darktrace.com Open in urlscan Pro
34.249.200.254  Public Scan

20 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

• https://cm.everesttech.net/cm/dd?d_uuid=40835431061957685961262132993803936459 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZRL15gAAAItZpAOV

Request Chain 87

• https://9120626.fls.doubleclick.net/activityi;src=9120626;type=unive0;cat=darkt00;ord=4366832489713;auiddc=4594204.1695741414;u1=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer;gtm=45fe39k2h1;epver=2;~oref=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer HTTP 302
• https://9120626.fls.doubleclick.net/activityi;dc_pre=CLe3kYXJyIEDFWXcOwId3HwMXQ;src=9120626;type=unive0;cat=darkt00;ord=4366832489713;auiddc=4594204.1695741414;u1=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer;gtm=45fe39k2h1;epver=2;~oref=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer

Request Chain 95

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1695741414417&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1695741414417&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D67174%26time%3D1695741414417%26url%3Dhttps%253A%252F%252Fdarktrace.com%252Fblog%252Fthe-rise-of-the-lumma-info-stealer%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1695741414417&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1695741414417&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&cookiesTest=true&liSync=true&e_ipv6=AQLCJSgwAohTWgAAAYrSEJBidLZ9_UUwBJppYbBnnAUe9mok4aW2ZYT-yC1G6VT9SXdOqSA

Request Chain 109

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/401176436/?random=1755135457&cv=11&fst=1695741414478&bg=ffffff&guid=ON&async=1&gtm=45be39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&label=iWNrCOfMzv0DEPTupb8B&hn=www.googleadservices.com&frm=0&tiba=The%20Rise%20of%20the%20Lumma%20Info-Stealer%20%7C%20Darktrace%20Blog&auid=4594204.1695741414&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=5vUSZYq7JIKB7_UPpYuaoA8&sscte=1&crd=&pscrd=EkpDaEFJOElMS3FBWVFsT182cGJhcnlKOGpFaU1Ba3ljck1tQ00zZlJ1cmlxalJGdTJqMEtqNXNSVE93U1h1Q180MFVTcTFnMEtXQRpWQ2hFSThJTEtxQVlRdDlUanZJRzR1OG11QVJJckFFaV96OXgyTUU3aFhGMENkSmxZTXlXOFdqTkpFNlNCNGtQY2tsZk9yRzFqdWltbmc5X2tPZmtJemciEwiKxpeFyciBAxWCwLsIHaWFBvQ HTTP 302
• https://www.google.com/pagead/1p-conversion/401176436/?random=1755135457&cv=11&fst=1695741414478&bg=ffffff&guid=ON&async=1&gtm=45be39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&label=iWNrCOfMzv0DEPTupb8B&hn=www.googleadservices.com&frm=0&tiba=The%20Rise%20of%20the%20Lumma%20Info-Stealer%20%7C%20Darktrace%20Blog&auid=4594204.1695741414&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkpDaEFJOElMS3FBWVFsT182cGJhcnlKOGpFaU1Ba3ljck1tQ00zZlJ1cmlxalJGdTJqMEtqNXNSVE93U1h1Q180MFVTcTFnMEtXQRpWQ2hFSThJTEtxQVlRdDlUanZJRzR1OG11QVJJckFFaV96OXgyTUU3aFhGMENkSmxZTXlXOFdqTkpFNlNCNGtQY2tsZk9yRzFqdWltbmc5X2tPZmtJemciEwiKxpeFyciBAxWCwLsIHaWFBvQ&is_vtc=1&ocp_id=5vUSZYq7JIKB7_UPpYuaoA8&cid=CAQSKQDICaaN5Gt0I-Og2JR2YaCCJD5npnErU34MY7eCWYrCNPdjBfPu9uc_&random=3511076391 HTTP 302
• https://www.google.de/pagead/1p-conversion/401176436/?random=1755135457&cv=11&fst=1695741414478&bg=ffffff&guid=ON&async=1&gtm=45be39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&label=iWNrCOfMzv0DEPTupb8B&hn=www.googleadservices.com&frm=0&tiba=The%20Rise%20of%20the%20Lumma%20Info-Stealer%20%7C%20Darktrace%20Blog&auid=4594204.1695741414&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkpDaEFJOElMS3FBWVFsT182cGJhcnlKOGpFaU1Ba3ljck1tQ00zZlJ1cmlxalJGdTJqMEtqNXNSVE93U1h1Q180MFVTcTFnMEtXQRpWQ2hFSThJTEtxQVlRdDlUanZJRzR1OG11QVJJckFFaV96OXgyTUU3aFhGMENkSmxZTXlXOFdqTkpFNlNCNGtQY2tsZk9yRzFqdWltbmc5X2tPZmtJemciEwiKxpeFyciBAxWCwLsIHaWFBvQ&is_vtc=1&ocp_id=5vUSZYq7JIKB7_UPpYuaoA8&cid=CAQSKQDICaaN5Gt0I-Og2JR2YaCCJD5npnErU34MY7eCWYrCNPdjBfPu9uc_&random=3511076391&ipr=y

172 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request the-rise-of-the-lumma-info-stealer Show response darktrace.com/blog/	177 KB 49 KB	284ms 108ms	Document text/html	34.249.200.254 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.249.200.254 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-249-200-254.eu-west-1.compute.amazonaws.com Software / Resource Hash 3f57c9c8e5076d4be9fa38007a2e5c702f62456173d418cb6a2808f021cf7c12 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 20219 content-encoding gzip content-length 49347 content-security-policy frame-ancestors 'self' content-type text/html date Tue, 26 Sep 2023 15:16:53 GMT referrer-policy strict-origin-when-cross-origin strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding,x-wf-forwarded-proto x-cache MISS, HIT x-cache-hits 0, 1 x-cluster-name eu-west-1-prod-hosting-red x-content-type-options nosniff x-frame-options SAMEORIGIN x-lambda-id 8d5fad9a-9e36-41e7-87fa-294ab97ffed5 x-permitted-cross-domain-policies none x-served-by cache-iad-kjyo7100131-IAD, cache-dub4337-DUB x-timer S1695741413.070980,VS0,VE1 x-xss-protection 1; mode=block
GET H2	200	web-phoenix.75810a92c.min.css assets-global.website-files.com/626ff19cdd07d1258d49238d/css/	541 KB 99 KB	156ms 46ms	Stylesheet text/css	2600:9000:20c3:c200:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.75810a92c.min.css Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:c200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 82a81747fb7821b43c1512db0a071180a240f1632532863e657fb717d400b455 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-amz-version-id 7YFSV3pbfle4LHFGYQshGy4NtSqaBAxG content-encoding gzip via 1.1 81f038b63d8af92c2b360530d51919c2.cloudfront.net (CloudFront) date Tue, 26 Sep 2023 13:02:09 GMT age 9280 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 101269 last-modified Mon, 25 Sep 2023 13:11:36 GMT server AmazonS3 etag "0492527294671c1115555420439bc6ed" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id j_kcg6EiTN1CmhChVkrh5Ek8dAaOBNscDZPs7e8ZSeSkTsYTeRa_ww==
GET H2	200	api.js Show response www.google.com/recaptcha/	1 KB 1 KB	145ms 52ms	Script text/javascript	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash c84a93bd9c5300c1d75a733958664acf817d565d2ed6a33857582ebc4702beb5 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:53 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Tue, 26 Sep 2023 15:16:53 GMT
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 7 KB	137ms 53ms	Script application/javascript	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 26 Sep 2023 15:16:53 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 h6ThlO7ea17v6JNPXbI1zQ== age 37146 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 6822 x-ms-lease-status unlocked last-modified Mon, 25 Sep 2023 19:31:33 GMT server cloudflare etag 0x8DBBDFE06DEE41C vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id a957bdb7-c01e-00a6-14e9-ef8e9d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 80cc7878d84a4d54-FRA
GET H2	200	launch-581b2cfa7858.min.js Show response assets.adobedtm.com/ea4e25aa0549/f752722fa920/	154 KB 47 KB	131ms 44ms	Script application/x-javascript	2a02:26f0:480:983::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:983::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 5560a2f9b290ae957e4c008304b3b1debcce91b98f0764325c728710eec87083 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:53 GMT content-encoding gzip last-modified Thu, 29 Jun 2023 09:07:47 GMT server AkamaiNetStorage etag "3bee43625b62167bb7263cde941574cd:1688029667.963463" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://darktrace.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 47722 expires Tue, 26 Sep 2023 16:16:53 GMT
GET H2	200	25522132.js Show response js-eu1.hs-scripts.com/	2 KB 1 KB	186ms 69ms	Script application/javascript	172.65.208.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-scripts.com/25522132.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 73b45540dc5244880048409257788901daffa8673ec254f9082b89bc3f26a34b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:53 GMT content-encoding br x-content-type-options nosniff cf-cache-status EXPIRED x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id fdfb3015-820d-4903-b870-950681acae3c x-envoy-upstream-service-time 10 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id fdfb3015-820d-4903-b870-950681acae3c last-modified Tue, 26 Sep 2023 15:02:57 GMT server cloudflare x-trace 2BCE652820E7577DE58C644960D123564E4B2378D2000000000000000000 vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://darktrace.com x-evy-trace-virtual-host all cache-control public, max-age=30 access-control-allow-credentials true x-evy-trace-served-by-pod fra04/hubapi-td/envoy-proxy-6c99cf4b6b-f6r27 cf-ray 80cc787abe69922c-FRA
GET H2	200	weglot.min.js Show response cdn.weglot.com/	110 KB 38 KB	142ms 45ms	Script application/javascript	2600:9000:26db:2000:1:28b3:b280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.weglot.com/weglot.min.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:2000:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9d1d87052ff41d3da4e356523c909c493986bc2d64301a6530d8f1cd458e2096 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-amz-version-id null content-encoding gzip via 1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront) date Tue, 26 Sep 2023 15:07:58 GMT last-modified Tue, 26 Sep 2023 08:33:07 GMT server AmazonS3 x-amz-cf-pop MUC50-P3 age 535 etag W/"374e7f8020f0e9411b80ea4cd712b73b" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control max-age=1800 x-amz-cf-id F1y_33MOfOldCVoCX5Ce3m4iX9mjXHN87FsmidWssdrEXJSdwEPn6w==
GET H2	200	jquery-ui.css code.jquery.com/ui/1.13.2/themes/base/	35 KB 8 KB	149ms 56ms	Stylesheet text/css	2a04:4e42:200::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/ui/1.13.2/themes/base/jquery-ui.css Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::649 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash c8c2157918c9fed0bb9dcc56c96b52dc7af70b05ca0228e467eaf91777751ad7 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:53 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 940792 x-cache HIT, HIT content-length 8356 x-served-by cache-lga21933-LGA, cache-ams21043-AMS last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1695741413.265045,VS0,VE0 etag W/"28feccc0-8d03" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 82, 19305
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	132ms 40ms	Script application/javascript	2a04:4e42:200::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::649 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:53 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 503313 x-cache HIT, HIT content-length 30875 x-served-by cache-lga21931-LGA, cache-ams21043-AMS last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1695741413.265000,VS0,VE0 etag W/"28feccc0-15d9d" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 4, 294064
GET H2	200	9d4e9aed-5f41-4ac6-9664-348ac7434c4c.js Show response t.gatorleads.co.uk/Scripts/ssl/	14 KB 7 KB	152ms 39ms	Script text/javascript	37.221.223.30 SPOTLER Spotler N...
General Check archive.org Show headers Download Go to Full URL https://t.gatorleads.co.uk/Scripts/ssl/9d4e9aed-5f41-4ac6-9664-348ac7434c4c.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 37.221.223.30 , United Kingdom, ASN51514 (SPOTLER Spotler Network, NL), Reverse DNS mail30.tgml2.co.uk Software Caddy / Resource Hash 2640b6bbf6b7cd7844db1890c44b3be228e70ab0e0eb91012405513b599d6abc Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:53 GMT content-encoding gzip x-backend web43 age 1609 x-cache HIT 492 spuk-var01 cad-forwarded-for 80.255.7.108 content-length 6883 x-client-ip 10.118.6.11 server Caddy vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public access-control-allow-credentials true x-client-id 10.118.6.11 t-caddyhead 101 accept-ranges bytes
GET H2	200	socialshare.js Show response cdn.jsdelivr.net/npm/@finsweet/attributes-socialshare@1/	9 KB 4 KB	144ms 56ms	Script application/javascript	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@finsweet/attributes-socialshare@1/socialshare.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eafd7e17be354753ca120ef03d28aa45a37c423e89e9f2602e8fd5a24400f150 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:53 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 22338 x-jsd-version 1.3.1 content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230136-FRA, cache-yyz4574-YYZ x-jsd-version-type version server cloudflare etag W/"2385-rwl9CAsmlk954AGumYBzecK5wJE" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQGm88pb0hmLXDPeCAwZB1rwEpkBDF9sbRKbrTAxgAoRedaZNFhoo6zpKZA%2FPaEgyPGJ8e3m9%2BgJ%2FDd3gdP%2FwSKHwhJp076TGchT97lskcqCKKdO23LolWpxuVfV0IBn8VVcaZgHMXWJS0abCcw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 80cc787a9bbb9bfe-FRA
GET H2	200	62c4e22e866dec1fe2712cb3_Darktrace%20Logo%20B%3AO%20-%20Vector.svg assets-global.website-files.com/626ff19cdd07d1258d49238d/	8 KB 3 KB	60ms 58ms	Image image/svg+xml	2600:9000:20c3:c200:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/62c4e22e866dec1fe2712cb3_Darktrace%20Logo%20B%3AO%20-%20Vector.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:c200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ef6b6ed623b9789747d2e491b3ad692793d461be2f27bdf0c531b2d953fa670d Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 02 Mar 2023 10:03:31 GMT x-amz-version-id U3NyuUAtCMgfEVbn9mSuYAOoErDsuB9M content-encoding gzip via 1.1 81f038b63d8af92c2b360530d51919c2.cloudfront.net (CloudFront) age 17990003 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 06 Jul 2022 01:15:27 GMT server AmazonS3 etag W/"c34059ce90d8a25cb81c8342bac3caad" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-id UTGqhwF3GUDWP_P-bEZvhcy3-vyzLTAnQhiuvnuqpg6qQppBsKgwFg==
GET H2	200	62c4e24dc156cb0b0f553f00_Darktrace%20Logo%20W%3AO%20-%20Vector.svg assets-global.website-files.com/626ff19cdd07d1258d49238d/	4 KB 2 KB	61ms 59ms	Image image/svg+xml	2600:9000:20c3:c200:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/62c4e24dc156cb0b0f553f00_Darktrace%20Logo%20W%3AO%20-%20Vector.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:c200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fb569f6cb17f458762401b465a42bef12e5d53c5159fe280fdeebce485918f15 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 17 Jul 2023 06:11:51 GMT x-amz-version-id atk2MPCHNIcTHrkcjIHBKdHEDkFTRJJf content-encoding br via 1.1 81f038b63d8af92c2b360530d51919c2.cloudfront.net (CloudFront) age 6167103 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 06 Jul 2022 01:15:59 GMT server AmazonS3 etag W/"5991991ddb298b4d5a41b64e945abc05" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-id oKm4upIVtFynBqeQUTTehOhMsRPjSyvtB8g6I_eeKN7d9qOeY0nPmg==
GET H2	200	6439504aac7642d452f73227_Orrange%20Arrow.svg assets-global.website-files.com/626ff19cdd07d1258d49238d/	515 B 974 B	62ms 59ms	Image image/svg+xml	2600:9000:20c3:c200:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/6439504aac7642d452f73227_Orrange%20Arrow.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:c200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4132d7151489539efda9fcd764f395c17bcf6d28f2b77787ea49d2acaf987c9b Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 03 May 2023 17:21:14 GMT x-amz-version-id EsH5slD6K9c8haLetnad.x967jb3Dp0C via 1.1 81f038b63d8af92c2b360530d51919c2.cloudfront.net (CloudFront) age 12606939 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 515 last-modified Fri, 14 Apr 2023 13:08:27 GMT server AmazonS3 etag "dbf50e460599d6583e104fddeb06617d" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id D61oSYQ7-uzm9NUoyZeC97-4rp0wKAaPDpx-T1AxARM8MNGXGu2cJA==
GET H2	200	jquery-3.5.1.min.dc5e7f18c8.js Show response d3e54v103j8qbb.cloudfront.net/js/	87 KB 30 KB	185ms 44ms	Script application/javascript	108.156.61.211 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=626ff19cdd07d1258d49238d Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.61.211 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-156-61-211.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Referer https://darktrace.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 05:33:24 GMT content-encoding br via 1.1 beda7ef1ba9a3d6628bdfdae06bd482c.cloudfront.net (CloudFront) age 35010 x-amz-cf-pop AMS1-P2 x-cache Hit from cloudfront last-modified Mon, 20 Jul 2020 17:53:02 GMT server AmazonS3 etag W/"dc5e7f18c8d36ac1d3d4753a87c98d0a" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=84600, must-revalidate vary Accept-Encoding x-amz-cf-id VBb9IahJSXapiaubYZVCjSXb-mAAeQ02qHQferqNCt8DR7Hxs__M1w==
GET H2	200	web-phoenix.d49a20471.js Show response assets-global.website-files.com/626ff19cdd07d1258d49238d/js/	2 MB 238 KB	43ms 43ms	Script text/javascript	2600:9000:20c3:c200:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/js/web-phoenix.d49a20471.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:c200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b986ea26805370f1ca611c095bade703d61e3744984aef357be207236748f563 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-amz-version-id tOiJTlHXN6xsCVHmYk6YAxpNdUK0aWjC content-encoding gzip via 1.1 81f038b63d8af92c2b360530d51919c2.cloudfront.net (CloudFront) date Tue, 26 Sep 2023 10:49:22 GMT age 17281 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 243032 last-modified Mon, 25 Sep 2023 10:57:55 GMT server AmazonS3 etag "d71c840d166c292830b249eab0833b18" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id 2bpfPne8WApK5RlcQEwnrj3pBeegrwxKv3Z31FohU3kJ1AzetfX0LA==
GET H2	200	jquery-ui.min.js Show response code.jquery.com/ui/1.13.2/	249 KB 66 KB	43ms 40ms	Script application/javascript	2a04:4e42:200::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/ui/1.13.2/jquery-ui.min.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::649 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:53 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 939215 x-cache HIT, HIT content-length 67628 x-served-by cache-lga13623-LGA, cache-ams21043-AMS last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1695741413.446357,VS0,VE0 etag W/"28feccc0-3e46c" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 56, 40885
GET H2	200	gsap.min.js Show response cdnjs.cloudflare.com/ajax/libs/gsap/3.11.4/	69 KB 25 KB	135ms 46ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.4/gsap.min.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b36764faf17f2803c4ef3a5ea18b0187dc9ae66b13ec253c71ddb3178d2ccf52 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:53 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 5348607 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 25169 last-modified Thu, 22 Jun 2023 11:03:34 GMT server cloudflare cf-cdnjs-via cfworker/r2 etag "64942a86-6251" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeZdrrVeN445g%2BEpmF9z3Iu0o%2FK4vBst%2FG4N6zUcSRZUtFcngAjP1TIgLKgToK9EoXyDsYNt3nEig7PAS4UlXSMQ2xkFTWsVn5jODB1SUk9etuVNYYkKB5WZXO6GsdTM%2BCBSmrKYiENrndo6%2FmH90pvp"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 80cc787a981735df-FRA expires Sun, 15 Sep 2024 15:16:53 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/	456 KB 184 KB	135ms 44ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://darktrace.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 13:58:53 GMT content-encoding gzip x-content-type-options nosniff age 4680 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 187854 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 13:58:53 GMT
GET H2	200	20244352-54bc-40a3-80e3-0daa9d221c87.json Show response cdn.cookielaw.org/consent/20244352-54bc-40a3-80e3-0daa9d221c87/	6 KB 3 KB	152ms 66ms	XHR application/x-javascript	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/20244352-54bc-40a3-80e3-0daa9d221c87/20244352-54bc-40a3-80e3-0daa9d221c87.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ed951ca234a2aae2ddef8ef3167b9c632c4581f8c44903934c3113507c4c840 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 26 Sep 2023 15:16:53 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 55957 content-md5 O32+igPEVrnpWERNPp4ZoQ== content-length 2032 x-ms-lease-status unlocked last-modified Wed, 17 May 2023 08:45:55 GMT server cloudflare etag 0x8DB56B321096755 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 02735e13-e01e-011c-309c-8846a4000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 80cc787a8d1f365f-FRA expires Wed, 27 Sep 2023 15:16:53 GMT
GET H2	200	234baeaaccaa2f09e0dc6c004f571bbd6.json Show response cdn.weglot.com/projects-settings/	3 KB 1 KB	142ms 58ms	Fetch application/json	2600:9000:26db:2000:1:28b3:b280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.weglot.com/projects-settings/234baeaaccaa2f09e0dc6c004f571bbd6.json Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:2000:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0331f0769d4a324d7e079bffe6c6718692991e153cc02e1e028e915e03ff234f Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 14:13:42 GMT x-amz-version-id null content-encoding gzip last-modified Mon, 11 Sep 2023 06:57:26 GMT server AmazonS3 via 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P3 etag W/"79499faba4931dd09569ee1171252c09" age 3792 vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/json access-control-allow-origin * x-cache Hit from cloudfront x-amz-cf-id WG27JpXZEbzy_39YxdbA64q-adABUIEi8PxmT13fZCPez5TRFnrx3w==
GET H2	200	/ ir.darktrace.com/	0 0	228ms 116ms	Other text/html	104.16.61.2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ir.darktrace.com/ Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.61.2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers
GET H2	200	resources darktrace.com/	0 65 KB	68ms 66ms	Other text/html	34.249.200.254 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://darktrace.com/resources Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.249.200.254 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-249-200-254.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:53 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy frame-ancestors 'self' content-encoding gzip x-permitted-cross-domain-policies none age 20383 x-cache MISS, HIT x-cluster-name eu-west-1-prod-hosting-red content-length 66457 x-xss-protection 1; mode=block x-served-by cache-iad-kjyo7100119-IAD, cache-dub4331-DUB referrer-policy strict-origin-when-cross-origin x-timer S1695741413.463280,VS0,VE0 x-lambda-id 23203a2f-9dcf-46fb-bb01-7c98173fa984 x-frame-options SAMEORIGIN vary Accept-Encoding,x-wf-forwarded-proto content-type text/html accept-ranges bytes x-cache-hits 0, 79
GET H2	200	6411aa96cb32ec1f5fcb7bac_Primary%20CTA%204.webp assets-global.website-files.com/626ff19cdd07d1258d49238d/	82 KB 83 KB	50ms 49ms	Image image/webp	2600:9000:20c3:c200:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/6411aa96cb32ec1f5fcb7bac_Primary%20CTA%204.webp Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.75810a92c.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:c200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 35554656118ced47368a42899d05e4449d1b7583a8f45851baa58f88debc9bf9 Request headers accept-language de-DE,de;q=0.9 Referer https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.75810a92c.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-amz-version-id TMsl_ozp.N89vHlK2cE2laBz_RYI9tQt date Tue, 26 Sep 2023 04:21:00 GMT via 1.1 81f038b63d8af92c2b360530d51919c2.cloudfront.net (CloudFront) age 52653 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 84336 last-modified Wed, 15 Mar 2023 11:23:45 GMT server AmazonS3 etag "c163a21b325f21772c0d432ae780ad7a" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id wpoM2T9BxlAdKPm2eYzHd4TCBJaEs8tQJtkHXxybao73XaVkU8-4rw==
GET H2	200	62aa2f88b8c0342cb0b7fbef_TypeType%20-%20TT%20Interphases%20Pro%20Regular.ttf assets.website-files.com/626ff19cdd07d1258d49238d/	136 KB 63 KB	174ms 48ms	Font application/x-font-ttf	2600:9000:223f:ba00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/626ff19cdd07d1258d49238d/62aa2f88b8c0342cb0b7fbef_TypeType%20-%20TT%20Interphases%20Pro%20Regular.ttf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.75810a92c.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:ba00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a6fd219289d32bb4cdc8e8831a6f56c5cc0e4246f324bb598277e0c9036753d4 Request headers Referer https://assets-global.website-files.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 10 Jan 2023 05:01:42 GMT x-amz-version-id pdAuGtTsh6vh4TYRUxRutxs_j7OuOOpJ content-encoding br via 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront) age 22414512 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 15 Jun 2022 19:35:09 GMT server AmazonS3 etag W/"c1b8cbcc934aea3e53c8fc4904d8060d" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id qWZ3v-w7DUNmkNxVNc_VbKjuvYASTDsQ0sLVxljLQtzMLMCXmy5ZDQ==
GET H2	200	62aa2f9a73505602c43cdef2_TypeType%20-%20TT%20Interphases%20Pro%20Bold.ttf assets.website-files.com/626ff19cdd07d1258d49238d/	135 KB 67 KB	230ms 106ms	Font application/x-font-ttf	2600:9000:223f:ba00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/626ff19cdd07d1258d49238d/62aa2f9a73505602c43cdef2_TypeType%20-%20TT%20Interphases%20Pro%20Bold.ttf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.75810a92c.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:ba00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash adecd63acc4782d7f6bea59bda9e02bfcc6f90ed14ace7f83e06c6c814b58e2a Request headers Referer https://assets-global.website-files.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Fri, 14 Jul 2023 13:33:08 GMT x-amz-version-id w8aES_2JIQeWMFtSaIseSTPNz4Sh5jKS content-encoding gzip via 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront) age 6399825 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 15 Jun 2022 19:33:53 GMT server AmazonS3 etag W/"a2975bcd95ef12e21b2c7596dfb5828d" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id AbPH2aoPn-qHA-8mJKFVz6k_i3HZJmM5eBlaeiqooABPuK1ngn1UwQ==
GET H2	200	62aa2f9d42aa6476a6757fcc_TypeType%20-%20TT%20Interphases%20Pro%20Medium.ttf assets.website-files.com/626ff19cdd07d1258d49238d/	136 KB 69 KB	256ms 132ms	Font application/x-font-ttf	2600:9000:223f:ba00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/626ff19cdd07d1258d49238d/62aa2f9d42aa6476a6757fcc_TypeType%20-%20TT%20Interphases%20Pro%20Medium.ttf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.75810a92c.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:ba00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 79b026bd6742c6610deedd72d90edd9c81c9a193765d36ca378ea5ea126c598f Request headers Referer https://assets-global.website-files.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 20 Mar 2023 10:14:54 GMT x-amz-version-id B572MK15SGJaUrf9WTf.94duuiLC4hsi content-encoding gzip via 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront) age 16434120 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 15 Jun 2022 19:33:53 GMT server AmazonS3 etag W/"9ceffdc8b55617bcce0da0274d7281f2" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id ZAKFyZRoMUzAvkn_cRTlrLbA4NVZnnAUeM3nE6hNvOyqK4Mg4K6aMw==
GET H2	200	65096b03aad69a48bf359832_StyreneDT-RegularWeb.ttf assets.website-files.com/626ff19cdd07d1258d49238d/	273 KB 68 KB	276ms 152ms	Font application/x-font-ttf	2600:9000:223f:ba00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/626ff19cdd07d1258d49238d/65096b03aad69a48bf359832_StyreneDT-RegularWeb.ttf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.75810a92c.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:ba00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d341bf32fb6eced837928a7d1add43f1d32df64bd48db0703aa489f9bc2887e0 Request headers Referer https://assets-global.website-files.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 19 Sep 2023 11:10:23 GMT x-amz-version-id zETFeUoTpmx1VpZ4cUBbK45K1aSXWlnR content-encoding br via 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront) age 619591 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 19 Sep 2023 10:22:15 GMT server AmazonS3 etag W/"0c9dcc91b168251dace63ecee9d6f3a1" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id r0gyLRfHR0eD02M9vXhE06pxQkhfk4rjWzrU5nt0To4oD7uIiu9IGA==
GET H2	200	65096c43ed27c280079394c3_StyreneDTWeb-Light.woff2 assets.website-files.com/626ff19cdd07d1258d49238d/	53 KB 54 KB	289ms 165ms	Font application/octet-stream	2600:9000:223f:ba00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/626ff19cdd07d1258d49238d/65096c43ed27c280079394c3_StyreneDTWeb-Light.woff2 Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.75810a92c.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:ba00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8e993ad6edc83f1b1d3ebe29ce13ef40bdad2d50f81bbfbbe708ad4661a1c60f Request headers Referer https://assets-global.website-files.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 19 Sep 2023 11:19:19 GMT x-amz-version-id 5Dq9ALN48BTrbcADUUd4IC1OMkvAUT9K via 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront) age 619054 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 54548 last-modified Tue, 19 Sep 2023 10:22:15 GMT server AmazonS3 etag "74353cbc7852296f048d5ebffe68cff0" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/octet-stream access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id TeHq4XWpkNkLTKbLwJdWmEGUA_QsPvqcTceVj68JthQbmUkYiwarTQ==
GET H2	200	65096c4319651fc4e99840b7_StyreneDTWeb-Bold.woff2 assets.website-files.com/626ff19cdd07d1258d49238d/	54 KB 54 KB	301ms 178ms	Font application/octet-stream	2600:9000:223f:ba00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/626ff19cdd07d1258d49238d/65096c4319651fc4e99840b7_StyreneDTWeb-Bold.woff2 Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.75810a92c.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:ba00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3a38c7521a53bba177d6dc2dc3541fb0cd7475bc21c7b287d41e1ea658850bb5 Request headers Referer https://assets-global.website-files.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 19 Sep 2023 11:19:19 GMT x-amz-version-id 3i8xjzjfbtXf386GVvJ6WLgEF_Z0SdOj via 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront) age 619055 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 55224 last-modified Tue, 19 Sep 2023 10:22:15 GMT server AmazonS3 etag "b957aa24255ad3abce993ad21fdb2ed2" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/octet-stream access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id OK8GkpKNnTL7pf6DKmgFzxTjkkPb4HYQODvpkZLrOhY1RvCWrHROkw==
GET H2	200	62aa2f9cb7cba93307b8e466_TypeType%20-%20TT%20Interphases%20Pro%20Light.ttf assets.website-files.com/626ff19cdd07d1258d49238d/	136 KB 66 KB	347ms 224ms	Font application/x-font-ttf	2600:9000:223f:ba00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/626ff19cdd07d1258d49238d/62aa2f9cb7cba93307b8e466_TypeType%20-%20TT%20Interphases%20Pro%20Light.ttf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.75810a92c.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:ba00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2708bde98da236fca8a23d86312f8f88263bbb724bfd3a1fc1cc82d45b903bd0 Request headers Referer https://assets-global.website-files.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Fri, 11 Nov 2022 07:19:02 GMT x-amz-version-id h92c_pwrIc3recOs63YPV7bC1zHAAilf content-encoding br via 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront) age 27590272 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 16 Jun 2022 16:59:44 GMT server AmazonS3 etag W/"a3c0be829f4964140bdf55006466ad74" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id 17x6h8OHlRlBL1To2AY7PX68Q5MUeNPVR0P1jwWVyct-oz6sQBXH2g==
GET H2	200	62aa2f9b38cc775f4bdc1381_TypeType%20-%20TT%20Interphases%20Pro%20DemiBold.ttf assets.website-files.com/626ff19cdd07d1258d49238d/	136 KB 65 KB	305ms 182ms	Font application/x-font-ttf	2600:9000:223f:ba00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/626ff19cdd07d1258d49238d/62aa2f9b38cc775f4bdc1381_TypeType%20-%20TT%20Interphases%20Pro%20DemiBold.ttf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.75810a92c.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:ba00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 79a7d5deff1189cba78946faa0ed6bd78a1c9292cfad4329b208d0be5a045ff7 Request headers Referer https://assets-global.website-files.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Sat, 08 Jul 2023 07:19:38 GMT x-amz-version-id 1q.Kipg6KvQuvMwrlLhzKvk3zJ.eCFMs content-encoding br via 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront) age 6940636 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 01 Jul 2022 16:04:37 GMT server AmazonS3 etag W/"6e56bc5a25ce4549b6a7580fd047582c" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id _DQhJpyqF_NaLBo4teCuyzojsXMf-_8MUEi0onNpuejkAsUX6zWUzw==
GET H2	200	62aa2f9b9e86c1ca0a28ed0a_TypeType%20-%20TT%20Interphases%20Pro%20Italic.ttf assets.website-files.com/626ff19cdd07d1258d49238d/	138 KB 67 KB	342ms 220ms	Font application/x-font-ttf	2600:9000:223f:ba00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/626ff19cdd07d1258d49238d/62aa2f9b9e86c1ca0a28ed0a_TypeType%20-%20TT%20Interphases%20Pro%20Italic.ttf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.75810a92c.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:ba00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 34ad7018726a6090097b8e4fbfec539f043b50f5adc4be96a6601a40fe6831a4 Request headers Referer https://assets-global.website-files.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 12 Jul 2023 07:38:50 GMT x-amz-version-id udmeZaUyI0tFEs.wkEZ5LG2LRcExsEUX content-encoding br via 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront) age 6593884 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 15 Jun 2022 19:33:53 GMT server AmazonS3 etag W/"1e8c3d5e9d71cc8458dd57af18da9b86" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-ttf access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id TCEls0dHOnTVKbCWc42WDVGWq08fQ9fpYUQiI2yWpxQuF-m7HbkybQ==
GET H2	200	62acf31df96e161165588832_StyreneA-Light.otf assets.website-files.com/626ff19cdd07d1258d49238d/	132 KB 132 KB	328ms 205ms	Font application/x-font-otf	2600:9000:223f:ba00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/626ff19cdd07d1258d49238d/62acf31df96e161165588832_StyreneA-Light.otf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.75810a92c.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:ba00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 48979155896cea590bb6085850a98bf7ccb5b48e9761ad03b8e8f671e92c746c Request headers Referer https://assets-global.website-files.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 09 Jan 2023 11:10:20 GMT x-amz-version-id w8g2iCwLejUBizGiBe150U7KltgEmhWT via 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront) age 22478793 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 134944 last-modified Fri, 17 Jun 2022 21:33:20 GMT server AmazonS3 etag "08b809329d98100a4607a4cdabe0fdf5" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/x-font-otf access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id 82VC4HhwXiIhvwYYEGPhtc4CCqUN0KVEG-I5JboqZlkpza_zQSGSqw==
GET H2	200	62acf31d9b121861e37a191e_StyreneA-Bold.otf assets.website-files.com/626ff19cdd07d1258d49238d/	139 KB 140 KB	314ms 191ms	Font application/x-font-otf	2600:9000:223f:ba00:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/626ff19cdd07d1258d49238d/62acf31d9b121861e37a191e_StyreneA-Bold.otf Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.75810a92c.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:ba00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8887f03d90e75a4a4265a4bb43bf9407297051173a798e6e2e6f4876c68ffe1d Request headers Referer https://assets-global.website-files.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 20 Jul 2023 06:39:45 GMT x-amz-version-id dvKaGj.A0aZ2J_bsMgTamPlkgyJpWIYD via 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront) age 5906229 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 142736 last-modified Fri, 17 Jun 2022 21:33:20 GMT server AmazonS3 etag "fae1497ceede8e63582e0eca18d35d58" content-type application/x-font-otf access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id b6HVqrX2HAoWkTUaM2GSe3NxnqAeS-lr2F5VzUMI1XdR_WUBf0h4LQ==
GET H2	200	6465ee11484f58b13a613163_Arow%20Desktop.svg assets-global.website-files.com/626ff19cdd07d1258d49238d/	551 B 1008 B	50ms 46ms	Image image/svg+xml	2600:9000:20c3:c200:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/6465ee11484f58b13a613163_Arow%20Desktop.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:c200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 17764635f4f70e406ddc60a0e6cbdf246af1c9a49956c6edf88f13a39e1ef53f Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 04 Jul 2023 12:25:50 GMT x-amz-version-id Gd8pbU25UzGFBVMemk1P5cPbpr8RimWc via 1.1 81f038b63d8af92c2b360530d51919c2.cloudfront.net (CloudFront) age 7267864 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 551 last-modified Thu, 18 May 2023 09:21:23 GMT server AmazonS3 etag "d5f42c0ea122d9a614a222735b946165" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id EIm068c0sEOaKtXvuhMo3U_UohqMNSXdtQJwddAkKJanIJRs1PSeRg==
GET H2	200	64d3b3c501dad065b00001fe_SOC-Threat%20Research-p-800.webp assets-global.website-files.com/626ff19cdd07d1258d49238d/	28 KB 29 KB	60ms 56ms	Image image/webp	2600:9000:20c3:c200:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/64d3b3c501dad065b00001fe_SOC-Threat%20Research-p-800.webp Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:c200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 41582326de6ef2e092594323345078304b479179919237cc58fff604a039ae74 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-amz-version-id xURuowzzwOyYILPFqhMgOjLsByZNFpDE date Tue, 26 Sep 2023 14:04:46 GMT via 1.1 81f038b63d8af92c2b360530d51919c2.cloudfront.net (CloudFront) age 22703 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 28846 last-modified Wed, 09 Aug 2023 15:43:59 GMT server AmazonS3 etag "befe4772346ddf5025bccbe8044dfd50" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id eb4s2RO2DZUfs_eiWqLxpY9oXHbEv_kzwUiRcFooYeCNEVD6yEh-uQ==
GET H2	200	6454d3090c26dacc6d886840_Blog%20Hero%20Deco.svg assets-global.website-files.com/626ff19cdd07d1258d49238d/	475 B 934 B	51ms 46ms	Image image/svg+xml	2600:9000:20c3:c200:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/6454d3090c26dacc6d886840_Blog%20Hero%20Deco.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:c200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 05580beab81991e3bc00c261992d6579a28696fde9eb6e623988bb74fa2e4e97 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 15 May 2023 10:23:08 GMT x-amz-version-id RaZnocDTNEsNafZTA0Px2yKrOq5VsKuG via 1.1 81f038b63d8af92c2b360530d51919c2.cloudfront.net (CloudFront) age 11595226 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 475 last-modified Fri, 05 May 2023 09:57:30 GMT server AmazonS3 etag "225587c38d6374e81434a981f1976960" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id ckq2OdaMid5Pgofij7IMQFdmtHQcaPT3riEiCm6yuMjr4DwUsdHYqg==
GET H2	200	64f7a5a5862a1883b04d07c0_Picture1.png assets-global.website-files.com/626ff4d25aca2edf4325ff97/	118 KB 119 KB	62ms 58ms	Image image/png	2600:9000:20c3:c200:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/64f7a5a5862a1883b04d07c0_Picture1.png Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:c200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash dd87315dbd59c6622ddea6266fa293df9d5efa2024a4960080b8f16ca5be4db3 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 06 Sep 2023 21:40:51 GMT x-amz-version-id 1cvdFHBqQT_HSST5NviGuts9Bdbx0ckb via 1.1 81f038b63d8af92c2b360530d51919c2.cloudfront.net (CloudFront) age 1704963 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 121295 last-modified Tue, 05 Sep 2023 22:03:19 GMT server AmazonS3 etag "a23a8c229c7d6bb625e2d3f1221f64c2" content-type image/png access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id 9pxs7O7s42Zrq9iL-9sMmz-YN8JpPU2CcyF3kRaPTkSlbE-EeY5Rdg==
GET H2	200	64f7a60fc9011742a0b28b4b_Screenshot%202023-09-05%20at%203.04.51%20PM.png assets-global.website-files.com/626ff4d25aca2edf4325ff97/	657 KB 658 KB	70ms 66ms	Image image/png	2600:9000:20c3:c200:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/64f7a60fc9011742a0b28b4b_Screenshot%202023-09-05%20at%203.04.51%20PM.png Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:c200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9f38c3fa10c7fb72bfb84aece6a538d46b84b789ee7294b9d2ece102c9619638 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 07 Sep 2023 04:49:19 GMT x-amz-version-id iTVUC9OdG1St26VzOeJaQ6KA.D1lDA_a via 1.1 81f038b63d8af92c2b360530d51919c2.cloudfront.net (CloudFront) age 1679255 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 672380 last-modified Tue, 05 Sep 2023 22:05:04 GMT server AmazonS3 etag "81b15147a5ec890233ef9432712b070b" content-type image/png access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id Zc2S-YyKASb2E8Dr23Bh1yKNmNDbA-swIcsO8-1Y8WeMQ5W64KQLOg==
GET H2	200	64f7a63955fa078c6f7123ea_Screenshot%202023-09-05%20at%203.05.39%20PM.png assets-global.website-files.com/626ff4d25aca2edf4325ff97/	181 KB 181 KB	80ms 77ms	Image image/png	2600:9000:20c3:c200:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/64f7a63955fa078c6f7123ea_Screenshot%202023-09-05%20at%203.05.39%20PM.png Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:c200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 32071b644388b2adb7f849b77821708b9acf93fb0f4278b2b7f32245eae8669f Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 06 Sep 2023 21:40:51 GMT x-amz-version-id 6nm8ve_75DpLLL20cbYAzC0VGfQS0WtE via 1.1 81f038b63d8af92c2b360530d51919c2.cloudfront.net (CloudFront) age 1704963 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 185159 last-modified Tue, 05 Sep 2023 22:05:47 GMT server AmazonS3 etag "7e53088b7ebcc9cbd3ff3d14c6ea6059" content-type image/png access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id NTwqnt-_pMGY6XkjbjdpkwO6qyo_xaBKwT38EtiCMuu1QAHvF00hwA==
GET H2	200	64f7a65b5fc18616b63c0e81_Screenshot%202023-09-05%20at%203.06.11%20PM.png assets-global.website-files.com/626ff4d25aca2edf4325ff97/	181 KB 182 KB	97ms 94ms	Image image/png	2600:9000:20c3:c200:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/64f7a65b5fc18616b63c0e81_Screenshot%202023-09-05%20at%203.06.11%20PM.png Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:c200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4a3457471b00ff43d03b93078c1a0baba6e9387ef1559c49856349cee2dc2c37 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 06 Sep 2023 21:40:51 GMT x-amz-version-id 7D3_gidX3g6rUk2XxuHxwcNsHOGDs7wU via 1.1 81f038b63d8af92c2b360530d51919c2.cloudfront.net (CloudFront) age 1704963 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 185609 last-modified Tue, 05 Sep 2023 22:06:20 GMT server AmazonS3 etag "0a2a63f0e028ded88bb22423d4bc962f" content-type image/png access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id L9VGzEgMaoEzTViQbprzjKu-pBrIemMc6DkZwijHqknLdxwBMco9CA==
GET H2	200	64f7a685a1c9f44c7cdd4175_Screenshot%202023-09-05%20at%203.06.53%20PM.png assets-global.website-files.com/626ff4d25aca2edf4325ff97/	678 KB 679 KB	132ms 129ms	Image image/png	2600:9000:20c3:c200:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/64f7a685a1c9f44c7cdd4175_Screenshot%202023-09-05%20at%203.06.53%20PM.png Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:c200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 84270034eabb729c0fb4ed53e402170d28a61437e3c2aa717e80ffcd2e8323c5 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 18:35:13 GMT x-amz-version-id qfQU6oY5nCv1HhrdabIRpZxOCoKjSVnQ via 1.1 81f038b63d8af92c2b360530d51919c2.cloudfront.net (CloudFront) age 74501 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 693823 last-modified Tue, 05 Sep 2023 22:07:02 GMT server AmazonS3 etag "5f7b84d703f8e70c82fae7a2f614f0ae" content-type image/png access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id 3fGEkpRzXSVN44HNuE9nVZgy9ngWWQbonLrrq1nTWpQca022FmMlFg==
GET H2	200	6409b2f3f0c862332f902d03_LinkedIn%20Dark.svg assets-global.website-files.com/626ff19cdd07d1258d49238d/	670 B 1 KB	60ms 57ms	Image image/svg+xml	2600:9000:20c3:c200:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/6409b2f3f0c862332f902d03_LinkedIn%20Dark.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:c200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fc6e0c4111cd38963ea6b4a56e332b87f188f6785c45065351a7d7b959c31287 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 09 Mar 2023 12:12:27 GMT x-amz-version-id a58NbSzcmrrDM3qq8HMvbNJmXiwWvhO1 via 1.1 81f038b63d8af92c2b360530d51919c2.cloudfront.net (CloudFront) age 17377467 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 670 last-modified Thu, 09 Mar 2023 10:20:37 GMT server AmazonS3 etag "c66a503f70a97b74d80b3598fe5cda47" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id GzS3DKVhIL3aqY3_wauwBOVuzBAYaF7QGxRD17V6vvX_1KHy1SmZIQ==
GET H2	200	64d65d6b1dd9d70da0ce73c6_X%20Logo.svg assets-global.website-files.com/626ff19cdd07d1258d49238d/	561 B 1019 B	68ms 66ms	Image image/svg+xml	2600:9000:20c3:c200:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/64d65d6b1dd9d70da0ce73c6_X%20Logo.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:c200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 667d18bc97b1072affa375044924419adae01f7e5de46c6acb8fb12ef984a57a Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Fri, 11 Aug 2023 17:05:45 GMT x-amz-version-id 5Sh.IdvkC9Us0aCgO2vCYrWR1muZ5nce via 1.1 81f038b63d8af92c2b360530d51919c2.cloudfront.net (CloudFront) age 3967869 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 561 last-modified Fri, 11 Aug 2023 16:10:20 GMT server AmazonS3 etag "d023c215c6a9c737580da184db9e5b6f" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id M6Xt9_3pKopPf6ToWL5137hJOvJwnuy6O90YQvMOsPeLklxW_vff8g==
GET H2	200	6409b2f376b5be7e02ad8a6f_Facebook%20Dark.svg assets-global.website-files.com/626ff19cdd07d1258d49238d/	469 B 930 B	131ms 129ms	Image image/svg+xml	2600:9000:20c3:c200:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/6409b2f376b5be7e02ad8a6f_Facebook%20Dark.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:c200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5709c24c903fdd841258a235316578adfc91781ea0d4a408a8cc3425441ec5bc Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Fri, 07 Apr 2023 11:23:40 GMT x-amz-version-id zJxc1Q5jm_uENcuo9vhAmlywHXE_4cT8 via 1.1 81f038b63d8af92c2b360530d51919c2.cloudfront.net (CloudFront) age 14874794 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 469 last-modified Thu, 09 Mar 2023 10:20:36 GMT server AmazonS3 etag "83dc56bf7b08efe89c31c5dfa74f1370" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id hUPQ0AhMfTxqaZQn4HW4OX0Fnl-aEuCm9XGxJr67GVk0mtqzAGN6yg==
GET H2	200	weglot.min.css cdn.weglot.com/	28 KB 5 KB	44ms 39ms	Stylesheet text/css	2600:9000:26db:2000:1:28b3:b280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.weglot.com/weglot.min.css?v=4 Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:2000:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6cbf5b3bbfcd2f23a688b189310c36484be77a86a6a59ab11d2666a255d172d0 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 08:37:59 GMT content-encoding gzip via 1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront) x-amz-version-id null last-modified Tue, 26 Sep 2023 08:37:56 GMT server AmazonS3 x-amz-cf-pop MUC50-P3 age 23935 etag W/"396483c84619a8b59a272ec60b4059c4" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css; charset=utf-8 cache-control max-age=2592000 x-amz-cf-id xx6BnugKSPdxRUd-FTBrMQa7l4cFu5YKOcZ7D4aE7sG1k8ZeWszH7g==
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	68 B 315 B	153ms 59ms	XHR application/json	2606:4700:4400::6812:2089 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept application/json Referer https://darktrace.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:53 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * cf-ray 80cc787b9c08bb7d-FRA access-control-allow-headers Content-Type
GET H/1.1	200 OK	id Show response dpm.demdex.net/	368 B 1 KB	246ms 59ms	XHR application/json	63.34.77.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=4AE530AF633C985D0A495E93%40AdobeOrg&d_nsid=0&ts=1695741413801 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.34.77.44 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-34-77-44.eu-west-1.compute.amazonaws.com Software / Resource Hash 3e29719f97e192e9d34a33ae23a8a248515dbbf7943ee7765f353b1eff940936 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://darktrace.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers DCS dcs-prod-irl1-1-v050-0b601b3e9.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-TID wyM+uxK3Qjo= Vary Origin P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://darktrace.com Content-Type application/json;charset=utf-8 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Length 311 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	AppMeasurement.min.js Show response assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/	34 KB 12 KB	40ms 39ms	Script application/x-javascript	2a02:26f0:480:983::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:983::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:53 GMT content-encoding gzip last-modified Thu, 22 Sep 2022 16:16:49 GMT server AkamaiNetStorage etag "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://darktrace.com cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 12384 expires Tue, 26 Sep 2023 16:16:53 GMT
GET H2	200	AppMeasurement_Module_ActivityMap.min.js Show response assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/	3 KB 2 KB	45ms 45ms	Script application/x-javascript	2a02:26f0:480:983::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:983::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:53 GMT content-encoding gzip last-modified Thu, 22 Sep 2022 16:16:49 GMT server AkamaiNetStorage etag "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://darktrace.com cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 1598 expires Tue, 26 Sep 2023 16:16:53 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	178 KB 66 KB	145ms 55ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=DC-9120626 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a81f1eb62754a166df2612f96ffed01da95364117ff3454e374844ff12f149f5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:53 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 67314 x-xss-protection 0 last-modified Tue, 26 Sep 2023 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 26 Sep 2023 15:16:53 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	12 KB 4 KB	123ms 41ms	Script application/x-javascript	2a02:26f0:480:f::213:7edd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:f::213:7edd , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:53 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 05 Sep 2023 13:41:52 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=63238 accept-ranges bytes content-length 3822
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/202304.1.0/	401 KB 97 KB	49ms 49ms	Script application/javascript	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1114132a79b42ce8e5064f57a1560a3b3f0e1659afc33e4698bab53e1301fbfd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 26 Sep 2023 15:16:53 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 f9AvZgohx9TU9t078cCRXA== age 37106 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 99020 x-ms-lease-status unlocked last-modified Thu, 11 May 2023 06:31:14 GMT server cloudflare etag 0x8DB51E951BA9202 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id c1394cd4-d01e-015b-13d8-8399cf000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 80cc787c8b624d54-FRA
GET H2	200	/ Show response t.gatorleads.co.uk/Tracking/TrackUrlGet/	190 B 332 B	50ms 49ms	Script application/x-javascript	37.221.223.30 SPOTLER Spotler N...
General Check archive.org Show headers Download Go to Full URL https://t.gatorleads.co.uk/Tracking/TrackUrlGet/?clientid=9d4e9aed-5f41-4ac6-9664-348ac7434c4c&cust1=&cust2=&cust3=&pageUrl=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&pageTitle=The%20Rise%20of%20the%20Lumma%20Info-Stealer%20%7C%20Darktrace%20Blo&referrerUrl=&trackingdata=&sessionId=&pageType=Page&schedule=&utmvalues=&callback=window.wowCallback0 Requested by Host: t.gatorleads.co.uk URL: https://t.gatorleads.co.uk/Scripts/ssl/9d4e9aed-5f41-4ac6-9664-348ac7434c4c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 37.221.223.30 , United Kingdom, ASN51514 (SPOTLER Spotler Network, NL), Reverse DNS mail30.tgml2.co.uk Software Caddy / Resource Hash 3a8bfdbb8ed4a9b272c2aa6ffea77ef1768400ca93140d1fbf2f57a26149d1c1 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:53 GMT content-encoding gzip x-backend web41 age 0 x-cache MISS spuk-var01 cad-forwarded-for 80.255.7.108 content-length 246 x-client-ip 10.118.6.11 server Caddy vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control private access-control-allow-credentials true x-client-id 10.118.6.11 t-caddyhead 101 accept-ranges bytes
GET H2	200	collectedforms.js Show response js-eu1.hscollectedforms.net/	69 KB 25 KB	191ms 69ms	Script application/javascript	172.65.192.122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hscollectedforms.net/collectedforms.js Requested by Host: js-eu1.hs-scripts.com URL: https://js-eu1.hs-scripts.com/25522132.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1b5aca028dd8447199f3c06601e38f5b8aba3b29be5ccd2de504a561fed2558 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://darktrace.com/ Origin https://darktrace.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers content-encoding br x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.425/bundles/project.js&cfRay=80cc787d9c4c03f8-FRA x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"526bb173ed1384afadfc2b0eb6b0846e" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control s-maxage=600, max-age=300 x-hs-target-asset collected-forms-embed-js/static-1.425/bundles/project.js date Tue, 26 Sep 2023 15:16:54 GMT x-amz-version-id 99Y.E0UsJAdqqpubte3vKq3r2MOVQh4K via 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status EXPIRED x-amz-cf-pop FRA56-P2 x-hubspot-correlation-id b975f5c6-bd36-4cd8-b4bd-b5014a4d99c3 x-cache Hit from cloudfront cache-tag staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod x-envoy-upstream-service-time 6 x-evy-trace-route-configuration listener_https/all x-request-id b975f5c6-bd36-4cd8-b4bd-b5014a4d99c3 last-modified Fri, 22 Sep 2023 08:42:59 UTC server cloudflare access-control-max-age 3000 x-hs-cache-status MISS x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-5749f454f8-7v7zv cf-ray 80cc787d9c4c03f8-FRA x-amz-cf-id Hj5aRT7iOgggq25L0-hNo6t4OospaCP4lr5Fl8po-1ggT36TjQQmPg==
GET H2	200	fb.js Show response js-eu1.hsadspixel.net/	6 KB 4 KB	242ms 50ms	Script application/javascript	172.65.219.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hsadspixel.net/fb.js Requested by Host: js-eu1.hs-scripts.com URL: https://js-eu1.hs-scripts.com/25522132.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.219.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e1e4e3cba3eeeb3ad74ae67c1f42012ebb51d8497482e5c01d404579d49c6b04 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:54 GMT x-amz-version-id MiORZOji2P27E5f3usS102mv5dcg0lYn via 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT x-amz-cf-pop FRA56-P2 age 500 x-amz-server-side-encryption AES256 x-evy-trace-route-service-name envoyset-translator content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.485/bundles/pixels-release.js&cfRay=80cc6c488cdebbce-FRA x-cache Hit from cloudfront x-hubspot-correlation-id b2c98961-6b19-462c-b068-e2678e6d2af4 cache-tag staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod content-encoding br x-envoy-upstream-service-time 2 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id b2c98961-6b19-462c-b068-e2678e6d2af4 last-modified Tue, 19 Sep 2023 08:21:28 UTC server cloudflare etag W/"1bce211846e6a6691aa314979e0a21fb" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-hs-cache-status HIT x-evy-trace-virtual-host all cache-control max-age=600 x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-5749f454f8-clcrj cf-ray 80cc787e0e08902a-FRA x-amz-cf-id jt-KGJSUwpPOVmdQf8toMdINEAkoC6fdvwiIGoqxFk4pC8rfSRexrw== x-hs-target-asset adsscriptloaderstatic/static-1.485/bundles/pixels-release.js
GET H2	200	25522132.js Show response js-eu1.hs-analytics.net/analytics/1695741300000/	66 KB 21 KB	219ms 96ms	Script text/javascript	172.65.238.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-analytics.net/analytics/1695741300000/25522132.js Requested by Host: js-eu1.hs-scripts.com URL: https://js-eu1.hs-scripts.com/25522132.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e130afb4e2c283ebe93f9b03207523c5d75a13a7fecfc7b1da11017bf8b53cb Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:54 GMT content-encoding br cf-cache-status MISS x-amz-request-id WSGF3GXRV3ZGSS6J x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id e6d76837-d3cf-4388-b6ef-acf259337ada x-envoy-upstream-service-time 22 x-amz-id-2 yYqbb2SjeBmaS80l3W+eRrJb8lJJfFto1uFRMCFldACwn9G8NAq8WPpcBDthiEWLSzcjc73n4r0= x-evy-trace-listener listener_https x-request-id e6d76837-d3cf-4388-b6ef-acf259337ada x-evy-trace-route-configuration listener_https/all last-modified Fri, 15 Sep 2023 18:21:31 GMT server cloudflare etag W/"4f7a3b3d08af06e317b0b21d1191cbc0" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod fra04/analytics-js-proxy-td/envoy-proxy-55f7b4ccdf-wgfm8 cache-control max-age=300,public access-control-allow-credentials false cf-ray 80cc787d9cde9152-FRA expires Tue, 26 Sep 2023 15:21:54 GMT
GET H2	200	banner.js Show response js-eu1.hs-banner.com/v2/25522132/	65 KB 20 KB	192ms 73ms	Script text/javascript	172.65.202.201 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-eu1.hs-banner.com/v2/25522132/banner.js Requested by Host: js-eu1.hs-scripts.com URL: https://js-eu1.hs-scripts.com/25522132.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7963c9c6bc03362658c4b9b9ed1db876cf82324c597a6b485eafee30717a9b73 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:54 GMT x-amz-version-id bzOzfu9CbLxQCE3zy3EJVI6cK8zVk87q content-encoding br cf-cache-status REVALIDATED x-amz-request-id YYH7Y248RTW82MHX x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id fccfda5d-0075-445b-a2a6-e5df9facfd59 x-envoy-upstream-service-time 34 x-amz-id-2 CGDV7K7N+M278moxQwI33Nft0/mns/Qsv1g+pxB+C9Dzocy0rLE7fVOkK0KBCOBs9S/hTy2IryM= x-evy-trace-listener listener_https x-request-id fccfda5d-0075-445b-a2a6-e5df9facfd59 x-evy-trace-route-configuration listener_https/all last-modified Tue, 05 Sep 2023 17:10:21 GMT server cloudflare etag W/"f667270ee22d958194c26627c950855c" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://darktrace.com x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod fra04/analytics-js-proxy-td/envoy-proxy-85d65fb994-k9w6j vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 80cc787d9e433734-FRA expires Tue, 26 Sep 2023 15:21:54 GMT
GET DATA	200 OK	truncated /	255 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9948ae846979246ddfe993e604739594ce0e7cdfa77657412b9b0090009dcf23 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 3884	53 KB 30 KB	69ms 64ms	Document text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=nvt8q4ow9j6b Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 9a2de554dadb477ac4ca38b426ac7ec3e8a9defcb728fc48445203b08d0654f5 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-K_E_0H5NSboTYqaUdWJq6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-K_E_0H5NSboTYqaUdWJq6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 26 Sep 2023 15:16:54 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame C743	53 KB 30 KB	81ms 77ms	Document text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=n2l6ex8kflil Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash f4ebdacaca8669c56d52b438f3db5eef2398237f5445848853dce539d6a06f50 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-PVq4-vMSBokriObjSqXg2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-PVq4-vMSBokriObjSqXg2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 26 Sep 2023 15:16:54 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame BD81	53 KB 29 KB	126ms 122ms	Document text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=x792qm49verx Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash cfd4211bea777b832081ca833ac2a4c5d0d75265871e3d14f4f4adacf25b9827 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-rWAM9CsbhHDXKCU2Sv0L2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-rWAM9CsbhHDXKCU2Sv0L2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 26 Sep 2023 15:16:54 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 381D	53 KB 29 KB	287ms 283ms	Document text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=3pfkq44xfjx6 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash d522b1916f900e44d13ef9cd64cfb7b26fd06af9bbae0c9f3695cdede8f4799e Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-b62ZUw5PZZ1SYX5NhPS-Ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-b62ZUw5PZZ1SYX5NhPS-Ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 26 Sep 2023 15:16:54 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame A3A6	53 KB 29 KB	78ms 77ms	Document text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=ujmlsjk47f0z Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 23f28c5ca5c1511b2744cd309241d36e9d49070eae5bcb60f505bb47d6c64ac9 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Vd5Ut93Tz4saK-BxhDkRXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-Vd5Ut93Tz4saK-BxhDkRXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 26 Sep 2023 15:16:54 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 4C7E	53 KB 30 KB	314ms 309ms	Document text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=qsjz1ww9qzuw Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 02ef73732a3523877c5685e7e9c1ed8e1b10ee75ed0b0615e796b742414bb3e7 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-eMQdC-vHGabMIvHto1HwbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-eMQdC-vHGabMIvHto1HwbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 26 Sep 2023 15:16:54 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	62cb281b38027f507517f419_Gradient%20Button%20Rotate2.json Show response assets-global.website-files.com/626ff19cdd07d1258d49238d/	2 KB 1 KB	258ms 42ms	XHR application/json	2600:9000:20c3:c200:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/626ff19cdd07d1258d49238d/62cb281b38027f507517f419_Gradient%20Button%20Rotate2.json Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/js/web-phoenix.d49a20471.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:c200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ea3931de93ca6940e75c6da8d126fccd812f1cf590cbf7844136d5c6c0685bf0 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Sat, 25 Mar 2023 01:19:44 GMT x-amz-version-id _JWgRDHLwVrMn2Yku2SFY3Ftq6u4Ip1i content-encoding br via 1.1 ea6cdb5ba8bfb6f6aa18ec6651e5bc42.cloudfront.net (CloudFront) age 16034231 x-amz-cf-pop MUC50-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Sun, 10 Jul 2022 19:27:26 GMT server AmazonS3 etag W/"bde15e8c08bdae257ac118c5e638a3e5" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/json access-control-allow-origin * cache-control max-age=31536000, must-revalidate vary Accept-Encoding x-amz-cf-id 7FUYKQHPPo_7QkAvXb9H_itwckmdQXhBP_nQDeV9AbB-xbfzASrygw==
GET H2	200	slugs Show response cdn-api-weglot.com/translations/	533 B 2 KB	168ms 62ms	Fetch application/json	2606:4700::6812:1daa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-api-weglot.com/translations/slugs?api_key=wg_234baeaaccaa2f09e0dc6c004f571bbd6&language_to=fr&v=1658845381 Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1daa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9270bbe635cc7cf73fcdaa51e5e9ea0ad367a2ca4eeec9b837c5779ceb45cd40 Security Headers Name Value Content-Security-Policy script-src 'nonce-1a48cbf3b3220639a5cbb034949e3deb' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:54 GMT content-security-policy script-src 'nonce-1a48cbf3b3220639a5cbb034949e3deb' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip cf-cache-status HIT via 1.1 fbdf5158ae0cd2f5d84c84ce83cd7038.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P2 age 515211 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Wed, 20 Sep 2023 15:42:53 GMT server cloudflare x-frame-options SAMEORIGIN access-control-allow-methods GET,POST,PUT,PATCH content-type application/json vary Accept-Encoding access-control-allow-origin * cache-control public, max-age=31536000 permissions-policy accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=() cf-ray 80cc787ffcb036dd-FRA access-control-allow-headers Content-Type x-amz-cf-id o9YGvYLzJjseihlx4En4_0V-LZlIAF5nsYpRka_hNUGe2slfOMknWg== expires Wed, 25 Sep 2024 15:16:54 GMT
GET H2	200	slugs Show response cdn-api-weglot.com/translations/	2 B 606 B	167ms 61ms	Fetch application/json	2606:4700::6812:1daa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-api-weglot.com/translations/slugs?api_key=wg_234baeaaccaa2f09e0dc6c004f571bbd6&language_to=it&v=1658845381 Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1daa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Content-Security-Policy script-src 'nonce-97102bdc6f66f727961c467f0d65b22d' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:54 GMT content-security-policy script-src 'nonce-97102bdc6f66f727961c467f0d65b22d' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip cf-cache-status HIT via 1.1 c55964596762daa758331d3e6fe008a8.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P2 age 515211 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Wed, 20 Sep 2023 15:42:53 GMT server cloudflare x-frame-options SAMEORIGIN access-control-allow-methods GET,POST,PUT,PATCH content-type application/json vary Accept-Encoding access-control-allow-origin * cache-control public, max-age=31536000 permissions-policy accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=() cf-ray 80cc787ffcb536dd-FRA access-control-allow-headers Content-Type x-amz-cf-id _XvT8vish7CeffjXFIPGVHFXAq8_e8odra9KQkHlbXuD_vNktTcV0A== expires Wed, 25 Sep 2024 15:16:54 GMT
GET H2	200	slugs Show response cdn-api-weglot.com/translations/	2 B 617 B	162ms 56ms	Fetch application/json	2606:4700::6812:1daa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-api-weglot.com/translations/slugs?api_key=wg_234baeaaccaa2f09e0dc6c004f571bbd6&language_to=ko&v=1658845381 Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1daa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Content-Security-Policy script-src 'nonce-032526fedf88904dccdb8b686499c344' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:54 GMT content-security-policy script-src 'nonce-032526fedf88904dccdb8b686499c344' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip cf-cache-status HIT via 1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P2 age 515211 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Wed, 20 Sep 2023 15:42:53 GMT server cloudflare x-frame-options SAMEORIGIN access-control-allow-methods GET,POST,PUT,PATCH content-type application/json vary Accept-Encoding access-control-allow-origin * cache-control public, max-age=31536000 permissions-policy accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=() cf-ray 80cc787ffcb636dd-FRA access-control-allow-headers Content-Type x-amz-cf-id p9mn7M1QMfqjwToUBojXBUl10zd87RTmdA3KQOE2xxqMr_UOOyuDpQ== expires Wed, 25 Sep 2024 15:16:54 GMT
GET H2	200	slugs Show response cdn-api-weglot.com/translations/	2 B 1 KB	161ms 55ms	Fetch application/json	2606:4700::6812:1daa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-api-weglot.com/translations/slugs?api_key=wg_234baeaaccaa2f09e0dc6c004f571bbd6&language_to=ja&v=1658845381 Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1daa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Content-Security-Policy script-src 'nonce-d140fdfc17510902fbd9506cccf65719' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:54 GMT content-security-policy script-src 'nonce-d140fdfc17510902fbd9506cccf65719' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip cf-cache-status HIT via 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 515211 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Wed, 20 Sep 2023 15:42:53 GMT server cloudflare x-frame-options SAMEORIGIN access-control-allow-methods GET,POST,PUT,PATCH content-type application/json vary Accept-Encoding access-control-allow-origin * cache-control public, max-age=31536000 permissions-policy accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=() cf-ray 80cc787ffcb736dd-FRA access-control-allow-headers Content-Type x-amz-cf-id kLQumn60lXw9BVGqnPkuA-g078Dawv29N8Ax5EIvmCPWP-AyBR-74g== expires Wed, 25 Sep 2024 15:16:54 GMT
GET H2	200	slugs Show response cdn-api-weglot.com/translations/	2 B 608 B	162ms 56ms	Fetch application/json	2606:4700::6812:1daa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-api-weglot.com/translations/slugs?api_key=wg_234baeaaccaa2f09e0dc6c004f571bbd6&language_to=es&v=1658845381 Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1daa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Content-Security-Policy script-src 'nonce-773745c81e9f33f01ba01a57d3a8353f' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:54 GMT content-security-policy script-src 'nonce-773745c81e9f33f01ba01a57d3a8353f' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip cf-cache-status HIT via 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 515211 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Wed, 20 Sep 2023 15:42:53 GMT server cloudflare x-frame-options SAMEORIGIN access-control-allow-methods GET,POST,PUT,PATCH content-type application/json vary Accept-Encoding access-control-allow-origin * cache-control public, max-age=31536000 permissions-policy accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=() cf-ray 80cc787ffcb836dd-FRA access-control-allow-headers Content-Type x-amz-cf-id jYWXIm3mFBLUOMa7ik1gpYRqWUxxVYH2WJJKqujXCY4VSxvgvkp9xA== expires Wed, 25 Sep 2024 15:16:54 GMT
GET H2	200	slugs Show response cdn-api-weglot.com/translations/	2 B 1 KB	162ms 57ms	Fetch application/json	2606:4700::6812:1daa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-api-weglot.com/translations/slugs?api_key=wg_234baeaaccaa2f09e0dc6c004f571bbd6&language_to=de&v=1658845381 Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1daa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Content-Security-Policy script-src 'nonce-b261879a860c3611e6f6114fbb88f2c4' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:54 GMT content-security-policy script-src 'nonce-b261879a860c3611e6f6114fbb88f2c4' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip cf-cache-status HIT via 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 515211 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Wed, 20 Sep 2023 15:42:53 GMT server cloudflare x-frame-options SAMEORIGIN access-control-allow-methods GET,POST,PUT,PATCH content-type application/json vary Accept-Encoding access-control-allow-origin * cache-control public, max-age=31536000 permissions-policy accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=() cf-ray 80cc787ffcba36dd-FRA access-control-allow-headers Content-Type x-amz-cf-id cPrfny0kPFzuC3eFzG4ai6dcspNRVzcArzupVcRPMZ5yCOH2k8yNxQ== expires Wed, 25 Sep 2024 15:16:54 GMT
GET H2	200	slugs Show response cdn-api-weglot.com/translations/	79 B 679 B	163ms 58ms	Fetch application/json	2606:4700::6812:1daa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-api-weglot.com/translations/slugs?api_key=wg_234baeaaccaa2f09e0dc6c004f571bbd6&language_to=br&v=1658845381 Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1daa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e52ba320502e2cd491874b86e0e3fbffbd189d8913f5f46c6092056ecfa24104 Security Headers Name Value Content-Security-Policy script-src 'nonce-bce225fc31b477cb522fa5cdb7e9e9b7' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:54 GMT content-security-policy script-src 'nonce-bce225fc31b477cb522fa5cdb7e9e9b7' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com *.hotjar.io a.quora.com cdn.firstpromoter.com https: http: 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'; x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip cf-cache-status HIT via 1.1 941acf135bdda975383e37976690acc6.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P2 age 515211 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Wed, 20 Sep 2023 15:42:53 GMT server cloudflare x-frame-options SAMEORIGIN access-control-allow-methods GET,POST,PUT,PATCH content-type application/json vary Accept-Encoding access-control-allow-origin * cache-control public, max-age=31536000 permissions-policy accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=() cf-ray 80cc787ffcbc36dd-FRA access-control-allow-headers Content-Type x-amz-cf-id 3IzQZKF2SjN4xfo0V9XRYQtBKeZ5Uf0zfuqIg4tyOWGorWJkvZVPLw== expires Wed, 25 Sep 2024 15:16:54 GMT
GET H2	200	en.json Show response cdn.cookielaw.org/consent/20244352-54bc-40a3-80e3-0daa9d221c87/06f4eea1-8b01-4e79-8fb6-068228f39f7f/	48 KB 10 KB	59ms 58ms	Fetch application/x-javascript	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/20244352-54bc-40a3-80e3-0daa9d221c87/06f4eea1-8b01-4e79-8fb6-068228f39f7f/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash df5e020a0b03feb2fb9b4dc60259ebc8dd850a0e51140d84ff03c3b6080ada95 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 26 Sep 2023 15:16:54 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 40679 content-md5 fo5ttQJOfm7lxkr/yDsZGQ== content-length 10369 x-ms-lease-status unlocked last-modified Wed, 17 May 2023 08:45:58 GMT server cloudflare etag 0x8DB56B322B32F42 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 5e6fb898-501e-0082-099c-8879b6000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 80cc787f6a92365f-FRA expires Wed, 27 Sep 2023 15:16:54 GMT
GET H/1.1	200 OK	dest5.html Show response darktrace.demdex.net/ Frame 94A2	7 KB 3 KB	249ms 56ms	Document text/html	34.247.108.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://darktrace.demdex.net/dest5.html?d_nsid=0 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.247.108.36 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-247-108-36.eu-west-1.compute.amazonaws.com Software / Resource Hash 7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 2791 Content-Type text/html;charset=UTF-8 DCS dcs-prod-irl1-2-v050-08bfea1d2.edge-irl1.demdex.com 0 ms Expires Thu, 01 Jan 1970 00:00:00 UTC P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID vqaPhjbKQQk= content-encoding gzip date Tue, 26 Sep 2023 15:16:54 GMT last-modified Wed, 28 Jun 2023 13:20:52 GMT vary accept-encoding
GET H/1.1	200 OK	ibs:dpid=411&dpuuid=ZRL15gAAAItZpAOV dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=40835431061957685961262132993803936459 https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZRL15gAAAItZpAOV	42 B 942 B	60ms 59ms	Image image/gif	63.34.77.44 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZRL15gAAAItZpAOV Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol HTTP/1.1 Server 63.34.77.44 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-34-77-44.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v050-0ae36bcaa.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID BahtA2EmQE0= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZRL15gAAAItZpAOV Date Tue, 26 Sep 2023 15:16:54 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 3884	55 KB 24 KB	153ms 70ms	Stylesheet text/css	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=nvt8q4ow9j6b Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 10:30:08 GMT content-encoding gzip x-content-type-options nosniff age 17206 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 10:30:08 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 3884	456 KB 184 KB	120ms 39ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=nvt8q4ow9j6b Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 13:58:53 GMT content-encoding gzip x-content-type-options nosniff age 4681 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 187854 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 13:58:53 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame C743	55 KB 24 KB	120ms 41ms	Stylesheet text/css	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=n2l6ex8kflil Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 10:30:08 GMT content-encoding gzip x-content-type-options nosniff age 17206 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 10:30:08 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame C743	456 KB 184 KB	232ms 152ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=n2l6ex8kflil Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 13:58:53 GMT content-encoding gzip x-content-type-options nosniff age 4681 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 187854 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 13:58:53 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame A3A6	55 KB 24 KB	162ms 83ms	Stylesheet text/css	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=ujmlsjk47f0z Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 10:30:08 GMT content-encoding gzip x-content-type-options nosniff age 17206 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 10:30:08 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame A3A6	456 KB 184 KB	209ms 133ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=ujmlsjk47f0z Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 13:58:53 GMT content-encoding gzip x-content-type-options nosniff age 4681 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 187854 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 13:58:53 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame BD81	55 KB 24 KB	129ms 58ms	Stylesheet text/css	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=x792qm49verx Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 10:30:08 GMT content-encoding gzip x-content-type-options nosniff age 17206 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 10:30:08 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame BD81	456 KB 184 KB	218ms 147ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=x792qm49verx Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 13:58:53 GMT content-encoding gzip x-content-type-options nosniff age 4681 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 187854 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 13:58:53 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 381D	55 KB 24 KB	153ms 98ms	Stylesheet text/css	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=3pfkq44xfjx6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 10:30:08 GMT content-encoding gzip x-content-type-options nosniff age 17206 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 10:30:08 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 381D	456 KB 184 KB	211ms 156ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=3pfkq44xfjx6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 13:58:53 GMT content-encoding gzip x-content-type-options nosniff age 4681 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 187854 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 13:58:53 GMT
GET H2	200	insight.old.min.js Show response snap.licdn.com/li.lms-analytics/	13 KB 5 KB	41ms 41ms	Script application/x-javascript	2a02:26f0:480:f::213:7edd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.old.min.js Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:f::213:7edd , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:54 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 28 Aug 2023 12:14:15 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=58947 accept-ranges bytes content-length 4862
GET H2	200	activityi;dc_pre=CLe3kYXJyIEDFWXcOwId3HwMXQ;src=9120626;type=unive0;cat=darkt00;ord=4366832489713;auiddc=4594204.1695741414;u1=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-steale... Show response 9120626.fls.doubleclick.net/ Frame F8A9 Redirect Chain https://9120626.fls.doubleclick.net/activityi;src=9120626;type=unive0;cat=darkt00;ord=4366832489713;auiddc=4594204.1695741414;u1=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stea... https://9120626.fls.doubleclick.net/activityi;dc_pre=CLe3kYXJyIEDFWXcOwId3HwMXQ;src=9120626;type=unive0;cat=darkt00;ord=4366832489713;auiddc=4594204.1695741414;u1=https%3A%2F%2Fdarktrace.com%2Fblog...	604 B 476 B	79ms 78ms	Document text/html	216.58.206.38 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://9120626.fls.doubleclick.net/activityi;dc_pre=CLe3kYXJyIEDFWXcOwId3HwMXQ;src=9120626;type=unive0;cat=darkt00;ord=4366832489713;auiddc=4594204.1695741414;u1=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer;gtm=45fe39k2h1;epver=2;~oref=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-9120626 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.38 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS lcfraa-aa-in-f6.1e100.net Software cafe / Resource Hash 5565ca96a9d9aad51f7afae1b43945638be8efef5292661006f064ae41e4273e Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 301 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 26 Sep 2023 15:16:54 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 26 Sep 2023 15:16:54 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://9120626.fls.doubleclick.net/activityi;dc_pre=CLe3kYXJyIEDFWXcOwId3HwMXQ;src=9120626;type=unive0;cat=darkt00;ord=4366832489713;auiddc=4594204.1695741414;u1=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer;gtm=45fe39k2h1;epver=2;~oref=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	js Show response www.googletagmanager.com/gtag/	205 KB 74 KB	60ms 59ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-401176436 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 98de4f6bec006f67615dca2163af37fe517ccf1af46ea2a71d388d347cb1e19f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:54 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 75984 x-xss-protection 0 last-modified Tue, 26 Sep 2023 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 26 Sep 2023 15:16:54 GMT
GET H2	200	json Show response api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/	112 B 1 KB	160ms 59ms	XHR application/json	2a06:98c1:3200::90:2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=25522132 Requested by Host: js-eu1.hsadspixel.net URL: https://js-eu1.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3200::90:2 , United Kingdom, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b831be8e0edc00c9adb30dfb341f236a3da1b10ab114778a05cb50537a35d1c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 23f203f9-ba63-4727-8f12-25970538f7fb content-encoding br x-envoy-upstream-service-time 3 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 23f203f9-ba63-4727-8f12-25970538f7fb server cloudflare x-trace 2B20BB5F93F9AC7FC3D772186262046A3F4E15D7B8000000000000000000 vary origin access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://darktrace.com x-evy-trace-virtual-host all access-control-max-age 180 access-control-allow-credentials false x-evy-trace-served-by-pod fra04/hubapi-td/envoy-proxy-6c99cf4b6b-65v9j report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWgnxcQykDLEJ4kKsXIlLgQ9KdXHohpqUOItfXW6Rkxn8NR75Dzedx78vGQ6DW2Zbk8DHEisM%2BR0oS90iIafiP21gq8OBMaix6hAgvY0vDhuookZKBB6K8N5vcBctAU%2Bc6Hf%2F%2B2%2Bot%2BYbhuu0CbiLw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 80cc7880af1abbef-FRA access-control-allow-headers *
GET H2	200	json Show response forms-eu1.hscollectedforms.net/collected-forms/v1/config/	116 B 409 B	70ms 56ms	XHR application/json	172.65.192.122 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=25522132&utk= Requested by Host: js-eu1.hscollectedforms.net URL: https://js-eu1.hscollectedforms.net/collectedforms.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b6f67012173d003d1310c16e0e38a778b787655bdc8b4205e7b5b58e821c73de Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept application/json, text/plain, */* Referer https://darktrace.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:54 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 9192e2b3-b059-4fb1-928d-3151e2b8252a x-envoy-upstream-service-time 4 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 9192e2b3-b059-4fb1-928d-3151e2b8252a server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://darktrace.com x-evy-trace-virtual-host all cache-control max-age=0 x-evy-trace-served-by-pod fra04/app-td/envoy-proxy-5749f454f8-clcrj access-control-max-age 180 x-robots-tag none access-control-allow-headers * cf-ray 80cc78802e8d03f8-FRA
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/202304.1.0/assets/	13 KB 3 KB	51ms 50ms	Fetch application/json	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/otFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa355c393e03f831dbdbcc678ba16396aab95930b1bc5b0549695d40cc955ca1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 26 Sep 2023 15:16:54 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 VwzPf/atFGVLVHgPLKsA5g== age 55957 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 3019 x-ms-lease-status unlocked last-modified Thu, 11 May 2023 06:31:08 GMT server cloudflare etag 0x8DB51E94E2F9DF3 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 6731d3a2-d01e-005f-0932-872a18000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 80cc78803b49365f-FRA
GET H2	200	otPcCenter.json Show response cdn.cookielaw.org/scripttemplates/202304.1.0/assets/v2/	61 KB 12 KB	53ms 51ms	Fetch application/json	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/v2/otPcCenter.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 26 Sep 2023 15:16:54 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 U0I+ien3T2GIYJcFxPdemQ== age 55957 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 12544 x-ms-lease-status unlocked last-modified Thu, 11 May 2023 06:31:10 GMT server cloudflare etag 0x8DB51E94F811CDE vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id e2aa26f2-f01e-006a-7232-87844d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 80cc78803b4b365f-FRA
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/202304.1.0/assets/	21 KB 4 KB	53ms 52ms	Fetch text/css	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 26 Sep 2023 15:16:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 oWkBTLgDDXvrUsd93y/Zxg== age 55957 x-ms-lease-status unlocked last-modified Thu, 11 May 2023 06:31:18 GMT server cloudflare vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id b511c2f8-801e-006e-61f0-8671cf000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 80cc78803b4c365f-FRA
GET H2	200	token Show response cdn.linkedin.oribi.io/partner/67174/domain/darktrace.com/	36 B 376 B	124ms 39ms	XHR application/json	2600:9000:26db:1c00:2:53b2:240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.linkedin.oribi.io/partner/67174/domain/darktrace.com/token Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:1c00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89 Request headers Accept * Referer https://darktrace.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 14:46:20 GMT content-encoding gzip via 1.1 667b60dd320c04dc9adf041517122fc2.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P3 age 1834 vary accept-encoding x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control public, max-age=3600 x-amz-cf-id zEJh_dz9aVCjL_deZZ-jMCkeEkYqAL5Fl5eAI79yML4A3zQfVmLgVg==
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1695741414417&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1695741414417&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&cookiesTest=true https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D67174%26time%3D1695741414417%26url%3Dhttps%253A%252F%252Fdarktrace.com%252Fblog%2... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1695741414417&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&cookiesTest=true&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1695741414417&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&cookiesTest=true&liSync=true&e_ipv6=AQLCJSgw...	0 266 B	438ms 353ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1695741414417&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&cookiesTest=true&liSync=true&e_ipv6=AQLCJSgwAohTWgAAAYrSEJBidLZ9_UUwBJppYbBnnAUe9mok4aW2ZYT-yC1G6VT9SXdOqSA Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:55 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 2DB87833CBE7412298C6C8D34589A043 Ref B: FRAEDGE1405 Ref C: 2023-09-26T15:16:55Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lor1 x-li-proto http/2 content-length 0 x-li-uuid AAYGRJC5uTZAjrV+w2D9hQ== Redirect headers date Tue, 26 Sep 2023 15:16:55 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: DF649BCC6EB141A99A3FC8418268BDE7 Ref B: FRAEDGE1911 Ref C: 2023-09-26T15:16:55Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1695741414417&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&cookiesTest=true&liSync=true&e_ipv6=AQLCJSgwAohTWgAAAYrSEJBidLZ9_UUwBJppYbBnnAUe9mok4aW2ZYT-yC1G6VT9SXdOqSA x-li-proto http/2 content-length 0 x-li-uuid AAYGRJCz3JWdgSlu46sbHg==
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 4C7E	55 KB 24 KB	70ms 70ms	Stylesheet text/css	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=qsjz1ww9qzuw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 10:30:08 GMT content-encoding gzip x-content-type-options nosniff age 17206 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 10:30:08 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 4C7E	456 KB 184 KB	113ms 113ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=qsjz1ww9qzuw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 13:58:53 GMT content-encoding gzip x-content-type-options nosniff age 4681 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 187854 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 13:58:53 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/401176436/	3 KB 2 KB	179ms 85ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/401176436/?random=1695741414467&cv=11&fst=1695741414467&bg=ffffff&guid=ON&async=1&gtm=45be39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&hn=www.googleadservices.com&frm=0&tiba=The%20Rise%20of%20the%20Lumma%20Info-Stealer%20%7C%20Darktrace%20Blog&auid=4594204.1695741414&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-401176436 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a1e39ffef0c5215820840d84c7536a625a9dcac20b7715e1576a4abdddbc3c3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Tue, 26 Sep 2023 15:16:54 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1374 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response www.googleadservices.com/pagead/conversion/401176436/	3 KB 2 KB	152ms 55ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/401176436/?random=1695741414478&cv=11&fst=1695741414478&bg=ffffff&guid=ON&async=1&gtm=45be39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&label=iWNrCOfMzv0DEPTupb8B&hn=www.googleadservices.com&frm=0&tiba=The%20Rise%20of%20the%20Lumma%20Info-Stealer%20%7C%20Darktrace%20Blog&auid=4594204.1695741414&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-401176436 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash 94f7ea935a6ccf78382b8a3cd553a49bf372cd34bee1dcde412bd615ac7548f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Tue, 26 Sep 2023 15:16:54 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1602 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bat.js Show response bat.bing.com/	44 KB 13 KB	152ms 63ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Tue, 26 Sep 2023 15:16:53 GMT last-modified Wed, 06 Sep 2023 22:41:28 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 023084124D2E40719E9B9EB1F46A6A8A Ref B: FRA31EDGE0622 Ref C: 2023-09-26T15:16:54Z etag "09cc4613e1d91:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 12981
GET H2	200	b474d74a-fc48-497d-b3dd-02eddc4b51ac.js Show response j.6sc.co/j/	4 KB 4 KB	580ms 446ms	Script application/javascript	23.38.98.119 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://j.6sc.co/j/b474d74a-fc48-497d-b3dd-02eddc4b51ac.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.119 , Netherlands, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-119.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash fd86fe420268206f681edfdde283a00ce6f15dbd6bb7e09de5e8fd02cb88d463 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-amz-version-id 7Mw1NroldPLZ5O4d9EdaVphfP5jkyP9k date Tue, 26 Sep 2023 15:16:55 GMT x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-amz-meta-content-type application/json content-length 4059 pragma no-cache last-modified Thu, 29 Jun 2023 08:52:59 GMT server AmazonS3 etag "3aa2cc199385c20dfc4ccbd07cc6556f" vary Accept-Encoding content-type application/javascript cache-control max-age=0, no-cache, no-store accept-ranges bytes x-amz-cf-id bLKYE4Aa27gudO9whH5faKGSNh6JieRu2lq2JLO_bAIFs4byDGZCTQ== expires Tue, 26 Sep 2023 15:16:55 GMT
GET H/1.1	200 OK	counters.gif forms-eu1.hsforms.com/embed/v3/	35 B 1016 B	197ms 67ms	Image image/gif	172.65.232.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=6 Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Tue, 26 Sep 2023 15:16:54 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff CF-Cache-Status DYNAMIC x-evy-trace-route-service-name envoyset-translator X-HubSpot-Correlation-Id 332f394c-6dfa-470f-b7a0-9ccac4ce08ee x-envoy-upstream-service-time 3 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 332f394c-6dfa-470f-b7a0-9ccac4ce08ee Server cloudflare X-Trace 2B6A06D0FC84A94821E073E7019DEECF97A006FC9B000000000000000000 Vary origin Content-Type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod fra04/star-hubspot-td/envoy-proxy-68fc9978fc-svqcz Access-Control-Expose-Headers X-Origin-Hublet Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials false X-Robots-Tag none CF-RAY 80cc78817cd237f8-FRA
GET H2	200	ot_close.svg cdn.cookielaw.org/logos/static/	651 B 623 B	49ms 49ms	Image image/svg+xml	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/ot_close.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 26 Sep 2023 15:16:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 pcXWFGpuVeSg/jVnYCseRg== age 37059 x-ms-lease-status unlocked last-modified Mon, 25 Sep 2023 02:49:41 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id b1e6bb60-c01e-0020-627d-ef4224000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 80cc7880be674d54-FRA
GET H2	200	ot_guard_logo.svg Show response cdn.cookielaw.org/logos/static/	497 B 494 B	57ms 56ms	Fetch image/svg+xml	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 26 Sep 2023 15:16:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 tXyZydHjxQshFMbbBT1/8A== age 55134 x-ms-lease-status unlocked last-modified Thu, 21 Sep 2023 18:23:18 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 5196e425-e01e-0018-7be5-ece6e4000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 80cc7880cc01365f-FRA
GET H2	200	ot_company_logo.png cdn.cookielaw.org/logos/static/	4 KB 4 KB	53ms 53ms	Image image/png	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/ot_company_logo.png Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 26 Sep 2023 15:16:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-md5 E8+sk/ECzKgTUVtDLikiIA== age 2977 content-length 4036 x-ms-lease-status unlocked last-modified Mon, 25 Sep 2023 19:31:36 GMT server cloudflare etag 0x8DBBDFE084FC942 vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 6e6eacd7-e01e-0045-741f-f0ec60000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 80cc7880de7e4d54-FRA
GET H2	200	powered_by_logo.svg cdn.cookielaw.org/logos/static/	5 KB 2 KB	50ms 50ms	Image image/svg+xml	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/powered_by_logo.svg Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 26 Sep 2023 15:16:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 Y+c301RBZNK39PvKQWrIBw== age 2977 x-ms-lease-status unlocked last-modified Mon, 25 Sep 2023 02:49:41 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id e5674d63-c01e-001f-3dda-ef8a87000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 80cc7880de804d54-FRA
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	12 KB 4 KB	44ms 44ms	Script application/x-javascript	2a02:26f0:480:f::213:7edd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: js-eu1.hsadspixel.net URL: https://js-eu1.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:f::213:7edd , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:54 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 05 Sep 2023 13:41:52 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=63237 accept-ranges bytes content-length 3822
GET H2	200	dc_pre=CLe3kYXJyIEDFWXcOwId3HwMXQ;src=9120626;type=unive0;cat=darkt00;ord=4366832489713;auiddc=4594204.1695741414;u1=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer;gtm=45fe... Show response adservice.google.com/ddm/fls/i/ Frame 6658	603 B 678 B	171ms 78ms	Document text/html	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/ddm/fls/i/dc_pre=CLe3kYXJyIEDFWXcOwId3HwMXQ;src=9120626;type=unive0;cat=darkt00;ord=4366832489713;auiddc=4594204.1695741414;u1=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer;gtm=45fe39k2h1;epver=2;~oref=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer Requested by Host: 9120626.fls.doubleclick.net URL: https://9120626.fls.doubleclick.net/activityi;dc_pre=CLe3kYXJyIEDFWXcOwId3HwMXQ;src=9120626;type=unive0;cat=darkt00;ord=4366832489713;auiddc=4594204.1695741414;u1=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer;gtm=45fe39k2h1;epver=2;~oref=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ae3f5f19775f71b76583d46269ae2563a42ff168666de848c444cecc4cdd3c02 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://9120626.fls.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 303 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 26 Sep 2023 15:16:54 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	/ www.google.de/pagead/1p-conversion/401176436/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/401176436/?random=1755135457&cv=11&fst=1695741414478&bg=ffffff&guid=ON&async=1&gtm=45be39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Fdark... https://www.google.com/pagead/1p-conversion/401176436/?random=1755135457&cv=11&fst=1695741414478&bg=ffffff&guid=ON&async=1&gtm=45be39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fth... https://www.google.de/pagead/1p-conversion/401176436/?random=1755135457&cv=11&fst=1695741414478&bg=ffffff&guid=ON&async=1&gtm=45be39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe...	42 B 108 B	56ms 53ms	Image image/gif	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/401176436/?random=1755135457&cv=11&fst=1695741414478&bg=ffffff&guid=ON&async=1&gtm=45be39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&label=iWNrCOfMzv0DEPTupb8B&hn=www.googleadservices.com&frm=0&tiba=The%20Rise%20of%20the%20Lumma%20Info-Stealer%20%7C%20Darktrace%20Blog&auid=4594204.1695741414&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkpDaEFJOElMS3FBWVFsT182cGJhcnlKOGpFaU1Ba3ljck1tQ00zZlJ1cmlxalJGdTJqMEtqNXNSVE93U1h1Q180MFVTcTFnMEtXQRpWQ2hFSThJTEtxQVlRdDlUanZJRzR1OG11QVJJckFFaV96OXgyTUU3aFhGMENkSmxZTXlXOFdqTkpFNlNCNGtQY2tsZk9yRzFqdWltbmc5X2tPZmtJemciEwiKxpeFyciBAxWCwLsIHaWFBvQ&is_vtc=1&ocp_id=5vUSZYq7JIKB7_UPpYuaoA8&cid=CAQSKQDICaaN5Gt0I-Og2JR2YaCCJD5npnErU34MY7eCWYrCNPdjBfPu9uc_&random=3511076391&ipr=y Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Tue, 26 Sep 2023 15:16:55 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 26 Sep 2023 15:16:54 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.de/pagead/1p-conversion/401176436/?random=1755135457&cv=11&fst=1695741414478&bg=ffffff&guid=ON&async=1&gtm=45be39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&label=iWNrCOfMzv0DEPTupb8B&hn=www.googleadservices.com&frm=0&tiba=The%20Rise%20of%20the%20Lumma%20Info-Stealer%20%7C%20Darktrace%20Blog&auid=4594204.1695741414&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkpDaEFJOElMS3FBWVFsT182cGJhcnlKOGpFaU1Ba3ljck1tQ00zZlJ1cmlxalJGdTJqMEtqNXNSVE93U1h1Q180MFVTcTFnMEtXQRpWQ2hFSThJTEtxQVlRdDlUanZJRzR1OG11QVJJckFFaV96OXgyTUU3aFhGMENkSmxZTXlXOFdqTkpFNlNCNGtQY2tsZk9yRzFqdWltbmc5X2tPZmtJemciEwiKxpeFyciBAxWCwLsIHaWFBvQ&is_vtc=1&ocp_id=5vUSZYq7JIKB7_UPpYuaoA8&cid=CAQSKQDICaaN5Gt0I-Og2JR2YaCCJD5npnErU34MY7eCWYrCNPdjBfPu9uc_&random=3511076391&ipr=y content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	211011833.js Show response bat.bing.com/p/action/	0 117 B	64ms 63ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/211011833.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Tue, 26 Sep 2023 15:16:53 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: A206872D89774FBAB72EBD56705562C3 Ref B: FRA31EDGE0622 Ref C: 2023-09-26T15:16:54Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 287 B	144ms 143ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=211011833&Ver=2&mid=39681f0d-d58c-46c0-b413-4b0f72338ae1&sid=ba0293f05c7f11eeb4ab37f1e3a8b5fd&vid=ba02bc805c7f11ee96967560bc6b54c6&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20Rise%20of%20the%20Lumma%20Info-Stealer%20%7C%20Darktrace%20Blog&p=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&r=&lt=1133&evt=pageLoad&sv=1&rn=134150 Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 26 Sep 2023 15:16:53 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: A4DF56B699D8491C9C235640E6E74EAA Ref B: FRA31EDGE0622 Ref C: 2023-09-26T15:16:54Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame BD81	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame BD81	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/png
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame BD81	2 KB 2 KB	39ms 39ms	Image image/png	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 07:44:15 GMT x-content-type-options nosniff age 113559 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Mon, 02 Oct 2023 07:44:15 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame BD81	15 KB 16 KB	248ms 159ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=x792qm49verx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Sat, 23 Sep 2023 02:58:03 GMT x-content-type-options nosniff age 303531 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 22 Sep 2024 02:58:03 GMT
GET DATA	200 OK	truncated / Frame 4C7E	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 4C7E	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/png
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 4C7E	2 KB 2 KB	39ms 39ms	Image image/png	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 07:44:15 GMT x-content-type-options nosniff age 113559 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Mon, 02 Oct 2023 07:44:15 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 4C7E	15 KB 15 KB	235ms 177ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=qsjz1ww9qzuw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Sat, 23 Sep 2023 02:58:03 GMT x-content-type-options nosniff age 303531 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 22 Sep 2024 02:58:03 GMT
GET DATA	200 OK	truncated / Frame A3A6	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame A3A6	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/png
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame A3A6	2 KB 2 KB	164ms 164ms	Image image/png	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 07:44:15 GMT x-content-type-options nosniff age 113559 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Mon, 02 Oct 2023 07:44:15 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame A3A6	15 KB 15 KB	234ms 209ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=ujmlsjk47f0z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Sat, 23 Sep 2023 02:58:03 GMT x-content-type-options nosniff age 303531 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 22 Sep 2024 02:58:03 GMT
GET DATA	200 OK	truncated / Frame 381D	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 381D	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/png
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 381D	2 KB 2 KB	110ms 109ms	Image image/png	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 07:44:15 GMT x-content-type-options nosniff age 113559 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Mon, 02 Oct 2023 07:44:15 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 381D	15 KB 15 KB	180ms 179ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=3pfkq44xfjx6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Sat, 23 Sep 2023 02:58:03 GMT x-content-type-options nosniff age 303531 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 22 Sep 2024 02:58:03 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame BD81	102 B 135 B	69ms 69ms	Other text/javascript	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=x792qm49verx Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 92fd239ffc7ccfa6d1586848df32f07e749d3fea1a39143948f7dac710a19531 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=x792qm49verx User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:54 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Tue, 26 Sep 2023 15:16:54 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 4C7E	102 B 135 B	67ms 66ms	Other text/javascript	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=qsjz1ww9qzuw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 92fd239ffc7ccfa6d1586848df32f07e749d3fea1a39143948f7dac710a19531 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=qsjz1ww9qzuw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:54 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Tue, 26 Sep 2023 15:16:54 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/401176436/	42 B 64 B	73ms 72ms	Image image/gif	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/401176436/?random=1695741414467&cv=11&fst=1695740400000&bg=ffffff&guid=ON&async=1&gtm=45be39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&frm=0&tiba=The%20Rise%20of%20the%20Lumma%20Info-Stealer%20%7C%20Darktrace%20Blog&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3466788213&rmt_tld=0&ipr=y Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Tue, 26 Sep 2023 15:16:54 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/401176436/	42 B 455 B	162ms 51ms	Image image/gif	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/401176436/?random=1695741414467&cv=11&fst=1695740400000&bg=ffffff&guid=ON&async=1&gtm=45be39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&frm=0&tiba=The%20Rise%20of%20the%20Lumma%20Info-Stealer%20%7C%20Darktrace%20Blog&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3466788213&rmt_tld=1&ipr=y Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Tue, 26 Sep 2023 15:16:55 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame A3A6	102 B 135 B	66ms 66ms	Other text/javascript	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=ujmlsjk47f0z Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 92fd239ffc7ccfa6d1586848df32f07e749d3fea1a39143948f7dac710a19531 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=ujmlsjk47f0z User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:54 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Tue, 26 Sep 2023 15:16:54 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame C743	102 B 135 B	63ms 63ms	Other text/javascript	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=n2l6ex8kflil Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 92fd239ffc7ccfa6d1586848df32f07e749d3fea1a39143948f7dac710a19531 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=n2l6ex8kflil User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:54 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Tue, 26 Sep 2023 15:16:54 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 381D	102 B 135 B	60ms 59ms	Other text/javascript	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=3pfkq44xfjx6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 92fd239ffc7ccfa6d1586848df32f07e749d3fea1a39143948f7dac710a19531 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=3pfkq44xfjx6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:54 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Tue, 26 Sep 2023 15:16:54 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 3884	102 B 135 B	60ms 59ms	Other text/javascript	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=nvt8q4ow9j6b Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 92fd239ffc7ccfa6d1586848df32f07e749d3fea1a39143948f7dac710a19531 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=nvt8q4ow9j6b User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:54 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Tue, 26 Sep 2023 15:16:54 GMT
GET H2	200	dc_pre=CLe3kYXJyIEDFWXcOwId3HwMXQ;src=9120626;type=unive0;cat=darkt00;ord=4366832489713;auiddc=4594204.1695741414;u1=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer;gtm=45fe... Show response adservice.google.de/ddm/fls/i/ Frame 0B3F	194 B 515 B	170ms 77ms	Document text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/ddm/fls/i/dc_pre=CLe3kYXJyIEDFWXcOwId3HwMXQ;src=9120626;type=unive0;cat=darkt00;ord=4366832489713;auiddc=4594204.1695741414;u1=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer;gtm=45fe39k2h1;epver=2;~oref=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer Requested by Host: adservice.google.com URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLe3kYXJyIEDFWXcOwId3HwMXQ;src=9120626;type=unive0;cat=darkt00;ord=4366832489713;auiddc=4594204.1695741414;u1=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer;gtm=45fe39k2h1;epver=2;~oref=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adservice.google.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 85 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 26 Sep 2023 15:16:55 GMT expires Tue, 26 Sep 2023 15:16:55 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	6si.min.js Show response j.6sc.co/	51 KB 15 KB	58ms 58ms	Script application/javascript	23.38.98.119 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://j.6sc.co/6si.min.js Requested by Host: j.6sc.co URL: https://j.6sc.co/j/b474d74a-fc48-497d-b3dd-02eddc4b51ac.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.119 , Netherlands, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-119.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 3ac0c589d242920586289eabdd93bf71f3d85bb1c6c8333d3e2deb4e173b61a4 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Tue, 26 Sep 2023 15:16:55 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 24 Aug 2023 22:29:49 GMT server nginx/1.14.0 (Ubuntu) etag "64e7d9dd-cc38" vary Accept-Encoding content-type application/javascript cache-control private, no-cache, proxy-revalidate accept-ranges bytes content-length 14993 expires Tue, 26 Sep 2023 15:16:55 GMT
GET H2	200	getuidj Show response secure.adnxs.com/	11 B 570 B	149ms 48ms	XHR application/json	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/getuidj Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.141 , Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Tue, 26 Sep 2023 15:16:55 GMT an-x-request-uuid dd0f4963-7bee-4e29-b6a6-ccf0ab4f84fb server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://darktrace.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 80.255.7.108; 80.255.7.108; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 11 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ Show response c.6sc.co/	7 B 191 B	44ms 41ms	XHR text/html	23.38.98.119 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://c.6sc.co/ Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.119 , Netherlands, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-119.deploy.static.akamaitechnologies.com Software / Resource Hash fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:55 GMT access-control-max-age 86400 access-control-allow-methods GET,POST content-type text/html access-control-allow-origin https://darktrace.com access-control-allow-credentials true access-control-allow-headers * content-length 7
GET H2	200	/ Show response ipv6.6sc.co/	19 B 306 B	167ms 42ms	XHR text/html	2a02:26f0:ab00::214:8e70 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ipv6.6sc.co/ Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:ab00::214:8e70 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash c829514739663b0fbaa1e5b4da63fecddb091258f1f8cb852c5e54e1b3fce9af Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Tue, 26 Sep 2023 15:16:55 GMT vary Origin content-type text/html access-control-allow-origin https://darktrace.com cache-control max-age=0, no-cache, no-store 6si-ipv6 2a01:4a0:1338:92::5 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1695741415203_34901612_138544848_24_926_38_80_219";dur=1 content-length 19 expires Tue, 26 Sep 2023 15:16:55 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 485 B	239ms 238ms	Image image/gif	23.38.98.119 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=58e1d7a8a68ff8537d596ebcbffc4824&svisitor=null&visitor=7da6ab0e-6f27-41e3-84ed-6c8cbac33064&session=72441fc5-ab60-4239-86df-7b496c9ce762&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Tue%2C%2026%20Sep%202023%2015%3A16%3A55%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%2258e1d7a8a68ff8537d596ebcbffc4824%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2026%20Sep%202023%2015%3A16%3A55%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2026%20Sep%202023%2015%3A16%3A55%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22bfc303872745c57fc21c407e92980bd51b495b1e%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2026%20Sep%202023%2015%3A16%3A55%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2026%20Sep%202023%2015%3A16%3A55%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2026%20Sep%202023%2015%3A16%3A55%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2026%20Sep%202023%2015%3A16%3A55%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2026%20Sep%202023%2015%3A16%3A55%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2026%20Sep%202023%2015%3A16%3A55%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%22b474d74a-fc48-497d-b3dd-02eddc4b51ac%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2026%20Sep%202023%2015%3A16%3A55%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2026%20Sep%202023%2015%3A16%3A55%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2026%20Sep%202023%2015%3A16%3A55%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2026%20Sep%202023%2015%3A16%3A55%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20blog%20investigates%20the%20emergence%20of%20Lumma%20Stealer%2C%20an%20information%20stealer%20that%20has%20recently%20been%20observed%20across%20the%20Darktrace%20fleet.%20Darktrace%E2%80%99s%20Self-Learning%20AI%20enabled%20customers%20to%20quickly%20identify%20affected%20devices%20and%20mitigate%20the%20compromise.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20Rise%20of%20the%20Lumma%20Info-Stealer%20%7C%20Darktrace%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&pageViewId=6f5b5c68-3e01-46cc-8829-a16499232b93&an_uid=0&webTagId=b474d74a-fc48-497d-b3dd-02eddc4b51ac&v=1.1.6 Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.119 , Netherlands, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-119.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:55 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 05 Jun 2021 07:56:05 GMT server nginx/1.14.0 (Ubuntu) etag "60bb2e15-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame 870C	7 KB 1 KB	56ms 55ms	Document text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 11d4c5b3f0228e945c56e343234dba2aa7f98158b3420c3c0e577fff4de71482 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-QaLdv8Pn2R3JB93l0BG92Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-QaLdv8Pn2R3JB93l0BG92Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 26 Sep 2023 15:16:55 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	details Show response epsilon.6sense.com/v3/company/	726 B 570 B	141ms 49ms	XHR application/json	35.156.107.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://epsilon.6sense.com/v3/company/details Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.107.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-107-46.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e4467e5e450f09b28e5f90e57af82e92968e748e34cb0542a123035fa280cca5 Request headers Referer https://darktrace.com/ accept-language de-DE,de;q=0.9 Authorization Token bfc303872745c57fc21c407e92980bd51b495b1e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 X-6s-CustomID WebTag b474d74a-fc48-497d-b3dd-02eddc4b51ac Response headers date Tue, 26 Sep 2023 15:16:55 GMT content-encoding gzip server nginx vary Accept-Encoding content-type application/json access-control-allow-origin https://darktrace.com access-control-allow-credentials true content-length 387
OPTIONS H2	200	details epsilon.6sense.com/v3/company/ Frame	0 0	130ms 43ms	Preflight	35.156.107.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://epsilon.6sense.com/v3/company/details Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.107.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-107-46.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,x-6s-customid Access-Control-Request-Method GET Origin https://darktrace.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers authorization,x-6s-customid access-control-allow-methods OPTIONS,GET access-control-allow-origin https://darktrace.com access-control-max-age 1800 date Tue, 26 Sep 2023 15:16:55 GMT server nginx
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame 757A	7 KB 1 KB	53ms 53ms	Document text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 9f185e6293a529e83db4edfef63845e83d9e1d23ff0f46f1191463ed3b006390 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-NVZfvx71CoIy7x86xLE4XA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-NVZfvx71CoIy7x86xLE4XA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 26 Sep 2023 15:16:55 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 484 B	235ms 235ms	Image image/gif	23.38.98.119 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=58e1d7a8a68ff8537d596ebcbffc4824&svisitor=null&visitor=7da6ab0e-6f27-41e3-84ed-6c8cbac33064&session=72441fc5-ab60-4239-86df-7b496c9ce762&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A1338%3A92%3A%3A5%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20blog%20investigates%20the%20emergence%20of%20Lumma%20Stealer%2C%20an%20information%20stealer%20that%20has%20recently%20been%20observed%20across%20the%20Darktrace%20fleet.%20Darktrace%E2%80%99s%20Self-Learning%20AI%20enabled%20customers%20to%20quickly%20identify%20affected%20devices%20and%20mitigate%20the%20compromise.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20Rise%20of%20the%20Lumma%20Info-Stealer%20%7C%20Darktrace%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&pageViewId=6f5b5c68-3e01-46cc-8829-a16499232b93&an_uid=0&webTagId=b474d74a-fc48-497d-b3dd-02eddc4b51ac&v=1.1.6 Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.119 , Netherlands, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-119.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:55 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 00:49:36 GMT server nginx/1.14.0 (Ubuntu) etag "63f020a0-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame 216B	7 KB 1 KB	56ms 55ms	Document text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 4ae70aacae0621085a6ef4a979300dd37b1eb7fd1342cb10ef798b3757dd08d2 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-mEseuwagTvVRmKmapN71dA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-mEseuwagTvVRmKmapN71dA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 26 Sep 2023 15:16:55 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame 18EB	7 KB 1 KB	57ms 56ms	Document text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash ffa776e4e846360b1c1f4530c31351864561c6d8fd2936fb4a190219f84c65c5 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-ky8MCKXnGOuZnbo8OnaTyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-ky8MCKXnGOuZnbo8OnaTyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 26 Sep 2023 15:16:55 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame ACA4	7 KB 1 KB	56ms 54ms	Document text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e83cde7c3738b49b7fa9217e8f76e86a53af37ee176f7ad941a18aeb739a9784 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-8ov_BmYZmppnf3BDg7GwPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-8ov_BmYZmppnf3BDg7GwPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 26 Sep 2023 15:16:55 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame 4F7E	7 KB 1 KB	54ms 53ms	Document text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 97fef7e05f772571bdde96a9418bf890351f1b824fc3a75ea1cabb018b2c49d3 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-tj2TtZdqOwl5SdKeJCjsPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://darktrace.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-tj2TtZdqOwl5SdKeJCjsPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 26 Sep 2023 15:16:55 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 870C	55 KB 24 KB	40ms 39ms	Stylesheet text/css	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 10:30:08 GMT content-encoding gzip x-content-type-options nosniff age 17207 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 10:30:08 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 870C	456 KB 184 KB	42ms 42ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 13:58:53 GMT content-encoding gzip x-content-type-options nosniff age 4682 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 187854 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 13:58:53 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 757A	55 KB 24 KB	43ms 42ms	Stylesheet text/css	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 10:30:08 GMT content-encoding gzip x-content-type-options nosniff age 17207 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 10:30:08 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 757A	456 KB 184 KB	46ms 46ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 13:58:53 GMT content-encoding gzip x-content-type-options nosniff age 4682 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 187854 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 13:58:53 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 216B	55 KB 24 KB	40ms 39ms	Stylesheet text/css	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 10:30:08 GMT content-encoding gzip x-content-type-options nosniff age 17207 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 10:30:08 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 216B	456 KB 184 KB	41ms 40ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 13:58:53 GMT content-encoding gzip x-content-type-options nosniff age 4682 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 187854 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 13:58:53 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 18EB	55 KB 24 KB	42ms 39ms	Stylesheet text/css	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 10:30:08 GMT content-encoding gzip x-content-type-options nosniff age 17207 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 10:30:08 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 18EB	456 KB 184 KB	44ms 40ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 13:58:53 GMT content-encoding gzip x-content-type-options nosniff age 4682 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 187854 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 13:58:53 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 4F7E	55 KB 24 KB	44ms 41ms	Stylesheet text/css	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 10:30:08 GMT content-encoding gzip x-content-type-options nosniff age 17207 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 10:30:08 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 4F7E	456 KB 184 KB	47ms 44ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 13:58:53 GMT content-encoding gzip x-content-type-options nosniff age 4682 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 187854 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 13:58:53 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame ACA4	55 KB 24 KB	44ms 42ms	Stylesheet text/css	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 10:30:08 GMT content-encoding gzip x-content-type-options nosniff age 17207 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 10:30:08 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame ACA4	456 KB 184 KB	47ms 45ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 13:58:53 GMT content-encoding gzip x-content-type-options nosniff age 4682 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 187854 x-xss-protection 0 last-modified Mon, 18 Sep 2023 04:01:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Sep 2024 13:58:53 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 485 B	235ms 235ms	Image image/gif	23.38.98.119 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=58e1d7a8a68ff8537d596ebcbffc4824&svisitor=null&visitor=7da6ab0e-6f27-41e3-84ed-6c8cbac33064&session=72441fc5-ab60-4239-86df-7b496c9ce762&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2026%20Sep%202023%2015%3A16%3A56%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2026%20Sep%202023%2015%3A16%3A55%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%221004%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20blog%20investigates%20the%20emergence%20of%20Lumma%20Stealer%2C%20an%20information%20stealer%20that%20has%20recently%20been%20observed%20across%20the%20Darktrace%20fleet.%20Darktrace%E2%80%99s%20Self-Learning%20AI%20enabled%20customers%20to%20quickly%20identify%20affected%20devices%20and%20mitigate%20the%20compromise.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20Rise%20of%20the%20Lumma%20Info-Stealer%20%7C%20Darktrace%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&pageViewId=6f5b5c68-3e01-46cc-8829-a16499232b93&an_uid=0&webTagId=b474d74a-fc48-497d-b3dd-02eddc4b51ac&v=1.1.6 Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.119 , Netherlands, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-119.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:56 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 02:04:22 GMT server nginx/1.14.0 (Ubuntu) etag "63f03226-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	zi-tag.js Show response js.zi-scripts.com/	8 KB 3 KB	177ms 40ms	Script application/javascript	52.222.139.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.zi-scripts.com/zi-tag.js Requested by Host: darktrace.com URL: https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.48 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-48.ams50.r.cloudfront.net Software AmazonS3 / Resource Hash c365a59132dd34b492cb3a77d534078dd35cbbf75dbb2eabbe328642b74a291b Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-amz-version-id Rt6XPSKiJ8UdHSAhNzDbvtFnl_cNNgVn content-encoding br via 1.1 614841c4d4b9d16b3be042dd1938400c.cloudfront.net (CloudFront) date Tue, 26 Sep 2023 11:17:11 GMT last-modified Mon, 24 Jul 2023 07:50:42 GMT server AmazonS3 x-amz-cf-pop AMS50-C1 age 14386 etag W/"4eb0c668e820abe414d19a11b92dd0fa" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id odfpOX2UgQSxBrdd7Vcr3dvG16b2VPZGXdDc2DUbQWwv4d6YARKTMQ==
GET H2	200	__ptq.gif track-eu1.hubspot.com/	45 B 1 KB	184ms 61ms	Image image/gif	172.65.240.166 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=296660058&v=1.1&a=25522132&rcu=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&pu=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&t=The+Rise+of+the+Lumma+Info-Stealer+%7C+Darktrace+Blog&cts=1695741416396&vi=9d1e7dc148ab4e61578dad652355517d&nc=true&u=21031588.9d1e7dc148ab4e61578dad652355517d.1695741416390.1695741416390.1695741416390.1&b=21031588.1.1695741416391&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:56 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 2254e659-deab-4761-81a6-c9655bfadddc p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 2 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 2254e659-deab-4761-81a6-c9655bfadddc last-modified Tue, 26 Sep 2023 15:16:56 GMT server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKz6D1uCCs9ze4V5Gzp3tv%2Bk%2BkFTIWWHuwejas%2B%2FTgbnldh7puw713XDfw%2FBbIGH6ZiZ0qSfGXm4MNoqpHg%2BoCsxZUIMqbyckaA95uw1m%2FcX0%2F3OHR0Myi47l%2FiKffLEn%2BWmz%2Bm7Rw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod fra04/analytics-tracking-td/envoy-proxy-69d5865876-qv4vl x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false accept-ranges bytes cf-ray 80cc788d59ca1e5c-FRA x-robots-tag none
GET H2	200	s33348077794486 darktrace.sc.omtrdc.net/b/ss/darktraceprod/1/JS-2.23.0-LDQM/	43 B 345 B	175ms 57ms	Image image/gif	63.140.62.22 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://darktrace.sc.omtrdc.net/b/ss/darktraceprod/1/JS-2.23.0-LDQM/s33348077794486?AQB=1&ndh=1&pf=1&t=26%2F8%2F2023%2017%3A16%3A56%202%20-120&mid=39464419686565617732300428580892905906&aamlh=6&ce=UTF-8&cdp=1&fpCookieDomainPeriods=1&pageName=%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&g=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&c.&apl=4.0&getPreviousValue=3.0&.c&cc=GBP&ch=blog&events=event17%2Cevent1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&v3=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&v4=the%20rise%20of%20the%20lumma%20info-stealer%20%7C%20darktrace%20blog&v5=darktrace.com&v11=39464419686565617732300428580892905906&v25=The%20Rise%20of%20the%20Lumma%20Info-Stealer&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=4AE530AF633C985D0A495E93%40AdobeOrg&AQE=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 63.140.62.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-63-140-62-22.data.adobedc.net Software jag / Resource Hash a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Tue, 26 Sep 2023 15:16:56 GMT x-content-type-options nosniff last-modified Wed, 27 Sep 2023 15:16:56 GMT server jag etag 3641576963617292288-4617837627129458883 vary * p3p CP="This is not a P3P policy" access-control-allow-origin * content-type image/gif;charset=utf-8 cache-control no-cache, no-store, max-age=0, no-transform, private content-length 43 x-xss-protection 1; mode=block expires Mon, 25 Sep 2023 15:16:56 GMT
GET H2	200	getSubscriptions Show response js.zi-scripts.com/unified/v1/master/	195 B 558 B	225ms 225ms	Fetch application/json	52.222.139.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.zi-scripts.com/unified/v1/master/getSubscriptions Requested by Host: js.zi-scripts.com URL: https://js.zi-scripts.com/zi-tag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.48 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-48.ams50.r.cloudfront.net Software / Express Resource Hash ce0bb39a9fd524dcacef6ef52bc2e8f264f8182efb04d0ba0e5b55e48656ecec Request headers Content-Type application/json Referer https://darktrace.com/ accept-language de-DE,de;q=0.9 Authorization Bearer 7a7b0f38131678294923 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 visited_url https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer Response headers date Tue, 26 Sep 2023 15:16:56 GMT via 1.1 559401aa49f4b835c1816ad004278e3e.cloudfront.net (CloudFront) x-amz-cf-pop AMS50-C1 x-powered-by Express etag W/"c3-Rc4R1AMsBxwZyM8PrCKXYq1/dH4" x-cache Miss from cloudfront content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * content-length 195 apigw-requestid L3tccg4YPHcEPNg= x-amz-cf-id qxLHCGeOmfeMmPX7S-UoJzguukfQ1oN19_I22NULrhc9c0KAWTFn5w==
OPTIONS H2	204	getSubscriptions js.zi-scripts.com/unified/v1/master/ Frame	0 0	261ms 181ms	Preflight	52.222.139.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.zi-scripts.com/unified/v1/master/getSubscriptions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.48 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-48.ams50.r.cloudfront.net Software / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,visited_url Access-Control-Request-Method GET Origin https://darktrace.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers access-control-allow-headers * access-control-allow-methods * access-control-allow-origin * access-control-max-age 0 apigw-requestid L3tcaic6PHcEPxw= date Tue, 26 Sep 2023 15:16:56 GMT vary Access-Control-Request-Headers via 1.1 559401aa49f4b835c1816ad004278e3e.cloudfront.net (CloudFront) x-amz-cf-id jv4DDRILECdW3vsdidZLoneX4sPJyGBG5FlXDSRPO7FITfb2mo7F7A== x-amz-cf-pop AMS50-C1 x-cache Miss from cloudfront x-powered-by Express
GET H2	200	formcomplete.js Show response ws-assets.zoominfo.com/	85 KB 27 KB	185ms 85ms	Script application/javascript	2606:4700::6810:880f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws-assets.zoominfo.com/formcomplete.js Requested by Host: js.zi-scripts.com URL: https://js.zi-scripts.com/zi-tag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee9c6658d320d8aa8fbd3135debda38c8483fb11d91b733af4d63ab4bc5f8663 Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:57 GMT content-encoding gzip cf-cache-status DYNAMIC age 2460 x-guploader-uploadid ADPycdu8PibHLuRhwmsuBkF5Qxg4yDZEo3Vn8v4nPzfcS7ivtaXL9BxRc1K5SK89U_zFn9P9j_UMcBtpRNOLVDkoR525Bw x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 last-modified Tue, 19 Sep 2023 05:31:59 GMT server cloudflare etag W/"70422a7b3dec4b912002b128eaa19667" x-goog-hash crc32c=/+Pg1Q==, md5=cEIqez3sS5EgArEo6qGWZw== x-goog-generation 1695101519658995 content-type application/javascript cache-control public, max-age=3600 x-goog-stored-content-length 87428 cf-ray 80cc78915a2b3623-FRA expires Tue, 26 Sep 2023 15:35:57 GMT
GET H3	200	/ Show response ws.zoominfo.com/pixel/4ccDSNZP4XJCgNG1HArJ/	3 KB 1 KB	249ms 198ms	Fetch text/javascript	2606:4700::6810:880f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/pixel/4ccDSNZP4XJCgNG1HArJ/?iszitag=true Requested by Host: js.zi-scripts.com URL: https://js.zi-scripts.com/zi-tag.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash d49e14cc08e717b12c7badba81f313deb38af985b43f2a4364dbadaaba1290a2 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer _vtok ODAuMjU1LjcuMTA4 _zitok dd0c36f5d47646f13a8f1695741416 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-Type text/javascript Response headers date Tue, 26 Sep 2023 15:16:57 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 google server cloudflare x-powered-by Express vary Accept-Encoding content-type text/javascript access-control-allow-origin https://darktrace.com access-control-allow-credentials true cf-ray 80cc78933cbb3a6a-FRA access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok alt-svc h3=":443"; ma=86400
OPTIONS H2	200	/ ws.zoominfo.com/pixel/4ccDSNZP4XJCgNG1HArJ/ Frame	0 0	354ms 266ms	Preflight text/html	2606:4700::6810:880f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/pixel/4ccDSNZP4XJCgNG1HArJ/?iszitag=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers _vtok,_zitok,content-type Access-Control-Request-Method GET Origin https://darktrace.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok access-control-allow-origin https://darktrace.com allow GET,HEAD alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 80cc789139bf3734-FRA content-encoding gzip content-type text/html; charset=utf-8 date Tue, 26 Sep 2023 15:16:57 GMT server cloudflare via 1.1 google x-content-type-options nosniff x-powered-by Express
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 485 B	251ms 251ms	Image image/gif	23.38.98.119 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=58e1d7a8a68ff8537d596ebcbffc4824&svisitor=null&visitor=7da6ab0e-6f27-41e3-84ed-6c8cbac33064&session=72441fc5-ab60-4239-86df-7b496c9ce762&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2026%20Sep%202023%2015%3A16%3A57%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2026%20Sep%202023%2015%3A16%3A56%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222006%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20blog%20investigates%20the%20emergence%20of%20Lumma%20Stealer%2C%20an%20information%20stealer%20that%20has%20recently%20been%20observed%20across%20the%20Darktrace%20fleet.%20Darktrace%E2%80%99s%20Self-Learning%20AI%20enabled%20customers%20to%20quickly%20identify%20affected%20devices%20and%20mitigate%20the%20compromise.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20Rise%20of%20the%20Lumma%20Info-Stealer%20%7C%20Darktrace%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&pageViewId=6f5b5c68-3e01-46cc-8829-a16499232b93&an_uid=0&webTagId=b474d74a-fc48-497d-b3dd-02eddc4b51ac&v=1.1.6 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.119 , Netherlands, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-119.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:57 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 01:45:17 GMT server nginx/1.14.0 (Ubuntu) etag "63f02dad-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
POST H3	200	forms Show response ws.zoominfo.com/formcomplete-v2/	15 KB 2 KB	230ms 188ms	Fetch application/json	2606:4700::6810:880f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/formcomplete-v2/forms Requested by Host: ws-assets.zoominfo.com URL: https://ws-assets.zoominfo.com/formcomplete.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 8f5f64684bf3895531a3745d16c85a6a049bd805f4d41dfa8b9dec6188667b94 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://darktrace.com/ accept-language de-DE,de;q=0.9 Authorization bearer bed4e10d0e2408d5fb89f6b5194434 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-Type application/json Response headers date Tue, 26 Sep 2023 15:16:57 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 google server cloudflare x-powered-by Express etag W/"3d93-M6f3pJTM/Qoqdi4V25HdFMv9oII" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://darktrace.com access-control-allow-credentials true cf-ray 80cc78933cb93a6a-FRA access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok alt-svc h3=":443"; ma=86400
OPTIONS H2	200	forms ws.zoominfo.com/formcomplete-v2/ Frame	0 0	167ms 167ms	Preflight text/html	2606:4700::6810:880f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/formcomplete-v2/forms Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://darktrace.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok access-control-allow-origin https://darktrace.com allow POST alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 80cc7891ea7d3734-FRA content-encoding gzip content-type text/html; charset=utf-8 date Tue, 26 Sep 2023 15:16:57 GMT server cloudflare via 1.1 google x-content-type-options nosniff x-powered-by Express
GET H3	200	getMapping Show response ws.zoominfo.com/formcomplete-v2/	2 KB 1 KB	205ms 204ms	XHR application/json	2606:4700::6810:880f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=d75ab5cb-63b5-4919-b2f7-193e24c3f0c4 Requested by Host: ws-assets.zoominfo.com URL: https://ws-assets.zoominfo.com/formcomplete.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash d80a894092bbae80b3c9e7de7d3885d32313b14e15e3f3fc1e17b1a252a42c0d Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:57 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 google server cloudflare x-powered-by Express etag W/"6fa-j3/StY66b/moZzRQ/bY551QkHis" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://darktrace.com access-control-allow-credentials true cf-ray 80cc78946dc73a6a-FRA access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok alt-svc h3=":443"; ma=86400
GET H3	200	getMapping Show response ws.zoominfo.com/formcomplete-v2/	2 KB 1 KB	170ms 170ms	XHR application/json	2606:4700::6810:880f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=c94fb229-4f72-40fb-9861-df7013cc23c5 Requested by Host: ws-assets.zoominfo.com URL: https://ws-assets.zoominfo.com/formcomplete.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash b577749a20ce4699fa56152f1e196862c2ffb16cb139d165cab7ae157f80faff Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:57 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 google server cloudflare x-powered-by Express etag W/"919-xspSM5HLdaYkNosXeD6Dgx4CcmQ" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://darktrace.com access-control-allow-credentials true cf-ray 80cc78946dc93a6a-FRA access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok alt-svc h3=":443"; ma=86400
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 484 B	241ms 241ms	Image image/gif	23.38.98.119 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=58e1d7a8a68ff8537d596ebcbffc4824&svisitor=null&visitor=7da6ab0e-6f27-41e3-84ed-6c8cbac33064&session=72441fc5-ab60-4239-86df-7b496c9ce762&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2026%20Sep%202023%2015%3A16%3A58%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2026%20Sep%202023%2015%3A16%3A57%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223007%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20blog%20investigates%20the%20emergence%20of%20Lumma%20Stealer%2C%20an%20information%20stealer%20that%20has%20recently%20been%20observed%20across%20the%20Darktrace%20fleet.%20Darktrace%E2%80%99s%20Self-Learning%20AI%20enabled%20customers%20to%20quickly%20identify%20affected%20devices%20and%20mitigate%20the%20compromise.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20Rise%20of%20the%20Lumma%20Info-Stealer%20%7C%20Darktrace%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&pageViewId=6f5b5c68-3e01-46cc-8829-a16499232b93&an_uid=0&webTagId=b474d74a-fc48-497d-b3dd-02eddc4b51ac&v=1.1.6 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.119 , Netherlands, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-119.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:58 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Fri, 21 Feb 2020 18:57:20 GMT server nginx/1.14.0 (Ubuntu) etag "5e502810-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 484 B	236ms 236ms	Image image/gif	23.38.98.119 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=58e1d7a8a68ff8537d596ebcbffc4824&svisitor=null&visitor=7da6ab0e-6f27-41e3-84ed-6c8cbac33064&session=72441fc5-ab60-4239-86df-7b496c9ce762&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2026%20Sep%202023%2015%3A16%3A59%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2026%20Sep%202023%2015%3A16%3A58%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224008%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20blog%20investigates%20the%20emergence%20of%20Lumma%20Stealer%2C%20an%20information%20stealer%20that%20has%20recently%20been%20observed%20across%20the%20Darktrace%20fleet.%20Darktrace%E2%80%99s%20Self-Learning%20AI%20enabled%20customers%20to%20quickly%20identify%20affected%20devices%20and%20mitigate%20the%20compromise.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20Rise%20of%20the%20Lumma%20Info-Stealer%20%7C%20Darktrace%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&pageViewId=6f5b5c68-3e01-46cc-8829-a16499232b93&an_uid=0&webTagId=b474d74a-fc48-497d-b3dd-02eddc4b51ac&v=1.1.6 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.38.98.119 , Netherlands, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-38-98-119.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://darktrace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:16:59 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Tue, 05 Oct 2021 22:17:52 GMT server nginx/1.14.0 (Ubuntu) etag "615ccf10-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET		img.gif b.6sc.co/v1/beacon/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

b.6sc.co

URL

https://b.6sc.co/v1/beacon/img.gif?token=58e1d7a8a68ff8537d596ebcbffc4824&svisitor=null&visitor=7da6ab0e-6f27-41e3-84ed-6c8cbac33064&session=72441fc5-ab60-4239-86df-7b496c9ce762&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2026%20Sep%202023%2015%3A17%3A00%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2026%20Sep%202023%2015%3A16%3A59%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225009%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20blog%20investigates%20the%20emergence%20of%20Lumma%20Stealer%2C%20an%20information%20stealer%20that%20has%20recently%20been%20observed%20across%20the%20Darktrace%20fleet.%20Darktrace%E2%80%99s%20Self-Learning%20AI%20enabled%20customers%20to%20quickly%20identify%20affected%20devices%20and%20mitigate%20the%20compromise.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20Rise%20of%20the%20Lumma%20Info-Stealer%20%7C%20Darktrace%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fdarktrace.com%2Fblog%2Fthe-rise-of-the-lumma-info-stealer&pageViewId=6f5b5c68-3e01-46cc-8829-a16499232b93&an_uid=0&webTagId=b474d74a-fc48-497d-b3dd-02eddc4b51ac&v=1.1.6