFcHZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 08 Mar 2024 09:07:28 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 7E18	48 KB 30 KB	175ms 175ms	Document text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=t9ppbty0kzbp Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash bd8b9837ce465c24156b1fe0fa35fc43cc58ea75e820b1304f00e1ef20d0e78e Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-887nevYVW11Y_2a-qAUW-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-887nevYVW11Y_2a-qAUW-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 08 Mar 2024 09:07:28 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	62cb281b38027f507517f419_Gradient%20Button%20Rotate2.json Show response assets-global.website-files.com/626ff19cdd07d1258d49238d/	2 KB 1 KB	129ms 42ms	XHR application/json	2600:9000:21f3:a000:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/62cb281b38027f507517f419_Gradient%20Button%20Rotate2.json Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/js/web-phoenix.6f0596bb3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:a000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ea3931de93ca6940e75c6da8d126fccd812f1cf590cbf7844136d5c6c0685bf0 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Sep 2023 10:14:22 GMT x-amz-version-id _JWgRDHLwVrMn2Yku2SFY3Ftq6u4Ip1i content-encoding br via 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront) age 15547987 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Sun, 10 Jul 2022 19:27:26 GMT server AmazonS3 etag W/"bde15e8c08bdae257ac118c5e638a3e5" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/json access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id ecCevhN5zZkpMh2_K6pRVIkatRiDOUIeKymeoKZiV2hKaHgVemiWvw==
GET H2	200	slugs Show response cdn-api-weglot.com/translations/	533 B 815 B	152ms 55ms	Fetch application/json	2606:4700::6812:1daa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-api-weglot.com/translations/slugs?api_key=wg_234baeaaccaa2f09e0dc6c004f571bbd6&language_to=fr&v=1658845381 Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1daa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9270bbe635cc7cf73fcdaa51e5e9ea0ad367a2ca4eeec9b837c5779ceb45cd40 Security Headers Name Value Content-Security-Policy script-src 'nonce-c3f1957861cecc9997148b99f3b24c73' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-security-policy script-src 'nonce-c3f1957861cecc9997148b99f3b24c73' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip cf-cache-status HIT age 9955704 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Wed, 01 Nov 2023 08:39:00 GMT server cloudflare x-frame-options SAMEORIGIN access-control-allow-methods GET,POST,PUT,PATCH content-type application/json vary Accept-Encoding access-control-allow-origin * cache-control public, max-age=31536000 permissions-policy accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=() cf-ray 8611acd75f149052-FRA access-control-allow-headers Content-Type expires Sat, 08 Mar 2025 09:07:28 GMT
GET H2	200	slugs Show response cdn-api-weglot.com/translations/	2 B 1 KB	150ms 53ms	Fetch application/json	2606:4700::6812:1daa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-api-weglot.com/translations/slugs?api_key=wg_234baeaaccaa2f09e0dc6c004f571bbd6&language_to=it&v=1658845381 Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1daa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Content-Security-Policy script-src 'nonce-b61ac7f8325907425abce0dc82a5c121' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-security-policy script-src 'nonce-b61ac7f8325907425abce0dc82a5c121' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip cf-cache-status HIT age 8717989 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Tue, 28 Nov 2023 05:04:57 GMT server cloudflare x-frame-options SAMEORIGIN access-control-allow-methods GET,POST,PUT,PATCH content-type application/json vary Accept-Encoding access-control-allow-origin * cache-control public, max-age=31536000 permissions-policy accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=() cf-ray 8611acd75f179052-FRA access-control-allow-headers Content-Type expires Sat, 08 Mar 2025 09:07:28 GMT
GET H2	200	slugs Show response cdn-api-weglot.com/translations/	2 B 685 B	151ms 54ms	Fetch application/json	2606:4700::6812:1daa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-api-weglot.com/translations/slugs?api_key=wg_234baeaaccaa2f09e0dc6c004f571bbd6&language_to=ko&v=1658845381 Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1daa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Content-Security-Policy script-src 'nonce-57cb958f3b2b22a4a8d1915f303d654f' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-security-policy script-src 'nonce-57cb958f3b2b22a4a8d1915f303d654f' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip cf-cache-status HIT via 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 11065379 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Wed, 20 Sep 2023 15:44:25 GMT server cloudflare x-frame-options SAMEORIGIN access-control-allow-methods GET,POST,PUT,PATCH content-type application/json vary Accept-Encoding access-control-allow-origin * cache-control public, max-age=31536000 permissions-policy accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=() cf-ray 8611acd75f159052-FRA access-control-allow-headers Content-Type x-amz-cf-id p7jii0Xa56nfjJYXYwoXlgG05bcwJ-VyOzxo6-SDBo0dCQ3HmX9Dkg== expires Sat, 08 Mar 2025 09:07:28 GMT
GET H2	200	slugs Show response cdn-api-weglot.com/translations/	2 B 537 B	154ms 57ms	Fetch application/json	2606:4700::6812:1daa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-api-weglot.com/translations/slugs?api_key=wg_234baeaaccaa2f09e0dc6c004f571bbd6&language_to=ja&v=1658845381 Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1daa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Content-Security-Policy script-src 'nonce-bb10d63d3afbca1fea7885e9000aa96b' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-security-policy script-src 'nonce-bb10d63d3afbca1fea7885e9000aa96b' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip cf-cache-status HIT age 10341702 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Sat, 07 Oct 2023 01:49:57 GMT server cloudflare x-frame-options SAMEORIGIN access-control-allow-methods GET,POST,PUT,PATCH content-type application/json vary Accept-Encoding access-control-allow-origin * cache-control public, max-age=31536000 permissions-policy accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=() cf-ray 8611acd75f199052-FRA access-control-allow-headers Content-Type expires Sat, 08 Mar 2025 09:07:28 GMT
GET H2	200	slugs Show response cdn-api-weglot.com/translations/	2 B 530 B	155ms 58ms	Fetch application/json	2606:4700::6812:1daa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-api-weglot.com/translations/slugs?api_key=wg_234baeaaccaa2f09e0dc6c004f571bbd6&language_to=es&v=1658845381 Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1daa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Content-Security-Policy script-src 'nonce-696ec0e95b0b6e43ccdbed736afa9029' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-security-policy script-src 'nonce-696ec0e95b0b6e43ccdbed736afa9029' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip cf-cache-status HIT age 8651716 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Wed, 01 Nov 2023 02:46:16 GMT server cloudflare x-frame-options SAMEORIGIN access-control-allow-methods GET,POST,PUT,PATCH content-type application/json vary Accept-Encoding access-control-allow-origin * cache-control public, max-age=31536000 permissions-policy accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=() cf-ray 8611acd75f1a9052-FRA access-control-allow-headers Content-Type expires Sat, 08 Mar 2025 09:07:28 GMT
GET H2	200	slugs Show response cdn-api-weglot.com/translations/	2 B 1 KB	153ms 56ms	Fetch application/json	2606:4700::6812:1daa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-api-weglot.com/translations/slugs?api_key=wg_234baeaaccaa2f09e0dc6c004f571bbd6&language_to=de&v=1658845381 Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1daa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Content-Security-Policy script-src 'nonce-4879766a9bb921e952fbcb876a7269b5' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-security-policy script-src 'nonce-4879766a9bb921e952fbcb876a7269b5' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip cf-cache-status HIT age 2464967 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Fri, 01 Dec 2023 04:06:37 GMT server cloudflare x-frame-options SAMEORIGIN access-control-allow-methods GET,POST,PUT,PATCH content-type application/json vary Accept-Encoding access-control-allow-origin * cache-control public, max-age=31536000 permissions-policy accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=() cf-ray 8611acd75f1c9052-FRA access-control-allow-headers Content-Type expires Sat, 08 Mar 2025 09:07:28 GMT
GET H2	200	slugs Show response cdn-api-weglot.com/translations/	79 B 599 B	153ms 56ms	Fetch application/json	2606:4700::6812:1daa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-api-weglot.com/translations/slugs?api_key=wg_234baeaaccaa2f09e0dc6c004f571bbd6&language_to=br&v=1658845381 Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1daa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e52ba320502e2cd491874b86e0e3fbffbd189d8913f5f46c6092056ecfa24104 Security Headers Name Value Content-Security-Policy script-src 'nonce-928b7a9a8c87231b0e17402b06e3635a' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-security-policy script-src 'nonce-928b7a9a8c87231b0e17402b06e3635a' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip cf-cache-status HIT age 8651716 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Tue, 28 Nov 2023 02:15:38 GMT server cloudflare x-frame-options SAMEORIGIN access-control-allow-methods GET,POST,PUT,PATCH content-type application/json vary Accept-Encoding access-control-allow-origin * cache-control public, max-age=31536000 permissions-policy accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=() cf-ray 8611acd75f1d9052-FRA access-control-allow-headers Content-Type expires Sat, 08 Mar 2025 09:07:28 GMT
GET H2	200	en.json Show response cdn.cookielaw.org/consent/20244352-54bc-40a3-80e3-0daa9d221c87/06f4eea1-8b01-4e79-8fb6-068228f39f7f/	48 KB 10 KB	64ms 64ms	Fetch application/x-javascript	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/20244352-54bc-40a3-80e3-0daa9d221c87/06f4eea1-8b01-4e79-8fb6-068228f39f7f/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash df5e020a0b03feb2fb9b4dc60259ebc8dd850a0e51140d84ff03c3b6080ada95 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 08 Mar 2024 09:07:28 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 71165 content-md5 fo5ttQJOfm7lxkr/yDsZGQ== content-length 10369 x-ms-lease-status unlocked last-modified Wed, 17 May 2023 08:45:58 GMT server cloudflare etag 0x8DB56B322B32F42 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 39a1410b-001e-004d-69f1-1df66f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8611acd6cf1837da-FRA expires Sat, 09 Mar 2024 09:07:28 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 713B	55 KB 24 KB	182ms 100ms	Stylesheet text/css	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=xegyrg4n1zjt Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 02:12:19 GMT content-encoding gzip x-content-type-options nosniff age 24909 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 08 Mar 2025 02:12:19 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 713B	494 KB 196 KB	236ms 155ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=xegyrg4n1zjt Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 19:55:35 GMT content-encoding gzip x-content-type-options nosniff age 306713 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 200579 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 04 Mar 2025 19:55:35 GMT
GET H2	200	dest5.html Show response darktrace.demdex.net/ Frame 4848	7 KB 3 KB	65ms 58ms	Document text/html	34.242.210.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://darktrace.demdex.net/dest5.html?d_nsid=0 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.242.210.124 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-242-210-124.eu-west-1.compute.amazonaws.com Software / Resource Hash 7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-encoding gzip content-type text/html;charset=UTF-8 date Fri, 08 Mar 2024 09:07:28 GMT dcs dcs-prod-irl1-2-v058-0eb8fe7c0.edge-irl1.demdex.com 0 ms expires Thu, 01 Jan 1970 00:00:00 UTC last-modified Wed, 6 Mar 2024 14:54:20 GMT p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" pragma no-cache strict-transport-security max-age=31536000; includeSubDomains vary accept-encoding x-tid z3jf/1eJSe8=
GET H2	200	ibs:dpid=411&dpuuid=ZerVUAAAAIUwAgO- dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=24192998572208471632560768826065043672 https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZerVUAAAAIUwAgO-	42 B 717 B	58ms 58ms	Image image/gif	34.242.210.124 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZerVUAAAAIUwAgO- Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Server 34.242.210.124 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-242-210-124.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers dcs dcs-prod-irl1-2-v058-03e25f58e.edge-irl1.demdex.com 2 ms pragma no-cache date Fri, 08 Mar 2024 09:07:28 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-tid n3Mj51DeQiQ= content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 59 expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZerVUAAAAIUwAgO- Date Fri, 08 Mar 2024 09:07:28 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame D301	55 KB 24 KB	163ms 86ms	Stylesheet text/css	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=g9yzi0zb49mm Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 02:12:19 GMT content-encoding gzip x-content-type-options nosniff age 24909 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 08 Mar 2025 02:12:19 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame D301	494 KB 196 KB	239ms 162ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=g9yzi0zb49mm Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 19:55:35 GMT content-encoding gzip x-content-type-options nosniff age 306713 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 200579 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 04 Mar 2025 19:55:35 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 7671	55 KB 24 KB	147ms 72ms	Stylesheet text/css	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=no2qr72mid8t Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 02:12:19 GMT content-encoding gzip x-content-type-options nosniff age 24909 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 08 Mar 2025 02:12:19 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 7671	494 KB 196 KB	208ms 133ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=no2qr72mid8t Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 19:55:35 GMT content-encoding gzip x-content-type-options nosniff age 306713 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 200579 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 04 Mar 2025 19:55:35 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 2F48	55 KB 24 KB	136ms 62ms	Stylesheet text/css	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=b610dvquf50g Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 02:12:19 GMT content-encoding gzip x-content-type-options nosniff age 24909 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 08 Mar 2025 02:12:19 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 2F48	494 KB 196 KB	217ms 143ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=b610dvquf50g Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 19:55:35 GMT content-encoding gzip x-content-type-options nosniff age 306713 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 200579 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 04 Mar 2025 19:55:35 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 5197	55 KB 24 KB	113ms 40ms	Stylesheet text/css	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=d4eilhakddzv Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 02:12:19 GMT content-encoding gzip x-content-type-options nosniff age 24909 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 08 Mar 2025 02:12:19 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 5197	494 KB 196 KB	204ms 133ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=d4eilhakddzv Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 19:55:35 GMT content-encoding gzip x-content-type-options nosniff age 306713 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 200579 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 04 Mar 2025 19:55:35 GMT
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1709888848473&li_adsId=c86e9f5c-82c8-4227-b046-34e9b356831f&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compr... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1709888848473&li_adsId=c86e9f5c-82c8-4227-b046-34e9b356831f&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compr... https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D67174%26time%3D1709888848473%26li_adsId%3Dc86e9f5c-82c8-4227-b046-34e9b356831f%26... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1709888848473&li_adsId=c86e9f5c-82c8-4227-b046-34e9b356831f&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compr... https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1709888848473&li_adsId=c86e9f5c-82c8-4227-b046-34e9b356831f&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-comp...	0 265 B	281ms 189ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1709888848473&li_adsId=c86e9f5c-82c8-4227-b046-34e9b356831f&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&cookiesTest=true&liSync=true&e_ipv6=AQL0x85HXe8TEAAAAY4dUUW4cRuOWsK70MBs31_d_E8QCVjAeNXWoLBDHKA-vZ05XcAILgXU Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: FDE882BAC0A04D03A64567322EB1A899 Ref B: FRAEDGE1222 Ref C: 2024-03-08T09:07:29Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-ltx1 x-li-proto http/2 content-length 0 x-li-uuid AAYTIoV8jiRAmjZcrwIKMw== Redirect headers date Fri, 08 Mar 2024 09:07:29 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: EE536435597447E79DE560C28C8CDBA5 Ref B: VIEEDGE1609 Ref C: 2024-03-08T09:07:29Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1709888848473&li_adsId=c86e9f5c-82c8-4227-b046-34e9b356831f&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&cookiesTest=true&liSync=true&e_ipv6=AQL0x85HXe8TEAAAAY4dUUW4cRuOWsK70MBs31_d_E8QCVjAeNXWoLBDHKA-vZ05XcAILgXU x-li-proto http/2 content-length 0 x-li-uuid AAYTIoV4PeTj/lPaCUyisg==
GET H2	200	combinedConfigs Show response cta-eu1.hubspot.com/web-interactives/public/v1/embed/	433 B 1 KB	176ms 76ms	Fetch application/json	172.65.198.159 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cta-eu1.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=25522132&currentUrl=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365 Requested by Host: js-eu1.hubspot.com URL: https://js-eu1.hubspot.com/web-interactives-embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.198.159 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b4bf8910a202b24bd61be26e28eaa8c5f83a48d78999b2693a9cbdf4c9910cf1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 5a246c7a-de84-4588-ac91-57a2642d6e3f content-encoding br x-envoy-upstream-service-time 13 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 5a246c7a-de84-4588-ac91-57a2642d6e3f server cloudflare vary origin access-control-allow-methods OPTIONS, GET content-type application/json;charset=utf-8 access-control-allow-origin https://darktrace.com x-evy-trace-virtual-host all access-control-max-age 180 access-control-allow-credentials true cache-control max-age=0, no-cache, no-store report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BOp6WxbMQp%2FAC482Lp0NS59ILYU7OZI0xluz9A3HMJlmh9f7YHLNlSFA2r3c7B3hlAay4sus%2FM7tUb4vNMADq1VPc%2FFVPLShY1yMCjPvFxM3WdGenVOd6OipkoyahQgMpgFC4c%3D"}],"group":"cf-nel","max_age":604800} x-robots-tag noindex, follow access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent cf-ray 8611acd7ba1f58f0-TXL x-evy-trace-served-by-pod fra04/star-hubspot-td/envoy-proxy-bd7cbb644-5c9cp
GET H2	200	json Show response api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/	112 B 1 KB	163ms 66ms	XHR application/json	2a06:98c1:3200::90:1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=25522132 Requested by Host: js-eu1.hsadspixel.net URL: https://js-eu1.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3200::90:1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b831be8e0edc00c9adb30dfb341f236a3da1b10ab114778a05cb50537a35d1c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 462474d5-b786-4293-bdfc-70b041fd67d6 content-encoding br x-envoy-upstream-service-time 4 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 462474d5-b786-4293-bdfc-70b041fd67d6 server cloudflare x-trace 2B84371CD35A7969D9250547B4D71A73E681803002000000000000000000 vary origin access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://darktrace.com x-evy-trace-virtual-host all access-control-max-age 180 access-control-allow-credentials false x-evy-trace-served-by-pod fra04/hubapi-td/envoy-proxy-6d5967b5f5-bv4h4 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2MHy%2FUEn0h8Uzav%2BgQz7WE%2FLrFTgpNYTtCs3ETwCQ3O8XZXMeSyfPeSDYOqamM8NUpIrwTFeDo8%2F0kn1BUTtuV47axY9Z4crRA62vs0PgFgnHH%2FLw40uR16X6%2BCHEOH9sDVxXdXCyQBtZm8ex6k91g%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8611acd7bb321945-FRA access-control-allow-headers *
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 7E18	55 KB 24 KB	145ms 112ms	Stylesheet text/css	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=t9ppbty0kzbp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 02:12:19 GMT content-encoding gzip x-content-type-options nosniff age 24909 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 08 Mar 2025 02:12:19 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 7E18	494 KB 196 KB	199ms 166ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=t9ppbty0kzbp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 19:55:35 GMT content-encoding gzip x-content-type-options nosniff age 306713 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 200579 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 04 Mar 2025 19:55:35 GMT
GET H2	200	activityi;dc_pre=CPe-uKuo5IQDFXAIogMdVuMBSA;src=9120626;type=unive0;cat=darkt00;ord=4094839931211;npa=1;auiddc=2065841198.1709888848;u1=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-acc... Show response 9120626.fls.doubleclick.net/ Frame FCFC Redirect Chain https://9120626.fls.doubleclick.net/activityi;src=9120626;type=unive0;cat=darkt00;ord=4094839931211;npa=1;auiddc=2065841198.1709888848;u1=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-a... https://9120626.fls.doubleclick.net/activityi;dc_pre=CPe-uKuo5IQDFXAIogMdVuMBSA;src=9120626;type=unive0;cat=darkt00;ord=4094839931211;npa=1;auiddc=2065841198.1709888848;u1=https%3A%2F%2Fdarktrace.c...	621 B 622 B	77ms 76ms	Document text/html	142.250.184.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://9120626.fls.doubleclick.net/activityi;dc_pre=CPe-uKuo5IQDFXAIogMdVuMBSA;src=9120626;type=unive0;cat=darkt00;ord=4094839931211;npa=1;auiddc=2065841198.1709888848;u1=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365;pscdl=noapi;gtm=45fe4360za220;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-9120626 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f6.1e100.net Software cafe / Resource Hash ac144deaa4b4c37720690fb6f366be4101ec060b47421e5b698b3d94f2efd95b Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 317 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Mar 2024 09:07:28 GMT expires Fri, 08 Mar 2024 09:07:28 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Mar 2024 09:07:28 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://9120626.fls.doubleclick.net/activityi;dc_pre=CPe-uKuo5IQDFXAIogMdVuMBSA;src=9120626;type=unive0;cat=darkt00;ord=4094839931211;npa=1;auiddc=2065841198.1709888848;u1=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365;pscdl=noapi;gtm=45fe4360za220;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	js Show response www.googletagmanager.com/gtag/	218 KB 78 KB	73ms 73ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-401176436 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0a39d06a80b82c6a2f56ec0b47f9704e1420ad47c9b890001ce03985c4cebc56 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 80241 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 08 Mar 2024 09:07:28 GMT
GET H2	200	json Show response forms-eu1.hscollectedforms.net/collected-forms/v1/config/	116 B 400 B	99ms 83ms	XHR application/json	172.65.192.122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=25522132&utk= Requested by Host: js-eu1.hscollectedforms.net URL: https://js-eu1.hscollectedforms.net/collectedforms.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b6f67012173d003d1310c16e0e38a778b787655bdc8b4205e7b5b58e821c73de Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept application/json, text/plain, */* Referer https://darktrace.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id d89f02a5-614e-440f-bd01-283938fa532d x-envoy-upstream-service-time 11 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id d89f02a5-614e-440f-bd01-283938fa532d server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://darktrace.com x-evy-trace-virtual-host all cache-control max-age=0 x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-57464f64dd-x844g access-control-max-age 180 x-robots-tag none access-control-allow-headers * cf-ray 8611acd77bc658e4-TXL
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/202304.1.0/assets/	13 KB 3 KB	53ms 52ms	Fetch application/json	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/otFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa355c393e03f831dbdbcc678ba16396aab95930b1bc5b0549695d40cc955ca1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 08 Mar 2024 09:07:28 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 VwzPf/atFGVLVHgPLKsA5g== age 69801 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 3019 x-ms-lease-status unlocked last-modified Thu, 11 May 2023 06:31:08 GMT server cloudflare etag 0x8DB51E94E2F9DF3 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 8369412d-401e-0073-1bb5-216110000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8611acd77fff37da-FRA
GET H2	200	otPcCenter.json Show response cdn.cookielaw.org/scripttemplates/202304.1.0/assets/v2/	61 KB 12 KB	58ms 58ms	Fetch application/json	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/v2/otPcCenter.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 08 Mar 2024 09:07:28 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 U0I+ien3T2GIYJcFxPdemQ== age 33632 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 12544 x-ms-lease-status unlocked last-modified Thu, 11 May 2023 06:31:10 GMT server cloudflare etag 0x8DB51E94F811CDE vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 02a68625-601e-0016-5e90-22cf54000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8611acd7780037da-FRA
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/202304.1.0/assets/	21 KB 4 KB	61ms 60ms	Fetch text/css	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 08 Mar 2024 09:07:28 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 oWkBTLgDDXvrUsd93y/Zxg== age 85324 x-ms-lease-status unlocked last-modified Thu, 11 May 2023 06:31:18 GMT server cloudflare vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id 13d95642-d01e-002c-341b-15d52c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 8611acd7780137da-FRA
GET H2	200	ot_close.svg cdn.cookielaw.org/logos/static/	651 B 600 B	51ms 50ms	Image image/svg+xml	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/ot_close.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 08 Mar 2024 09:07:28 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 pcXWFGpuVeSg/jVnYCseRg== age 19520 x-ms-lease-status unlocked last-modified Wed, 06 Mar 2024 17:32:18 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 5513c75a-701e-0068-1a4b-705f13000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 8611acd7ee8cbb79-FRA
GET H2	200	ot_guard_logo.svg Show response cdn.cookielaw.org/logos/static/	497 B 494 B	51ms 51ms	Fetch image/svg+xml	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 08 Mar 2024 09:07:28 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 tXyZydHjxQshFMbbBT1/8A== age 62294 x-ms-lease-status unlocked last-modified Wed, 06 Mar 2024 17:32:17 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 354b0024-f01e-0059-6c00-70be00000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 8611acd808e037da-FRA
GET H2	200	ot_company_logo.png cdn.cookielaw.org/logos/static/	4 KB 4 KB	53ms 53ms	Image image/png	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/ot_company_logo.png Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 08 Mar 2024 09:07:28 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-md5 E8+sk/ECzKgTUVtDLikiIA== age 56801 content-length 4036 x-ms-lease-status unlocked last-modified Wed, 06 Mar 2024 17:32:18 GMT server cloudflare etag 0x8DC3E035F436363 vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 3ac546dd-801e-001e-3867-70d55b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8611acd81ebdbb79-FRA
GET H2	200	powered_by_logo.svg cdn.cookielaw.org/logos/static/	5 KB 2 KB	54ms 54ms	Image image/svg+xml	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/powered_by_logo.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 08 Mar 2024 09:07:28 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 Y+c301RBZNK39PvKQWrIBw== age 7363 x-ms-lease-status unlocked last-modified Thu, 07 Mar 2024 20:52:33 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 512e0dfe-301e-009d-4a0c-71cb39000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 8611acd81ebebb79-FRA
GET H/1.1	200 OK	counters.gif forms-eu1.hsforms.com/embed/v3/	35 B 1 KB	168ms 70ms	Image image/gif	172.65.232.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=6 Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Fri, 08 Mar 2024 09:07:28 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff CF-Cache-Status DYNAMIC x-evy-trace-route-service-name envoyset-translator X-HubSpot-Correlation-Id f0a50b8f-66af-4e52-8f64-e43bf8ce2790 x-envoy-upstream-service-time 2 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id f0a50b8f-66af-4e52-8f64-e43bf8ce2790 Server cloudflare X-Trace 2BFFCE5A5DFE7176C6E95956C2736E71CDD67E62B0000000000000000000 Vary origin Content-Type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod fra04/star-hubspot-td/envoy-proxy-bd7cbb644-csk9c Access-Control-Expose-Headers X-Origin-Hublet Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials false X-Robots-Tag none CF-RAY 8611acd8aead6a76-TXL
GET H2	200	/ Show response www.googleadservices.com/pagead/conversion/401176436/	3 KB 2 KB	139ms 54ms	Script text/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/401176436/?random=1709888848653&cv=11&fst=1709888848653&bg=ffffff&guid=ON&async=1&gtm=45be4360v892185516za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&label=iWNrCOfMzv0DEPTupb8B&hn=www.googleadservices.com&frm=0&tiba=Breakdown%20of%20a%20multi-account%20compromise%20within%20Office%20365%20%7C%20Darktrace%20Blog&npa=1&pscdl=noapi&auid=2065841198.1709888848&uamb=0&uaw=0&fdr=SA&data=event%3Dconversion&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-401176436 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 99e9ce733a77bc14f01afa12eaf9b0b7bfa2d7f6e892526972144794179e44a0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Fri, 08 Mar 2024 09:07:28 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1694 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	199ms 62ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Fri, 08 Mar 2024 09:07:28 GMT last-modified Thu, 29 Feb 2024 19:58:06 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: E184228C4BDB4480A991387044CCE2C9 Ref B: FRA31EDGE0805 Ref C: 2024-03-08T09:07:28Z etag "01b4e9c496bda1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13261
GET H2	200	b474d74a-fc48-497d-b3dd-02eddc4b51ac.js Show response j.6sc.co/j/	4 KB 2 KB	678ms 446ms	Script application/javascript	23.47.189.171 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://j.6sc.co/j/b474d74a-fc48-497d-b3dd-02eddc4b51ac.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.47.189.171 Lisbon, Portugal, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-47-189-171.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash fd86fe420268206f681edfdde283a00ce6f15dbd6bb7e09de5e8fd02cb88d463 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers x-amz-version-id 7Mw1NroldPLZ5O4d9EdaVphfP5jkyP9k content-encoding gzip date Fri, 08 Mar 2024 09:07:29 GMT x-amz-cf-pop LIS50-C1 x-amz-server-side-encryption AES256 x-amz-meta-content-type application/json content-length 1274 pragma no-cache last-modified Thu, 29 Jun 2023 08:52:59 GMT server AmazonS3 etag "3aa2cc199385c20dfc4ccbd07cc6556f" vary Accept-Encoding content-type application/javascript cache-control max-age=0, no-cache, no-store accept-ranges bytes x-amz-cf-id ewUxqV1-0SypLaa8yfxHkpqsSr_QKZbXO4e-hg7MutszWASjzpyoXA== expires Fri, 08 Mar 2024 09:07:29 GMT
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 438 B	202ms 202ms	XHR text/plain	2620:1ec:22::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept * Referer https://darktrace.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 08 Mar 2024 09:07:28 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 61B2C2D923C84A8991E6526A2C44A08A Ref B: VIEEDGE1609 Ref C: 2024-03-08T09:07:28Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 access-control-allow-origin https://darktrace.com x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYTIoVvqecBHHyCIa5TIQ==
GET H/1.1	200 OK	counters.gif perf-eu1.hsforms.com/embed/v3/	35 B 1 KB	175ms 97ms	Image image/gif	172.65.232.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://perf-eu1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1 Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Fri, 08 Mar 2024 09:07:28 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff CF-Cache-Status MISS x-evy-trace-route-service-name envoyset-translator X-HubSpot-Correlation-Id fad6061e-b3a7-43a6-8d9e-e5d8a99b017d x-envoy-upstream-service-time 6 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id fad6061e-b3a7-43a6-8d9e-e5d8a99b017d Last-Modified Fri, 08 Mar 2024 09:07:28 GMT Server cloudflare X-Trace 2BB58D76B374599234664818E748BB2485D6158063000000000000000000 Vary origin, Accept-Encoding Content-Type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod fra04/star-hubspot-td/envoy-proxy-bd7cbb644-5c9cp Access-Control-Expose-Headers X-Origin-Hublet Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials false Accept-Ranges bytes X-Robots-Tag none CF-RAY 8611acd8cd3744f8-TXL
GET H2	200	dc_pre=CPe-uKuo5IQDFXAIogMdVuMBSA;src=9120626;type=unive0;cat=darkt00;ord=4094839931211;npa=1;auiddc=*;u1=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-... adservice.google.com/ddm/fls/z/ Frame FCFC	42 B 401 B	161ms 75ms	Image image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CPe-uKuo5IQDFXAIogMdVuMBSA;src=9120626;type=unive0;cat=darkt00;ord=4094839931211;npa=1;auiddc=*;u1=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365;pscdl=noapi;gtm=45fe4360za220;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365 Requested by Host: 9120626.fls.doubleclick.net URL: https://9120626.fls.doubleclick.net/activityi;dc_pre=CPe-uKuo5IQDFXAIogMdVuMBSA;src=9120626;type=unive0;cat=darkt00;ord=4094839931211;npa=1;auiddc=2065841198.1709888848;u1=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365;pscdl=noapi;gtm=45fe4360za220;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://9120626.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Fri, 08 Mar 2024 09:07:28 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-conversion/401176436/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/401176436/?random=1083259386&cv=11&fst=1709888848653&bg=ffffff&guid=ON&async=1&gtm=45be4360v892185516za200&gcd=13l3l3l2l1&dma_cps=sy... https://www.google.com/pagead/1p-conversion/401176436/?random=1083259386&cv=11&fst=1709888848653&bg=ffffff&guid=ON&async=1&gtm=45be4360v892185516za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u... https://www.google.de/pagead/1p-conversion/401176436/?random=1083259386&cv=11&fst=1709888848653&bg=ffffff&guid=ON&async=1&gtm=45be4360v892185516za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_...	42 B 455 B	144ms 58ms	Image image/gif	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/401176436/?random=1083259386&cv=11&fst=1709888848653&bg=ffffff&guid=ON&async=1&gtm=45be4360v892185516za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&label=iWNrCOfMzv0DEPTupb8B&hn=www.googleadservices.com&frm=0&tiba=Breakdown%20of%20a%20multi-account%20compromise%20within%20Office%20365%20%7C%20Darktrace%20Blog&npa=1&pscdl=noapi&auid=2065841198.1709888848&uamb=0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek5DaEFJZ0l1cnJ3WVFoS25rLVk2Z3ZhQndFaVlBUWExSnpoMlM3TUxUNlI0ME1rZ3JlZVlVOU1WaXZOblFmNk9vTmJKc1pha19IdjliemcaWENoQUlnSXVycndZUTk3R1FzTG5WeE9KeUVpNEFfR1lyTWxrWE1EMGxHYURfSTlKTmJnYndGdmxFOHpHeEpjN1BlRENlVzBpVGJLZlVkOFBMUjd4R0lHc0QiEwjTwr6rqOSEAxW4RB0JHTK5CGkyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&cid=CAQSKQB7FLtqhs6uW_Huc7UOoF3RSKXhykiGagkiVmtkFCZLfZkLGNWm43hB&random=1192280869&ipr=y Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Fri, 08 Mar 2024 09:07:29 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 08 Mar 2024 09:07:28 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.de/pagead/1p-conversion/401176436/?random=1083259386&cv=11&fst=1709888848653&bg=ffffff&guid=ON&async=1&gtm=45be4360v892185516za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&label=iWNrCOfMzv0DEPTupb8B&hn=www.googleadservices.com&frm=0&tiba=Breakdown%20of%20a%20multi-account%20compromise%20within%20Office%20365%20%7C%20Darktrace%20Blog&npa=1&pscdl=noapi&auid=2065841198.1709888848&uamb=0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQII4b2xAg&pscrd=Ek5DaEFJZ0l1cnJ3WVFoS25rLVk2Z3ZhQndFaVlBUWExSnpoMlM3TUxUNlI0ME1rZ3JlZVlVOU1WaXZOblFmNk9vTmJKc1pha19IdjliemcaWENoQUlnSXVycndZUTk3R1FzTG5WeE9KeUVpNEFfR1lyTWxrWE1EMGxHYURfSTlKTmJnYndGdmxFOHpHeEpjN1BlRENlVzBpVGJLZlVkOFBMUjd4R0lHc0QiEwjTwr6rqOSEAxW4RB0JHTK5CGkyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&cid=CAQSKQB7FLtqhs6uW_Huc7UOoF3RSKXhykiGagkiVmtkFCZLfZkLGNWm43hB&random=1192280869&ipr=y content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Show response www.google.com/js/bg/ Frame 5197	17 KB 7 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=d4eilhakddzv User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 01:22:45 GMT content-encoding br x-content-type-options nosniff age 27883 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6933 x-xss-protection 0 last-modified Mon, 19 Feb 2024 17:30:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 08 Mar 2025 01:22:45 GMT
GET H3	200	IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Show response www.google.com/js/bg/ Frame 7671	17 KB 7 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=no2qr72mid8t User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 01:22:45 GMT content-encoding br x-content-type-options nosniff age 27883 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6933 x-xss-protection 0 last-modified Mon, 19 Feb 2024 17:30:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 08 Mar 2025 01:22:45 GMT
GET DATA	200 OK	truncated / Frame 2F48	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 2F48	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Content-Type image/png
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 2F48	2 KB 2 KB	39ms 39ms	Image image/png	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 14:54:26 GMT x-content-type-options nosniff age 324782 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Mon, 11 Mar 2024 14:54:26 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 2F48	15 KB 16 KB	126ms 39ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=b610dvquf50g Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 21:26:23 GMT x-content-type-options nosniff age 301265 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 04 Mar 2025 21:26:23 GMT
GET H3	200	IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Show response www.google.com/js/bg/ Frame 2F48	17 KB 7 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=b610dvquf50g User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 01:22:45 GMT content-encoding br x-content-type-options nosniff age 27883 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6933 x-xss-protection 0 last-modified Mon, 19 Feb 2024 17:30:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 08 Mar 2025 01:22:45 GMT
GET DATA	200 OK	truncated / Frame D301	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame D301	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Content-Type image/png
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame D301	2 KB 2 KB	39ms 39ms	Image image/png	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 14:54:26 GMT x-content-type-options nosniff age 324782 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Mon, 11 Mar 2024 14:54:26 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame D301	15 KB 15 KB	122ms 49ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=g9yzi0zb49mm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 21:26:23 GMT x-content-type-options nosniff age 301265 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 04 Mar 2025 21:26:23 GMT
GET H3	200	IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Show response www.google.com/js/bg/ Frame D301	17 KB 7 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=g9yzi0zb49mm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 01:22:45 GMT content-encoding br x-content-type-options nosniff age 27883 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6933 x-xss-protection 0 last-modified Mon, 19 Feb 2024 17:30:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 08 Mar 2025 01:22:45 GMT
GET DATA	200 OK	truncated / Frame 713B	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 713B	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Content-Type image/png
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 713B	2 KB 2 KB	39ms 39ms	Image image/png	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 14:54:26 GMT x-content-type-options nosniff age 324782 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Mon, 11 Mar 2024 14:54:26 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 713B	15 KB 15 KB	155ms 96ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=xegyrg4n1zjt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 21:26:23 GMT x-content-type-options nosniff age 301265 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 04 Mar 2025 21:26:23 GMT
GET H3	200	IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Show response www.google.com/js/bg/ Frame 713B	17 KB 7 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=xegyrg4n1zjt User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 01:22:45 GMT content-encoding br x-content-type-options nosniff age 27883 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6933 x-xss-protection 0 last-modified Mon, 19 Feb 2024 17:30:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 08 Mar 2025 01:22:45 GMT
GET DATA	200 OK	truncated / Frame 7E18	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 7E18	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Content-Type image/png
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 7E18	2 KB 2 KB	39ms 39ms	Image image/png	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 14:54:26 GMT x-content-type-options nosniff age 324782 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Mon, 11 Mar 2024 14:54:26 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 7E18	15 KB 15 KB	125ms 84ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=t9ppbty0kzbp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 21:26:23 GMT x-content-type-options nosniff age 301265 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 04 Mar 2025 21:26:23 GMT
GET H3	200	IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Show response www.google.com/js/bg/ Frame 7E18	17 KB 7 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=t9ppbty0kzbp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 01:22:45 GMT content-encoding br x-content-type-options nosniff age 27883 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6933 x-xss-protection 0 last-modified Mon, 19 Feb 2024 17:30:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 08 Mar 2025 01:22:45 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 5197	102 B 134 B	49ms 49ms	Other text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=d4eilhakddzv Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=d4eilhakddzv User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=utf-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 08 Mar 2024 09:07:28 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 7671	102 B 134 B	48ms 48ms	Other text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=no2qr72mid8t Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=no2qr72mid8t User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=utf-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 08 Mar 2024 09:07:28 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 2F48	102 B 134 B	49ms 48ms	Other text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=b610dvquf50g Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=b610dvquf50g User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=utf-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 08 Mar 2024 09:07:28 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame D301	102 B 134 B	50ms 49ms	Other text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=g9yzi0zb49mm Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=g9yzi0zb49mm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=utf-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 08 Mar 2024 09:07:28 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 713B	102 B 134 B	49ms 49ms	Other text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=xegyrg4n1zjt Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=xegyrg4n1zjt User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=utf-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 08 Mar 2024 09:07:28 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 7E18	102 B 132 B	50ms 50ms	Other text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=t9ppbty0kzbp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=normal&cb=t9ppbty0kzbp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:28 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=utf-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 08 Mar 2024 09:07:28 GMT
GET H2	204	211011833.js Show response bat.bing.com/p/action/	0 117 B	64ms 64ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/211011833.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Fri, 08 Mar 2024 09:07:28 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 8B11CAA900B548B3ADDF6AB60D022233 Ref B: FRA31EDGE0805 Ref C: 2024-03-08T09:07:29Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 288 B	141ms 141ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=211011833&Ver=2&mid=318f1f0a-d298-4312-83d6-c30b8831403a&sid=49ff73c0dd2b11eeae38d1fc32caed14&vid=49ff6cd0dd2b11eeae0f49d70717da2f&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Breakdown%20of%20a%20multi-account%20compromise%20within%20Office%20365%20%7C%20Darktrace%20Blog&p=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&r=&lt=1113&evt=pageLoad&sv=1&rn=866368 Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 08 Mar 2024 09:07:28 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 73995CB3F6F84153A3F0A0DC38334B91 Ref B: FRA31EDGE0805 Ref C: 2024-03-08T09:07:29Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame C56D	7 KB 1 KB	53ms 53ms	Document text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash f71d55ba4cfe1c78b67615b35d03db6ec14e0468c38cba289a818c7d07f60985 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-eSlMWa2C4qR8OqLP8ZOfEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-eSlMWa2C4qR8OqLP8ZOfEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 08 Mar 2024 09:07:29 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame 1FC6	7 KB 1 KB	54ms 54ms	Document text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash fd725d48d031bc78ba07eee872a12ff974195db8d4afb1af5c58b6e4e6ad272e Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-fbMC7Js0FSC99HH7TfOUdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-fbMC7Js0FSC99HH7TfOUdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 08 Mar 2024 09:07:29 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame C057	7 KB 1 KB	55ms 54ms	Document text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash da91c42c1e08b596834fdcb62d735de2d4a3eebc15dce0d4ec2167e1e260515e Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-ogh1DKXNE8rbIedbKwV7vw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-ogh1DKXNE8rbIedbKwV7vw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 08 Mar 2024 09:07:29 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame 9381	7 KB 1 KB	52ms 52ms	Document text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e604d3db73551cf452ce254eec2d3b9a2f720bef52257491acabac6880d69860 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Tler2z2V6QAi7EPgJyB3aA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-Tler2z2V6QAi7EPgJyB3aA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 08 Mar 2024 09:07:29 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame 1E0A	7 KB 1 KB	54ms 54ms	Document text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e7fb39bf5b53db99d143075e228c9e37330349d7ef224f2e5d37af26368ae1ed Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-dI7rL4nv-pLilwkQkszsgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-dI7rL4nv-pLilwkQkszsgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 08 Mar 2024 09:07:29 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame EA3D	7 KB 1 KB	54ms 53ms	Document text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 2fe92e0ac6e5dba91820b506bedb35117128624af4df04ee5156d2c0b43e6461 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-y7a5DdUYiBmpvr6wAmaiEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-y7a5DdUYiBmpvr6wAmaiEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 08 Mar 2024 09:07:29 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	6si.min.js Show response j.6sc.co/	64 KB 18 KB	77ms 76ms	Script application/javascript	23.47.189.171 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://j.6sc.co/6si.min.js Requested by Host: j.6sc.co URL: https://j.6sc.co/j/b474d74a-fc48-497d-b3dd-02eddc4b51ac.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.47.189.171 Lisbon, Portugal, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-47-189-171.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 8c1781ec4483c6fb3bd9ad005d312800eaf24e232c12976624bff84f8ab908b3 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Fri, 08 Mar 2024 09:07:29 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 22 Feb 2024 19:00:41 GMT server nginx/1.14.0 (Ubuntu) etag "65d799d9-101dd" vary Accept-Encoding content-type application/javascript cache-control private, no-cache, proxy-revalidate accept-ranges bytes content-length 17693 expires Fri, 08 Mar 2024 09:07:29 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame C56D	55 KB 24 KB	39ms 39ms	Stylesheet text/css	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 02:12:19 GMT content-encoding gzip x-content-type-options nosniff age 24910 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 08 Mar 2025 02:12:19 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame C56D	494 KB 196 KB	40ms 40ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 19:55:35 GMT content-encoding gzip x-content-type-options nosniff age 306714 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 200579 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 04 Mar 2025 19:55:35 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 1FC6	55 KB 24 KB	39ms 39ms	Stylesheet text/css	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 02:12:19 GMT content-encoding gzip x-content-type-options nosniff age 24910 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 08 Mar 2025 02:12:19 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 1FC6	494 KB 196 KB	41ms 40ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 19:55:35 GMT content-encoding gzip x-content-type-options nosniff age 306714 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 200579 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 04 Mar 2025 19:55:35 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 9381	55 KB 24 KB	39ms 39ms	Stylesheet text/css	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 02:12:19 GMT content-encoding gzip x-content-type-options nosniff age 24910 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 08 Mar 2025 02:12:19 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 9381	494 KB 196 KB	41ms 41ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 19:55:35 GMT content-encoding gzip x-content-type-options nosniff age 306714 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 200579 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 04 Mar 2025 19:55:35 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame C057	55 KB 24 KB	41ms 41ms	Stylesheet text/css	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 02:12:19 GMT content-encoding gzip x-content-type-options nosniff age 24910 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 08 Mar 2025 02:12:19 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame C057	494 KB 196 KB	45ms 44ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 19:55:35 GMT content-encoding gzip x-content-type-options nosniff age 306714 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 200579 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 04 Mar 2025 19:55:35 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 1E0A	55 KB 24 KB	42ms 42ms	Stylesheet text/css	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 02:12:19 GMT content-encoding gzip x-content-type-options nosniff age 24910 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 08 Mar 2025 02:12:19 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 1E0A	494 KB 196 KB	46ms 46ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 19:55:35 GMT content-encoding gzip x-content-type-options nosniff age 306714 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 200579 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 04 Mar 2025 19:55:35 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame EA3D	55 KB 24 KB	42ms 42ms	Stylesheet text/css	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 02:12:19 GMT content-encoding gzip x-content-type-options nosniff age 24910 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 08 Mar 2025 02:12:19 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame EA3D	494 KB 196 KB	47ms 47ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 19:55:35 GMT content-encoding gzip x-content-type-options nosniff age 306714 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 200579 x-xss-protection 0 last-modified Mon, 04 Mar 2024 05:02:47 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 04 Mar 2025 19:55:35 GMT
GET H2	200	getuidj Show response secure.adnxs.com/	11 B 697 B	153ms 48ms	XHR application/json	185.89.210.46 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/getuidj Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Fri, 08 Mar 2024 09:07:29 GMT an-x-request-uuid 06180238-b6f3-42a6-9410-48bdb29f868a server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://darktrace.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 80.255.7.108; 80.255.7.108; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 11 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ Show response c.6sc.co/	7 B 191 B	97ms 96ms	XHR text/html	23.47.189.171 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://c.6sc.co/ Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.47.189.171 Lisbon, Portugal, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-47-189-171.deploy.static.akamaitechnologies.com Software / Resource Hash fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:29 GMT access-control-max-age 86400 access-control-allow-methods GET,POST content-type text/html access-control-allow-origin https://darktrace.com access-control-allow-credentials true access-control-allow-headers * content-length 7
GET H2	200	/ Show response ipv6.6sc.co/	20 B 308 B	171ms 47ms	XHR text/html	2a02:26f0:7100::210:180 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ipv6.6sc.co/ Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::210:180 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash bfd3189d965573e36997f170667b1ceef5cfd0471b6f5be228ca6ac7bcb97c23 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Fri, 08 Mar 2024 09:07:29 GMT vary Origin content-type text/html access-control-allow-origin https://darktrace.com cache-control max-age=0, no-cache, no-store 6si-ipv6 2a01:4a0:1338:92::12 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1709888849549_34603388_840123230_18_1010_38_84_219";dur=1 content-length 20 expires Fri, 08 Mar 2024 09:07:29 GMT
OPTIONS H2	200	details epsilon.6sense.com/v3/company/ Frame	0 0	130ms 43ms	Preflight	13.248.142.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://epsilon.6sense.com/v3/company/details Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.248.142.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ac3ff6aafb2cddae2.awsglobalaccelerator.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,x-6s-customid Access-Control-Request-Method GET Origin https://darktrace.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers authorization,x-6s-customid access-control-allow-methods OPTIONS,GET access-control-allow-origin https://darktrace.com access-control-expose-headers X-6si-Region access-control-max-age 1800 date Fri, 08 Mar 2024 09:07:29 GMT server nginx timing-allow-origin https://6sense.com, https://www.ssga.com x-6si-region eu-central-1a x-trace-id 4632445678311445018
GET H2	200	details Show response epsilon.6sense.com/v3/company/	725 B 705 B	116ms 46ms	XHR application/json	13.248.142.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://epsilon.6sense.com/v3/company/details Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.248.142.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ac3ff6aafb2cddae2.awsglobalaccelerator.com Software nginx / Resource Hash d454566fbbab8fcbc70a1c3139be25be5205712442564fe24a5e0258e3337a98 Request headers Referer https://darktrace.com/ accept-language de-DE,de;q=0.9 Authorization Token bfc303872745c57fc21c407e92980bd51b495b1e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 X-6s-CustomID WebTag b474d74a-fc48-497d-b3dd-02eddc4b51ac Response headers x-trace-id 4312124802889406781 date Fri, 08 Mar 2024 09:07:29 GMT content-encoding gzip server nginx vary Origin, Accept-Encoding content-type application/json x-6si-region eu-central-1a access-control-allow-origin https://darktrace.com access-control-expose-headers X-6si-Region access-control-allow-credentials true timing-allow-origin https://6sense.com, https://www.ssga.com content-length 387
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 484 B	307ms 307ms	Image image/gif	23.47.189.171 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=58e1d7a8a68ff8537d596ebcbffc4824&svisitor=null&visitor=6e62c708-00d5-4e97-83cf-5ddbb8bde098&session=34b5a642-efb6-49bf-8f02-f47070cd4f6f&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Fri%2C%2008%20Mar%202024%2009%3A07%3A29%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20blog%20details%20how%20rapidly%20accounts%20can%20become%20compromised%20from%20an%20internal%20phishing%20campaign.%20It%20also%20highlights%20the%20actions%20that%20Darktrace%2FApps%20can%20take%20to%20stop%20this%20type%20of%20attack%20in%20the%20future.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Breakdown%20of%20a%20multi-account%20compromise%20within%20Office%20365%20%7C%20Darktrace%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&pageViewId=3b9cc299-a4d2-490f-8b0e-84dc6ce479f4&an_uid=0&webTagId=b474d74a-fc48-497d-b3dd-02eddc4b51ac&v=1.1.15 Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.47.189.171 Lisbon, Portugal, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-47-189-171.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:29 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 00:49:36 GMT server nginx/1.14.0 (Ubuntu) etag "63f020a0-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 485 B	342ms 341ms	Image image/gif	23.47.189.171 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=58e1d7a8a68ff8537d596ebcbffc4824&svisitor=null&visitor=6e62c708-00d5-4e97-83cf-5ddbb8bde098&session=34b5a642-efb6-49bf-8f02-f47070cd4f6f&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%2258e1d7a8a68ff8537d596ebcbffc4824%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2008%20Mar%202024%2009%3A07%3A29%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2008%20Mar%202024%2009%3A07%3A29%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22bfc303872745c57fc21c407e92980bd51b495b1e%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2008%20Mar%202024%2009%3A07%3A29%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2008%20Mar%202024%2009%3A07%3A29%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2008%20Mar%202024%2009%3A07%3A29%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2008%20Mar%202024%2009%3A07%3A29%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2008%20Mar%202024%2009%3A07%3A29%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2008%20Mar%202024%2009%3A07%3A29%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%22b474d74a-fc48-497d-b3dd-02eddc4b51ac%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2008%20Mar%202024%2009%3A07%3A29%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2008%20Mar%202024%2009%3A07%3A29%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2008%20Mar%202024%2009%3A07%3A29%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2008%20Mar%202024%2009%3A07%3A29%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20blog%20details%20how%20rapidly%20accounts%20can%20become%20compromised%20from%20an%20internal%20phishing%20campaign.%20It%20also%20highlights%20the%20actions%20that%20Darktrace%2FApps%20can%20take%20to%20stop%20this%20type%20of%20attack%20in%20the%20future.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Breakdown%20of%20a%20multi-account%20compromise%20within%20Office%20365%20%7C%20Darktrace%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&pageViewId=3b9cc299-a4d2-490f-8b0e-84dc6ce479f4&an_uid=0&webTagId=b474d74a-fc48-497d-b3dd-02eddc4b51ac&v=1.1.15 Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.47.189.171 Lisbon, Portugal, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-47-189-171.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:29 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 01:45:17 GMT server nginx/1.14.0 (Ubuntu) etag "63f02dad-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 485 B	297ms 296ms	Image image/gif	23.47.189.171 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=58e1d7a8a68ff8537d596ebcbffc4824&svisitor=null&visitor=6e62c708-00d5-4e97-83cf-5ddbb8bde098&session=34b5a642-efb6-49bf-8f02-f47070cd4f6f&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A1338%3A92%3A%3A12%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20blog%20details%20how%20rapidly%20accounts%20can%20become%20compromised%20from%20an%20internal%20phishing%20campaign.%20It%20also%20highlights%20the%20actions%20that%20Darktrace%2FApps%20can%20take%20to%20stop%20this%20type%20of%20attack%20in%20the%20future.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Breakdown%20of%20a%20multi-account%20compromise%20within%20Office%20365%20%7C%20Darktrace%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&pageViewId=3b9cc299-a4d2-490f-8b0e-84dc6ce479f4&an_uid=0&webTagId=b474d74a-fc48-497d-b3dd-02eddc4b51ac&v=1.1.15 Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.47.189.171 Lisbon, Portugal, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-47-189-171.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:29 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 02:04:22 GMT server nginx/1.14.0 (Ubuntu) etag "63f03226-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	zi-tag.js Show response js.zi-scripts.com/	8 KB 3 KB	121ms 51ms	Script application/javascript	172.64.150.44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.zi-scripts.com/zi-tag.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bfae35edc61595bd27d16c01ddc44ef00c152c0006e16f836101d3b6a6621d01 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:30 GMT x-amz-version-id lFoq_FZJwJ3rDVe9.7kNMZjc5YKK6r5L content-encoding gzip cf-cache-status DYNAMIC last-modified Mon, 11 Dec 2023 12:17:02 GMT server cloudflare via 1.1 ee34f7af76b54660352564a750b131f6.cloudfront.net (CloudFront) x-amz-cf-pop TXL50-P5 etag W/"15c02cdee0df6c26ba3d8c62d912c66c" age 19932 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cf-ray 8611ace0eb31266d-TXL x-amz-cf-id tBVzGwA7719ePuApG5aLhNMFJ0kwFjp-dgmCbdo3GtWnl7A3VycPcQ==
GET H2	200	blockedDomains.json Show response hubspotonwebflow.com/assets/js/	98 KB 23 KB	70ms 69ms	Fetch application/json	76.76.21.61 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hubspotonwebflow.com/assets/js/blockedDomains.json Requested by Host: hubspotonwebflow.com URL: https://hubspotonwebflow.com/assets/js/form-123.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash 944352d0198c673b45a699471c970aef85458ea3c58a3ed825b0f0e4f33f999c Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:30 GMT content-encoding br strict-transport-security max-age=63072000 server Vercel x-vercel-id fra1::nc9wn-1709888850008-4a68740a98a8 age 823478 x-matched-path /assets/js/blockedDomains.json etag W/"04708d47dd194d37b8231a65de7a66f1" x-vercel-cache HIT content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate content-disposition inline; filename="blockedDomains.json"
GET H2	200	__ptq.gif track-eu1.hubspot.com/	45 B 1 KB	267ms 177ms	Image image/gif	172.65.240.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=166860084&v=1.1&a=25522132&rcu=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&pu=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&t=Breakdown+of+a+multi-account+compromise+within+Office+365+%7C+Darktrace+Blog&cts=1709888849990&vi=aa8bd36f498bf6b26bfdea63c4b3f1d1&nc=true&u=21031588.aa8bd36f498bf6b26bfdea63c4b3f1d1.1709888849989.1709888849989.1709888849989.1&b=21031588.1.1709888849989&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:30 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id be27b1f1-7fd7-427a-bda7-cc9ae55c64c0 p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 5 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id be27b1f1-7fd7-427a-bda7-cc9ae55c64c0 last-modified Fri, 08 Mar 2024 09:07:30 GMT server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQciAwhfyOcYY5KsztEoG1mIfcrpEUMjw7AYl1sOwuGYa1CYpjv4k4rilMDHionX2rlpxD7rMYCW%2FxEYqs%2FPml9BtS4Vc6kAwSZVQXaXVQ0wueZcbIjFN2SzZkMY8t%2BGk7cgspaxcg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod fra04/analytics-tracking-td/envoy-proxy-8564d84769-4xj5w x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false accept-ranges bytes cf-ray 8611ace11fd6453a-TXL x-robots-tag none
GET H2	200	s39773503211278 darktrace.sc.omtrdc.net/b/ss/darktraceprod/1/JS-2.23.0-LDQM/	43 B 345 B	158ms 51ms	Image image/gif	63.140.62.17 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://darktrace.sc.omtrdc.net/b/ss/darktraceprod/1/JS-2.23.0-LDQM/s39773503211278?AQB=1&ndh=1&pf=1&t=8%2F2%2F2024%2010%3A7%3A30%205%20-60&mid=34576833869922768023307490888656925601&aamlh=6&ce=UTF-8&cdp=1&fpCookieDomainPeriods=1&pageName=%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&g=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&c.&apl=4.0&getPreviousValue=3.0&.c&cc=GBP&ch=blog&events=event17%2Cevent1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&v3=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&v4=breakdown%20of%20a%20multi-account%20compromise%20within%20office%20365%20%7C%20darktrace%20blog&v5=darktrace.com&v11=34576833869922768023307490888656925601&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=4AE530AF633C985D0A495E93%40AdobeOrg&AQE=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 63.140.62.17 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-63-140-62-17.data.adobedc.net Software jag / Resource Hash a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Fri, 08 Mar 2024 09:07:30 GMT x-content-type-options nosniff last-modified Sat, 09 Mar 2024 09:07:30 GMT server jag etag 3671958346756096000-4617783232386575509 vary * p3p CP="This is not a P3P policy" access-control-allow-origin * content-type image/gif;charset=utf-8 cache-control no-cache, no-store, max-age=0, no-transform, private content-length 43 x-xss-protection 1; mode=block expires Thu, 07 Mar 2024 09:07:30 GMT
GET H2	200	getSubscriptions Show response js.zi-scripts.com/unified/v1/master/	195 B 394 B	485ms 482ms	Fetch application/json	172.64.150.44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.zi-scripts.com/unified/v1/master/getSubscriptions Requested by Host: js.zi-scripts.com URL: https://js.zi-scripts.com/zi-tag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 054e7b0e81377a27e806936dd569d17d7b7b89882452c679bfb668eb3037490e Request headers visited_url https://darktrace.com/blog/breakdown-of-a-multi-account-compromise-within-office-365 Referer https://darktrace.com/ accept-language de-DE,de;q=0.9 Authorization Bearer 7a7b0f38131678294923 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Content-Type application/json Response headers date Fri, 08 Mar 2024 09:07:30 GMT via 1.1 25cc6d5f46d4eae9262198b05709a32e.cloudfront.net (CloudFront) content-encoding gzip cf-cache-status DYNAMIC server cloudflare x-amz-cf-pop TXL50-P5 x-powered-by Express etag W/"c3-Ql+KsD9oq4v92S5sR2VLJrYD/50" x-cache Miss from cloudfront content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cf-ray 8611ace2facd6a77-TXL x-amz-cf-id txDwoPtK6_vEyybqLjVvH9qKNO6nM9efosqauFdhrHJeSIYnctldyQ== apigw-requestid UTZE-hWQvHcEPsA=
OPTIONS H2	204	getSubscriptions js.zi-scripts.com/unified/v1/master/ Frame	0 0	275ms 209ms	Preflight	172.64.150.44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.zi-scripts.com/unified/v1/master/getSubscriptions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,visited_url Access-Control-Request-Method GET Origin https://darktrace.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers access-control-allow-headers * access-control-allow-methods * access-control-allow-origin * access-control-max-age 0 apigw-requestid UTZE5gNNvHcEP4Q= cf-cache-status DYNAMIC cf-ray 8611ace1af726a77-TXL date Fri, 08 Mar 2024 09:07:30 GMT server cloudflare vary Access-Control-Request-Headers via 1.1 25cc6d5f46d4eae9262198b05709a32e.cloudfront.net (CloudFront) x-amz-cf-id 49ft0srjf9rTbR33DWUoPIf-v9hESzjhfNEDoCQi-29Ob5F7935LkQ== x-amz-cf-pop TXL50-P5 x-cache Miss from cloudfront x-powered-by Express
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 485 B	313ms 313ms	Image image/gif	23.47.189.171 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=58e1d7a8a68ff8537d596ebcbffc4824&svisitor=null&visitor=6e62c708-00d5-4e97-83cf-5ddbb8bde098&session=34b5a642-efb6-49bf-8f02-f47070cd4f6f&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2008%20Mar%202024%2009%3A07%3A30%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2008%20Mar%202024%2009%3A07%3A29%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%221001%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20blog%20details%20how%20rapidly%20accounts%20can%20become%20compromised%20from%20an%20internal%20phishing%20campaign.%20It%20also%20highlights%20the%20actions%20that%20Darktrace%2FApps%20can%20take%20to%20stop%20this%20type%20of%20attack%20in%20the%20future.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Breakdown%20of%20a%20multi-account%20compromise%20within%20Office%20365%20%7C%20Darktrace%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&pageViewId=3b9cc299-a4d2-490f-8b0e-84dc6ce479f4&an_uid=0&webTagId=b474d74a-fc48-497d-b3dd-02eddc4b51ac&v=1.1.15 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.47.189.171 Lisbon, Portugal, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-47-189-171.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:30 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 05 Jun 2021 07:56:05 GMT server nginx/1.14.0 (Ubuntu) etag "60bb2e15-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	formcomplete.js Show response ws-assets.zoominfo.com/	86 KB 27 KB	213ms 110ms	Script application/javascript	2606:4700::6810:880f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws-assets.zoominfo.com/formcomplete.js Requested by Host: js.zi-scripts.com URL: https://js.zi-scripts.com/zi-tag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bff1b16ebe5d1a63a88b474f3173e88dc249a541f539f0efb8b6a2413ea84605 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:31 GMT content-encoding gzip cf-cache-status DYNAMIC age 3355 x-guploader-uploadid ABPtcPoScTaZgcSIX0yCo24uwUNF2DwYVy7r1baNs4HWJV4f2Y1ZmngYiO9Mox1HT15shCbehx-2aH8TpA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 last-modified Tue, 20 Feb 2024 12:32:35 GMT server cloudflare etag W/"bfb356311b79124403b7a14428149b19" x-goog-hash crc32c=J4jeCA==, md5=v7NWMRt5EkQDt6FEKBSbGQ== x-goog-generation 1708432355098391 content-type application/javascript cache-control public, max-age=3600 x-goog-stored-content-length 87793 cf-ray 8611ace6b9305d51-FRA expires Fri, 08 Mar 2024 09:11:36 GMT
GET		/ ws.zoominfo.com/pixel/4ccDSNZP4XJCgNG1HArJ/	0 0
OPTIONS H2	200	/ ws.zoominfo.com/pixel/4ccDSNZP4XJCgNG1HArJ/ Frame	0 0	283ms 197ms	Preflight text/html	2606:4700::6810:880f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/pixel/4ccDSNZP4XJCgNG1HArJ/?iszitag=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers _vtok,_zitok,content-type,visited-url Access-Control-Request-Method GET Origin https://darktrace.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url access-control-allow-origin https://darktrace.com allow GET,HEAD alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8611ace69fa63679-FRA content-encoding gzip content-type text/html; charset=utf-8 date Fri, 08 Mar 2024 09:07:31 GMT server cloudflare via 1.1 google x-content-type-options nosniff x-powered-by Express x-robots-tag noindex, nofollow
OPTIONS H2	200	forms ws.zoominfo.com/formcomplete-v2/ Frame	0 0	188ms 188ms	Preflight text/html	2606:4700::6810:880f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/formcomplete-v2/forms Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://darktrace.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok access-control-allow-origin https://darktrace.com allow POST alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8611ace778a03679-FRA content-encoding gzip content-type text/html; charset=utf-8 date Fri, 08 Mar 2024 09:07:31 GMT server cloudflare via 1.1 google x-content-type-options nosniff x-powered-by Express x-robots-tag noindex, nofollow
POST H3	200	forms Show response ws.zoominfo.com/formcomplete-v2/	15 KB 2 KB	196ms 196ms	Fetch application/json	2606:4700::6810:880f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/formcomplete-v2/forms Requested by Host: ws-assets.zoominfo.com URL: https://ws-assets.zoominfo.com/formcomplete.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 8c75120ee692d7d046d7a4517bf8a8f3c9184398fe570b671b6b1fd587aa5ed8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://darktrace.com/ accept-language de-DE,de;q=0.9 Authorization bearer bed4e10d0e2408d5fb89f6b5194434 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Content-Type application/json Response headers date Fri, 08 Mar 2024 09:07:31 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 google x-powered-by Express alt-svc h3=":443"; ma=86400 server cloudflare etag W/"3da9-Auhmk69UAdGVzs8KWlu+20VtSiA" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://darktrace.com access-control-allow-credentials true x-robots-tag noindex, nofollow access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok cf-ray 8611ace8a8674d1f-FRA
OPTIONS H2	200	getMapping ws.zoominfo.com/formcomplete-v2/ Frame	0 0	195ms 195ms	Preflight text/html	2606:4700::6810:880f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=e31bf96d-deeb-46c6-8726-47e1ac469cbd Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers _zitok,visitorid Access-Control-Request-Method GET Origin https://darktrace.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok access-control-allow-origin https://darktrace.com allow GET,HEAD alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8611ace9ebc23679-FRA content-encoding gzip content-type text/html; charset=utf-8 date Fri, 08 Mar 2024 09:07:31 GMT server cloudflare via 1.1 google x-content-type-options nosniff x-powered-by Express x-robots-tag noindex, nofollow
OPTIONS H2	200	getMapping ws.zoominfo.com/formcomplete-v2/ Frame	0 0	180ms 180ms	Preflight text/html	2606:4700::6810:880f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=c94fb229-4f72-40fb-9861-df7013cc23c5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers _zitok,visitorid Access-Control-Request-Method GET Origin https://darktrace.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok access-control-allow-origin https://darktrace.com allow GET,HEAD alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8611ace9ebc63679-FRA content-encoding gzip content-type text/html; charset=utf-8 date Fri, 08 Mar 2024 09:07:31 GMT server cloudflare via 1.1 google x-content-type-options nosniff x-powered-by Express x-robots-tag noindex, nofollow
GET H3	200	getMapping Show response ws.zoominfo.com/formcomplete-v2/	2 KB 1 KB	179ms 179ms	XHR application/json	2606:4700::6810:880f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=e31bf96d-deeb-46c6-8726-47e1ac469cbd Requested by Host: ws-assets.zoominfo.com URL: https://ws-assets.zoominfo.com/formcomplete.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash dcc0233d94f41ad2862b581088e18b6e5e8528779a51abd25071a781b5625d1c Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://darktrace.com/ _zitok b66fe08d2fc49300153d1709888850 visitorId accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:31 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 google x-powered-by Express alt-svc h3=":443"; ma=86400 server cloudflare etag W/"702-K0zkAEQoz7vQ1XN/ks7SR4h1Zto" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://darktrace.com access-control-allow-credentials true x-robots-tag noindex, nofollow access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok cf-ray 8611aceb1b3f4d1f-FRA
GET H3	200	getMapping Show response ws.zoominfo.com/formcomplete-v2/	2 KB 1 KB	213ms 213ms	XHR application/json	2606:4700::6810:880f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=c94fb229-4f72-40fb-9861-df7013cc23c5 Requested by Host: ws-assets.zoominfo.com URL: https://ws-assets.zoominfo.com/formcomplete.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 872bb1a6e14980335c4abfccf611379b14b5214c8753e0d845ae859aee0e8de4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://darktrace.com/ _zitok b66fe08d2fc49300153d1709888850 visitorId accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:31 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 google x-powered-by Express alt-svc h3=":443"; ma=86400 server cloudflare etag W/"919-rfi0TShGl73fSI+ZMJ2KZFtE1C8" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://darktrace.com access-control-allow-credentials true x-robots-tag noindex, nofollow access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok cf-ray 8611aceb0b1e4d1f-FRA
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 485 B	309ms 309ms	Image image/gif	23.47.189.171 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=58e1d7a8a68ff8537d596ebcbffc4824&svisitor=null&visitor=6e62c708-00d5-4e97-83cf-5ddbb8bde098&session=34b5a642-efb6-49bf-8f02-f47070cd4f6f&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2008%20Mar%202024%2009%3A07%3A31%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2008%20Mar%202024%2009%3A07%3A30%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222002%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20blog%20details%20how%20rapidly%20accounts%20can%20become%20compromised%20from%20an%20internal%20phishing%20campaign.%20It%20also%20highlights%20the%20actions%20that%20Darktrace%2FApps%20can%20take%20to%20stop%20this%20type%20of%20attack%20in%20the%20future.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Breakdown%20of%20a%20multi-account%20compromise%20within%20Office%20365%20%7C%20Darktrace%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&pageViewId=3b9cc299-a4d2-490f-8b0e-84dc6ce479f4&an_uid=0&webTagId=b474d74a-fc48-497d-b3dd-02eddc4b51ac&v=1.1.15 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.47.189.171 Lisbon, Portugal, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-47-189-171.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:31 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 05 Jun 2021 07:56:05 GMT server nginx/1.14.0 (Ubuntu) etag "60bb2e15-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 484 B	419ms 419ms	Image image/gif	23.47.189.171 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=58e1d7a8a68ff8537d596ebcbffc4824&svisitor=null&visitor=6e62c708-00d5-4e97-83cf-5ddbb8bde098&session=34b5a642-efb6-49bf-8f02-f47070cd4f6f&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2008%20Mar%202024%2009%3A07%3A32%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2008%20Mar%202024%2009%3A07%3A31%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%223002%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20blog%20details%20how%20rapidly%20accounts%20can%20become%20compromised%20from%20an%20internal%20phishing%20campaign.%20It%20also%20highlights%20the%20actions%20that%20Darktrace%2FApps%20can%20take%20to%20stop%20this%20type%20of%20attack%20in%20the%20future.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Breakdown%20of%20a%20multi-account%20compromise%20within%20Office%20365%20%7C%20Darktrace%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&pageViewId=3b9cc299-a4d2-490f-8b0e-84dc6ce479f4&an_uid=0&webTagId=b474d74a-fc48-497d-b3dd-02eddc4b51ac&v=1.1.15 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.47.189.171 Lisbon, Portugal, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-47-189-171.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:32 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Tue, 05 Oct 2021 22:17:52 GMT server nginx/1.14.0 (Ubuntu) etag "615ccf10-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 485 B	292ms 292ms	Image image/gif	23.47.189.171 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=58e1d7a8a68ff8537d596ebcbffc4824&svisitor=null&visitor=6e62c708-00d5-4e97-83cf-5ddbb8bde098&session=34b5a642-efb6-49bf-8f02-f47070cd4f6f&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2008%20Mar%202024%2009%3A07%3A33%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2008%20Mar%202024%2009%3A07%3A32%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224003%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20blog%20details%20how%20rapidly%20accounts%20can%20become%20compromised%20from%20an%20internal%20phishing%20campaign.%20It%20also%20highlights%20the%20actions%20that%20Darktrace%2FApps%20can%20take%20to%20stop%20this%20type%20of%20attack%20in%20the%20future.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Breakdown%20of%20a%20multi-account%20compromise%20within%20Office%20365%20%7C%20Darktrace%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fdarktrace.com%2Fblog%2Fbreakdown-of-a-multi-account-compromise-within-office-365&pageViewId=3b9cc299-a4d2-490f-8b0e-84dc6ce479f4&an_uid=0&webTagId=b474d74a-fc48-497d-b3dd-02eddc4b51ac&v=1.1.15 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.47.189.171 Lisbon, Portugal, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-47-189-171.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:07:33 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 02:04:22 GMT server nginx/1.14.0 (Ubuntu) etag "63f03226-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ws.zoominfo.com

URL

https://ws.zoominfo.com/pixel/4ccDSNZP4XJCgNG1HArJ/?iszitag=true