www.datto.com Open in urlscan Pro
23.205.231.9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
Submission: On August 05 via api (August 5th 2022, 1:00:37 pm UTC) from DE — Scanned from DE

Summary HTTP 64 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 14 domains to perform 64 HTTP transactions. The main IP is 23.205.231.9, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.datto.com. The Cisco Umbrella rank of the primary domain is 126162.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 12th 2022. Valid for: a year.

This is the only time www.datto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	23.205.231.9 23.205.231.9	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:592::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:991::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:440... 2606:4700:4400::ac40:929e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2.21.20.200 2.21.20.200	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.205.237.4 23.205.237.4	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
64	16

42 23.205.231.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-231-9.deploy.static.akamaitechnologies.com

www.datto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:592::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
684dd32c.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:991::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:929e (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.20.200 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-200.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kd7qo2iccukmqyxncrxq-pas3bq-5e9ba90c0-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fiaqjiathaajekqce3ydkaaaczro2fdp-pas3bq-826b9f137-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.237.4 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-237-4.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

022-yha-557.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	datto.com www.datto.com — Cisco Umbrella Rank: 126162	3 MB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 434	108 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 1610 kd7qo2iccukmqyxncrxq-pas3bq-5e9ba90c0-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 1605 fiaqjiathaajekqce3ydkaaaczro2fdp-pas3bq-826b9f137-clienttons-s.akamaihd.net	1 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3223	7 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1152 c.go-mpulse.net — Cisco Umbrella Rank: 524	51 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	130 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5596	548 B
1	google.com www.google.com — Cisco Umbrella Rank: 10	548 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	2 KB
1	mktoresp.com 022-yha-557.mktoresp.com — Cisco Umbrella Rank: 296111	318 B
1	akstat.io 684dd32c.akstat.io — Cisco Umbrella Rank: 34979	201 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	15 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 730	441 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	43 KB
64	14

	Domain	Requested by
42	www.datto.com	www.datto.com www.googletagmanager.com
6	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
2	munchkin.marketo.net	www.datto.com munchkin.marketo.net
2	www.googletagmanager.com	www.datto.com www.googletagmanager.com
1	www.google.de
1	www.google.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	022-yha-557.mktoresp.com	munchkin.marketo.net
1	684dd32c.akstat.io	s.go-mpulse.net
1	www.googleadservices.com	www.googletagmanager.com
1	fiaqjiathaajekqce3ydkaaaczro2fdp-pas3bq-826b9f137-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	kd7qo2iccukmqyxncrxq-pas3bq-5e9ba90c0-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	geolocation.onetrust.com	cdn.cookielaw.org
1	c.go-mpulse.net	s.go-mpulse.net
1	www.google-analytics.com	www.googletagmanager.com
1	s.go-mpulse.net	www.datto.com
64	18

This site contains links to these domains. Also see Links.

Domain
portal.dattobackup.com
app.backupify.com
www.autotask.net
www.facebook.com
twitter.com
www.linkedin.com
krebsonsecurity.com
support.microsoft.com
msrc.microsoft.com
attack.mitre.org
help.datto.com
downloads.datto.com
www.youtube.com
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
*.datto.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-12` - `2023-03-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
Frame ID: 7655DAF81DBCE1843B26DF7712ACA4D6
Requests: 65 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

What Is Agent Tesla Spyware and How Does It Work?Back ButtonSearch IconFilter Icon

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

64
Requests

97 %
HTTPS

67 %
IPv6

14
Domains

18
Subdomains

16
IPs

2
Countries

3514 kB
Transfer

5647 kB
Size

5
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://portal.dattobackup.com/
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://app.backupify.com/
Title: Backupify

Search URL Search Domain Scan URL

URL: https://www.autotask.net/Mvc/Framework/Authentication.mvc/Authenticate
Title: Autotask

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=What%20Is%20Agent%20Tesla%20Spyware%20and%20How%20Does%20It%20Work?&url=https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work&via=datto
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work&title=What%20Is%20Agent%20Tesla%20Spyware%20and%20How%20Does%20It%20Work?
Title: Share on LinkedIn

Search URL Search Domain Scan URL

URL: https://krebsonsecurity.com/2018/10/who-is-agent-tesla/
Title: Agent Tesla

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/en-us/office/equation-editor-6eac7d71-3c74-437b-80d3-c7dea24fdf3f?ui=en-us&rs=en-us&ad=us
Title: Microsoft Equation Editor,

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2017-11882
Title: patched

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1055/012/
Title: Process Hollowing

Search URL Search Domain Scan URL

URL: https://help.datto.com/s/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://downloads.datto.com/
Title: Agent Downloads

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dattoinc/

Search URL Search Domain Scan URL

URL: https://twitter.com/datto?lang=en

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/datto-inc-

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCcDYBdnmg6JP4jIiAEY6sDA

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pas3bqlvq HTTP 302
https://kd7qo2iccukmqyxncrxq-pas3bq-5e9ba90c0-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 48

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pas3bqlvq HTTP 302
https://fiaqjiathaajekqce3ydkaaaczro2fdp-pas3bq-826b9f137-clienttons-s.akamaihd.net/eum/results.txt

64 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request what-is-agent-tesla-spyware-and-how-does-it-work Show response
www.datto.com/blog/ 73 KB
17 KB 128ms
45ms Document
text/html 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Apache/2.4.41 (Ubuntu) / Craft CMS

Resource Hash

257f3dda457cf66726d31826f949768009d0e6a646825ad1cfdab4b62f722cfb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint; frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: must-revalidate, max-age=1188
content-encoding: gzip
content-length: 16388
content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint; frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
content-type: text/html; charset=UTF-8
date: Fri, 05 Aug 2022 13:00:31 GMT
expires: Fri, 05 Aug 2022 13:20:19 GMT
link: <https://www.googletagmanager.com>;rel="preconnect",<https://cdn.cookielaw.org>;rel="preconnect",<https://www.google-analytics.com>;rel="preconnect"
permissions-policy: interest-cohort=()
report-to: { "group": "csp-endpoint", "max_age": 10886400, "endpoints": [{ "url": "https://www.datto.com/actions/contentSecurityPolicy/report/log" }] } { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
server: Apache/2.4.41 (Ubuntu)
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,2
x-powered-by: Craft CMS

GET
H2 200 styles.css
www.datto.com/css/ 244 KB
30 KB 66ms
65ms Stylesheet
text/css 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.datto.com/css/styles.css?1659041611

Requested by

Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

7460fcbe65989e8362ba97b58e30d83e7026f23ee2dfe7f8791e21a3cb727639

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
content-encoding: br
last-modified: Thu, 28 Jul 2022 21:02:49 GMT
server: Akamai Resource Optimizer
etag: "3cecc-5e4e3b9e428c0-gzip"
vary: Accept-Encoding
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: text/css
cache-control: max-age=495814
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 30342
expires: Thu, 11 Aug 2022 06:44:05 GMT

GET
H2 200 components.css
www.datto.com/vue/css/ 178 KB
19 KB 76ms
76ms Stylesheet
text/css 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.datto.com/vue/css/components.css?1659041607

Requested by

Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

49644b5771ca057e8804d9d7af9976e36941c600325aed20c2594dd767eecacd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
content-encoding: br
last-modified: Thu, 28 Jul 2022 21:09:18 GMT
server: Akamai Resource Optimizer
etag: "2c86e-5e4e3b9a71fc0-gzip"
vary: Accept-Encoding
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: text/css
cache-control: max-age=495814
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 19082
expires: Thu, 11 Aug 2022 06:44:05 GMT

GET
H2 200 agent-tesla-image1.png
www.datto.com/img/ 99 KB
99 KB 78ms
74ms Image
image/png 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datto.com/img/agent-tesla-image1.png

Requested by

Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

98a4b66e7d374a6fa71cef6e74711d63c3c574edd271ca2ce3d02cc70a3473bf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
last-modified: Thu, 26 May 2022 10:43:25 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "18b16-5dfe7dc02a50f"
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: image/png
cache-control: max-age=528528
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 101142
expires: Thu, 11 Aug 2022 15:49:19 GMT

GET
H2 200 agent-tesla-image2.png
www.datto.com/img/ 368 KB
370 KB 81ms
77ms Image
image/png 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datto.com/img/agent-tesla-image2.png

Requested by

Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

e34b10f29757a5ffcd55c0fddfc49286de60344644a9f2e26a3184d171b10d01

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
last-modified: Thu, 26 May 2022 10:43:27 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "5c0f5-5dfe7dc288c57"
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: image/png
cache-control: max-age=528525
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 377077
expires: Thu, 11 Aug 2022 15:49:16 GMT

GET
H2 200 agent-tesla-image3.png
www.datto.com/img/ 271 KB
272 KB 81ms
77ms Image
image/png 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datto.com/img/agent-tesla-image3.png

Requested by

Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

6ed440b23e1cb6cdc6d72f77b1e7b1001ecb1511c3467d469989336db290315f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
last-modified: Thu, 26 May 2022 10:43:30 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "43bb1-5dfe7dc565342"
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: image/png
cache-control: max-age=102622
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 277425
expires: Sat, 06 Aug 2022 17:30:53 GMT

GET
H2 200 agent-tesla-image4.png
www.datto.com/img/ 367 KB
368 KB 81ms
78ms Image
image/png 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datto.com/img/agent-tesla-image4.png

Requested by

Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

8bd2f5be95bd81605f377a460eb60c0d81003d302c1be471eb7c8f10e34efc16

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
last-modified: Thu, 26 May 2022 10:43:34 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "5ba05-5dfe7dc8af02c"
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: image/png
cache-control: max-age=528528
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 375301
expires: Thu, 11 Aug 2022 15:49:19 GMT

GET
H2 200 agent-tesla-image5.png
www.datto.com/img/ 260 KB
261 KB 82ms
79ms Image
image/png 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datto.com/img/agent-tesla-image5.png

Requested by

Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

dde4bf21a6ef69e4bc7676d92a191ad62234280ad884c94624b187ecddd156f9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
last-modified: Thu, 26 May 2022 10:43:37 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "410b2-5dfe7dcb8d651"
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: image/png
cache-control: max-age=528504
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 266418
expires: Thu, 11 Aug 2022 15:48:55 GMT

GET
H2 200 agent-tesla-image6.png
www.datto.com/img/ 200 KB
201 KB 85ms
82ms Image
image/png 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datto.com/img/agent-tesla-image6.png

Requested by

Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

cdaa3c308d5185529087d23b3a138a7ef894ab9177aa2a14881ac9b162e7c9aa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
last-modified: Thu, 26 May 2022 10:43:39 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "31fdc-5dfe7dce0c133"
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: image/png
cache-control: max-age=603459
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 204764
expires: Fri, 12 Aug 2022 12:38:10 GMT

GET
H2 200 agent-tesla-image7.png
www.datto.com/img/ 45 KB
45 KB 85ms
82ms Image
image/png 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datto.com/img/agent-tesla-image7.png

Requested by

Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

0e1216f11ed8488aa37b02aa25c4e2b074881fed421070446b2bd59943fbd5a9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
last-modified: Thu, 26 May 2022 10:43:41 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "b22c-5dfe7dcf7f2c8"
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: image/png
cache-control: max-age=102671
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 45612
expires: Sat, 06 Aug 2022 17:31:42 GMT

GET
H2 200 agent-tesla-image8.png
www.datto.com/img/ 22 KB
23 KB 87ms
84ms Image
image/png 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datto.com/img/agent-tesla-image8.png

Requested by

Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

0d18c402a3c1f4227e57750d654f1c1f56a0257a52bf3f1a381864f772af1da3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
last-modified: Thu, 26 May 2022 10:43:42 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "5846-5dfe7dd0dad5b"
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: image/png
cache-control: max-age=528429
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 22598
expires: Thu, 11 Aug 2022 15:47:40 GMT

GET
H2 200 agent-tesla-image9.jpg
www.datto.com/img/ 335 KB
337 KB 87ms
84ms Image
image/jpeg 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datto.com/img/agent-tesla-image9.jpg

Requested by

Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

82f6dc52420c858f7c59a8bb8f6101ff048dd255165fae3767177ff0db0b3986

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
last-modified: Thu, 26 May 2022 10:43:49 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "53dfa-5dfe7dd7b7b1b"
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: image/jpeg
cache-control: max-age=603463
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 343546
expires: Fri, 12 Aug 2022 12:38:14 GMT

GET
H2 200 agent-tesla-image10.png
www.datto.com/img/ 557 KB
559 KB 87ms
85ms Image
image/png 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datto.com/img/agent-tesla-image10.png

Requested by

Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

6e49efad99c126945043b022f18ea12c3ad598034784b4a07c6b4e3165db4750

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
last-modified: Thu, 26 May 2022 10:43:47 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "8b5df-5dfe7dd58629d"
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: image/png
cache-control: max-age=528488
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 570847
expires: Thu, 11 Aug 2022 15:48:39 GMT

GET
H2 200 main.min.js Show response
www.datto.com/js/ 427 KB
102 KB 45ms
44ms Script
application/javascript 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.datto.com/js/main.min.js?1659041611

Requested by

Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

15a7e02fec25ac58c49db07c69c0576bb998e1fb4ef127c1fafc2c88cb50a466

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
content-encoding: br
last-modified: Thu, 28 Jul 2022 21:55:22 GMT
server: Akamai Resource Optimizer
etag: "6acb0-5e4e3b9e428c0-gzip"
vary: Accept-Encoding
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: application/javascript
cache-control: max-age=495814
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 104110
expires: Thu, 11 Aug 2022 06:44:05 GMT

GET
H2 200 chunk-vendors.js Show response
www.datto.com/vue/js/ 351 KB
103 KB 62ms
61ms Script
application/javascript 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.datto.com/vue/js/chunk-vendors.js?1659041607

Requested by

Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

213ba7122389f693c25cffa9ff001841bae1a356d1afda6b3615e31ce9cbb579

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
content-encoding: br
last-modified: Thu, 28 Jul 2022 21:24:55 GMT
server: Akamai Resource Optimizer
etag: "57cf0-5e4e3b9a71fc0-gzip"
vary: Accept-Encoding
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: application/javascript
cache-control: max-age=495814
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 104728
expires: Thu, 11 Aug 2022 06:44:05 GMT

GET
H2 200 components.js Show response
www.datto.com/vue/js/ 318 KB
66 KB 77ms
73ms Script
application/javascript 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.datto.com/vue/js/components.js?1659041607

Requested by

Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

1882ea3da86e899261a3b7e184b6017e95e7a253200b7bd4bf8142d7ee622753

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
content-encoding: br
last-modified: Thu, 28 Jul 2022 21:03:45 GMT
server: Akamai Resource Optimizer
etag: "4f776-5e4e3b9a71fc0-gzip"
vary: Accept-Encoding
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: application/javascript
cache-control: max-age=495814
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 67271
expires: Thu, 11 Aug 2022 06:44:05 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 264 KB
86 KB 147ms
63ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NJWP49

Requested by

Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

28d679c34600a4847a2cb19f7bb71ab08b9068701599ce989eafce3427f2d7b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 13:00:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87296
x-xss-protection: 0
last-modified: Fri, 05 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Aug 2022 13:00:31 GMT

GET
H2 200 ADFJU-JLQN3-HTPV7-4HH2X-GLW5M Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 125ms
38ms Script
application/javascript 2a02:26f0:3500:592::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/ADFJU-JLQN3-HTPV7-4HH2X-GLW5M
Requested by: Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:592::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 13:00:31 GMT
content-encoding: br
last-modified: Thu, 30 Jun 2022 13:48:08 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H2 200 btn-carat-blue.svg
www.datto.com/template-img/icons/ 166 B
671 B 89ms
88ms Image
image/svg+xml 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datto.com/template-img/icons/btn-carat-blue.svg

Requested by

Host: www.datto.com
URL: https://www.datto.com/css/styles.css?1659041611

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

c141f18b419a9c14e15b3e93ceb8742af84501db84f6ff3ce325574276d16fa3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/css/styles.css?1659041611
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
content-encoding: br
last-modified: Mon, 11 Jul 2022 09:21:22 GMT
server: Akamai Resource Optimizer
etag: "a6-5e26f7e8d840d"
vary: Accept-Encoding
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: image/svg+xml
cache-control: max-age=495814
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 147
expires: Thu, 11 Aug 2022 06:44:05 GMT

GET
H2 200 rubik-regular.woff2
www.datto.com/vue/fonts/ 22 KB
23 KB 93ms
92ms Font
font/woff2 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.datto.com/vue/fonts/rubik-regular.woff2

Requested by

Host: www.datto.com
URL: https://www.datto.com/vue/css/components.css?1659041607

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

dc3dd1958c8c96494a868ce922090704dfe779f54e7b059408077b6d59584d13

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

Referer: https://www.datto.com/vue/css/components.css?1659041607
Origin: https://www.datto.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
last-modified: Thu, 28 Jul 2022 20:53:27 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "5880-5e4e3b9a71fc0"
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=411823
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 22656
expires: Wed, 10 Aug 2022 07:24:14 GMT

GET
H2 200 DattoDIN-Regular.woff2
www.datto.com/vue/fonts/ 17 KB
18 KB 97ms
97ms Font
font/woff2 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.datto.com/vue/fonts/DattoDIN-Regular.woff2

Requested by

Host: www.datto.com
URL: https://www.datto.com/vue/css/components.css?1659041607

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

1aa56aa1d7d281db8cc212ec1e7df7b4e9084c79f3c980f4899c3314b9788ff4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

Referer: https://www.datto.com/vue/css/components.css?1659041607
Origin: https://www.datto.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
last-modified: Thu, 28 Jul 2022 20:53:27 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "44c8-5e4e3b9a71fc0"
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=456021
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 17608
expires: Wed, 10 Aug 2022 19:40:52 GMT

GET
H2 200 btn-arrow.svg
www.datto.com/template-img/icons/ 424 B
766 B 86ms
86ms Image
image/svg+xml 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datto.com/template-img/icons/btn-arrow.svg

Requested by

Host: www.datto.com
URL: https://www.datto.com/css/styles.css?1659041611

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

2ef5fb0ec930f67d063d88e21054985177d70de0333b020fb698223ba8bdbcb1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/css/styles.css?1659041611
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
content-encoding: br
last-modified: Thu, 07 Jul 2022 22:13:57 GMT
server: Akamai Resource Optimizer
etag: "1a8-5e26f7e8d840d"
vary: Accept-Encoding
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: image/svg+xml
cache-control: max-age=495814
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 242
expires: Thu, 11 Aug 2022 06:44:05 GMT

GET
H2 200 rubik-bold.woff2
www.datto.com/vue/fonts/ 23 KB
23 KB 88ms
87ms Font
font/woff2 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.datto.com/vue/fonts/rubik-bold.woff2

Requested by

Host: www.datto.com
URL: https://www.datto.com/vue/css/components.css?1659041607

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

c04a44e086dd1f503e6d2ab7a5c1a935b06e131c95287760aa104b9530abe430

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

Referer: https://www.datto.com/vue/css/components.css?1659041607
Origin: https://www.datto.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
last-modified: Thu, 28 Jul 2022 20:53:27 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "5a84-5e4e3b9a71fc0"
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=99933
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 23172
expires: Sat, 06 Aug 2022 16:46:04 GMT

GET
H2 200 Tech-Exec-Connect_Nov-2021_Hero-Image_Graphic.jpg
www.datto.com/img/resource-hero-images/_666x350_crop_center-center_100_line/2798386/ 48 KB
48 KB 65ms
65ms Image
image/jpeg 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datto.com/img/resource-hero-images/_666x350_crop_center-center_100_line/2798386/Tech-Exec-Connect_Nov-2021_Hero-Image_Graphic.jpg

Requested by

Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

561ecdaea821d8fd40927c76d1a1450b8662bc1f0dd626483e18162541f255cc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering *.openmesh.com; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
last-modified: Mon, 29 Nov 2021 16:39:06 GMT
server: Apache
etag: "bf7a-5d1f014467761"
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: image/jpeg
cache-control: max-age=603438
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 49018
expires: Fri, 12 Aug 2022 12:37:49 GMT

GET
H2 200 SaaS-Defense-Hero-Image-1600x400.jpg
www.datto.com/img/resource-hero-images/_666x350_crop_center-center_100_line/2794412/ 144 KB
144 KB 70ms
70ms Image
image/jpeg 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.datto.com/img/resource-hero-images/_666x350_crop_center-center_100_line/2794412/SaaS-Defense-Hero-Image-1600x400.jpg
Requested by: Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-231-9.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 40572c9516c980f86aee43bddc65fbcc8b5112b2dd8d93cb4768412f8bd7185a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 13:00:31 GMT
last-modified: Mon, 22 Nov 2021 21:24:12 GMT
server: Apache
etag: "23f92-5d1673f04c7cd"
content-type: image/jpeg
cache-control: max-age=584544
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 147346
expires: Fri, 12 Aug 2022 07:22:55 GMT

GET
H2 200 chunk-2d0f0b9f.js Show response
www.datto.com/vue/js/ 368 B
745 B 42ms
42ms Script
application/javascript 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.datto.com/vue/js/chunk-2d0f0b9f.js

Requested by

Host: www.datto.com
URL: https://www.datto.com/vue/js/components.js?1659041607

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

94add6d4c91ce4c19012cd353d15e4f43cd1a7949342e2294b5286ab6d3ea909

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
content-encoding: br
last-modified: Tue, 19 Jul 2022 20:48:37 GMT
server: Akamai Resource Optimizer
etag: "170-5e38f5c9a5540-gzip"
vary: Accept-Encoding
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: application/javascript
cache-control: max-age=408030
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 213
expires: Wed, 10 Aug 2022 06:21:01 GMT

GET
H2 200 datto-logo-blue-datto.svg
www.datto.com/img/brand/ 9 KB
4 KB 41ms
40ms Image
image/svg+xml 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datto.com/img/brand/datto-logo-blue-datto.svg

Requested by

Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

0e9744a2193529517c5b2a9b9df09c06ad459e749efe468dbda5ea2c396a5d7e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
content-encoding: br
last-modified: Mon, 18 Jul 2022 02:43:36 GMT
server: Akamai Resource Optimizer
etag: "2500-5e21d084094d4"
vary: Accept-Encoding
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: image/svg+xml
cache-control: max-age=216032
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 3345
expires: Mon, 08 Aug 2022 01:01:03 GMT

GET
H2 200 siris.svg
www.datto.com/product-assets/navigation-icons/ 25 KB
4 KB 41ms
38ms Image
image/svg+xml 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.datto.com/product-assets/navigation-icons/siris.svg
Requested by: Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-231-9.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 4c16ef9e12fd264661a1b4258c2a2cdf27824cb18b60a09b6755d7f4aa401086

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 13:00:31 GMT
content-encoding: br
last-modified: Sun, 10 Jul 2022 18:21:22 GMT
server: Akamai Resource Optimizer
etag: "658e-5c8accf22403a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=367613
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 3426
expires: Tue, 09 Aug 2022 19:07:24 GMT

GET
H2 200 alto.svg
www.datto.com/product-assets/navigation-icons/ 975 B
947 B 44ms
40ms Image
image/svg+xml 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datto.com/product-assets/navigation-icons/alto.svg

Requested by

Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

326f9a712593342ab1f14cfb1c2260926c190f0bd7b120788324b4ee1484228a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering *.openmesh.com; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
content-encoding: br
last-modified: Tue, 26 Jul 2022 07:03:25 GMT
server: Akamai Resource Optimizer
etag: "3cf-5c8ad09090425"
vary: Accept-Encoding
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: image/svg+xml
cache-control: max-age=367613
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 433
expires: Tue, 09 Aug 2022 19:07:24 GMT

GET
H2 200 cloud-continuity.svg
www.datto.com/product-assets/navigation-icons/ 2 KB
975 B 45ms
42ms Image
image/svg+xml 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.datto.com/product-assets/navigation-icons/cloud-continuity.svg
Requested by: Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-231-9.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 55247e2ce3e3e4a29fa85214dc78eac468a0f6cb0122ed7fde862ec807ec556e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 13:00:31 GMT
content-encoding: br
last-modified: Sun, 10 Jul 2022 18:21:10 GMT
server: Akamai Resource Optimizer
etag: "61d-5c8ad05e2cba9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=367613
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 722
expires: Tue, 09 Aug 2022 19:07:24 GMT

GET
H2 200 Azure-Backup_2021-11-24-201317.svg
www.datto.com/product-assets/navigation-icons/ 756 B
638 B 47ms
44ms Image
image/svg+xml 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.datto.com/product-assets/navigation-icons/Azure-Backup_2021-11-24-201317.svg
Requested by: Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-231-9.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: c96eb8fcb370c28a78b26456963d2b601a6005cb8f8d62b920afe9267d53bf1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 13:00:31 GMT
content-encoding: br
last-modified: Thu, 07 Jul 2022 22:19:19 GMT
server: Akamai Resource Optimizer
etag: "2f4-5d18e7d123819"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=367613
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 384
expires: Tue, 09 Aug 2022 19:07:24 GMT

GET
H2 200 file-protection.svg
www.datto.com/product-assets/navigation-icons/ 904 B
671 B 51ms
47ms Image
image/svg+xml 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.datto.com/product-assets/navigation-icons/file-protection.svg
Requested by: Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-231-9.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 2cab3a86f24c5647740c39cb9d342ac585816bc49dea026a66e4e7aa482b6edf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 13:00:31 GMT
content-encoding: br
last-modified: Sun, 10 Jul 2022 18:21:31 GMT
server: Akamai Resource Optimizer
etag: "388-5c8ad081339b4"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=314464
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 417
expires: Tue, 09 Aug 2022 04:21:35 GMT

GET
H2 200 workplace.svg
www.datto.com/product-assets/navigation-icons/ 1 KB
828 B 52ms
48ms Image
image/svg+xml 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.datto.com/product-assets/navigation-icons/workplace.svg
Requested by: Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-231-9.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 64b522a76d8bd130c301d386f288a29f759a820cd08de3be19b209292f9eefdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 13:00:31 GMT
content-encoding: br
last-modified: Fri, 24 Jun 2022 00:12:55 GMT
server: Akamai Resource Optimizer
etag: "4be-5c8ad08379a49"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=172213
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 575
expires: Sun, 07 Aug 2022 12:50:44 GMT

GET
H2 200 saas-protection.svg
www.datto.com/product-assets/navigation-icons/ 1 KB
772 B 54ms
51ms Image
image/svg+xml 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.datto.com/product-assets/navigation-icons/saas-protection.svg
Requested by: Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-231-9.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 1fa2e2250b7d2c0beb69e88e00354a3a16741f6d59de51219408156ee6cbdc9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 13:00:31 GMT
content-encoding: br
last-modified: Sat, 02 Jul 2022 07:29:35 GMT
server: Akamai Resource Optimizer
etag: "43f-5c8ad0782345e"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=400647
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 520
expires: Wed, 10 Aug 2022 04:17:58 GMT

GET
H2 200 hero.svg
www.datto.com/img/navigation/ 736 B
569 B 55ms
53ms Image
image/svg+xml 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.datto.com/img/navigation/hero.svg
Requested by: Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-231-9.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 8f24b904932c82d002cce344b3e883a27ecdd920c3c6573a170cac35ecfd13ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 13:00:31 GMT
content-encoding: br
last-modified: Wed, 13 Jul 2022 06:43:21 GMT
server: Akamai Resource Optimizer
etag: "2e0-5c61291d71855"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=367613
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 315
expires: Tue, 09 Aug 2022 19:07:24 GMT

GET
H2 200 remote-managment-and-monitoring.svg
www.datto.com/product-assets/navigation-icons/ 1 KB
1 KB 58ms
55ms Image
image/svg+xml 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datto.com/product-assets/navigation-icons/remote-managment-and-monitoring.svg

Requested by

Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

c654bd4fd9d32538343877af12c266277bd48e9ed92e04cae8515975fd4369fc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering *.openmesh.com; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
content-encoding: br
last-modified: Tue, 26 Jul 2022 16:01:00 GMT
server: Akamai Resource Optimizer
etag: "514-5c8ad09e0d6a4"
vary: Accept-Encoding
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: image/svg+xml
cache-control: max-age=367613
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 625
expires: Tue, 09 Aug 2022 19:07:24 GMT

GET
H2 200 psa.svg
www.datto.com/product-assets/navigation-icons/ 1 KB
764 B 59ms
57ms Image
image/svg+xml 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.datto.com/product-assets/navigation-icons/psa.svg
Requested by: Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-231-9.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 6ac7248c30966065fcecd4d8fdeba729d565c5a685c10baecabb9ef7f551d0fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 13:00:31 GMT
content-encoding: br
last-modified: Sun, 17 Jul 2022 15:44:04 GMT
server: Akamai Resource Optimizer
etag: "41b-5c8ad0742f8b9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=400647
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 512
expires: Wed, 10 Aug 2022 04:17:58 GMT

GET
H2 200 commerce.svg
www.datto.com/product-assets/navigation-icons/ 858 B
645 B 61ms
59ms Image
image/svg+xml 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.datto.com/product-assets/navigation-icons/commerce.svg
Requested by: Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-231-9.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 6f3ef910ce8d5da4b102940d54d4f54c39786c7651e465eaa1d352c82ed6c8fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 13:00:31 GMT
content-encoding: br
last-modified: Tue, 19 Jul 2022 19:12:17 GMT
server: Akamai Resource Optimizer
etag: "35a-5c8ad0924d935"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=367613
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 391
expires: Tue, 09 Aug 2022 19:07:24 GMT

GET
H2 200 wifi.svg
www.datto.com/product-assets/navigation-icons/ 2 KB
1 KB 63ms
61ms Image
image/svg+xml 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.datto.com/product-assets/navigation-icons/wifi.svg
Requested by: Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-231-9.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 17f14beb95b272e4c0129d1a628e9ae8791e08aa04936a967411035d813512fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 13:00:31 GMT
content-encoding: br
last-modified: Tue, 26 Jul 2022 16:03:28 GMT
server: Akamai Resource Optimizer
etag: "696-5c8ad05217ed7"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=367613
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 791
expires: Tue, 09 Aug 2022 19:07:24 GMT

GET
H2 200 switches.svg
www.datto.com/product-assets/navigation-icons/ 3 KB
824 B 65ms
63ms Image
image/svg+xml 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.datto.com/product-assets/navigation-icons/switches.svg
Requested by: Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-231-9.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 14ea7f26f6cf7d4ec33759c36e398680a8f75a6f67043cdf6bb55cf108991fd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 13:00:31 GMT
content-encoding: br
last-modified: Wed, 13 Jul 2022 07:27:01 GMT
server: Akamai Resource Optimizer
etag: "c98-5c8ad07e96a7b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=400647
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 571
expires: Wed, 10 Aug 2022 04:17:58 GMT

GET
H2 200 edge-router.svg
www.datto.com/product-assets/navigation-icons/ 2 KB
678 B 68ms
66ms Image
image/svg+xml 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.datto.com/product-assets/navigation-icons/edge-router.svg
Requested by: Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-231-9.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: cb419651ce8ad555db72ae52d7276854bf1ffa36c71ea43860c0d76882c0da09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 13:00:31 GMT
content-encoding: br
last-modified: Tue, 19 Jul 2022 19:03:00 GMT
server: Akamai Resource Optimizer
etag: "6b0-5c8ad05890314"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=367613
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 424
expires: Tue, 09 Aug 2022 19:07:24 GMT

GET
H2 200 white.svg
www.datto.com/vue/img/ 302 B
713 B 68ms
68ms Image
image/svg+xml 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datto.com/vue/img/white.svg

Requested by

Host: www.datto.com
URL: https://www.datto.com/vue/css/components.css?1659041607

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

32fe076c67b835ac00544b0cbdb53753c295d4e78908056d42b847215c2343db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/vue/css/components.css?1659041607
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
content-encoding: br
last-modified: Wed, 13 Jul 2022 21:16:24 GMT
server: Akamai Resource Optimizer
etag: "12e-5e38f5c9a5540"
vary: Accept-Encoding
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: image/svg+xml
cache-control: max-age=99320
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 190
expires: Sat, 06 Aug 2022 16:35:51 GMT

GET
H2 200 link-caret-white.svg
www.datto.com/vue/img/ 163 B
652 B 70ms
69ms Image
image/svg+xml 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datto.com/vue/img/link-caret-white.svg

Requested by

Host: www.datto.com
URL: https://www.datto.com/vue/css/components.css?1659041607

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

00a0ddb644a3a7c0ccbeaacbc3abd4cb8d69cab25940c0a59be9776280ea7bda

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/vue/css/components.css?1659041607
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
content-encoding: br
last-modified: Thu, 30 Jun 2022 22:52:07 GMT
server: Akamai Resource Optimizer
etag: "a3-5e26f8e3a83c0"
vary: Accept-Encoding
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: image/svg+xml
cache-control: max-age=314465
date: Fri, 05 Aug 2022 13:00:31 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 129
expires: Tue, 09 Aug 2022 04:21:36 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 116 KB
43 KB 145ms
63ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-TJN3PSN

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWP49

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a1a40dddc5a9d3119c3710c40fddfaa08e94685ee030d90e12d2403c6ee49c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 13:00:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43705
x-xss-protection: 0
expires: Fri, 05 Aug 2022 13:00:31 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
8 KB 124ms
45ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWP49

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b193e73190db64bafdb99e78994418d143e8289717118e54fb1cc55f54f7a712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Aug 2022 13:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9c22IGK2T1KyARgpJHRGhw==
age: 6489
vary: Accept-Encoding
content-length: 7101
x-ms-lease-status: unlocked
last-modified: Fri, 05 Aug 2022 08:01:52 GMT
server: cloudflare
etag: 0x8DA76B8C1F98BBC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7d253c5b-601e-0002-08bb-a8da1c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 735fb7591963901c-FRA

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 2 KB
1 KB 150ms
55ms XHR
application/json 2a02:26f0:3500:991::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=ADFJU-JLQN3-HTPV7-4HH2X-GLW5M&d=www.datto.com&t=5532348&v=1.720.0&sl=0&si=4759080f-a4cf-48ab-ad1b-f9754bbd4c38-rg584v&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=217875
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ADFJU-JLQN3-HTPV7-4HH2X-GLW5M
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:991::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: bf2860c46c389063d4a4cf4cb126b53959637d93412fd4e469782d00682045d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 13:00:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 796

GET
H2 200 ded21443-178a-4aba-9d03-a6c69235851d.json Show response
cdn.cookielaw.org/consent/ded21443-178a-4aba-9d03-a6c69235851d/ 3 KB
2 KB 125ms
47ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/ded21443-178a-4aba-9d03-a6c69235851d/ded21443-178a-4aba-9d03-a6c69235851d.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b544ca5fcb0fb81e8f472605d57bdfd4c45d15abfa83c289c977ebcf3c40cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Aug 2022 13:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 0SAo8HfRB2Go4XC4hWZDJA==
age: 7657
vary: Accept-Encoding
content-length: 1244
x-ms-lease-status: unlocked
last-modified: Tue, 17 Nov 2020 21:50:07 GMT
server: cloudflare
etag: 0x8D88B42BFBAB402
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c79bc468-501e-00a0-34c1-111780000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 735fb759e8836993-FRA
expires: Fri, 05 Aug 2022 17:00:31 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 153 B
441 B 147ms
68ms XHR
application/json 2606:4700:4400::ac40:929e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.datto.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 13:00:31 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 735fb75abd049b74-FRA
access-control-allow-headers: Content-Type

GET
H/1.1

200
OK

results.txt Show response
kd7qo2iccukmqyxncrxq-pas3bq-5e9ba90c0-clientnsv4-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pas3bqlvq
https://kd7qo2iccukmqyxncrxq-pas3bq-5e9ba90c0-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

161ms
36ms

XHR
text/plain

2.21.20.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://kd7qo2iccukmqyxncrxq-pas3bq-5e9ba90c0-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2.21.20.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-200.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 13:00:32 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://kd7qo2iccukmqyxncrxq-pas3bq-5e9ba90c0-clientnsv4-s.akamaihd.net/eum/results.txt
Date: Fri, 05 Aug 2022 13:00:31 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaqjiathaajekqce3ydkaaaczro2fdp-pas3bq-826b9f137-clienttons-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pas3bqlvq
https://fiaqjiathaajekqce3ydkaaaczro2fdp-pas3bq-826b9f137-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

184ms
37ms

XHR
text/plain

2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaqjiathaajekqce3ydkaaaczro2fdp-pas3bq-826b9f137-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 13:00:32 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaqjiathaajekqce3ydkaaaczro2fdp-pas3bq-826b9f137-clienttons-s.akamaihd.net/eum/results.txt
Date: Fri, 05 Aug 2022 13:00:31 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.9.0/ 341 KB
74 KB 46ms
46ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Aug 2022 13:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 56jOXvghU3RiFIKiZ2Zh+g==
age: 665
vary: Accept-Encoding
content-length: 75725
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:12 GMT
server: cloudflare
etag: 0x8D88D721D404CB2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7aa00b60-f01e-00e2-4342-ca3c94000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 735fb75b2c52901c-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/ded21443-178a-4aba-9d03-a6c69235851d/7090b33a-ae0f-4ce8-ba00-0ac8a733e87a/ 34 KB
10 KB 44ms
44ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/ded21443-178a-4aba-9d03-a6c69235851d/7090b33a-ae0f-4ce8-ba00-0ac8a733e87a/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bf1fe37d6f37691a0b446fc4c272efdd1f53308dad7a29ad2f8fca636353ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Aug 2022 13:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ADcMtKmuTV5PEZdZkZXOFw==
age: 2345
vary: Accept-Encoding
content-length: 9638
x-ms-lease-status: unlocked
last-modified: Tue, 17 Nov 2020 21:50:10 GMT
server: cloudflare
etag: 0x8D88B42C1B61CDF
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c0a50f74-a01e-00f1-5f8f-290975000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 735fb75bba7b6993-FRA
expires: Fri, 05 Aug 2022 17:00:31 GMT

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.9.0/assets/ 9 KB
3 KB 49ms
49ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d00eeabddcf88ca8247d6005c08c30a86eb341133b4b1cfd3cce2cb6f60270f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Aug 2022 13:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3eRH6O0c8kEoHmicaCuQfA==
age: 5022
vary: Accept-Encoding
content-length: 2833
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:04 GMT
server: cloudflare
etag: 0x8D88D721806AFA7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 4de69620-701e-017f-5010-340081000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 735fb75c0abf6993-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.9.0/assets/v2/ 46 KB
11 KB 46ms
46ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5dbd2985ef2d22745931d04bb5d212624b46d3f79458331e8625a7c2e61b287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Aug 2022 13:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: SyeN6ChPWcrwm5vVybzGmw==
age: 9749
vary: Accept-Encoding
content-length: 11368
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:05 GMT
server: cloudflare
etag: 0x8D88D721902A23F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 28926d4d-d01e-00dc-718d-2c8ab5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 735fb75c0ac06993-FRA

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 123ms
38ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.datto.com
URL: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 13:00:32 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H2 200 mktFormSupport.min.js Show response
www.datto.com/js/ 15 KB
5 KB 40ms
38ms Script
application/javascript 23.205.231.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.datto.com/js/mktFormSupport.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWP49

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.231.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-231-9.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

26ccf626c9c2b83fd6e31d6a49aba593658cc3aa8a2843b53e9c76615dd906b9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com .autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/blog/what-is-agent-tesla-spyware-and-how-does-it-work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.datto.com *.backupify.com datto.engineering *.openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;
content-encoding: br
last-modified: Thu, 30 Jun 2022 20:41:36 GMT
server: Akamai Resource Optimizer
etag: "3df1-56ce5d193fac0-gzip"
vary: Accept-Encoding
report-to: { group: csp-endpoint, max_age: 10886400, endpoints: [{ url: https://www.datto.com/actions/contentSecurityPolicy/report/log }] };
content-type: application/javascript
cache-control: max-age=149718
date: Fri, 05 Aug 2022 13:00:32 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 4884
expires: Sun, 07 Aug 2022 06:35:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 47ms
46ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1019475705

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJWP49

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b74a7508b2396f1a94c21312e1704c8ad818a65b30764c6a3f74e978efef3e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 13:00:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45630
x-xss-protection: 0
last-modified: Fri, 05 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Aug 2022 13:00:32 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 167ms
69ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1019475705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 13:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15160
x-xss-protection: 0
server: cafe
etag: 9823212955285023900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 05 Aug 2022 13:00:32 GMT

POST
H2 204 /
684dd32c.akstat.io/ 0
201 B 64ms
60ms Ping
image/gif 2a02:26f0:3500:592::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd32c.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ADFJU-JLQN3-HTPV7-4HH2X-GLW5M

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:3500:592::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.datto.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 13:00:32 GMT
content-type: image/gif
access-control-allow-origin: https://www.datto.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Fri, 05 Aug 2022 13:00:32 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/161/ 11 KB
5 KB 38ms
38ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/161/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 13:00:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 00:38:21 GMT
Server: AkamaiNetStorage
ETag: "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4681
Expires: Sun, 13 Nov 2022 13:00:32 GMT

POST
H/1.1 200
OK visitWebPage
022-yha-557.mktoresp.com/webevents/ 2 B
318 B 490ms
121ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://022-yha-557.mktoresp.com/webevents/visitWebPage?_mchNc=1659704432217&_mchCn=&_mchId=022-YHA-557&_mchTk=_mch-datto.com-1659704432216-35167&_mchHo=www.datto.com&_mchPo=&_mchRu=%2Fblog%2Fwhat-is-agent-tesla-spyware-and-how-does-it-work&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 13:00:32 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: bd041b09-ebf8-4d6a-9abd-ad3723596130

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1019475705/ 2 KB
2 KB 133ms
50ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1019475705/?random=1659704432297&cv=9&fst=1659704432297&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa830&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.datto.com%2Fblog%2Fwhat-is-agent-tesla-spyware-and-how-does-it-work&tiba=What%20Is%20Agent%20Tesla%20Spyware%20and%20How%20Does%20It%20Work%3F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b8daa1e6959106a10f917abba8faf4ac08c6f4709f34379fb659aa2be748892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 13:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1092
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1019475705/ 42 B
548 B 133ms
49ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1019475705/?random=1659704432297&cv=9&fst=1659704400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa830&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.datto.com%2Fblog%2Fwhat-is-agent-tesla-spyware-and-how-does-it-work&tiba=What%20Is%20Agent%20Tesla%20Spyware%20and%20How%20Does%20It%20Work%3F&async=1&fmt=3&is_vtc=1&random=2313174642&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 13:00:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1019475705/ 42 B
548 B 135ms
52ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1019475705/?random=1659704432297&cv=9&fst=1659704400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa830&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.datto.com%2Fblog%2Fwhat-is-agent-tesla-spyware-and-how-does-it-work&tiba=What%20Is%20Agent%20Tesla%20Spyware%20and%20How%20Does%20It%20Work%3F&async=1&fmt=3&is_vtc=1&random=2313174642&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.datto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 13:00:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.datto.com/	1970-01-20 05:01:48	Name: AKA_A2 Value: A
.www.datto.com/	1970-01-20 13:47:20	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Fri+Aug+05+2022+13%3A00%3A32+GMT%2B0000+(GMT)&version=6.9.0&hosts=&consentId=f713aa33-5aa3-459e-9bb9-b12f90c8c57b&interactionCount=0&landingPath=https%3A%2F%2Fwww.datto.com%2Fblog%2Fwhat-is-agent-tesla-spyware-and-how-does-it-work&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.datto.com/	1970-01-20 07:11:20	Name: _gcl_au Value: 1.1.142057823.1659704432
.datto.com/	1970-01-20 14:37:44	Name: _mkto_trk Value: id:022-YHA-557&token:_mch-datto.com-1659704432216-35167
.doubleclick.net/	1970-01-20 05:01:45	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint; frame-ancestors 'self' .datto.com .backupify.com datto.engineering .openmesh.com *.autotask.net; report-uri https://www.datto.com/actions/contentSecurityPolicy/report/log; report-to csp-endpoint;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

022-yha-557.mktoresp.com
684dd32c.akstat.io
c.go-mpulse.net
cdn.cookielaw.org
fiaqjiathaajekqce3ydkaaaczro2fdp-pas3bq-826b9f137-clienttons-s.akamaihd.net
geolocation.onetrust.com
googleads.g.doubleclick.net
kd7qo2iccukmqyxncrxq-pas3bq-5e9ba90c0-clientnsv4-s.akamaihd.net
munchkin.marketo.net
s.go-mpulse.net
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
www.datto.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
142.250.186.130
192.28.144.124
2.21.20.200
23.205.231.9
23.205.237.4
2606:4700:4400::ac40:929e
2606:4700::6810:9440
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2002
2a00:1450:4001:830::2008
2a02:26f0:3500:16::215:149b
2a02:26f0:3500:592::11a6
2a02:26f0:3500:991::11a6
00a0ddb644a3a7c0ccbeaacbc3abd4cb8d69cab25940c0a59be9776280ea7bda
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0d18c402a3c1f4227e57750d654f1c1f56a0257a52bf3f1a381864f772af1da3
0e1216f11ed8488aa37b02aa25c4e2b074881fed421070446b2bd59943fbd5a9
0e9744a2193529517c5b2a9b9df09c06ad459e749efe468dbda5ea2c396a5d7e
14ea7f26f6cf7d4ec33759c36e398680a8f75a6f67043cdf6bb55cf108991fd8
15a7e02fec25ac58c49db07c69c0576bb998e1fb4ef127c1fafc2c88cb50a466
17f14beb95b272e4c0129d1a628e9ae8791e08aa04936a967411035d813512fd
1882ea3da86e899261a3b7e184b6017e95e7a253200b7bd4bf8142d7ee622753
1aa56aa1d7d281db8cc212ec1e7df7b4e9084c79f3c980f4899c3314b9788ff4
1fa2e2250b7d2c0beb69e88e00354a3a16741f6d59de51219408156ee6cbdc9e
213ba7122389f693c25cffa9ff001841bae1a356d1afda6b3615e31ce9cbb579
257f3dda457cf66726d31826f949768009d0e6a646825ad1cfdab4b62f722cfb
26ccf626c9c2b83fd6e31d6a49aba593658cc3aa8a2843b53e9c76615dd906b9
28d679c34600a4847a2cb19f7bb71ab08b9068701599ce989eafce3427f2d7b1
2cab3a86f24c5647740c39cb9d342ac585816bc49dea026a66e4e7aa482b6edf
2ef5fb0ec930f67d063d88e21054985177d70de0333b020fb698223ba8bdbcb1
326f9a712593342ab1f14cfb1c2260926c190f0bd7b120788324b4ee1484228a
32fe076c67b835ac00544b0cbdb53753c295d4e78908056d42b847215c2343db
3b8daa1e6959106a10f917abba8faf4ac08c6f4709f34379fb659aa2be748892
3d00eeabddcf88ca8247d6005c08c30a86eb341133b4b1cfd3cce2cb6f60270f
40572c9516c980f86aee43bddc65fbcc8b5112b2dd8d93cb4768412f8bd7185a
49644b5771ca057e8804d9d7af9976e36941c600325aed20c2594dd767eecacd
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4c16ef9e12fd264661a1b4258c2a2cdf27824cb18b60a09b6755d7f4aa401086
55247e2ce3e3e4a29fa85214dc78eac468a0f6cb0122ed7fde862ec807ec556e
561ecdaea821d8fd40927c76d1a1450b8662bc1f0dd626483e18162541f255cc
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b544ca5fcb0fb81e8f472605d57bdfd4c45d15abfa83c289c977ebcf3c40cae
5bf1fe37d6f37691a0b446fc4c272efdd1f53308dad7a29ad2f8fca636353ec8
64b522a76d8bd130c301d386f288a29f759a820cd08de3be19b209292f9eefdf
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc
6ac7248c30966065fcecd4d8fdeba729d565c5a685c10baecabb9ef7f551d0fa
6e49efad99c126945043b022f18ea12c3ad598034784b4a07c6b4e3165db4750
6ed440b23e1cb6cdc6d72f77b1e7b1001ecb1511c3467d469989336db290315f
6f3ef910ce8d5da4b102940d54d4f54c39786c7651e465eaa1d352c82ed6c8fa
6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085
7460fcbe65989e8362ba97b58e30d83e7026f23ee2dfe7f8791e21a3cb727639
82f6dc52420c858f7c59a8bb8f6101ff048dd255165fae3767177ff0db0b3986
8a1a40dddc5a9d3119c3710c40fddfaa08e94685ee030d90e12d2403c6ee49c8
8bd2f5be95bd81605f377a460eb60c0d81003d302c1be471eb7c8f10e34efc16
8f24b904932c82d002cce344b3e883a27ecdd920c3c6573a170cac35ecfd13ae
94add6d4c91ce4c19012cd353d15e4f43cd1a7949342e2294b5286ab6d3ea909
98a4b66e7d374a6fa71cef6e74711d63c3c574edd271ca2ce3d02cc70a3473bf
b193e73190db64bafdb99e78994418d143e8289717118e54fb1cc55f54f7a712
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b74a7508b2396f1a94c21312e1704c8ad818a65b30764c6a3f74e978efef3e91
bf2860c46c389063d4a4cf4cb126b53959637d93412fd4e469782d00682045d8
c04a44e086dd1f503e6d2ab7a5c1a935b06e131c95287760aa104b9530abe430
c141f18b419a9c14e15b3e93ceb8742af84501db84f6ff3ce325574276d16fa3
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c654bd4fd9d32538343877af12c266277bd48e9ed92e04cae8515975fd4369fc
c96eb8fcb370c28a78b26456963d2b601a6005cb8f8d62b920afe9267d53bf1d
cb419651ce8ad555db72ae52d7276854bf1ffa36c71ea43860c0d76882c0da09
cdaa3c308d5185529087d23b3a138a7ef894ab9177aa2a14881ac9b162e7c9aa
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dc3dd1958c8c96494a868ce922090704dfe779f54e7b059408077b6d59584d13
dde4bf21a6ef69e4bc7676d92a191ad62234280ad884c94624b187ecddd156f9
e34b10f29757a5ffcd55c0fddfc49286de60344644a9f2e26a3184d171b10d01
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5dbd2985ef2d22745931d04bb5d212624b46d3f79458331e8625a7c2e61b287

www.datto.com Open in urlscan Pro 23.205.231.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

97 %HTTPS

67 %IPv6

14 Domains

18 Subdomains

16 IPs

2 Countries

3514 kBTransfer

5647 kBSize

5 Cookies

18 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.datto.com Open in urlscan Pro
23.205.231.9 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

97 %
HTTPS

67 %
IPv6

14
Domains

18
Subdomains

16
IPs

2
Countries

3514 kB
Transfer

5647 kB
Size

5
Cookies

64 HTTP transactions
1 data transactions