www.uptycs.com Open in urlscan Pro
2606:2c40::c73c:671e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.uptycs.com/resources/infostealer
Submission: On July 27 via api (July 27th 2023, 2:15:05 am UTC) from TR — Scanned from DE

Summary HTTP 97 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 35 IPs in 4 countries across 26 domains to perform 97 HTTP transactions. The main IP is 2606:2c40::c73c:671e, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.uptycs.com.
TLS certificate: Issued by GTS CA 1P5 on July 24th 2023. Valid for: 3 months.

This is the only time www.uptycs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2606:2c40::c7... 2606:2c40::c73c:671e	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
3	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:8c65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:f0f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:d5f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d3f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:6dc7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:88ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:18c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:75be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:61ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d2f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
5	2.17.100.193 2.17.100.193	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:249... 2600:9000:2490:2600:18:15b9:5a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:310... 2a02:26f0:3100::1735:28c0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
3	52.222.236.49 52.222.236.49	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:6800:15:a0d3:77c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	108.138.7.111 108.138.7.111	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:310... 2a02:26f0:3100::1725:e251	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2600:1f18:e8a... 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:20e... 2600:9000:20eb:3e00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.73.32.2 54.73.32.2	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
97	35

18 2606:2c40::c73c:671e (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.uptycs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:8c65 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:f0f (United States)

ASN13335 (CLOUDFLARENET, US)

2617658.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:d5f3 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d3f3 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:6dc7 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:88ce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:18c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:75be (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:61ac (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2f3 (United States)

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.17.100.193 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-193.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:2600:18:15b9:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.segreencolumn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1735:28c0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.236.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-49.fra56.r.cloudfront.net

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:6800:15:a0d3:77c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-111.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1725:e251 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.segreencolumn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:3e00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.32.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-32-2.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws-assets.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	uptycs.com www.uptycs.com	544 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com	645 KB
7	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 2664	85 KB
6	6sc.co j.6sc.co — Cisco Umbrella Rank: 5521 c.6sc.co — Cisco Umbrella Rank: 8719 ipv6.6sc.co — Cisco Umbrella Rank: 5704 b.6sc.co — Cisco Umbrella Rank: 3702	16 KB
6	hubspot.com app.hubspot.com — Cisco Umbrella Rank: 5226 js.hubspot.com — Cisco Umbrella Rank: 8484 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 7226 track.hubspot.com — Cisco Umbrella Rank: 2284	22 KB
5	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4477 ws-assets.zoominfo.com — Cisco Umbrella Rank: 15161	20 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 369 www.linkedin.com — Cisco Umbrella Rank: 565 px4.ads.linkedin.com — Cisco Umbrella Rank: 5888	5 KB
4	segreencolumn.com ob.segreencolumn.com — Cisco Umbrella Rank: 15097 obs.segreencolumn.com — Cisco Umbrella Rank: 11951	36 KB
4	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2217	17 KB
4	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4260 forms-na1.hsforms.com — Cisco Umbrella Rank: 6790 perf-na1.hsforms.com — Cisco Umbrella Rank: 9522	4 KB
4	hubspotusercontent-na1.net 2617658.fs1.hubspotusercontent-na1.net	140 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 11072	3 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 361	13 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 774 script.hotjar.com — Cisco Umbrella Rank: 961	60 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 72	167 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4725 forms.hscollectedforms.net — Cisco Umbrella Rank: 4823	26 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 5891	161 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 896	366 B
1	google.de www.google.de — Cisco Umbrella Rank: 5650	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 114	254 B
1	clickcease.com www.clickcease.com — Cisco Umbrella Rank: 10904	54 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 814	5 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4783	22 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3301	3 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2208	21 KB
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5537	5 KB
97	26

	Domain	Requested by
18	www.uptycs.com	www.uptycs.com js.usemessages.com
9	www.gstatic.com	www.google.com www.gstatic.com
6	www.google.com	www.uptycs.com www.gstatic.com www.google.com
5	fonts.gstatic.com	www.google.com
4	ws.zoominfo.com	js.zi-scripts.com ws-assets.zoominfo.com
4	js.hs-banner.com	www.uptycs.com js.hs-banner.com
4	2617658.fs1.hubspotusercontent-na1.net	www.uptycs.com
3	px.ads.linkedin.com	3 redirects
3	obs.segreencolumn.com	ob.segreencolumn.com
3	b.6sc.co
3	js.zi-scripts.com	www.uptycs.com js.zi-scripts.com
3	track.hubspot.com
3	cdn.jsdelivr.net	www.uptycs.com
2	www.googletagmanager.com	www.uptycs.com www.googletagmanager.com
2	forms.hsforms.com	www.uptycs.com
1	ws-assets.zoominfo.com	js.zi-scripts.com
1	content.hotjar.io	script.hotjar.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	script.hotjar.com	static.hotjar.com
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.clickcease.com	www.uptycs.com
1	static.hotjar.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	ob.segreencolumn.com	www.googletagmanager.com
1	j.6sc.co	www.uptycs.com
1	perf-na1.hsforms.com	www.uptycs.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	js.usemessages.com	www.uptycs.com
1	js.hubspot.com	www.uptycs.com
1	js.hsadspixel.net	www.uptycs.com
1	js.hs-analytics.net	www.uptycs.com
1	js.hscollectedforms.net	www.uptycs.com
1	forms-na1.hsforms.com	www.uptycs.com
1	app.hubspot.com	www.uptycs.com
1	static.hsappstatic.net	www.uptycs.com
97	42

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
twitter.com
www.facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
www.uptycs.com GTS CA 1P5	`2023-07-24` - `2023-10-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
6sc.co R3	`2023-05-25` - `2023-08-23`	3 months	crt.sh
*.segreencolumn.com Amazon RSA 2048 M01	`2023-07-18` - `2024-08-16`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
js.zi-scripts.com Amazon RSA 2048 M02	`2022-10-17` - `2023-11-15`	a year	crt.sh
clickcease.com Amazon RSA 2048 M02	`2022-10-27` - `2023-11-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.uptycs.com/resources/infostealer
Frame ID: 5ECCD4B8E8441E78280A0FCF057E2289
Requests: 76 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cudXB0eWNzLmNvbTo0NDM.&hl=en&v=iRvKkcsnpNcOYYwhqaQxPITz&size=invisible&badge=inline&cb=pneu37ks5a81
Frame ID: AF8FD37B0D688A5DD0F248EEE7C07DCF
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=iRvKkcsnpNcOYYwhqaQxPITz&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: 07DD01391E1E0B923D05094CB1F4AA5A
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Understanding & Countering Infostealer Threats: Cybersecurity Whitepaper

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

97
Requests

97 %
HTTPS

83 %
IPv6

26
Domains

42
Subdomains

35
IPs

4
Countries

1909 kB
Transfer

4714 kB
Size

29
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/company/uptycs/

Search URL Search Domain Scan URL

URL: https://twitter.com/uptycs?lang=en

Search URL Search Domain Scan URL

URL: https://www.facebook.com/uptycs/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@uptycs

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1690424103095&url=https%3A%2F%2Fwww.uptycs.com%2Fresources%2Finfostealer HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1690424103095&url=https%3A%2F%2Fwww.uptycs.com%2Fresources%2Finfostealer&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1252922%26time%3D1690424103095%26url%3Dhttps%253A%252F%252Fwww.uptycs.com%252Fresources%252Finfostealer%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1690424103095&url=https%3A%2F%2Fwww.uptycs.com%2Fresources%2Finfostealer&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1690424103095&url=https%3A%2F%2Fwww.uptycs.com%2Fresources%2Finfostealer&cookiesTest=true&liSync=true&e_ipv6=AQKjYl40kF4hlQAAAYmVINKf552TpoVzebIVXhk7cKEhhJvNgr6plaCNGP0zo8ZYTdaPDAw3sXbSuGmAuyV1C76YOFApWQ

97 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request infostealer Show response
www.uptycs.com/resources/ 28 KB
9 KB 156ms
42ms Document
text/html 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/resources/infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

89da679b9a6c0ff38617f6633b5aee602e0901d79e2fb6ee1929538f451a5356

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=10800, max-age=0
cf-ray: 7ed15f399d0fbb65-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 27 Jul 2023 02:14:58 GMT
edge-cache-tag: CT-126774703228,P-2617658,CW-108643398181,CW-108841302163,E-105237096759,E-105237648739,E-105237674790,E-105237812090,E-108841570983,E-118532473678,E-122960336740,E-122967687066,PGS-ALL,SW-0,GC-108648443025,TS-105237743018
etag: W/"39e3110b157fcccfa3e971804c924cbb"
last-modified: Wed, 26 Jul 2023 22:32:25 GMT
link: </hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7beBLdZbSjDPEj6UxLiVikXHkVNo8W%2FlANmZv%2FO%2FihGS0Q7nMqkO2OM%2Bc5wd87eFvMi%2F9iizhqyOfdZ%2FM2QSnAwzCthktcGkmaOq1f7ggHPqB8OHT36rBg%2BOtRp7aO7wqc65eARnK194FoN"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: HIT
x-hs-content-campaign-id: 2f44e78e-5226-4afe-8219-2348443bf036
x-hs-content-id: 126774703228
x-hs-https-only: worker
x-hs-hub-id: 2617658
x-hs-prerendered: Wed, 26 Jul 2023 22:32:25 GMT

GET
H2 200 index.js Show response
www.uptycs.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/ 11 KB
5 KB 59ms
57ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:14:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 a355d8f903a0cf5525893c863fcdf216.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 8333387
x-amz-cf-pop: CDG52-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: inhS2tX2f2C4tITR3p2haS.uhsvA9eGz
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 21 Apr 2023 15:17:56 GMT
server: cloudflare
etag: W/"0bbd63c0750f141fd5cec04a9393647e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNQyJDxD5foEEztZyNBEky%2BUvNuwyuYtHvTQYMK7Lefzr8ooSVuXsVKn69E7NmkjbIBmcwwW8ZOI5fjdzuIR6yJQnufQNjo6Fm7ZXmcL2YelzP8lm1ULnmyMlnPUvj8CSvlH5ubgtzSjgFCK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ed15f39ed53bb65-FRA
x-amz-cf-id: TYHgsp09grVKpYA9dxiozj2UAW4tlG6PoALJeeeJ-H2x7PoACqsm6Q==
expires: Fri, 26 Jul 2024 02:14:58 GMT

GET
H2 200 project.js Show response
www.uptycs.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 82ms
80ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:14:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 7766814
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YjOvJNHzKFG5hqsaPirtRA8ksaWX8CAC8WD6xl8G1qSqUvG1xVfT8qx6iY4JtTxS5n%2B3VDE1R9dLpRy7b8NQ3JaVr%2FozD7%2FCMWURiWWXefYteeuKJzpTXOpZdML%2BFRXMrnuw7jhLUP9cM7u"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ed15f39ed5abb65-FRA
x-amz-cf-id: npDRtHLjVqh8zeihJtuF2gyuTq3Qaqk2QrNbNCcHimg8EpZG5wWqkA==
expires: Fri, 26 Jul 2024 02:14:58 GMT

GET
H2 200 v2.js Show response
www.uptycs.com/_hcms/forms/ 527 KB
171 KB 61ms
58ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

285e3a9f61142dff4f5abda4ef2dfb3de389251a7e896177b4f8e6b211d112c1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 219
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3479/bundles/project-v2.js&cfRay=7ed159db47329220-FRA
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-evy-trace-listener: listener_https
etag: W/"2c2b740599b21d2396d7ada645018b0a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.3479/bundles/project-v2.js
date: Thu, 27 Jul 2023 02:14:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-amz-version-id: SgDHDcoCL7BDQREHby44tn8AMbx4aR91
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 98fe9cd1-eb40-4cc8-a983-36cc92361e62
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 98fe9cd1-eb40-4cc8-a983-36cc92361e62
last-modified: Mon, 24 Jul 2023 09:13:37 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ydh%2Bm%2BUESi%2F8vTMnJowM7z61dK9cPfUBoVCxmEYcthewe0t52uUMJhGHxZ4tfFgi8LNLIAe6vWt8hrbZhVivH2Es3PiF%2F9wJlnq0TWgupnn4zBIxh2BpkbR85%2FfV0kjlSIcoY9tSQSpm40UF"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-s8xd8
cf-ray: 7ed15f39ed5cbb65-FRA
x-amz-cf-id: gOQOVYAqxAqgfF_NLWmM-kfrhkCltHDw4_nRSBkPm55MpIQtg2bxPw==

GET
H2 200 slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 2 KB
1 KB 78ms
30ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/resources/infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:14:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13369281
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230085-FRA, cache-yyz4552-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QX1istuT96qdsGEyvjOClRiBmb1RkvaV5Ppfgw4Rxu2YTH7fw53lkhE%2FWgYZqiRZlU3Q%2B1k1SJG3cdFBJKa6lYlYHjEMbZNoqoqv3NuQXzzxquWsIOHVV8jvcsf%2BmgutELDzXSrxOUSyakUUko%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7ed15f3a3c5d6997-FRA

GET
H2 200 slick-theme.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 3 KB
1 KB 79ms
31ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/resources/infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:14:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13369281
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230023-FRA, cache-jnb7027-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GtLBa09z0%2Fp6oBcaORdmNdhyOTssQYpfSMAfENZx8XgAZdk%2FHtQA0YBgQ%2FK6%2B%2FqQZ5lFkvZtoIEm99q4gLcbWfkYCcqchUhEEgthEjcBQg3GzNWw6rbeiqgj4QzZLqawJVtg3D%2Bvh47WEpsctnY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7ed15f3a3c5e6997-FRA

GET
H3 200 dist_lottie-player.min.js Show response
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/122967687066/1688142650926/Uptycs_Theme_2023/js/ 359 KB
95 KB 113ms
109ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/122967687066/1688142650926/Uptycs_Theme_2023/js/dist_lottie-player.min.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/resources/infostealer

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb724661be8d7275d92baab60d160ee4140870891787a8f244e21763bfee12fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: T52DR1E9WEMCTYY6
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"1793c17eeb798e5f28dc950919c79431"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1688142652500
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Thu, 27 Jul 2023 02:14:59 GMT
strict-transport-security: max-age=31536000
via: 1.1 b5e757a7da6f6fe6261f56a8a9646880.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: kY7EsuAkW2MYoD114FLLir9jZEakARjD
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 86b41046-3638-4fd6-b57d-347b54c7ffbd
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 135
alt-svc: h3=":443"; ma=86400
x-amz-id-2: bzwVwrsHcCuxWXKHmT/WtQ3cfxUTKNux4sMpKuF8Kqu4Bfq47ujMMGQe5KOmlFEFfccArl2mBgY=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 86b41046-3638-4fd6-b57d-347b54c7ffbd
last-modified: Fri, 30 Jun 2023 16:30:53 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmwB%2FQmWwEIAzpyvsz%2B%2B7QJYRv%2BtJL0NM%2B1CSawLiV16ZUZBl6WHBLxh%2BVSbUX%2BmJGYLYWRZYtQbVjibyhLM7Z6ZlOZ6EFFqbt%2FAkTHnZcMFSyCC0xjsom7Y651znoOfjvsq6XtgN29f0iHw"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-mxtb7
access-control-allow-credentials: false
cf-ray: 7ed15f3a9e5a3653-FRA
x-amz-cf-id: r0RkPNoPqAXV44xTGHIdNune-vw1jBSmQQCBMlnWKIzCbPE1stw_rQ==

GET
H2 200 main.min.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237096759/1688712381951/Uptycs_Theme_2023/css/ 175 KB
36 KB 54ms
53ms Stylesheet
text/css 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237096759/1688712381951/Uptycs_Theme_2023/css/main.min.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/resources/infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f51c700fe7d8f26e666a04c3eb2fe0bfdbaa2008e4b2a68b785f47b2a03a4be9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: SWQ5WT4W551F7QT9
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"f9cbf163bd90b82974576d402099d4eb"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1688712383310
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Thu, 27 Jul 2023 02:14:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 383ad280f1e2a4497aecb7ee8d8e9144.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: KUoso6nn84g.1BMJVhU9FMwO31juay6Q
x-amz-cf-pop: IAD12-P4
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: bf9266a3-2f7c-4a30-8fb7-b835d466faba
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 175
alt-svc: h3=":443"; ma=86400
x-amz-id-2: YZHBNZv8VLAD7YV9E4F1/hnBwIMMPgmPKk/e/r8NcltonKlsp0r1wVZ5uWdRDpQPg/I4NFMqj68=
x-evy-trace-route-configuration: listener_https/all
x-request-id: bf9266a3-2f7c-4a30-8fb7-b835d466faba
last-modified: Fri, 07 Jul 2023 06:46:24 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdpeMeeM9WKcZ1i6mLdUCbqCM1lCKYkFaDpmlpTlgj372lRrDeiS%2BEISWF4N%2B%2FUc7TwgAEfgr9sYM%2F%2BrPJeAwGd%2FxpT0mX9l4mkD5BHKEJCV2wItsnnBaNaRhMeT0PwUXfA2qNReHRREEBSd"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-mxtb7
access-control-allow-credentials: false
cf-ray: 7ed15f39ed54bb65-FRA
x-amz-cf-id: v6VqpfQkkPIMax24z2uNnY1WFvo8mfMDOhVzstVDkashXRAacjCz6w==

GET
H2 200 theme-overrides.min.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1687991367265/Uptycs_Theme_2023/css/ 26 KB
7 KB 61ms
59ms Stylesheet
text/css 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1687991367265/Uptycs_Theme_2023/css/theme-overrides.min.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/resources/infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1707f82b77253ac59defc0688b697c85ff437e3eb1fec639f852848d7b8218b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: 0JKWZ85RSQHVGPWK
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"788f51cda887926116cd56d6ef3bcd5d"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1687991368111
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Thu, 27 Jul 2023 02:14:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 417c242b19212928b079740e6dd8f54c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: PbogcBvuAzL9XNuLTtY04nZ..YpohWta
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 146
alt-svc: h3=":443"; ma=86400
x-amz-id-2: FnSBfvnmHIuui2BDCocmlpDPdIFYMU1fVrWuQoIIoQ5tDkDWK9Hx5hXTp0gPa9+jSoQGPaMp/48=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 588fff6b-d200-4f6b-a1e5-bf819356a80d
last-modified: Wed, 28 Jun 2023 22:29:29 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=440iSFAk2kTfuazRJveWXz82ZnS%2BkirqYvkq2jiRIxRPYJLEydyb7Yk%2BZDHR6bPO%2BKLDBossCnsBEsCk9DOPX%2F7QUXzR54f3W9oOkxnFwLksvT%2FXTSPrbMn3uXalUekRxAV%2FbX5clnvGWS1M"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-9xkdz
access-control-allow-credentials: false
cf-ray: 7ed15f39ed55bb65-FRA
x-amz-cf-id: V6rfSJ65LqtQpaCN5ToKS5naFtH50ayhDQj9q-ALIeElO3u9J4Cnhg==

GET
H2 200 uptycs-custome-style.min.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/118532473678/1685718406549/Uptycs_Theme_2023/css/ 7 KB
3 KB 104ms
102ms Stylesheet
text/css 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/118532473678/1685718406549/Uptycs_Theme_2023/css/uptycs-custome-style.min.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/resources/infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

92b6882a6f1f89eaea5cd62363f34180267d117487929efc8e050c20cacc5174

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: SSQ7SA72NBXMRGH8
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"4d34062fc6bdbe0bd26f0e05ac925dde"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1685718407267
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Thu, 27 Jul 2023 02:14:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 3542174e2d71e2c3dffc0069aa7cbb34.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: I2u5wpqEqHlnWhjKeXnhMCYg2FYZxTsy
x-amz-cf-pop: IAD12-P2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 101
alt-svc: h3=":443"; ma=86400
x-amz-id-2: c8UKYQO4kkDidQNprI8LzR6+UbfL9/4seZgYTy5eu5fHwu/EX4/R/914L/GHPASqnW4wPnfjOSAFEDobLKhjRA==
x-evy-trace-route-configuration: listener_https/all
x-request-id: 0d9a7df7-12cd-4460-b1c8-606e65d11d8c
last-modified: Fri, 02 Jun 2023 15:06:48 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmTXZdGrJmRn%2F%2BDCf34FfaF%2FIsBK05GknYQqnjhxassKp%2FMN2SpS45I1WMz5MUBLVJ1zVO78OrDz4g41O%2BXG4mdDvDoravMf6M%2FLGSSwYmfVTTnTWjtGLgWTqnCwNQj4W3CxSYc7K8torSX%2F"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-mxtb7
access-control-allow-credentials: false
cf-ray: 7ed15f39ed57bb65-FRA
x-amz-cf-id: LPD690wdGMT9ffC4WcHdEqkQu1hXZbC3uksREuIB1eq-ma8u1l-XPQ==

GET
H2 200 module_108841302163_LP_-_Two_Column_Module_V2_-_2023.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/module_assets/1684442008496/ 118 B
941 B 61ms
60ms Stylesheet
text/css 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/module_assets/1684442008496/module_108841302163_LP_-_Two_Column_Module_V2_-_2023.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/resources/infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d72c61e12609ab7bce9bd745a884a6214b31387cb06aa1eb886ef4d04ff20c80

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 656
x-amz-request-id: FKNZHE6MY1D78JX2
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"28db3259d9e32aef3e09f02cde98f139"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1684442008496
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Thu, 27 Jul 2023 02:14:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: GlTiniLsDXeeqVRLWRiKNNMYeDQy8dps
x-amz-cf-pop: IAD12-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 141
alt-svc: h3=":443"; ma=86400
x-amz-id-2: VgxQVCyRZZWLfljD/dGoAAw9C/U/GJyFbQJpRpYnFUr3gET0QlyTjz8dhcNRE/L0KTfU2pw5ikE=
x-evy-trace-route-configuration: listener_https/all
x-request-id: d1e44622-1792-48c8-be96-7f18955b8295
last-modified: Thu, 18 May 2023 20:33:29 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=waspKXWj0sCEa1QzI5lRKZrgQbflM23QiZvC77BispNA9kQbl4fkrczD28zhQyg2%2B6a7pwAjlYkjNMfVCw1IRh70tfxHoL%2BPma%2FwYvjhhaSVB2JwjJSC7MvVBIX1hqx009RLYK9XlQFPCPqo"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-ph7zk
access-control-allow-credentials: false
cf-ray: 7ed15f39ed59bb65-FRA
x-amz-cf-id: Fh3Ei1PtYDKPexHf2MSU-Y8pt2mlzNtnKw2b48pVdgp33yKOVyLuLQ==

GET
H3 200 logo.png
www.uptycs.com/hs-fs/hubfs/Uptycs%20Theme%20-%202023/Home%20Page%20Images/ 904 B
2 KB 138ms
134ms Image
image/webp 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/Uptycs%20Theme%20-%202023/Home%20Page%20Images/logo.png?width=136&name=logo.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/resources/infostealer

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

01e2dc42b68e5fd389bca5323cf5463dbda70739196fdb85675e6dd2282d71b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:14:59 GMT
strict-transport-security: max-age=31536000
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-105371464456,FD-105371464374,P-2617658,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 904
cf-resized: internal=ok/m q=0 n=576+0 c=0+0 v=2023.7.3 l=904
last-modified: Tue, 07 Mar 2023 05:43:33 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfxaGQ9eVaLa6iR-3-vcH9kXQekwoQ84oucBXBM3FyDQ:694268098657b9fb41a9ad31d81f6a3e"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBtrALJ8rLxjvt3XNJhG8RM3eZS4ULTzWOBeMPUKGdIbo2vq%2FIW6v0CbiuCnbSESTR46KGZb%2F7lzd43MBcAhuv6SLWIN2JN00C7U7qEKoQMqAWK3Ks59lTCYrwPRE2I%2F45X3lfcMYYR2FbO9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7ed15f3a9e5c3653-FRA

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
11 KB 31ms
27ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/resources/infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:14:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13369281
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230096-FRA, cache-yyz4521-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jye%2FFzJvaCfRTtrQvh6AUTXlbHfT27FG7bRB8GdNBAyLq7TixYI98xJOxRFkYoRPyffJWb0Pae30ZX9vLpK2CXCUNlwS1NAOQ2pIhFSqU%2BPj09THaDRhTU5UqtZOZdLvsPugqM1mg0niRV4Wt%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7ed15f3a9ca26997-FRA

GET
H2 200 embed.js Show response
static.hsappstatic.net/content-cwv-embed/static-1.358/ 12 KB
5 KB 95ms
30ms Script
application/javascript 2606:4700::6812:8c65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/content-cwv-embed/static-1.358/embed.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/resources/infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8c65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f89f76121640eda65e349e927a414b5ba94f9c1e070d8727e726a6143de97f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:14:59 GMT
x-amz-version-id: Vf3V8GRB7Fq5LgPM6EU9hlujYIQJGNGr
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 114493
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jul 2023 16:26:32 GMT
server: cloudflare
etag: W/"590c36693c13f4320a449cd0b017364e"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f58jHwUL46eaNoz4IF3GpNdyaESuduAOhSJ%2F%2BwCWCvz4MhDrJGQrhZMby%2FhJ7WV60osHZG%2FT%2F%2B0kCAfBzfsV37HiDnViZytOg3lZ0H%2FuM8jqLJKfM0M29pgDO%2F27I4iEmd2CcgGRoUwBeXpC42IYFUMhW4s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ed15f3afffa4d4a-FRA
x-amz-cf-id: OUbT4mDPuWtm1zfWsNHn6hlhV1UPWuMX0GYe7ZumkfaEJVoELrw9UQ==
expires: Fri, 26 Jul 2024 02:14:59 GMT

GET
H3 200 code.jquery.com_jquery-1.12.4.min.js Show response
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/122960336740/1688142567144/Uptycs_Theme_2023/js/ 95 KB
36 KB 57ms
55ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/122960336740/1688142567144/Uptycs_Theme_2023/js/code.jquery.com_jquery-1.12.4.min.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/resources/infostealer

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: T5257ZNYCYCPY8KS
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"0fca26b5a37a66d68d0f4406976be4b5"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1688142567144
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Thu, 27 Jul 2023 02:14:59 GMT
strict-transport-security: max-age=31536000
via: 1.1 041a4887d523cabe8177e269cc358162.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 4HpSOihVlFPI_ZQ11qiqKnhCOHlO1Qvx
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 8876f689-52d3-4cbd-b479-5f364772ee4c
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 144
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Zjt1X5WXyllE6Aa9ZYHzd4uGhwzAiQI1Np3XjU0VooBrT95quGXLh8UJHsMpI0XLrSPfTDr/RLk=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 8876f689-52d3-4cbd-b479-5f364772ee4c
last-modified: Fri, 30 Jun 2023 16:29:28 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99ho%2BpPTk%2F5CXW2vNxWzDk81ZrviPRWk2YN8N7z%2FwhuRDr6obbFplZvJWMWF7qQCX1aboWfgCt5Zt%2BfgKJ%2F%2FF6Z1NuhoLZ51BVcXiCdIMTMikZNMiXi%2BmP%2BXPI%2F5HV%2Bp5uXA1LnoIUQfex87"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-mxtb7
access-control-allow-credentials: false
cf-ray: 7ed15f3a9e553653-FRA
x-amz-cf-id: -8uZHgDeHeuJgung7ReF8ZxQh-1H_NY0oqABfn6C3Isa4rD2m9rP7A==

GET
H3 200 main.min.js Show response
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237812090/1688144122371/Uptycs_Theme_2023/js/ 47 KB
14 KB 107ms
105ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237812090/1688144122371/Uptycs_Theme_2023/js/main.min.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/resources/infostealer

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

66668dfde28f6f02a0eacd658df4b8284f2dc9181583a8900c74a2674904b84e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: 0YFR862TXEAAPTZM
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"85e59430171c3603c714399edeae9e4c"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1688144122818
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Thu, 27 Jul 2023 02:14:59 GMT
strict-transport-security: max-age=31536000
via: 1.1 148f45d892bd2198be5295012ed59888.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 8DjSZO_i09dMwul0dYfvwSeHKYOqDSk1
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: bcd69376-9ce0-442f-b852-d9645f3650d5
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 108
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 3KNsFKlAa4ECNgEduhlwjBbYTPAR4rYL1Peg99KxO4lNlCws2KMQJp6Uqf05ASb2NxU6SDyLQbbQvTRR05S8scTnQdUCSVwNGEDUIch1BXA=
x-evy-trace-route-configuration: listener_https/all
x-request-id: bcd69376-9ce0-442f-b852-d9645f3650d5
last-modified: Fri, 30 Jun 2023 16:55:23 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BcsuAksOhj1Ocp%2F%2B2T%2FJoME1ecQvjX12DXAjVldlcY1b7UANxR5VeNliLIiyuIGQnxzJw1mEEefMCFMz3WRegJXdsr5LoiDoZNv6ViEimxz3CkWgjSEggdbLa%2FbrrBE9VW87TKH4GRnv35q"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-9xkdz
access-control-allow-credentials: false
cf-ray: 7ed15f3a9e563653-FRA
x-amz-cf-id: 8x_X-2sFDgfLTyIvP0e40efGWbtGP51sU6wob2XL9w1VSsj0DgKKvg==

GET
H3 200 module_108841302163_LP_-_Two_Column_Module_V2_-_2023.min.js Show response
www.uptycs.com/hs-fs/hub/2617658/hub_generated/module_assets/108841302163/1684442008458/ 324 B
2 KB 112ms
110ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/module_assets/108841302163/1684442008458/module_108841302163_LP_-_Two_Column_Module_V2_-_2023.min.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/resources/infostealer

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

393bac9f8a192ef888784cf8b40df104be50ff968a1f005021641cae99a92e88

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: FKNH6T84AKP0C1QT
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"22a5a8df5e6df17247e69cf5fb4934e3"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1684442008458
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Thu, 27 Jul 2023 02:14:59 GMT
strict-transport-security: max-age=31536000
via: 1.1 f01dafb3bec9893b47152910d47900a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: _2BobfEmgfRjt3TOXiyzDQ7rWJg7X_bM
x-amz-cf-pop: IAD12-P3
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 157
alt-svc: h3=":443"; ma=86400
x-amz-id-2: U0I6VBq9nm625/o0XS5KXHsuKUMtPJ1f4w9JmUrA6i2RR6jCcp9GKOOm1yJsxHZ+Vwp3/3/Tns4=
x-evy-trace-route-configuration: listener_https/all
x-request-id: eab8e307-8d98-40e9-a3e8-d1bcc8d79d98
last-modified: Thu, 18 May 2023 20:33:29 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8Wztrr%2FtunDosXmOQXk9Y9nn5b0PEdfxLwwpuVgnMdV7rAxeBb7urbbKzomDXGBv0NVvWySVFO2D%2FwRc4PaslAPr4kczMIN%2FAXceC0PGtpdhL4pZbdCWBuebTH5tEutW0kt69vA8HG8WqsV"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-mxtb7
access-control-allow-credentials: false
cf-ray: 7ed15f3a9e583653-FRA
x-amz-cf-id: GsZaEagZtsKkfQeuDl_Nwno31tRgYqAkbJlp_IafIZjIp46S_pPffA==

GET
H3 200 2617658.js Show response
www.uptycs.com/hs/scriptloader/ 3 KB
2 KB 432ms
429ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs/scriptloader/2617658.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/resources/infostealer

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

59a6ff408fe8ee185325c0e1e7e367ed3255d33700d9f2888881b111d6636c3a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:14:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ede17954-77e3-475a-ae16-ee4440aaecca
content-encoding: br
x-envoy-upstream-service-time: 11
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ede17954-77e3-475a-ae16-ee4440aaecca
last-modified: Wed, 26 Jul 2023 11:49:11 GMT
server: cloudflare
x-trace: 2B8CC96B5EE653340E42F62F67FBF84CEA396B8CEB000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.uptycs.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-fmst8
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKzOxJ1%2F4A3FAixV4W7ksU5BHd9kT6d%2BvjaY0Tw283q%2FwbovUIthBhDDeS7oU97y4csT6sItHaiqgJZZFBSmu%2FYfEiAPlei9s0whVJMOuVys8FVwaCjqAnS5UokKNRDi3bJrcmN4RN7cA1gY"}],"group":"cf-nel","max_age":604800}
cf-ray: 7ed15f3a9e5d3653-FRA
expires: Thu, 27 Jul 2023 02:15:59 GMT

GET
H3 200 start_free_Top_Gradient.png
www.uptycs.com/hubfs/Uptycs%20Theme%20-%202023/ 152 KB
153 KB 135ms
134ms Image
image/webp 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Uptycs%20Theme%20-%202023/start_free_Top_Gradient.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237096759/1688712381951/Uptycs_Theme_2023/css/main.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

814323ef69ab619dc133989c7c2ce2e9c859ffe2195f8fad3fe2bc0412df5d4f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237096759/1688712381951/Uptycs_Theme_2023/css/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-118084278825,FD-105371944115,P-2617658,FLS-ALL
x-amz-request-id: 498YDG96WTEBBNA1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-118084278825,FD-105371944115,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="start_free_Top_Gradient.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
cf-bgj: imgq:85,h2pri
etag: "16f4478598a3692adf46bec2c914d63f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1685523024476
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Thu, 27 Jul 2023 02:14:59 GMT
strict-transport-security: max-age=31536000
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: nojGMdwTr.4EagcZf.NVzipPqOkmjZP5
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=160615
x-cache: RefreshHit from cloudfront
cache-tag: F-118084278825,FD-105371944115,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 155712
x-amz-id-2: fu5t0BvzAeQRQU6RIiZFvxYN/IBUcFQ4sw9oXXZtspHKzY7y6gl5i7LkpQXdyE9lnSFXqW9DJRg=
last-modified: Wed, 31 May 2023 08:50:25 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdNFC%2FkUhT5n5yzG4M84jG2hXyW9pU%2FaOSv%2Fm8sU60mZo2UCXPuKkBWPgDsCZxjfQ3vKZSV1zQxmrLRCryDy0PIMvj%2Fsn4zhj%2FtHgQpTxMwbyBS7T3kZCdjY3jkQ%2BZWiNUitUa3yyOzeCEMk"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7ed15f3a9e5e3653-FRA
x-amz-cf-id: 4PfxX_0BmBuN-E0MKD3R9vbAWkmaaYuWeNvlfExhk8ZzN4ImnFJ5jQ==

GET
H3 200 List_style_arrow-1.png
www.uptycs.com/hubfs/Uptycs%20Theme%20-%202023/ 116 B
1 KB 161ms
160ms Image
image/webp 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Uptycs%20Theme%20-%202023/List_style_arrow-1.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237096759/1688712381951/Uptycs_Theme_2023/css/main.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

67591085ecd78953550ce0c81743b970cd8eecc81cb4e13405bf40b4c82b6f0d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237096759/1688712381951/Uptycs_Theme_2023/css/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-118083468685,FD-105371944115,P-2617658,FLS-ALL
x-amz-request-id: 498ZBCGD1MYK1PTT
x-amz-server-side-encryption: AES256
edge-cache-tag: F-118083468685,FD-105371944115,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="List_style_arrow-1.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
cf-bgj: imgq:85,h2pri
etag: "e365372bf1d4aff5124596fc42520b6f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1685523101296
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Thu, 27 Jul 2023 02:14:59 GMT
strict-transport-security: max-age=31536000
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: QiFxviEcPIG0utJuCYRLoimVybJtq6HD
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=167
x-cache: RefreshHit from cloudfront
cache-tag: F-118083468685,FD-105371944115,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 116
x-amz-id-2: 42SoS+Zk93i3LnRITzNpQGfjBYg5bvglSJl60Ph3IeKMt3uDQh9tpip7+QEwOPe0wLWIc9Rn5Z4=
last-modified: Wed, 31 May 2023 08:51:42 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BlhRk%2FsBHIQcVrdEt4oRX4aWC2CP9kwCV57BbztexKGXMxz80xN%2Fo%2FaHOCf5ZU4nVd%2BrmYF5oQbmL26K5M8y9kA1Ig%2Fd35T3sQAup%2FF8i7qOblSfgYHzeoWP7sQ%2FPT7eBsDkXVQ65%2Fs4iCu"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7ed15f3a9e5f3653-FRA
x-amz-cf-id: tXwGlkOSEBmJ19OObi12uc_IZ_ijslbOOFa3OUYytgpTh_xPug_ySg==

GET
H2 200 Dazzed-SemiBold.woff2
2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/ 35 KB
35 KB 206ms
149ms Font
application/font-woff2 2606:4700::6812:f0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/Dazzed-SemiBold.woff2
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1687991367265/Uptycs_Theme_2023/css/theme-overrides.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7d73ae35c3412dd12292590b041a66f83a14f7766041b8d523fadf78c8d7daa

Request headers

Referer: https://www.uptycs.com/
Origin: https://www.uptycs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-105405778095,FD-105405778080,P-2617658,FLS-ALL
age: 821398
x-amz-request-id: VQ9PKNXPEMVVVAB9
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105405778095,FD-105405778080,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
etag: "2d0d0de050f8833c2853af07a440a4ee"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678191122420
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Thu, 27 Jul 2023 02:14:59 GMT
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: IEWlA03LFNsvE9C7Xc.pkI3DfKgTQ7bF
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-105405778095,FD-105405778080,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 35588
x-amz-id-2: M9ZZlIy89NMGs0eXWNyWN4ZUYst+ga5VA+nOC1imooOwbmWt8SHvVjsIpW8DKw+bknocn2uTC/c=
last-modified: Tue, 07 Mar 2023 12:12:03 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 7ed15f3afc773719-FRA
x-amz-cf-id: iFdPip4VUR7CMN4OEj3h6S4wy-XwxHDJXqH64RO21SeQVsEuvYa4-w==

GET
H2 200 Dazzed-Medium.woff2
2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/ 34 KB
35 KB 141ms
84ms Font
application/font-woff2 2606:4700::6812:f0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/Dazzed-Medium.woff2
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1687991367265/Uptycs_Theme_2023/css/theme-overrides.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c431b7004f2def447ab4b6b2e63e694f322c65162a22e689f91a69e391241df4

Request headers

Referer: https://www.uptycs.com/
Origin: https://www.uptycs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-105405968195,FD-105405778080,P-2617658,FLS-ALL
age: 821398
x-amz-request-id: VQ9Y7SFXJCK1K36R
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105405968195,FD-105405778080,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
etag: "91c0cd4d25d2ea71e8826f69b4497c6c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678191122410
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Thu, 27 Jul 2023 02:14:59 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: A6Y2_MG70jGC4aeahpXKuceRQH2hp.YW
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-105405968195,FD-105405778080,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 34664
x-amz-id-2: ORHwp8uP+EXQ18RNUZrRyVqx2oUs2XKzgaXkUfihs+kINklQGo1ovpPYitR8elWW2RcLA1LTGds=
last-modified: Tue, 07 Mar 2023 12:12:03 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 7ed15f3afc783719-FRA
x-amz-cf-id: wmA5Ye-_4ZylC2FVR6s_3FByvMkbuZ_zB4y7TS9gZo7HOm0uehYG3w==

GET
H2 200 Dazzed-Regular.woff2
2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/ 34 KB
34 KB 147ms
91ms Font
application/font-woff2 2606:4700::6812:f0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/Dazzed-Regular.woff2
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1687991367265/Uptycs_Theme_2023/css/theme-overrides.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b48a0510a39e949184e762267407b9d7292b4fd69dcbf953b657c1e9cfc4cc61

Request headers

Referer: https://www.uptycs.com/
Origin: https://www.uptycs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-105405778092,FD-105405778080,P-2617658,FLS-ALL
age: 511738
x-amz-request-id: WQWBXMM3RSDK3A01
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105405778092,FD-105405778080,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
etag: "504d899b185471166fa525f6154e224f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678191122391
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Thu, 27 Jul 2023 02:14:59 GMT
via: 1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: Z950va749GesENoMyecGaQOgk36GpyAD
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-105405778092,FD-105405778080,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 34732
x-amz-id-2: zwpmyQ12zYp9SkhleUMUdyMr2XN1gCmmyTfHzArf5HCz5DIsTF0rAcaMsZgytGjholpyvENBmJk=
last-modified: Tue, 07 Mar 2023 12:12:03 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 7ed15f3afc7a3719-FRA
x-amz-cf-id: O25caJTswAezgzJM6SLt7M6L8ZrnInpcatc-tdYAzkkxmR92KWEcyA==

GET
H3 200 json Show response
www.uptycs.com/_hcms/forms/embed/v3/form/2617658/935e33c1-b800-4c9e-b552-0f64a8a0ecad/ 18 KB
5 KB 170ms
170ms XHR
application/json 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/_hcms/forms/embed/v3/form/2617658/935e33c1-b800-4c9e-b552-0f64a8a0ecad/json?hs_static_app=forms-embed&hs_static_app_version=1.3479&X-HubSpot-Static-App-Info=forms-embed-1.3479

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

79c2e5033850ccbb2dc4cfb164071921a49c0b8bf577840426290fca9e14e301

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.uptycs.com/resources/infostealer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-origin-hublet: na1
date: Thu, 27 Jul 2023 02:14:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 2c9d22c3-a594-4fdc-9745-bb76b31d72f1
content-encoding: br
x-envoy-upstream-service-time: 17
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2c9d22c3-a594-4fdc-9745-bb76b31d72f1
server: cloudflare
x-trace: 2B3D0557A1DD7C6C92BCF2AC1CF22C30FE234B7BCE000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-max-age: 180
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-nt996
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XO2nJfoDiEzsmOQny9uxZhMi1HoKbNhIfP7Yqh6GWsCaeiFP1d3gQhN4q6ae%2B1f3YynYguJL%2BJujhAhEJhFM0RAutEKVfbsQAG2d%2F%2FW8SD4hMAqys0Tw4%2FI2Yn%2BUWz0NWjXkmUolOmlNVkbY"}],"group":"cf-nel","max_age":604800}
cf-ray: 7ed15f3baf543653-FRA
access-control-allow-headers: *
x-robots-tag: none

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
1003 B 249ms
186ms Script
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=2617658&callback=jsonpHandler

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:14:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: no-sniff
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 088f5e49-eed1-4267-a64f-0b323dc18eca
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=7ed15f3c8bde3677&resource=unknown"
x-evy-trace-listener: listener_https
x-request-id: 088f5e49-eed1-4267-a64f-0b323dc18eca
server: cloudflare
x-trace: 2B878FF3D04BFF2F286382BB6E7731464A52AF7BE7000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-qrxbq
x-evy-trace-virtual-host: all
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 7ed15f3c8bde3677-FRA

GET
H/1.1 200
OK counters.gif
forms.hsforms.com/embed/v3/ 35 B
1016 B 188ms
132ms Image
image/gif 2606:4700::6811:d5f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/resources/infostealer

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Thu, 27 Jul 2023 02:14:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: f5972e60-1925-47f3-97bd-74a0de6b129c
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f5972e60-1925-47f3-97bd-74a0de6b129c
Server: cloudflare
X-Trace: 2B195550EE80EC0436F84BE1D6D06F206C6D5B4134000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-zlsgj
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 7ed15f3d4cfb1e53-FRA

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
960 B 100ms
31ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_bc06f80d_23fb_494d_8b0c_83beb15cebf3&render=explicit&hl=en

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a3f5ada5b2ccb6fe6cbecb0bd612f38249a033f922ee04d5291be15856e2f2f0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 640
x-xss-protection: 1; mode=block
expires: Thu, 27 Jul 2023 02:14:59 GMT

GET
DATA 200
OK truncated
/ 204 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8aea4d4a73064ab2e8d0fd3f9e7c16bc8b8ce591da0ae03b272284c2c3b29ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Dazzed-Bold.woff2
2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/ 35 KB
36 KB 66ms
66ms Font
application/font-woff2 2606:4700::6812:f0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/Dazzed-Bold.woff2
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1687991367265/Uptycs_Theme_2023/css/theme-overrides.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62e120f9707942e703ef7a54d281e0f4a4027114e88e57f38909e48927029604

Request headers

Referer: https://www.uptycs.com/
Origin: https://www.uptycs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-105405946669,FD-105405778080,P-2617658,FLS-ALL
x-amz-request-id: QGSVYDY88YZ4G43Y
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105405946669,FD-105405778080,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
etag: "dec9ad669c463ebe04b667dc906e58b0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678191122320
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Thu, 27 Jul 2023 02:14:59 GMT
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: kiiOVn0Uia49V.XtbhyVQvLQlSKfVfD1
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-105405946669,FD-105405778080,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 35912
x-amz-id-2: nbtqcbLLvPUXig/YmQy8cto67qNw3AiteToZM5g5WX2zmXrGbKV/DWZq3YIcdH8pHZdgdiYglho=
last-modified: Tue, 07 Mar 2023 12:12:03 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 7ed15f3d1e043719-FRA
x-amz-cf-id: lIoNhPFFFvkqo4KTXbYqL_Ux1AInZgi8d713lMTEwQb_uoDnEgMgRw==

GET
H/1.1 200
OK counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
1016 B 249ms
191ms Image
image/gif 2606:4700::6811:d3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/resources/infostealer

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d3f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Thu, 27 Jul 2023 02:14:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 7e8a6176-c319-44a8-9d3d-18862cfac898
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7e8a6176-c319-44a8-9d3d-18862cfac898
Server: cloudflare
X-Trace: 2BB676B415B40E325F2816E971B329D2539B902631000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-jkmcj
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 7ed15f3d9aa63675-FRA

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 206ms
142ms Script
application/javascript 2606:4700::6811:6dc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6dc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f54b61a120e0240c98428d76beab031099f4f0379cbc623de071277255088fdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.uptycs.com/resources/infostealer
Origin: https://www.uptycs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:14:59 GMT
x-amz-version-id: 3rNMTio6eswfsQ6sgXOFNNmyULDAVi34
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 78606f1b-f7db-469d-9a7b-5188c5e963e8
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.380/bundles/project.js&cfRay=7ed15f3dccbc5c02-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 78606f1b-f7db-469d-9a7b-5188c5e963e8
last-modified: Mon, 10 Jul 2023 09:43:19 UTC
server: cloudflare
etag: W/"85b7f9af32b27bd6cc93e80bfb2911df"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-xjmf2
cf-ray: 7ed15f3dccbc5c02-FRA
x-amz-cf-id: HQ9k3sOOXJ8azVxVhkEdC-zXiFmU0CqrtSV7TlwH1kOlvljg6BY8LA==
x-hs-target-asset: collected-forms-embed-js/static-1.380/bundles/project.js

GET
H2 200 2617658.js Show response
js.hs-analytics.net/analytics/1690423800000/ 66 KB
21 KB 90ms
30ms Script
text/javascript 2606:4700::6810:88ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1690423800000/2617658.js
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:88ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 046bd842b302fe595d99d4a90b75d6f558f397a384c1b300dffb615fe4a63768

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:14:59 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 1X0FD41QTM4EBK4A
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: f796955c-cee1-494b-b8e1-955018a473c2
age: 0
x-envoy-upstream-service-time: 20
x-amz-id-2: qd+/QJvYbzTM237ePBnHQUluSX7NVRJkB+cNeMLMVDcdVZS1MDcc8qzRGtFN+ufzUnSy8nSbATQ=
x-evy-trace-listener: listener_https
x-request-id: f796955c-cee1-494b-b8e1-955018a473c2
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 20 Jul 2023 15:56:06 GMT
server: cloudflare
etag: W/"1cc5f3097b2573a0976e619234fff5ef"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-f4w7q
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7ed15f3dbd95195c-FRA
expires: Thu, 27 Jul 2023 02:19:59 GMT

GET
H2 200 2617658.js Show response
js.hs-banner.com/ 63 KB
16 KB 448ms
387ms Script
text/javascript 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2617658.js
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2b349073b8421ec84bfd334c01132010daabccff2f8975a9d242720a37a7da3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:14:59 GMT
x-amz-version-id: TuWmOSXJ.1_mSeervlSUXgVEF7VD5cJt
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: JE9RMX2NW8603NS8
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 1e88d498-bba4-453a-a31e-17b7e3bcdba4
x-envoy-upstream-service-time: 20
x-amz-id-2: 3SvVCbahelG9lGM5AExA2sOC5u2rOGrXD7Tel2ktv5nbTkn4dCOAGGehEqtDUCzKmzrZ5gX89Kc=
x-evy-trace-listener: listener_https
x-request-id: 1e88d498-bba4-453a-a31e-17b7e3bcdba4
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 17 Apr 2023 15:07:23 GMT
server: cloudflare
etag: W/"bb0865a36c00349fa7c66c579d630ef2"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.uptycs.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-f4w7q
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7ed15f3dbee95b4a-FRA
expires: Thu, 27 Jul 2023 02:19:59 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 95ms
34ms Script
application/javascript 2606:4700::6810:75be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:75be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e10ce26ead0eca58cd5346843538415611b745bfd29825322efad56424a4c911

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:14:59 GMT
x-amz-version-id: aAzOiTTzU7.XykyGrcpmeR7PTeB2LyLv
via: 1.1 66b6cd04ec22251498906e833eb08668.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 349
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.387/bundles/pixels-release.js&cfRay=7ed156ba1f87bb4d-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: a4af6095-694c-4935-97b8-dffcbf8ce037
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a4af6095-694c-4935-97b8-dffcbf8ce037
last-modified: Tue, 18 Jul 2023 03:27:27 UTC
server: cloudflare
etag: W/"784f994871e489c9943a65326d43e875"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-nnm64
cf-ray: 7ed15f3dcf6c1c9d-FRA
x-amz-cf-id: HIHm6ptnym0aRROHC3t6jDx58KtJ2cPoFd-8Cul4qUSMZDNIknZvow==
x-hs-target-asset: adsscriptloaderstatic/static-1.387/bundles/pixels-release.js

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 62 KB
19 KB 203ms
143ms Script
application/javascript 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdc04e3ffe5848a5eb26279cb6ac9bc973bbd3e8c58255428684481852068071

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.uptycs.com/resources/infostealer
Origin: https://www.uptycs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.400/bundles/project.js&cfRay=7ed15f3dbb0418af-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"53aa53ea19cc94bda43b216b5a87ab96"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.400/bundles/project.js
date: Thu, 27 Jul 2023 02:14:59 GMT
x-amz-version-id: tXRoVqIy46lj2GwGr8fYtjbOy99F02fN
via: 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 29ce41c1-5f80-47e8-8ef5-cd38f0b86602
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 29ce41c1-5f80-47e8-8ef5-cd38f0b86602
last-modified: Tue, 25 Jul 2023 02:37:49 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1GtrnoHnXilVsvNoYehhIQMF3PI%2FGT6yktcwGRoqinRn9zRSimJMGG%2FB%2Fq0R%2Fc4gq52d4VoSEk2yCs%2BsuX364cWUdXZDXw%2FjL9dyuSKTEiw0rTrvSpbmaP%2By3sVkhbROYcw44gaCDCEvuGr"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-wd7jg
cf-ray: 7ed15f3dbb0418af-FRA
x-amz-cf-id: fevz7I2IVP3VXHLbRAhIo8WwuivGKu0BvLTYtN3HnatsM4g0xHn5HQ==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 76 KB
22 KB 96ms
34ms Script
application/javascript 2606:4700::6811:61ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:61ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efba13392274ca4b6a31321273c3dd84403cd1104255e9b423de3196f5bd1495

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:14:59 GMT
x-amz-version-id: kn0l3Ah9QsmalbREgOLUrZnI9RAHwkB0
via: 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 157
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.13639/bundles/project.js&cfRay=7ed15b657935913c-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: bf6c15b1-3cdf-42c9-9a9b-42b6385ff324
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: bf6c15b1-3cdf-42c9-9a9b-42b6385ff324
last-modified: Wed, 19 Jul 2023 05:12:49 UTC
server: cloudflare
etag: W/"81f2c1ef40a95abbdca7d3b54172da86"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-xhv87
cf-ray: 7ed15f3dcfa89be6-FRA
x-amz-cf-id: T6ihyKumwRiGCGufqrohc35BZwGSnmzStdISx5sHw02LpukDiKnwdA==
x-hs-target-asset: conversations-embed/static-1.13639/bundles/project.js

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/ 429 KB
172 KB 86ms
28ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_bc06f80d_23fb_494d_8b0c_83beb15cebf3&render=explicit&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd432513d3a681e07e07cf97654374c3e868e7269f16a8b126929b0f0b7b6894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.uptycs.com/resources/infostealer
Origin: https://www.uptycs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 18:24:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175963
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 01:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 18:24:11 GMT

GET
H3 200 widget Show response
www.uptycs.com/_hcms/livechat/ 278 B
1 KB 152ms
152ms XHR
application/json 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/_hcms/livechat/widget?portalId=2617658&conversations-embed=static-1.13639&mobile=false&messagesUtk=d1512e195adf4510a8bf39beb8ad9b87&traceId=d1512e195adf4510a8bf39beb8ad9b87

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf523e8d38b19253fc8db014b453896bb115dd3e7afb5e9c7f4e8975d2daa56a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.uptycs.com/resources/infostealer
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:14:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 01f59c2c-9668-465e-93b2-a821876a693f
x-envoy-upstream-service-time: 9
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 01f59c2c-9668-465e-93b2-a821876a693f
server: cloudflare
x-trace: 2BBE99F6A4B98041E01C6524455267C4AC35318381000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-6qscq
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBrdXI9B2zmOcrfjjybsJdW7OyB%2FtcsIPbwcIAfGLGLu6kLmwH2mLLNHM68Wx9MjN34Vd0%2FIjDr1A7GKJC%2FQ5PuLJNwdZlC08%2BXtS4Rp%2FMo%2Fv%2FTICSlgsBkanzJp7WNso35uxdWERAU1lRIo"}],"group":"cf-nel","max_age":604800}
cf-ray: 7ed15f3e19533653-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame AF8F 52 KB
29 KB 51ms
41ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cudXB0eWNzLmNvbTo0NDM.&hl=en&v=iRvKkcsnpNcOYYwhqaQxPITz&size=invisible&badge=inline&cb=pneu37ks5a81

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e2d6190054a90d9bc7cd17e6abaa74801a6e460dff2a587941e7d735be4064fd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JWI7v8XUYZgUE79wSp3J2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.uptycs.com/resources/infostealer
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28891
content-security-policy: script-src 'report-sample' 'nonce-JWI7v8XUYZgUE79wSp3J2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 02:14:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 136 B
986 B 160ms
143ms Fetch
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=2617658&currentUrl=https%3A%2F%2Fwww.uptycs.com%2Fresources%2Finfostealer&contentId=126774703228

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0268b589d424a686ee986465b7917ac6c852be4fd6908331002878205beee576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:14:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 4862f116-2c32-4c69-9c9a-1fdbd63ab8ef
content-encoding: br
x-envoy-upstream-service-time: 18
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4862f116-2c32-4c69-9c9a-1fdbd63ab8ef
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.uptycs.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B34Ejzb5VKfTC1ZkDuMpul9ryO6qH4B4lK0etJWAirv%2BxloZOV0PyofLBazX7THqBtvd%2FUrZEafBAzzvscHZ4TtHrB1kUxctXabKhSefD7jG73mio1pIvXtIs7QC3DeIbnvmKmOko4S4VDAPenb19tnlytpmRLSqhiU%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 7ed15f3f0be018af-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-9t4kl

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
433 B 137ms
132ms XHR
application/json 2606:4700::6811:6dc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=2617658&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6dc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6067dcd5dce2a3474610f14be162b671b90e8d916358d4cf324a526fb5e9ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.uptycs.com/resources/infostealer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:14:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 42cc0d7e-7338-4af0-b4dd-05640ed169f5
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 42cc0d7e-7338-4af0-b4dd-05640ed169f5
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.uptycs.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-wd7jg
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7ed15f3f2d8f5c02-FRA

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/ Frame AF8F 55 KB
24 KB 66ms
21ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cudXB0eWNzLmNvbTo0NDM.&hl=en&v=iRvKkcsnpNcOYYwhqaQxPITz&size=invisible&badge=inline&cb=pneu37ks5a81

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 18:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 01:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 18:29:03 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/ Frame AF8F 429 KB
172 KB 77ms
32ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd432513d3a681e07e07cf97654374c3e868e7269f16a8b126929b0f0b7b6894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 18:24:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175963
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 01:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 18:24:11 GMT

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
1 KB 348ms
137ms Image
image/gif 2606:4700::6811:d2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/resources/infostealer

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d2f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Thu, 27 Jul 2023 02:15:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 89fca928-7d08-4016-8759-93d89d22eeda
x-envoy-upstream-service-time: 1
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 89fca928-7d08-4016-8759-93d89d22eeda
Last-Modified: Thu, 27 Jul 2023 02:15:00 GMT
Server: cloudflare
X-Trace: 2BAB34D6A65F42E0E34D44668C7548E941980D78D4000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-44rkg
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 7ed15f414a481d96-FRA

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
625 B 188ms
160ms Image
image/gif 2606:4700::6811:d5f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/resources/infostealer

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:15:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ba7b8895-7ad7-4b1b-ab15-05c5ba3845d9
x-envoy-upstream-service-time: 16
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ba7b8895-7ad7-4b1b-ab15-05c5ba3845d9
server: cloudflare
x-trace: 2B30307E249FC8F7610A223B1B2A141D96031BDBBE000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-2ls4d
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7ed15f4038451e49-FRA

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame AF8F 2 KB
2 KB 22ms
21ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 00:33:37 GMT
x-content-type-options: nosniff
age: 92482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 02 Aug 2023 00:33:37 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AF8F 15 KB
16 KB 187ms
22ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 09:40:06 GMT
x-content-type-options: nosniff
age: 59694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jul 2024 09:40:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AF8F 15 KB
15 KB 192ms
27ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:23:37 GMT
x-content-type-options: nosniff
age: 107483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jul 2024 20:23:37 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame AF8F 102 B
132 B 37ms
36ms Other
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=iRvKkcsnpNcOYYwhqaQxPITz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ce580090d2befdbfe1545ca10b1f2a989634678929df7aa5490d63b3a06c6ba0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cudXB0eWNzLmNvbTo0NDM.&hl=en&v=iRvKkcsnpNcOYYwhqaQxPITz&size=invisible&badge=inline&cb=pneu37ks5a81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 1; mode=block
expires: Thu, 27 Jul 2023 02:14:59 GMT

GET
H2 200 cf-location Show response
js.hs-banner.com/cookie-banner-public/v1/ 2 B
150 B 88ms
31ms XHR
text/plain 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/cf-location
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/2617658.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: https://www.uptycs.com
date: Thu, 27 Jul 2023 02:14:59 GMT
server: cloudflare
cf-ray: 7ed15f40d9898ffb-FRA
content-length: 2
vary: Origin, Accept-Encoding
content-type: text/plain;charset=UTF-8

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame 07DD 7 KB
1 KB 32ms
32ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=iRvKkcsnpNcOYYwhqaQxPITz&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0443920b19555fd151ec04b65356386980ec50d3ec070ec3dca86ce933b6a738

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WecCOmrkjscB5bFwxE4DPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.uptycs.com/resources/infostealer
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1160
content-security-policy: script-src 'report-sample' 'nonce-WecCOmrkjscB5bFwxE4DPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 02:15:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 0
0 123ms
123ms Preflight
application/octet-stream 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.uptycs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.uptycs.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 7ed15f425a388ffb-FRA
content-length: 0
content-type: application/octet-stream
date: Thu, 27 Jul 2023 02:15:00 GMT
server: cloudflare
timing-allow-origin: *
vary: origin
x-envoy-upstream-service-time: 1
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-2sbs7
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 6240fe4b-3803-419a-9c50-40c8b8bf8553
x-request-id: 6240fe4b-3803-419a-9c50-40c8b8bf8553

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
175 B 138ms
137ms XHR
text/plain 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-banner.com/cookie-banner-public/v1/activity/view

Requested by

Host: js.hs-banner.com
URL: https://js.hs-banner.com/2617658.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.uptycs.com/resources/infostealer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 27 Jul 2023 02:15:00 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f73a8e7b-46c3-4c7d-8287-f4c63604118e
x-envoy-upstream-service-time: 15
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f73a8e7b-46c3-4c7d-8287-f4c63604118e
server: cloudflare
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.uptycs.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary: origin
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-v9vn7
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7ed15f431a778ffb-FRA

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/ Frame 07DD 55 KB
24 KB 22ms
15ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=iRvKkcsnpNcOYYwhqaQxPITz&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 18:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 01:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 18:29:03 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/ Frame 07DD 429 KB
172 KB 28ms
21ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=iRvKkcsnpNcOYYwhqaQxPITz&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd432513d3a681e07e07cf97654374c3e868e7269f16a8b126929b0f0b7b6894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 18:24:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175963
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 01:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 18:24:11 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
610 B 134ms
133ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=600004306&v=1.1&a=2617658&pi=126774703228&ct=landing-page&ccu=https%3A%2F%2Fwww.uptycs.com%2Fresources%2Finfostealer&cpi=126774703228&lpi=126774703228&lvi=126774703228&pu=https%3A%2F%2Fwww.uptycs.com%2Fresources%2Finfostealer&t=Understanding+%26+Countering+Infostealer+Threats%3A+Cybersecurity+Whitepaper&cts=1690424100303&vi=419f8cd1482b082d912262c9f1471445&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:15:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e99d7ca9-c503-42af-9391-5ae57ace4434
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e99d7ca9-c503-42af-9391-5ae57ace4434
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAI%2Bj1y0L210YbctNoPZeIvKfJJIIY1DmDG7g5rvpJcSj978W2qHj9XXtvtsqg3L7UDRXD2MJNQQur%2BuVJdh82laQcwnionV0DHuPkk3%2Flc4sOeFZ4FxRLr40EzLdN0dyDSbGmnmeihoyHyq7n5q"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-z7z79
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ed15f42f9013677-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
436 B 133ms
133ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=935e33c1-b800-4c9e-b552-0f64a8a0ecad&fci=bc06f80d-23fb-494d-8b0c-83beb15cebf3&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=600004306&v=1.1&a=2617658&pi=126774703228&ct=landing-page&ccu=https%3A%2F%2Fwww.uptycs.com%2Fresources%2Finfostealer&cpi=126774703228&lpi=126774703228&lvi=126774703228&pu=https%3A%2F%2Fwww.uptycs.com%2Fresources%2Finfostealer&t=Understanding+%26+Countering+Infostealer+Threats%3A+Cybersecurity+Whitepaper&cts=1690424100304&vi=419f8cd1482b082d912262c9f1471445&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:15:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 0f3c805d-3f60-4b68-9374-f27c97477a8b
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0f3c805d-3f60-4b68-9374-f27c97477a8b
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8z33vVD30TKXt8uf0xr%2FGVLeDzIphqsCIvlEHTQVM28za4JExWAaiaPxWH2B9Y2PjiD5C2tCREIrbu9GFFEUfyVW7OiJxN6VHgFLiaCGcDL6paqK5rou1QpPvY7BZbx8StyUAGYUZ8AqHyaWzY%2Bq"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-skh97
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ed15f4309053677-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
441 B 131ms
131ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=935e33c1-b800-4c9e-b552-0f64a8a0ecad&fci=bc06f80d-23fb-494d-8b0c-83beb15cebf3&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=600004306&v=1.1&a=2617658&pi=126774703228&ct=landing-page&ccu=https%3A%2F%2Fwww.uptycs.com%2Fresources%2Finfostealer&cpi=126774703228&lpi=126774703228&lvi=126774703228&pu=https%3A%2F%2Fwww.uptycs.com%2Fresources%2Finfostealer&t=Understanding+%26+Countering+Infostealer+Threats%3A+Cybersecurity+Whitepaper&cts=1690424100305&vi=419f8cd1482b082d912262c9f1471445&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:15:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d79c49ee-2e44-4f44-9cb6-45169659a0c1
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d79c49ee-2e44-4f44-9cb6-45169659a0c1
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqLB%2BzVIsPwbJSesIh1O2ipGmgN2rK7vUIwgmLSqb8AhFt6qLdB9dyB3qNHHPn%2BcbZNutWb%2FqTQiOWmK54NglXVorMRqbryYgtP10VDhLdiE8WuFS%2BWsUVI8Pj0CZ%2F79AkwSVVuVABkRLh4wWW0n"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-xtt4j
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ed15f4309063677-FRA
x-robots-tag: none

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame 07DD 41 KB
25 KB 62ms
62ms XHR
application/json 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

07662f471c9774bc9a883d8fed064e8b054ce9ebf55d9171bacee2818c9dc4c5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=iRvKkcsnpNcOYYwhqaQxPITz&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 27 Jul 2023 02:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25360
x-xss-protection: 1; mode=block
expires: Thu, 27 Jul 2023 02:15:00 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 07DD 600 B
624 B 22ms
21ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 03:01:22 GMT
x-content-type-options: nosniff
age: 515618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 28 Jul 2023 03:01:22 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 07DD 530 B
554 B 23ms
22ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 18:38:08 GMT
x-content-type-options: nosniff
age: 27412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 02 Aug 2023 18:38:08 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 07DD 665 B
689 B 23ms
22ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 17:30:32 GMT
x-content-type-options: nosniff
age: 377068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 29 Jul 2023 17:30:32 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 07DD 15 KB
15 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 09:40:06 GMT
x-content-type-options: nosniff
age: 59694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jul 2024 09:40:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 07DD 15 KB
15 KB 30ms
29ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 20:03:22 GMT
x-content-type-options: nosniff
age: 367898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 20:03:22 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 07DD 15 KB
15 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:23:37 GMT
x-content-type-options: nosniff
age: 107483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jul 2024 20:23:37 GMT

GET
H3 200 payload
www.google.com/recaptcha/enterprise/ Frame 07DD 29 KB
29 KB 32ms
31ms Image
image/jpeg 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/enterprise/payload?p=06AAYGu2TxENaEDhP5C3tXpe2Faza4hm2XA0vh1hdIisDrmvGlsh0K03PgXADOrDetALaVbxqY2z4W353OlZzov4LTL1uBeFNqmOrHL2xNfksu9zkZ5146sXkOXhDdDjeylIVd-odI1QMDgV37oRsEvQUC4b5VKC-NbOdesov9f1GaOerP1aZWff7V5LzYlkdqdq0qNoT4FMPwAmswwzej_SN_LbFLQjO7-3DEg5THbzihRVTG4f6OQbE&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dc41bfb7b1f75ff765c8a380b91b6dad844f9334600537e33a746756b3b79313

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=iRvKkcsnpNcOYYwhqaQxPITz&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:15:00 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29286
x-xss-protection: 1; mode=block
expires: Thu, 27 Jul 2023 02:15:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 228 KB
80 KB 99ms
44ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P663XDQ

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/resources/infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9abf956b1e8e5f54e0496c836d12ca7bbbdd3011748a44846fef756a963b84f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:15:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81177
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 00:05:16 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jul 2023 02:15:02 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 48 KB
14 KB 101ms
22ms Script
application/javascript 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/resources/infostealer

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

ae3536ecd79c98f87387cee9060be3053e0eb8fe0871e7336554812ef8138772

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jul 2023 02:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Jul 2023 16:27:10 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "64b9605e-bf6f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 14190
expires: Thu, 27 Jul 2023 02:15:02 GMT

GET
H2 200 0036b213134bb87d518c56fbdc671d2b.js Show response
ob.segreencolumn.com/i/ 93 KB
34 KB 78ms
24ms Script
text/javascript 2600:9000:2490:2600:18:15b9:5a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.segreencolumn.com/i/0036b213134bb87d518c56fbdc671d2b.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P663XDQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:2600:18:15b9:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: c6a6a50b2ce46af481ed4ea7bda019f4bc6bad4526925e13f121be76838b18f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 01:55:44 GMT
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA56-P6
age: 8237
etag: "1737b-vdO5D0442+G3G2BU1+g8eQozOeA"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 34525
x-amz-cf-id: EMMgO5I8flTg1s6TrvOJtBP8Ch7Br5-aSzRL5x-CB2hkEQoFV7RI2w==
expires: Thu, 27 Jul 2023 11:57:45 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 136ms
36ms Script
application/x-javascript 2a02:26f0:3100::1735:28c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P663XDQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:28c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 09:07:54 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=85414
accept-ranges: bytes
content-length: 4862

GET
H2 200 hotjar-3384743.js Show response
static.hotjar.com/c/ 9 KB
4 KB 91ms
22ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3384743.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P663XDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

fb9f2803dc6e2ba3d1153f02304d18575d2e25d056c7b072dfdbeab20c628fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 27 Jul 2023 02:15:02 GMT
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/24c8b495837fe9de54b15628f185f40c
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Cpi1cTcWUcNcVgEPWt5yRbuy0RwFS70FavYZb0NyhiyHUdnyN0dbHQ==

GET
H2 200 zi-tag.js Show response
js.zi-scripts.com/ 8 KB
3 KB 88ms
21ms Script
application/javascript 52.222.236.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/resources/infostealer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-49.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c365a59132dd34b492cb3a77d534078dd35cbbf75dbb2eabbe328642b74a291b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 03:35:24 GMT
x-amz-version-id: Rt6XPSKiJ8UdHSAhNzDbvtFnl_cNNgVn
content-encoding: br
last-modified: Mon, 24 Jul 2023 07:50:42 GMT
server: AmazonS3
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
etag: W/"4eb0c668e820abe414d19a11b92dd0fa"
age: 81579
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 8ubmX69pFvtMXdnVKM9W1sp_I8KyAqigI30lh3Ns4nsB3C6kra_B3g==

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 171 KB
54 KB 104ms
27ms Script
application/javascript 2600:9000:206f:6800:15:a0d3:77c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/resources/infostealer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:6800:15:a0d3:77c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4f9687af855e3702920c9feedcf07596807bf43bcd8de0b543ffee66f98e1a22

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: 6Er2d0GJvgnFniPQXIH7h8kzG7dJBNJf
content-encoding: gzip
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
date: Thu, 27 Jul 2023 02:14:55 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
x-amz-cf-pop: FRA56-C1
age: 11
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Nov 2022 11:31:37 GMT
server: AmazonS3
etag: W/"1c27f449b067550681f23ad3e53988fa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: microphone 'none'; camera 'none';
x-amz-cf-id: HqF_R7Ls-KdcLD-DmXVsjQhLUbLlqbeU9dH7v7olp2JYL1mutqAy0g==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
87 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FM1R8N7KP8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P663XDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1490a4f92e8882d2381d87fada79a1df45e36e325829a84d31f8abe36085b472

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:15:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88980
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 27 Jul 2023 02:15:02 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 79ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FM1R8N7KP8&gtm=45je37o0&_p=1045323501&_gaz=1&cid=846526211.1690424103&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690424102&sct=1&seg=0&dl=https%3A%2F%2Fwww.uptycs.com%2Fresources%2Finfostealer&dt=Understanding%20%26%20Countering%20Infostealer%20Threats%3A%20Cybersecurity%20Whitepaper&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FM1R8N7KP8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jul 2023 02:15:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.uptycs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 91ms
30ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FM1R8N7KP8&cid=846526211.1690424103&gtm=45je37o0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FM1R8N7KP8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jul 2023 02:15:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.uptycs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 84ms
33ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FM1R8N7KP8&cid=846526211.1690424103&gtm=45je37o0&aip=1&z=1326727558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jul 2023 02:15:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 203 B
566 B 169ms
168ms Fetch
application/json 52.222.236.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-49.fra56.r.cloudfront.net
Software: / Express
Resource Hash: b8b7ad171811043fd05774fd3258e693f117927ceb15c25f6f4d234c68d29d21

Request headers

Content-Type: application/json
Referer: https://www.uptycs.com/resources/infostealer
accept-language: de-DE,de;q=0.9
Authorization: Bearer 5d799bfd871670447419
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
visited_url: https://www.uptycs.com/resources/infostealer

Response headers

date: Thu, 27 Jul 2023 02:15:03 GMT
via: 1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-powered-by: Express
etag: W/"cb-cndKzYNIkTq/f39doDz1ScKVNOs"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 203
apigw-requestid: Is3uOhhpvHcEMUQ=
x-amz-cf-id: dyLQ-9q1t4PTCl8tPxbat1foL0YHy3qTUl36ZuubgOnGQIjOf-Lt8w==

OPTIONS
H2 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 490ms
448ms Preflight 52.222.236.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-49.fra56.r.cloudfront.net
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://www.uptycs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: Is3uMg0rvHcEMdQ=
date: Thu, 27 Jul 2023 02:15:03 GMT
vary: Access-Control-Request-Headers
via: 1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
x-amz-cf-id: q-b88W2cZM3cbCyenEpeOZxEd-JJOFRc8yuluKNkQ_RDLROEceLmLQ==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 modules.e76ff519876726e14864.js Show response
script.hotjar.com/ 228 KB
56 KB 87ms
25ms Script
application/javascript 108.138.7.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e76ff519876726e14864.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3384743.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-111.fra56.r.cloudfront.net

Software

Resource Hash

86f7ec584345f22e87d0860848f230fd252522bfa49f65103342276cdf0c412e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 15:16:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 39536
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56657
last-modified: Wed, 26 Jul 2023 15:16:01 GMT
etag: "7491b24d6e3e37cf3d934cbe6a3b4812"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: pnkoEjv7RaJO0ukaNAWy_2UYmaWgmRd17jN9G8vQUyciAPcDvLWiaw==

GET
H2 200 / Show response
c.6sc.co/ 7 B
193 B 31ms
23ms XHR
text/html 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:15:03 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.uptycs.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 36 B
332 B 160ms
34ms XHR
text/html 2a02:26f0:3100::1725:e251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1725:e251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 38ac59462d927e82c2a01a872162469a03bedf329a1437d63be6bb3e6f0895cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jul 2023 02:15:03 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.uptycs.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2001:1b60:1010:3:1011:2fc9:bfa9:8894
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469562_388358733_702983465_19_859_33_0_219";dur=1
content-length: 36
expires: Thu, 27 Jul 2023 02:15:03 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 208ms
207ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=7f8bd8662c3cd8304b53ece67c07c07c&svisitor=null&visitor=0bad6d0a-c88b-43d2-87ce-b2496c0d7533&session=bc05404b-2025-4b2a-8196-a20960cd053e&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2027%20Jul%202023%2002%3A15%3A02%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2027%20Jul%202023%2002%3A15%3A02%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%227f8bd8662c3cd8304b53ece67c07c07c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2027%20Jul%202023%2002%3A15%3A02%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2027%20Jul%202023%2002%3A15%3A02%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22%27Stealers%20are%20Organization%20Killers%27%20whitepaper%20provides%20insights%20into%20the%20rising%20infostealer%20malware%20threat%2C%20their%20impacts%20%26%20effective%20defense%20strategies.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Understanding%20%26amp%3B%20Countering%20Infostealer%20Threats%3A%20Cybersecurity%20Whitepaper%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.uptycs.com%2Fresources%2Finfostealer&pageViewId=3562b4be-bcfd-4be3-8780-fd8c55ee4b60&v=1.1.5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:15:03 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 ct Show response
obs.segreencolumn.com/ 3 KB
1 KB 348ms
119ms Script
text/javascript 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/ct?id=44824&url=https%3A%2F%2Fwww.uptycs.com%2Fresources%2Finfostealer&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1690424103078&hl=2&op=0&ag=2163289357&rand=24021917171605157155112287026911639759401860271379627016992014560016222212205112&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDQxMzddLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjYsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjozNjk4NTE4NzEwLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDcsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsOCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMiwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCw2LDAsMCwxLDAsMCJdLFstMSwiLSJdLFstMiwiNSxlY1hHWDE5bm5ydlZPMkpkbE5oeEJLUWtMdlNGZEFRQkNsaDE0VlVWRkFsRjcrQ0FJcVhSQkZDRTE2Rllrb1ZVcEFXaEFTSUQya1o1TnRVKzY5Yi8xKzU4N2N6V1JKQVBsR2w5Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2llaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIi0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcIm9nOmRlc2NyaXB0aW9uXCIsXCJvZzp0aXRsZVwiLFwidHdpdHRlcjpkZXNjcmlwdGlvblwiLFwidHdpdHRlcjp0aXRsZVwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIiwxNjAwLDEyMDBdIl0sWy0yMCwiODQ2NTI2MjExLjE2OTA0MjQxMDMiXSxbLTIxLCItIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6NDQ3MDAwMDAsXCJ1amhzXCI6MzczMDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJbMCw5LjksMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjkwNDI0MTAzMDM0LDBdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJjLC0xLC0xLDEsMCwwLDAsNjQsNTAsNDQsLTEsMTMsMzAxLjIsMzAxLjIsNDM0Niw0MzQ2Il0sWy0zOSwiW1wiMjAwMzAxMDdcIiw0LFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDMsZmFsc2UsdHJ1ZV0iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMCJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCI2MjAsNjc3LDAsMCwwLDU2MiwwLDAsNjQ4LDAsMCwwLDAsMCwwLDAsMCwwLDAsNjg0LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIkV0Yy9Vbmtub3duLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbLTUwLCItIl0sWy01MSwiLSJdLFstNTIsIi0iXSxbLTUzLCIxMDAiXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjI4NzI4OTkzMjBcIl0sXCJkXCI6W10sXCJiXCI6W10sXCJzXCI6MX0iXSxbLTU1LCIxIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTU3LCJXRTBaVjF4T2NWaFhYVlZjU3hjRldsWlVTVXhOWEYwSEdXSllTaGxZU1VsVlFHUVpFVnhQV0ZVWldFMFpCVmhYVmxkQVZGWk1TZ2NaRVFNT0F3Z01DUTRJQVJBVkdRVllWMVpYUUZSV1RFb0hBd2dCQXdvSkVCVllUUmw0UzB0WVFCZHlTeGtSVVUxTlNVb0RGaFpXV3hkS1hGNUxYRnhYV2xaVlRGUlhGMXBXVkJaUUZna0pDZzliQ3dnS0NBb05XMXNCRGwwTUNBRmFEQTlmVzExYUR3NElYUXRiRjFOS0F3Z0REdzBJQUFzUUZWaE5HVTBYWEVGSlZrdE5TaGtSVVUxTlNVb0RGaFpXV3hkS1hGNUxYRnhYV2xaVlRGUlhGMXBXVkJaUUZna0pDZzliQ3dnS0NBb05XMXNCRGwwTUNBRmFEQTlmVzExYUR3NElYUXRiRnc9PSJdLFstNTgsIi0iXSxbLTU5LCJkZWZhdWx0Il0sWy02MCwyMjZdLFstNjEsIntcIndnc2xcIjpcIjA7XCIsXCJwY2ZcIjpcImJncmE4dW5vcm1cIn0iXSxbImRkYiIsIjAsNSwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwyLDEsMCwwLDAsMCwxLDAsMyw5LDAsMTYsMCwxLDEsMCwwLDAsMCwwLDAsMSwzLDAsNSwwIl0sWyJibmNoIiw3OV0sWyJhYm5jaCIsODBdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=JOsiowvgkL&pto=4389&ver=55&gac=846526211.1690424103&mei=&ap=&fe=1&duid=1.1690424103.gnA8Goc2CBpj5Htr&suid=1.1690424103.5K8Htc2xpgamZbN9&tuid=1.1690424103.mQommKbCoRQOyN7O&fbc=-&gtm=W10%3D&it=58%2C4187%2C94&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/0036b213134bb87d518c56fbdc671d2b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: f0f6cbd510d5b35e5eb754d7b8ff8e4ada60ff7c061020555cb2d2b18f2ba7c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Thu, 27 Jul 2023 02:15:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1182
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/1252922/domain/uptycs.com/ 36 B
366 B 90ms
23ms XHR
application/json 2600:9000:20eb:3e00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1252922/domain/uptycs.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3e00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.uptycs.com/resources/infostealer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:15:03 GMT
content-encoding: gzip
via: 1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: o-o-QMtutqVRMeffaMzlfXbbWUqM785gG8Fc4EKjs_EKrEcc9GcyWA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1690424103095&url=https%3A%2F%2Fwww.uptycs.com%2Fresources%2Finfostealer
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1690424103095&url=https%3A%2F%2Fwww.uptycs.com%2Fresources%2Finfostealer&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1252922%26time%3D1690424103095%26url%3Dhttps%253A%252F%252Fwww.uptycs.com%252Fres...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1690424103095&url=https%3A%2F%2Fwww.uptycs.com%2Fresources%2Finfostealer&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1690424103095&url=https%3A%2F%2Fwww.uptycs.com%2Fresources%2Finfostealer&cookiesTest=true&liSync=true&e_ipv6=AQKjYl40kF4hlQAAAYmVINK...

0
265 B

187ms
132ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1690424103095&url=https%3A%2F%2Fwww.uptycs.com%2Fresources%2Finfostealer&cookiesTest=true&liSync=true&e_ipv6=AQKjYl40kF4hlQAAAYmVINKf552TpoVzebIVXhk7cKEhhJvNgr6plaCNGP0zo8ZYTdaPDAw3sXbSuGmAuyV1C76YOFApWQ
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:15:03 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: CA1A94B275AE481EB4870FF3EDAB66E1 Ref B: FRAEDGE1819 Ref C: 2023-07-27T02:15:03Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYBbog5S6hvJXU+4YeRKg==

Redirect headers

date: Thu, 27 Jul 2023 02:15:03 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 20D0230A5A6C4D48BA2981C60795A625 Ref B: FRAEDGE1313 Ref C: 2023-07-27T02:15:03Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1690424103095&url=https%3A%2F%2Fwww.uptycs.com%2Fresources%2Finfostealer&cookiesTest=true&liSync=true&e_ipv6=AQKjYl40kF4hlQAAAYmVINKf552TpoVzebIVXhk7cKEhhJvNgr6plaCNGP0zo8ZYTdaPDAw3sXbSuGmAuyV1C76YOFApWQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYBbog2kvgOoWvltnyx7Q==

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 202ms
90ms XHR
application/json 54.73.32.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e76ff519876726e14864.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.73.32.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-32-2.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0215600170796fcdfac8c9e629c0e65d31728b0fdcd0ca903f629fc5303be96f

Request headers

Referer: https://www.uptycs.com/resources/infostealer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 27 Jul 2023 02:15:03 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 208ms
208ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=7f8bd8662c3cd8304b53ece67c07c07c&svisitor=null&visitor=0bad6d0a-c88b-43d2-87ce-b2496c0d7533&session=bc05404b-2025-4b2a-8196-a20960cd053e&event=ipv6&q=%7B%22address%22%3A%222001%3A1b60%3A1010%3A3%3A1011%3A2fc9%3Abfa9%3A8894%22%7D&isIframe=false&m=%7B%22description%22%3A%22%27Stealers%20are%20Organization%20Killers%27%20whitepaper%20provides%20insights%20into%20the%20rising%20infostealer%20malware%20threat%2C%20their%20impacts%20%26%20effective%20defense%20strategies.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Understanding%20%26amp%3B%20Countering%20Infostealer%20Threats%3A%20Cybersecurity%20Whitepaper%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.uptycs.com%2Fresources%2Finfostealer&pageViewId=3562b4be-bcfd-4be3-8780-fd8c55ee4b60&v=1.1.5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:15:03 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 tc_imp.gif
obs.segreencolumn.com/tracker/ 43 B
79 B 109ms
109ms Image
image/gif 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.segreencolumn.com/tracker/tc_imp.gif?e=37dfbd8ee84e001363eec337ee468a9e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a15856f2317071a10acf9f29f674f85d78a0f2f381ef979220d863bdb60940d3154209251095964515cc6b96d1977be26bb25cb43e2913bf05365ad5f2b7a1bdb53ed46f497d7df3ebb2907fe7fcaaa033e870e6315204d93de0a6df160b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a4918677a0d8d953eb489d593e72aeb9cce4b46d8fd9e16c893008c3e5db6e4d57e56b7da1c11663efdcff218e01ff46b7d01fca46c3cc7ec73e33919c728b64c184e9a79df3f1477fe425bfb9fe2f4d26f9913f82be50eb0102419457459a9796dd8deb9726d32bc1d2b48577a36c7c25896f3b959380032cdcec7eba17e090439167ef33024d538c6eec439cd7a97ca98a348744b6de8795278f191c2ddb79541d3e493e9fff2df452d78cdf72ebde75fa942bca92eeee3dd7f0a711267f82a90604dabd0e4954e6fee374b828c4bb1ab6b77ff625ff6f8759c64ac5b42e904b54b8f7c7387b46341120195413ace48e6ad003b65b4f4520f8b04ddb99180feca4cdecee1f9eb4b1a2c281fbe3415d21e95b94f4057c89286607ca655c7770eb78a77505c1e9c77f8963de3996a824cca4109a7c063d3d047c1280dde2db386748991e4189cedabdb0d64e039eb2d061849b36228cc0182e68e790df5f21b325815e9f19fd68c563d3bf4cabb84190dbd2d7e00320fdfc2920c72ff29fbab917826d321f05906a4751b1a0418a971cb2ddc8ca1c8dd0d66e646539b72fb717ee10ebd57b9c20423f403c747fe5588a803356a732a1f8a868a29d3ed31612d058022be0facd1818ae27e7847bb71b23420ee5292682b3c53c9a136fe6da40f09b84a0de208f0a0c7d4be07d244e8ec4591ea836e4fdc8319d93b15f4f76a3763248598d055ab8dcb2440d823d3280c6954bc8c8a8901a71f822b1592f0a9052312696a94433d789b08dbbec44f330f03f896694c2&cri=JOsiowvgkL&ts=367&cb=1690424103446
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Thu, 27 Jul 2023 02:15:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
BLOB 200
OK 42a5120a-f4de-471a-86c1-53e5edca1f0e
https://www.uptycs.com/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.uptycs.com/42a5120a-f4de-471a-86c1-53e5edca1f0e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 905897d67783eeae1f283ac8bfd8850faa78b66f29c8ac91077508b5380412d6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 261
Content-Type

OPTIONS
H2 200 /
ws.zoominfo.com/pixel/6127ecc2d037650015c31617/ Frame 0
0 221ms
174ms Preflight
text/html 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6127ecc2d037650015c31617/?iszitag=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _vtok,_zitok,content-type
Access-Control-Request-Method: GET
Origin: https://www.uptycs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok
access-control-allow-origin: https://www.uptycs.com
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ed15f581b202c4e-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 27 Jul 2023 02:15:03 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express

GET
H2 200 formcomplete.js Show response
ws-assets.zoominfo.com/ 56 KB
18 KB 112ms
59ms Script
application/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-assets.zoominfo.com/formcomplete.js
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f03450bb6efbf09d31b7d62bd7b5ebe3e21ca4c132341b929dcfd2d0e21f133e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:15:03 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 2445
x-guploader-uploadid: ADPycduFaVY6nvJTkLRAYgkROtMPCkuDsQf_jBKWFXLvBMXm0LZYdwL1dQYYu42qOL07gLHZmnJeva2ycvVmLr-Io4U7HFE98ElV
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 16 May 2023 09:01:21 GMT
server: cloudflare
etag: W/"98af2c9e21e222c751d8c61f27ca2f67"
x-goog-hash: crc32c=hquDPQ==, md5=mK8sniHiIsdR2MYfJ8ovZw==
x-goog-generation: 1684227681426057
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 57282
cf-ray: 7ed15f582c726940-FRA
expires: Thu, 27 Jul 2023 02:34:18 GMT

GET
H3 200 / Show response
ws.zoominfo.com/pixel/6127ecc2d037650015c31617/ 3 KB
2 KB 424ms
396ms Fetch
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6127ecc2d037650015c31617/?iszitag=true

Requested by

Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

471df957853174819b1ef0799770ca4fbf15f742a9e105065fd2251dba106bc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.uptycs.com/resources/infostealer
_vtok: MjE3LjExNC4yMTUuMTMx
_zitok: eccba3aa397241ea38461690424103
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/javascript

Response headers

date: Thu, 27 Jul 2023 02:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.uptycs.com
access-control-allow-credentials: true
cf-ray: 7ed15f596b7d4dac-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 200 forms
ws.zoominfo.com/formcomplete-v2/ Frame 0
0 453ms
453ms Preflight
text/html 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.uptycs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin: https://www.uptycs.com
allow: POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ed15f589b632c4e-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 27 Jul 2023 02:15:04 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express

POST
H3 200 forms Show response
ws.zoominfo.com/formcomplete-v2/ 396 B
634 B 165ms
165ms Fetch
application/json 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Requested by

Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f183a02540b19ddb117ab6e690021755770b5f73784eded85066bab395c7cdab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.uptycs.com/resources/infostealer
accept-language: de-DE,de;q=0.9
Authorization: bearer eb80a034af9a77c4c43d5841044feb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 27 Jul 2023 02:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
etag: W/"18c-UDdq46tNmFhkRcWaR9URtM35s0A"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.uptycs.com
access-control-allow-credentials: true
cf-ray: 7ed15f5b6cec4dac-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
alt-svc: h3=":443"; ma=86400

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 201ms
201ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uptycs.com/resources/infostealer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:15:04 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
147 B 109ms
109ms XHR
application/json 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/0036b213134bb87d518c56fbdc671d2b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.uptycs.com/resources/infostealer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.uptycs.com
date: Thu, 27 Jul 2023 02:15:04 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET img.gif
b.6sc.co/v1/beacon/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b.6sc.co
URL: https://b.6sc.co/v1/beacon/img.gif?token=7f8bd8662c3cd8304b53ece67c07c07c&svisitor=null&visitor=0bad6d0a-c88b-43d2-87ce-b2496c0d7533&session=bc05404b-2025-4b2a-8196-a20960cd053e&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2027%20Jul%202023%2002%3A15%3A04%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2027%20Jul%202023%2002%3A15%3A03%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22%27Stealers%20are%20Organization%20Killers%27%20whitepaper%20provides%20insights%20into%20the%20rising%20infostealer%20malware%20threat%2C%20their%20impacts%20%26%20effective%20defense%20strategies.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Understanding%20%26amp%3B%20Countering%20Infostealer%20Threats%3A%20Cybersecurity%20Whitepaper%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.uptycs.com%2Fresources%2Finfostealer&pageViewId=3562b4be-bcfd-4be3-8780-fd8c55ee4b60&v=1.1.5

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 17:52:56	Name: _GRECAPTCHA Value: 09AJ_RfJmYUeI-Z3Et59CEPUmZY46ItPK3QF7_nQAOqbjgIpwWNVEBopCWkCaLMGMxDD4dx8UtoqiA68-o6C4bnAQ
.www.uptycs.com/	1970-01-20 13:33:45	Name: __cf_bm Value: W8Kh0uckgOwdHCtsf1BiB3VLBw8TqQem.pEdJV_TDqg-1690424098-0-ARudFTgxYI5iXxQ2eM4lD3jBJmu7CSKRIih9118aEWOSnaKG/hw5XHWs5tLztV7tC22DtmfykTO6hjOkaBE7T/o=
.www.uptycs.com/	1969-12-31 23:59:59	Name: __cfruid Value: c30c93c5a8918313cfca53de07158ff9d9c58d67-1690424098
.hubspot.com/	1970-01-20 13:33:45	Name: __cf_bm Value: qx.97dx9noygmOEb4.sXXnWUwepQKigG4z0Uljx2D6I-1690424099-0-AddAbdQ38H1vuL2iPkOcVUxb13fJvaWDxhkd66wHmWinB26AvfVDXSi5ZN00q9gHa+gXuIke7gz7rRIQyZ3/m+Y=
.uptycs.com/	1970-01-20 15:43:20	Name: _gcl_au Value: 1.1.1123405160.1690424103
.uptycs.com/	1970-01-20 23:09:44	Name: _ga_FM1R8N7KP8 Value: GS1.1.1690424102.1.0.1690424102.60.0.0
.uptycs.com/	1970-01-20 23:09:44	Name: _ga Value: GA1.1.846526211.1690424103
www.uptycs.com/	1970-01-20 23:09:44	Name: _gd_visitor Value: 0bad6d0a-c88b-43d2-87ce-b2496c0d7533
www.uptycs.com/	1970-01-20 13:33:58	Name: _gd_session Value: bc05404b-2025-4b2a-8196-a20960cd053e
.uptycs.com/	1970-01-20 15:45:08	Name: _cq_duid Value: 1.1690424103.gnA8Goc2CBpj5Htr
.uptycs.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1690424103.5K8Htc2xpgamZbN9
.uptycs.com/	1970-01-20 22:19:20	Name: _hjSessionUser_3384743 Value: eyJpZCI6IjQ4ZDllNjY4LTVhY2YtNTY4NC05ZjMyLThmYWEzMDFjNTFiOCIsImNyZWF0ZWQiOjE2OTA0MjQxMDMxMjMsImV4aXN0aW5nIjpmYWxzZX0=
.uptycs.com/	1970-01-20 13:33:45	Name: _hjFirstSeen Value: 1
.uptycs.com/	1970-01-20 13:33:44	Name: _hjIncludedInSessionSample_3384743 Value: 1
.uptycs.com/	1970-01-20 13:33:45	Name: _hjSession_3384743 Value: eyJpZCI6ImZlN2E2NWQ1LWY0Y2EtNDg3Yy05MTc1LTgyODhkNzVhN2M4MCIsImNyZWF0ZWQiOjE2OTA0MjQxMDMxMzAsImluU2FtcGxlIjp0cnVlfQ==
.uptycs.com/	1970-01-20 13:33:45	Name: _hjAbsoluteSessionInProgress Value: 0
www.uptycs.com/	1970-01-20 13:35:10	Name: ln_or Value: eyIxMjUyOTIyIjoiZCJ9
.linkedin.com/	1970-01-20 15:43:20	Name: li_sugr Value: 5b67830e-5df0-4b15-a4bd-ab65d6b5ccc9
.linkedin.com/	1970-01-20 22:19:20	Name: bcookie Value: "v=2&24a2eedf-e780-40ad-8512-ecc82c33c352"
.linkedin.com/	1970-01-20 13:35:10	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2619:u=1:x=1:i=1690424103:t=1690510503:v=2:sig=AQER_MmNvxhrqrcw1Ky-ZEI6X8AMtLlo"
.6sc.co/	1970-01-20 23:09:44	Name: 6suuid Value: bd6411029787010027d3c164720100000dab6300
.linkedin.com/	1970-01-20 14:16:56	Name: UserMatchHistory Value: AQLJGg8FPZq4DQAAAYmVINGf0sk8kMMFxZ0-ZLYl7ACLF5MmCtk-teYUXWqPiN_VYI27dfdONiGlcQ
.linkedin.com/	1970-01-20 14:16:56	Name: AnalyticsSyncHistory Value: AQKgsXE1EoucOgAAAYmVINGf1Dqiwo43EJ3MeU6OKDN4h5OK-xvBvZR3JkYHkqE3uRYEk8Rp2vBHKmAq91BdNw
obs.segreencolumn.com/	1970-01-20 21:37:34	Name: cg_uuid Value: 67d3837571e91042c91a31396ae3076f
.www.linkedin.com/	1970-01-20 22:19:20	Name: bscookie Value: "v=1&20230727021503d75bae3b-05e0-419f-8fe2-17aab11719b6AQFtksBiLnAT4WK8qYNVyqW6TTUinBI5"
.linkedin.com/	1970-01-20 17:52:56	Name: li_gc Value: MTswOzE2OTA0MjQxMDM7MjswMjGKShpHpUDLHCuT3A/4M197fhUutZxnL/JeatW16lFXVA==
.www.uptycs.com/	1970-01-20 23:09:44	Name: _zitok Value: eccba3aa397241ea38461690424103
.zoominfo.com/	1970-01-20 13:33:45	Name: __cf_bm Value: VpadR7vh2w8hQUascv.xxVaH1.7272rKoyFKqaTJeNU-1690424103-0-AbIodGiK/P9Ji4bvNNKd2G90uJFfdtitHz9lWc5RGVER349Zkbw5JrnSlzroIF/m90d9WeQydynhV+S9bqQ+EOw=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: NQAF3nAH.j6OX9QVBoFrB8Q3o8A5I4IuWISQw57wXUM-1690424103743-0-604800000

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	verbose	URL: blob:https://www.uptycs.com/42a5120a-f4de-471a-86c1-53e5edca1f0e(Line 1) Message: Error

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2617658.fs1.hubspotusercontent-na1.net
app.hubspot.com
b.6sc.co
c.6sc.co
cdn.jsdelivr.net
cdn.linkedin.oribi.io
content.hotjar.io
cta-service-cms2.hubspot.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hubspot.com
js.usemessages.com
js.zi-scripts.com
ob.segreencolumn.com
obs.segreencolumn.com
perf-na1.hsforms.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
static.hsappstatic.net
stats.g.doubleclick.net
track.hubspot.com
ws-assets.zoominfo.com
ws.zoominfo.com
www.clickcease.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.uptycs.com
b.6sc.co
108.138.7.111
13.107.42.14
18.66.97.53
2.17.100.193
2001:4860:4802:32::36
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
2600:9000:206f:6800:15:a0d3:77c0:93a1
2600:9000:20eb:3e00:2:53b2:240:93a1
2600:9000:2490:2600:18:15b9:5a80:93a1
2606:2c40::c73c:671e
2606:4700::6810:5614
2606:4700::6810:650c
2606:4700::6810:75be
2606:4700::6810:88ce
2606:4700::6810:a852
2606:4700::6811:61ac
2606:4700::6811:6dc7
2606:4700::6811:d2f3
2606:4700::6811:d3f3
2606:4700::6811:d5f3
2606:4700::6812:18c4
2606:4700::6812:8c65
2606:4700::6812:f0f
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:81c::2008
2a00:1450:4001:827::2004
2a00:1450:4001:828::2003
2a00:1450:4001:830::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9c
2a02:26f0:3100::1725:e251
2a02:26f0:3100::1735:28c0
52.222.236.49
54.73.32.2
01e2dc42b68e5fd389bca5323cf5463dbda70739196fdb85675e6dd2282d71b7
0215600170796fcdfac8c9e629c0e65d31728b0fdcd0ca903f629fc5303be96f
0268b589d424a686ee986465b7917ac6c852be4fd6908331002878205beee576
0443920b19555fd151ec04b65356386980ec50d3ec070ec3dca86ce933b6a738
046bd842b302fe595d99d4a90b75d6f558f397a384c1b300dffb615fe4a63768
07662f471c9774bc9a883d8fed064e8b054ce9ebf55d9171bacee2818c9dc4c5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
1490a4f92e8882d2381d87fada79a1df45e36e325829a84d31f8abe36085b472
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
285e3a9f61142dff4f5abda4ef2dfb3de389251a7e896177b4f8e6b211d112c1
38ac59462d927e82c2a01a872162469a03bedf329a1437d63be6bb3e6f0895cd
393bac9f8a192ef888784cf8b40df104be50ff968a1f005021641cae99a92e88
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
471df957853174819b1ef0799770ca4fbf15f742a9e105065fd2251dba106bc7
4f9687af855e3702920c9feedcf07596807bf43bcd8de0b543ffee66f98e1a22
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
59a6ff408fe8ee185325c0e1e7e367ed3255d33700d9f2888881b111d6636c3a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
62e120f9707942e703ef7a54d281e0f4a4027114e88e57f38909e48927029604
66668dfde28f6f02a0eacd658df4b8284f2dc9181583a8900c74a2674904b84e
67591085ecd78953550ce0c81743b970cd8eecc81cb4e13405bf40b4c82b6f0d
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
79c2e5033850ccbb2dc4cfb164071921a49c0b8bf577840426290fca9e14e301
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
814323ef69ab619dc133989c7c2ce2e9c859ffe2195f8fad3fe2bc0412df5d4f
86f7ec584345f22e87d0860848f230fd252522bfa49f65103342276cdf0c412e
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
89da679b9a6c0ff38617f6633b5aee602e0901d79e2fb6ee1929538f451a5356
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
905897d67783eeae1f283ac8bfd8850faa78b66f29c8ac91077508b5380412d6
92b6882a6f1f89eaea5cd62363f34180267d117487929efc8e050c20cacc5174
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9abf956b1e8e5f54e0496c836d12ca7bbbdd3011748a44846fef756a963b84f2
a3f5ada5b2ccb6fe6cbecb0bd612f38249a033f922ee04d5291be15856e2f2f0
ae3536ecd79c98f87387cee9060be3053e0eb8fe0871e7336554812ef8138772
b48a0510a39e949184e762267407b9d7292b4fd69dcbf953b657c1e9cfc4cc61
b8b7ad171811043fd05774fd3258e693f117927ceb15c25f6f4d234c68d29d21
bd432513d3a681e07e07cf97654374c3e868e7269f16a8b126929b0f0b7b6894
bf523e8d38b19253fc8db014b453896bb115dd3e7afb5e9c7f4e8975d2daa56a
c2b349073b8421ec84bfd334c01132010daabccff2f8975a9d242720a37a7da3
c365a59132dd34b492cb3a77d534078dd35cbbf75dbb2eabbe328642b74a291b
c431b7004f2def447ab4b6b2e63e694f322c65162a22e689f91a69e391241df4
c6a6a50b2ce46af481ed4ea7bda019f4bc6bad4526925e13f121be76838b18f2
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
cdc04e3ffe5848a5eb26279cb6ac9bc973bbd3e8c58255428684481852068071
ce580090d2befdbfe1545ca10b1f2a989634678929df7aa5490d63b3a06c6ba0
d72c61e12609ab7bce9bd745a884a6214b31387cb06aa1eb886ef4d04ff20c80
d8aea4d4a73064ab2e8d0fd3f9e7c16bc8b8ce591da0ae03b272284c2c3b29ad
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc41bfb7b1f75ff765c8a380b91b6dad844f9334600537e33a746756b3b79313
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e10ce26ead0eca58cd5346843538415611b745bfd29825322efad56424a4c911
e2d6190054a90d9bc7cd17e6abaa74801a6e460dff2a587941e7d735be4064fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6067dcd5dce2a3474610f14be162b671b90e8d916358d4cf324a526fb5e9ac6
e7d73ae35c3412dd12292590b041a66f83a14f7766041b8d523fadf78c8d7daa
eb724661be8d7275d92baab60d160ee4140870891787a8f244e21763bfee12fc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efba13392274ca4b6a31321273c3dd84403cd1104255e9b423de3196f5bd1495
f03450bb6efbf09d31b7d62bd7b5ebe3e21ca4c132341b929dcfd2d0e21f133e
f0f6cbd510d5b35e5eb754d7b8ff8e4ada60ff7c061020555cb2d2b18f2ba7c6
f1707f82b77253ac59defc0688b697c85ff437e3eb1fec639f852848d7b8218b
f183a02540b19ddb117ab6e690021755770b5f73784eded85066bab395c7cdab
f51c700fe7d8f26e666a04c3eb2fe0bfdbaa2008e4b2a68b785f47b2a03a4be9
f54b61a120e0240c98428d76beab031099f4f0379cbc623de071277255088fdc
f89f76121640eda65e349e927a414b5ba94f9c1e070d8727e726a6143de97f6b
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fb9f2803dc6e2ba3d1153f02304d18575d2e25d056c7b072dfdbeab20c628fa2
fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

www.uptycs.com Open in urlscan Pro 2606:2c40::c73c:671e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

97 Requests

97 %HTTPS

83 %IPv6

26 Domains

42 Subdomains

35 IPs

4 Countries

1909 kBTransfer

4714 kBSize

29 Cookies

4 Outgoing links

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.uptycs.com Open in urlscan Pro
2606:2c40::c73c:671e Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

97 %
HTTPS

83 %
IPv6

26
Domains

42
Subdomains

35
IPs

4
Countries

1909 kB
Transfer

4714 kB
Size

29
Cookies

97 HTTP transactions
1 data transactions