darktrace.com Open in urlscan Pro
54.194.170.100 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Submission: On March 03 via manual (March 3rd 2023, 8:50:16 am UTC) from ES — Scanned from ES

Summary HTTP 106 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 20 domains to perform 106 HTTP transactions. The main IP is 54.194.170.100, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is darktrace.com. The Cisco Umbrella rank of the primary domain is 102068.
TLS certificate: Issued by R3 on December 19th 2022. Valid for: 3 months.

This is the only time darktrace.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	54.194.170.100 54.194.170.100	16509 (AMAZON-02) (AMAZON-02)
21	2600:9000:225... 2600:9000:2251:d800:12:9e5f:cac0:93a1	16509 (AMAZON-02) (AMAZON-02)
16	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
12	2606:4700:440... 2606:4700:4400::6812:2b9e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:f70... 2a02:26f0:f700:481::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	172.65.208.22 172.65.208.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:20e... 2600:9000:20eb:8400:1:28b3:b280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.66.17.172 18.66.17.172	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.27.124 13.32.27.124	16509 (AMAZON-02) (AMAZON-02)
1	104.20.203.23 104.20.203.23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.0.161 172.67.0.161	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2600:9000:223... 2600:9000:223f:6a00:11:3b84:d200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.65.38.185 18.65.38.185	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
7	2606:4700:20:... 2606:4700:20::681a:5c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.78.2 13.225.78.2	16509 (AMAZON-02) (AMAZON-02)
1	172.65.202.201 172.65.202.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.65.192.122 172.65.192.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.238.60 172.65.238.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.232.43 172.65.232.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.240.166 172.65.240.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
106	24

2 54.194.170.100 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-170-100.eu-west-1.compute.amazonaws.com

darktrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:9000:2251:d800:12:9e5f:cac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets-global.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:4400::6812:2b9e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ukwest.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f700:481::1e80 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:8400:1:28b3:b280:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.weglot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.17.172 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-17-172.vie50.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-124.fra56.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.203.23 (None, )

ASN13335 (CLOUDFLARENET, US)

careers.darktrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.0.161 (United States)

ASN13335 (CLOUDFLARENET, US)

ir.darktrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:223f:6a00:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.38.185 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-38-185.ams1.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:5c5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-api-weglot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-2.fra2.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.192.122 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-eu1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.240.166 (United States)

ASN13335 (CLOUDFLARENET, US)

track-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	website-files.com assets-global.website-files.com — Cisco Umbrella Rank: 10707 assets.website-files.com — Cisco Umbrella Rank: 10893	3 MB
21	gstatic.com www.gstatic.com	2 MB
16	google.com www.google.com — Cisco Umbrella Rank: 2	130 KB
12	onetrust.com cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 5442 geolocation.onetrust.com — Cisco Umbrella Rank: 603	153 KB
7	cdn-api-weglot.com cdn-api-weglot.com — Cisco Umbrella Rank: 57310	10 KB
4	darktrace.com darktrace.com — Cisco Umbrella Rank: 102068 careers.darktrace.com — Cisco Umbrella Rank: 743083 ir.darktrace.com — Cisco Umbrella Rank: 794363	66 KB
3	weglot.com cdn.weglot.com — Cisco Umbrella Rank: 10668	37 KB
2	hscollectedforms.net js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 28235 forms-eu1.hscollectedforms.net	25 KB
1	hubspot.com track-eu1.hubspot.com — Cisco Umbrella Rank: 20499	1 KB
1	hsforms.com forms-eu1.hsforms.com — Cisco Umbrella Rank: 31541	667 B
1	hs-analytics.net js-eu1.hs-analytics.net — Cisco Umbrella Rank: 19462	21 KB
1	hs-banner.com js-eu1.hs-banner.com — Cisco Umbrella Rank: 18926	63 KB
1	company-target.com api.company-target.com — Cisco Umbrella Rank: 3578	938 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 614	98 B
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1809	15 KB
1	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 4697	19 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 195	25 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	30 KB
1	hs-scripts.com js-eu1.hs-scripts.com — Cisco Umbrella Rank: 18043	876 B
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 470	50 KB
106	20

	Domain	Requested by
21	www.gstatic.com	www.google.com
21	assets-global.website-files.com	darktrace.com assets-global.website-files.com
16	www.google.com	darktrace.com www.gstatic.com www.google.com
11	cdn-ukwest.onetrust.com	darktrace.com cdn-ukwest.onetrust.com
8	assets.website-files.com	assets-global.website-files.com
7	cdn-api-weglot.com	cdn.weglot.com
3	cdn.weglot.com	darktrace.com cdn.weglot.com
2	darktrace.com	darktrace.com
1	track-eu1.hubspot.com
1	forms-eu1.hsforms.com	darktrace.com
1	forms-eu1.hscollectedforms.net	js-eu1.hscollectedforms.net
1	js-eu1.hs-analytics.net	js-eu1.hs-scripts.com
1	js-eu1.hscollectedforms.net	js-eu1.hs-scripts.com
1	js-eu1.hs-banner.com	js-eu1.hs-scripts.com
1	api.company-target.com	tag.demandbase.com
1	id.rlcdn.com	darktrace.com
1	www.datadoghq-browser-agent.com	cdn.weglot.com
1	geolocation.onetrust.com	cdn-ukwest.onetrust.com
1	ir.darktrace.com	darktrace.com
1	careers.darktrace.com	darktrace.com
1	tag.demandbase.com	darktrace.com
1	cdnjs.cloudflare.com	darktrace.com
1	d3e54v103j8qbb.cloudfront.net	darktrace.com
1	js-eu1.hs-scripts.com	darktrace.com
1	assets.adobedtm.com	darktrace.com
106	25

This site contains links to these domains. Also see Links.

Domain
customerportal.darktrace.com
partners.darktrace.com
careers.darktrace.com
ir.darktrace.com
fr.darktrace.com
it.darktrace.com
ko.darktrace.com
ja.darktrace.com
es.darktrace.com
de.darktrace.com
pt-br.darktrace.com
rikoostenbroek.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
darktrace.com R3	`2022-12-19` - `2023-03-19`	3 months	crt.sh
*.website-files.com Amazon RSA 2048 M01	`2023-02-23` - `2023-11-09`	9 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-11-26` - `2023-11-26`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.weglot.com Amazon RSA 2048 M01	`2023-02-07` - `2024-03-07`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-08-17` - `2023-09-18`	a year	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-14` - `2024-01-16`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-09-16` - `2023-10-18`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Frame ID: E04B2DA7D83318E0D40202A7E5C6233F
Requests: 72 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=xe4op45beefj
Frame ID: F28E46D5D048EA8C82B55B823012AE6E
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=qo71cowue5tg
Frame ID: 0C40AA89E4B9D3E68F4437491FF0C14D
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=5nohdh5h144z
Frame ID: B6F46F4F82B7145A41AEF9136E367915
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=4kksbe5lxlvo
Frame ID: 713BFC5498E57073493EC37D479CBC57
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=rbl4649qgn2e
Frame ID: 9EDE4CF7DCE05EEC3A0CFF5BF9CDA64A
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW
Frame ID: A72249CE8E1CD48A762716244ABE476B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW
Frame ID: 3BB9745CD66239C409B217832B8E419F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW
Frame ID: 3A3EBFB1AE6544948F1585A86A8502AF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW
Frame ID: 3E8E06F74E381993E1F3592295517319
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW
Frame ID: FC6B49D6787AF0DE8D3273134BFCD552
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vidar Info-Stealer Malware Distributed via Malvertising on Google - Darktrace BlogBack ButtonSearch IconFilter Icon

Detected technologies

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

Weglot (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

cdn\.weglot\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

106
Requests

100 %
HTTPS

39 %
IPv6

20
Domains

25
Subdomains

24
IPs

5
Countries

5790 kB
Transfer

11769 kB
Size

12
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://customerportal.darktrace.com/
Title: Customer Portal

Search URL Search Domain Scan URL

URL: https://partners.darktrace.com/
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://partners.darktrace.com/apply
Title: Become a partner

Search URL Search Domain Scan URL

URL: https://careers.darktrace.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://ir.darktrace.com/
Title: Investors

Search URL Search Domain Scan URL

URL: https://fr.darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Title: Français

Search URL Search Domain Scan URL

URL: https://it.darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Title: Italiano

Search URL Search Domain Scan URL

URL: https://ko.darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Title: 한국어

Search URL Search Domain Scan URL

URL: https://ja.darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Title: 日本語

Search URL Search Domain Scan URL

URL: https://es.darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Title: Español

Search URL Search Domain Scan URL

URL: https://de.darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://pt-br.darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Title: Português Brasileiro

Search URL Search Domain Scan URL

URL: https://rikoostenbroek.com/
Title: Rik Oostenbroek

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

106 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request vidar-info-stealer-malware-distributed-via-malvertising-on-google Show response
darktrace.com/blog/ 127 KB
31 KB 360ms
137ms Document
text/html 54.194.170.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.194.170.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-170-100.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ea7d156ae3b839441a81b7022c246c640970ca75f7ca82daa012044afa661674

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

accept-ranges: bytes
age: 5532
content-encoding: gzip
content-length: 30930
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Fri, 03 Mar 2023 08:50:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding,x-wf-forwarded-proto
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-cluster-name: eu-west-1-prod-edge-blue
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-lambda-id: 1443c7ef-5fd8-4b39-b2b7-c6e2b0d6bb43
x-served-by: cache-iad-kiad7000171-IAD, cache-dub4330-DUB
x-timer: S1677833409.630471,VS0,VE2

GET
H2 200 web-phoenix.e607b81f3.min.css
assets-global.website-files.com/626ff19cdd07d1258d49238d/css/ 368 KB
56 KB 353ms
72ms Stylesheet
text/css 2600:9000:2251:d800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.e607b81f3.min.css
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ad68166d031fc338103c4e3c8755a2df011e5d85445a4dd3cb240f3281f0771

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:54:28 GMT
content-encoding: gzip
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
x-amz-version-id: OJKgXck4VyCHknHymB0dxeQlc0Lygba1
age: 46541
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 57092
last-modified: Thu, 02 Mar 2023 19:53:16 GMT
server: AmazonS3
etag: "35a047ddcc8aa6554b1ce294985978e3"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: WHGou2d8xTrauGTFlnqpBD0hd3vAYl5m2I31RoUjLE7wPSX8_0XumQ==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
875 B 374ms
93ms Script
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d31257af7cd51d364384e20639a2676c6f7fa9fd21a993d891b1b626e07c99fe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 555
x-xss-protection: 1; mode=block
expires: Fri, 03 Mar 2023 08:50:09 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn-ukwest.onetrust.com/consent/2f0e2e84-c239-468b-b9dc-95c94890809c/ 154 KB
8 KB 142ms
58ms Script
application/x-javascript 2606:4700:4400::6812:2b9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/2f0e2e84-c239-468b-b9dc-95c94890809c/OtAutoBlock.js

Requested by

Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38d60058d3e3297c6acd28b3cabda06fb428ffd847ed2a28a404031d23162c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 08:50:08 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: MgHVcBSW+72kkHjeVz+VFQ==
age: 674
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 8334
x-ms-lease-status: unlocked
last-modified: Wed, 11 Jan 2023 10:11:27 GMT
server: cloudflare
etag: 0x8DAF3BC33AA1E18
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 647fde65-301e-0061-5ac6-4b6044000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a20a1553b093857-MAD

GET
H2 200 otSDKStub.js Show response
cdn-ukwest.onetrust.com/scripttemplates/ 25 KB
9 KB 138ms
54ms Script
application/javascript 2606:4700:4400::6812:2b9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Requested by

Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da9a77e15c8cbf2596563d3bc8020cc9e547d2b99976a0b77f5eeadf1c492feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 08:50:08 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Ewgd1d1Vp0nFNYpIMiFTtA==
age: 36138
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 8460
x-ms-lease-status: unlocked
last-modified: Tue, 28 Feb 2023 21:23:24 GMT
server: cloudflare
etag: 0x8DB19D206887DE0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3a9e4838-501e-0053-67c6-4b3894000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a20a1553b0b3857-MAD
expires: Sat, 04 Mar 2023 08:50:08 GMT

GET
H2 200 launch-581b2cfa7858.min.js Show response
assets.adobedtm.com/ea4e25aa0549/f752722fa920/ 169 KB
50 KB 426ms
102ms Script
application/x-javascript 2a02:26f0:f700:481::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:481::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 02306dba6d85ef1b362d4e0b373993df1d50e84381afb168594485ed63473916

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:09 GMT
content-encoding: gzip
last-modified: Tue, 21 Feb 2023 15:47:09 GMT
server: AkamaiNetStorage
etag: "8ddaee00b458b82c7b2ee2434be2ae65:1676994429.619498"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://darktrace.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 50621
expires: Fri, 03 Mar 2023 09:50:09 GMT

GET
H2 200 25522132.js Show response
js-eu1.hs-scripts.com/ 1 KB
876 B 314ms
169ms Script
application/javascript 172.65.208.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-scripts.com/25522132.js
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e72bf762969e361156a7a233c1f848e2a16b38d6e88633d6771744d4998f31

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 03 Mar 2023 08:43:07 GMT
server: cloudflare
x-hubspot-correlation-id: f1bed1b9-8e44-4bcc-982f-647be2acfc2f
x-trace: 2BCD8DD066A7E328BB1EDFAAD445191934AD94406E000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://darktrace.com
cache-control: public, max-age=30
access-control-allow-credentials: true
cf-ray: 7a20a1586bc61a84-MAD

GET
H2 200 weglot.min.js Show response
cdn.weglot.com/ 90 KB
32 KB 351ms
71ms Script
application/javascript 2600:9000:20eb:8400:1:28b3:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.weglot.com/weglot.min.js
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7be39153d5edd36ee5b7264043d986e973a377666a70e711a11f72b9593b3d00

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
date: Fri, 03 Mar 2023 08:32:05 GMT
last-modified: Thu, 02 Mar 2023 10:27:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 1084
etag: W/"fd1b66225b91e41411d1c8a1fc82a163"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
x-amz-cf-id: taQ3BWA-zR_8pzuPVJYb0w0VfHi0WeYQOUlxVBraMDwtWqVFXPr7Rg==

GET
H2 200 62c4e22e866dec1fe2712cb3_Darktrace%20Logo%20B%3AO%20-%20Vector.svg
assets-global.website-files.com/626ff19cdd07d1258d49238d/ 8 KB
3 KB 137ms
136ms Image
image/svg+xml 2600:9000:2251:d800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/62c4e22e866dec1fe2712cb3_Darktrace%20Logo%20B%3AO%20-%20Vector.svg
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef6b6ed623b9789747d2e491b3ad692793d461be2f27bdf0c531b2d953fa670d

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 05:57:25 GMT
x-amz-version-id: U3NyuUAtCMgfEVbn9mSuYAOoErDsuB9M
content-encoding: gzip
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
age: 3811965
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 06 Jul 2022 01:15:27 GMT
server: AmazonS3
etag: W/"c34059ce90d8a25cb81c8342bac3caad"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: HJHL92RAw46sfkY1dulBEoPXLmaIc5ckBL0N_laLQnJSZPunlQMjvQ==

GET
H2 200 62c4e24dc156cb0b0f553f00_Darktrace%20Logo%20W%3AO%20-%20Vector.svg
assets-global.website-files.com/626ff19cdd07d1258d49238d/ 4 KB
2 KB 148ms
147ms Image
image/svg+xml 2600:9000:2251:d800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/62c4e24dc156cb0b0f553f00_Darktrace%20Logo%20W%3AO%20-%20Vector.svg
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb569f6cb17f458762401b465a42bef12e5d53c5159fe280fdeebce485918f15

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 08:19:27 GMT
x-amz-version-id: atk2MPCHNIcTHrkcjIHBKdHEDkFTRJJf
content-encoding: gzip
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
age: 4494643
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 06 Jul 2022 01:15:59 GMT
server: AmazonS3
etag: W/"5991991ddb298b4d5a41b64e945abc05"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: QxYekSeudveAOX0hxm3MTY3woDZIoV8zF-U0AKaVJZlx8TUtIxE_Ew==

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
30 KB 232ms
85ms Script
application/javascript 18.66.17.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=626ff19cdd07d1258d49238d
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.17.172 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-17-172.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://darktrace.com/
Origin: https://darktrace.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 04:18:43 GMT
content-encoding: br
via: 1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
age: 16320
x-amz-cf-pop: VIE50-P1
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: Aj9mnORF6Sl_PHrtAGYlQi7vNkmvmfjPjBEiEumw0K0hSV5YgT0TDA==

GET
H2 200 web-phoenix.59804ec49.js Show response
assets-global.website-files.com/626ff19cdd07d1258d49238d/js/ 1 MB
177 KB 68ms
67ms Script
text/javascript 2600:9000:2251:d800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/js/web-phoenix.59804ec49.js
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c43aa1c98e666815b1e46069e4c1611bfc91dc1480c87f37b74a8f93a35b5898

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:54:28 GMT
content-encoding: gzip
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
x-amz-version-id: YdFaJc86IZYMgTdB.HC5KE.niCZ97ZTt
age: 46541
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 180191
last-modified: Thu, 02 Mar 2023 19:53:16 GMT
server: AmazonS3
etag: "03e60a214e38642c993427c9757e96ff"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: R-evrzPEoUI0yTqhVvWdBeZap3aXRQ8vnW1hDlRFXuGqPSlmKratnw==

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.4/ 69 KB
25 KB 123ms
48ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.4/gsap.min.js

Requested by

Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b36764faf17f2803c4ef3a5ea18b0187dc9ae66b13ec253c71ddb3178d2ccf52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3301259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25169
last-modified: Thu, 22 Dec 2022 06:00:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63a3f27f-6251"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7aPLj9JMwzwXupgKJodzZ7%2BnQtQMqDiXvH7SwdayVCwbYcmpX6QtghtttirpGxUVS0ra8%2F26PffUanFFRgYXjxz%2FdH4uBtRzOZ4iLwx%2Br%2FW37GLEufWVjqjFgM6RblrSIWk2Gd3%2BalbY4%2FsyfVJ5tKUy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a20a157e91c866c-MAD
expires: Wed, 21 Feb 2024 08:50:09 GMT

GET
H2 200 recaptcha__es.js Show response
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ 408 KB
163 KB 213ms
69ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__es.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23964f884b2633ede349f98022479ec412919b33afb4ea4676fc95cd393fcb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://darktrace.com/
Origin: https://darktrace.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 17:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165970
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 17:16:18 GMT

GET
H2 200 2f0e2e84-c239-468b-b9dc-95c94890809c.json Show response
cdn-ukwest.onetrust.com/consent/2f0e2e84-c239-468b-b9dc-95c94890809c/ 3 KB
2 KB 117ms
50ms XHR
application/x-javascript 2606:4700:4400::6812:2b9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/2f0e2e84-c239-468b-b9dc-95c94890809c/2f0e2e84-c239-468b-b9dc-95c94890809c.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98245e5de1433429f457cde03339c4fc155ee802fa1b7355d3b86752613c0a20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 08:50:09 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 2QkXk/5psmOfGraQm+Gkjg==
age: 82240
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1419
x-ms-lease-status: unlocked
last-modified: Wed, 11 Jan 2023 10:11:26 GMT
server: cloudflare
etag: 0x8DAF3BC3376DD78
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b79c7819-701e-006d-65c6-4b8eb5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a20a157c8ce3145-MAD

GET
H2 200 234baeaaccaa2f09e0dc6c004f571bbd6.json Show response
cdn.weglot.com/projects-settings/ 3 KB
1 KB 206ms
90ms Fetch
application/json 2600:9000:20eb:8400:1:28b3:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.weglot.com/projects-settings/234baeaaccaa2f09e0dc6c004f571bbd6.json
Requested by: Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 374ffd46c5846ab5afe2bfe5d53a0bb657d2a98d1b90ea40b6890ff02b5adccc

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 10:30:29 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 06 Dec 2022 14:36:02 GMT
server: AmazonS3
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"a73e9bf3a212b35ed54b68ecb9b45a75"
age: 80381
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: dVpraZ3bSK3sOy6TC8DLSWuFh_D96b5EoDykd_DhRFaGQNfxr01ETA==

GET
H2 200 20cb0107a53f0895.min.js Show response
tag.demandbase.com/ 67 KB
19 KB 220ms
69ms Script
application/javascript 13.32.27.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/20cb0107a53f0895.min.js

Requested by

Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-124.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

24d8068b5b4d7858f29a39e3a8779e8591abc963126b4cd2eed1e3591a31ac2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: r2u.fo95hyPTvf0sSeFJJ7OzhSiF9oJR
content-encoding: gzip
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
date: Fri, 03 Mar 2023 08:40:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 593
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 03 Feb 2023 22:46:24 GMT
server: AmazonS3
etag: W/"0445ec98719294f624852dabd5b0342f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: D60kD5quGUtKrlo7yenG7iJaQ100aSgYBw5Ehyr-Qlxrws200mTHmA==

GET
H2 200 /
careers.darktrace.com/ 0
0 249ms
166ms Other
text/html 104.20.203.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://careers.darktrace.com/
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.203.23 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 /
ir.darktrace.com/ 0
0 291ms
185ms Other
text/html 172.67.0.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ir.darktrace.com/
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.0.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 62aa2f88b8c0342cb0b7fbef_TypeType%20-%20TT%20Interphases%20Pro%20Regular.ttf
assets.website-files.com/626ff19cdd07d1258d49238d/ 136 KB
63 KB 275ms
80ms Font
application/x-font-ttf 2600:9000:223f:6a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/626ff19cdd07d1258d49238d/62aa2f88b8c0342cb0b7fbef_TypeType%20-%20TT%20Interphases%20Pro%20Regular.ttf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.e607b81f3.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6fd219289d32bb4cdc8e8831a6f56c5cc0e4246f324bb598277e0c9036753d4

Request headers

Referer: https://assets-global.website-files.com/
Origin: https://darktrace.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 05:01:42 GMT
x-amz-version-id: pdAuGtTsh6vh4TYRUxRutxs_j7OuOOpJ
content-encoding: br
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
age: 4506508
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 15 Jun 2022 19:35:09 GMT
server: AmazonS3
etag: W/"c1b8cbcc934aea3e53c8fc4904d8060d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: ge2G2EhPpvhXkjOy6lAl-3HulpWRvWbckLTaOnfXa6rK0De8YAPeyw==

GET
H2 200 resources
darktrace.com/ 0
36 KB 76ms
75ms Other
text/html 54.194.170.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://darktrace.com/resources

Requested by

Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.194.170.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-170-100.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubDomains
age: 7963
x-cache: HIT, HIT
x-cluster-name: eu-west-1-prod-edge-blue
content-length: 36133
x-served-by: cache-iad-kjyo7100119-IAD, cache-dub4325-DUB
x-timer: S1677833409.246586,VS0,VE0
x-lambda-id: 30f3fd52-b25c-41e4-8a1d-588366209e9a
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,x-wf-forwarded-proto
content-type: text/html
accept-ranges: bytes
x-cache-hits: 4, 22

GET
H2 200 62d8468d91aa3718cd30d38d_prefooter_bg.webp
assets-global.website-files.com/626ff19cdd07d1258d49238d/ 64 KB
64 KB 104ms
94ms Image
image/webp 2600:9000:2251:d800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/62d8468d91aa3718cd30d38d_prefooter_bg.webp
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.e607b81f3.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd0522a8b470d20a6362f6cf9100065ce872edd22b7a7d8d107d3241562ce339

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.e607b81f3.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: WwD8PaLGndMUGYE8sDJktCYKqY3wdYRz
date: Fri, 03 Mar 2023 06:51:52 GMT
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
age: 13150
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 65208
last-modified: Mon, 17 Oct 2022 13:41:11 GMT
server: AmazonS3
etag: "b6ecba0c507dc6059b0fa51ebe6ddfa9"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 8Q_Xy1NUfdIh0iPAyZS9_wq3oz_NO3G8YZiavlHKUyXOL7Rmg9dlpw==

GET
H2 200 62aa2f9a73505602c43cdef2_TypeType%20-%20TT%20Interphases%20Pro%20Bold.ttf
assets.website-files.com/626ff19cdd07d1258d49238d/ 135 KB
64 KB 414ms
308ms Font
application/x-font-ttf 2600:9000:223f:6a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/626ff19cdd07d1258d49238d/62aa2f9a73505602c43cdef2_TypeType%20-%20TT%20Interphases%20Pro%20Bold.ttf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.e607b81f3.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: adecd63acc4782d7f6bea59bda9e02bfcc6f90ed14ace7f83e06c6c814b58e2a

Request headers

Referer: https://assets-global.website-files.com/
Origin: https://darktrace.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 16:03:41 GMT
x-amz-version-id: w8aES_2JIQeWMFtSaIseSTPNz4Sh5jKS
content-encoding: br
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
age: 18377188
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 15 Jun 2022 19:33:53 GMT
server: AmazonS3
etag: W/"a2975bcd95ef12e21b2c7596dfb5828d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: vdPAfIki19ke0TdEkYlR1quxVSzBlNfv6bA2hC5IVWJ2NAD1d5ZyjA==

GET
H2 200 62acf31df96e161165588832_StyreneA-Light.otf
assets.website-files.com/626ff19cdd07d1258d49238d/ 132 KB
132 KB 280ms
175ms Font
application/x-font-otf 2600:9000:223f:6a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/626ff19cdd07d1258d49238d/62acf31df96e161165588832_StyreneA-Light.otf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.e607b81f3.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48979155896cea590bb6085850a98bf7ccb5b48e9761ad03b8e8f671e92c746c

Request headers

Referer: https://assets-global.website-files.com/
Origin: https://darktrace.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 11:10:20 GMT
x-amz-version-id: w8g2iCwLejUBizGiBe150U7KltgEmhWT
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
age: 4570789
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 134944
last-modified: Fri, 17 Jun 2022 21:33:20 GMT
server: AmazonS3
etag: "08b809329d98100a4607a4cdabe0fdf5"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-otf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: iH85oE5RfxbtWcd5ZNXyItHzZHDyQsaqZ4PY6mKojB-IpV82TdnJUA==

GET
H2 200 62acf31ec1b8a5861008d246_StyreneA-Regular.otf
assets.website-files.com/626ff19cdd07d1258d49238d/ 131 KB
132 KB 373ms
268ms Font
application/x-font-otf 2600:9000:223f:6a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/626ff19cdd07d1258d49238d/62acf31ec1b8a5861008d246_StyreneA-Regular.otf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.e607b81f3.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d282ef9078d7899784c452efef335121768aedc33283ae5b4b4c225e1a176e9

Request headers

Referer: https://assets-global.website-files.com/
Origin: https://darktrace.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 16:03:41 GMT
x-amz-version-id: .yjRckXzzQhPS5NACGbsll3L5bmPRvUS
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
age: 18377188
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 134580
last-modified: Fri, 17 Jun 2022 21:33:26 GMT
server: AmazonS3
etag: "0513543bda71e03e493a5829a82d5093"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-otf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: zR0fqwGDiMIcT9EZxPWjIY4waZdUt6v7xTRHryCwILeZvgqNYUpCCA==

GET
H2 200 62acf31d9b121861e37a191e_StyreneA-Bold.otf
assets.website-files.com/626ff19cdd07d1258d49238d/ 139 KB
140 KB 429ms
325ms Font
application/x-font-otf 2600:9000:223f:6a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/626ff19cdd07d1258d49238d/62acf31d9b121861e37a191e_StyreneA-Bold.otf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.e607b81f3.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8887f03d90e75a4a4265a4bb43bf9407297051173a798e6e2e6f4876c68ffe1d

Request headers

Referer: https://assets-global.website-files.com/
Origin: https://darktrace.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 16:03:41 GMT
x-amz-version-id: dvKaGj.A0aZ2J_bsMgTamPlkgyJpWIYD
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
age: 18377188
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 142736
last-modified: Fri, 17 Jun 2022 21:33:20 GMT
server: AmazonS3
etag: "fae1497ceede8e63582e0eca18d35d58"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-otf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: nq9hPYsZLO3EtSJwjK_9u4mJFtSAAh8KFgluV6d9Vg-VEyqhbX5IhA==

GET
H2 200 62aa2f9cb7cba93307b8e466_TypeType%20-%20TT%20Interphases%20Pro%20Light.ttf
assets.website-files.com/626ff19cdd07d1258d49238d/ 136 KB
66 KB 455ms
351ms Font
application/x-font-ttf 2600:9000:223f:6a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/626ff19cdd07d1258d49238d/62aa2f9cb7cba93307b8e466_TypeType%20-%20TT%20Interphases%20Pro%20Light.ttf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.e607b81f3.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2708bde98da236fca8a23d86312f8f88263bbb724bfd3a1fc1cc82d45b903bd0

Request headers

Referer: https://assets-global.website-files.com/
Origin: https://darktrace.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 07:19:02 GMT
x-amz-version-id: h92c_pwrIc3recOs63YPV7bC1zHAAilf
content-encoding: br
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
age: 9682268
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 16 Jun 2022 16:59:44 GMT
server: AmazonS3
etag: W/"a3c0be829f4964140bdf55006466ad74"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: i3OqiQyEZJZJacHRBkEBidfu74WjxKkAvbh80LNpYcTa6wLqFcIvgQ==

GET
H2 200 62aa2f9b38cc775f4bdc1381_TypeType%20-%20TT%20Interphases%20Pro%20DemiBold.ttf
assets.website-files.com/626ff19cdd07d1258d49238d/ 136 KB
65 KB 477ms
374ms Font
application/x-font-ttf 2600:9000:223f:6a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/626ff19cdd07d1258d49238d/62aa2f9b38cc775f4bdc1381_TypeType%20-%20TT%20Interphases%20Pro%20DemiBold.ttf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.e607b81f3.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79a7d5deff1189cba78946faa0ed6bd78a1c9292cfad4329b208d0be5a045ff7

Request headers

Referer: https://assets-global.website-files.com/
Origin: https://darktrace.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 16:03:41 GMT
x-amz-version-id: 1q.Kipg6KvQuvMwrlLhzKvk3zJ.eCFMs
content-encoding: br
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
age: 18377188
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Jul 2022 16:04:37 GMT
server: AmazonS3
etag: W/"6e56bc5a25ce4549b6a7580fd047582c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: 0Q674qjOYoOkEZyAaubNCsNk0YsFnso3y281XcNFOI4ng_Ula8ntyA==

GET
H2 200 62aa2f9b9e86c1ca0a28ed0a_TypeType%20-%20TT%20Interphases%20Pro%20Italic.ttf
assets.website-files.com/626ff19cdd07d1258d49238d/ 138 KB
70 KB 463ms
360ms Font
application/x-font-ttf 2600:9000:223f:6a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/626ff19cdd07d1258d49238d/62aa2f9b9e86c1ca0a28ed0a_TypeType%20-%20TT%20Interphases%20Pro%20Italic.ttf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.e607b81f3.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 34ad7018726a6090097b8e4fbfec539f043b50f5adc4be96a6601a40fe6831a4

Request headers

Referer: https://assets-global.website-files.com/
Origin: https://darktrace.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 03:11:31 GMT
x-amz-version-id: udmeZaUyI0tFEs.wkEZ5LG2LRcExsEUX
content-encoding: gzip
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
age: 19805919
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 15 Jun 2022 19:33:53 GMT
server: AmazonS3
etag: W/"1e8c3d5e9d71cc8458dd57af18da9b86"
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: Wuy-32FfNnUOvGK3g012_v08Kv95bYy_ueeNBEaGJqLcnQWpDP3quQ==

GET
H2 200 62d845d8a4c357036c43d980_Blog%20Post%20Image.jpg
assets-global.website-files.com/626ff19cdd07d1258d49238d/ 113 KB
113 KB 93ms
84ms Image
image/jpeg 2600:9000:2251:d800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/62d845d8a4c357036c43d980_Blog%20Post%20Image.jpg
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcd591865677b0c8754082d60e5fbddb3ceee63f563c7362b2800d5f5c84d619

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 16:25:09 GMT
x-amz-version-id: Zg34QEknOZYravmxgrs6muV9quUHuX32
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
age: 4551901
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 115520
last-modified: Wed, 20 Jul 2022 18:13:46 GMT
server: AmazonS3
etag: "961f2d36b0461f573a4db16dd1e5b877"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: B5Cja7JWz78eWmJOpbd9bHepYsSPn0iHii8HSCB_td1sK6QtSvmm-A==

GET
H2 200 63d86e130401aa74899e9540_Figure%201.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 39 KB
40 KB 81ms
73ms Image
image/png 2600:9000:2251:d800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/63d86e130401aa74899e9540_Figure%201.png
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41cc42e8be799233ee8e647157fa742b80db7b35797aead7cbe168b20c83ec2c

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 19:02:40 GMT
x-amz-version-id: HzP.aNGVBD9P_11wpa5WOxqN6rpkOAo6
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
age: 2641650
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 40033
last-modified: Tue, 31 Jan 2023 01:25:40 GMT
server: AmazonS3
etag: "6ae7c3789619d3c17bb27f5566741220"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 1G_ycKMbEwn4tcbNI0LfykDfdwtYG8H3pNlKFTLkOsGQQpV3uAtdnA==

GET
H2 200 63d86e2783ee81fd20a91b3c_Figure%202.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 109 KB
110 KB 163ms
155ms Image
image/png 2600:9000:2251:d800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/63d86e2783ee81fd20a91b3c_Figure%202.png
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be1450871d943d13fb8aafff1a60013ad5afb64b43a694028a9e01fe95996541

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 19:02:40 GMT
x-amz-version-id: 6_GFL5i6WGhPKppaCdNfck9VTS1IdBMx
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
age: 2641650
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 112016
last-modified: Tue, 31 Jan 2023 01:26:00 GMT
server: AmazonS3
etag: "0b049227ac4ca3b975ff8b94a29f907f"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: juLwNlQ8E21-HGgsHZYo1MqXofWJqJuoPbqNUkZc-4QuzU7OYDIA-Q==

GET
H2 200 63d86e53d5797d4b7c1e4c8a_Figure%203.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 94 KB
94 KB 153ms
146ms Image
image/png 2600:9000:2251:d800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/63d86e53d5797d4b7c1e4c8a_Figure%203.png
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bab8fc2750a4e25460b948b26a83cacf12c8033ca87d1476d2a2edc6060d3bff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 11:38:24 GMT
x-amz-version-id: Vz26i4SnUwX.XWDvy.up3hu6hCRyEe.S
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
age: 1026705
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 96095
last-modified: Tue, 31 Jan 2023 01:26:45 GMT
server: AmazonS3
etag: "febfebe1cf26c4d9cdceaf33545a65e0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: djYqtB3EiKycLK0cS2GYx7r0x5JhXk-Ko1xH-HjgjmE_Y_hLripk0g==

GET
H2 200 63d86e74c0d8e034fa9aa0e9_Figure%204.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 128 KB
128 KB 183ms
176ms Image
image/png 2600:9000:2251:d800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/63d86e74c0d8e034fa9aa0e9_Figure%204.png
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c3a98b51ac998315ef6607104e5b075e099a514cc2526cf7693dfcddf187f6e

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 19:02:40 GMT
x-amz-version-id: y2MAejbGtf5WeSJvnIoT0XVAA5iFBia6
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
age: 2641650
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 130917
last-modified: Tue, 31 Jan 2023 01:27:18 GMT
server: AmazonS3
etag: "fd916e3f6c1d18c9bec494551ec3e0d6"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: ziPw8-E7OFCegooCzXclsOOvTxpFm7X9e4EPNGurft2TIL525WQPUg==

GET
H2 200 63d86e7c75d67057fc873f4e_Figure%205.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 150 KB
150 KB 242ms
235ms Image
image/png 2600:9000:2251:d800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/63d86e7c75d67057fc873f4e_Figure%205.png
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36a4b74142fec50507eb6066baa8de5d880cd6aa0c8e9b6306bfd0eaf0313b76

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 23:46:49 GMT
x-amz-version-id: nDWcZpCUJIwmOp3XBhUF5Jwe7diphr0_
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
age: 2365401
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 153483
last-modified: Tue, 31 Jan 2023 01:27:26 GMT
server: AmazonS3
etag: "7eba852e90d39c0c0df7ea9cf57bd8a0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 7DVFY6VqEsqAyd9Rs5o5l-8de335zJIF9sTcpugl7eiI4pi-qEoH7Q==

GET
H2 200 63d86eb85307f110e2750c01_Figure%206.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 122 KB
122 KB 203ms
196ms Image
image/png 2600:9000:2251:d800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/63d86eb85307f110e2750c01_Figure%206.png
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa7e91d982ceb5df0be7f50ac57343b265d5c342da4a7c7a910c290c4bc13ef6

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 19:02:40 GMT
x-amz-version-id: Rtok51z61Vl.EvYmXzFRZPhcNn4DZx56
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
age: 2641650
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 124689
last-modified: Tue, 31 Jan 2023 01:28:25 GMT
server: AmazonS3
etag: "864203383a5761c41b0800be02ade779"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 8_N4Yf2gszYBf4Vw4I19_Fu8oMg-o8LIcxbX91a5Mj52Kz-kYTDDZA==

GET
H2 200 63d86ec383ee81d5f0a925f4_Figure%207.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 226 KB
227 KB 217ms
210ms Image
image/png 2600:9000:2251:d800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/63d86ec383ee81d5f0a925f4_Figure%207.png
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7c7c882e0d16b9c3d586ee27feea4aa743a7093d4899eaeddd77ff5474a31fb

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 19:02:40 GMT
x-amz-version-id: N9VIPvudT7wSFRVnbEvvmBVQdvvD8ZE3
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
age: 2641650
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 231401
last-modified: Tue, 31 Jan 2023 01:28:37 GMT
server: AmazonS3
etag: "63fb9df200a5def1b99014172b33c5ee"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 52hoE5sft1wZ26jrpWFZIIfkba2wmC1gtCo2g9YTRUReHt9-MaOnVA==

GET
H2 200 63d86f0343add829f7afc9ce_Figure%208.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 307 KB
308 KB 258ms
251ms Image
image/png 2600:9000:2251:d800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/63d86f0343add829f7afc9ce_Figure%208.png
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5b3961567e508fe7601ff7327bca5bd4c599d9b2a84083cda76be7d97fc0920

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 16:53:23 GMT
x-amz-version-id: 4OsBuIZ_TzMP4xL08Vju1LdYoRCpX2SI
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
age: 2217406
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 314285
last-modified: Tue, 31 Jan 2023 01:29:40 GMT
server: AmazonS3
etag: "b30d3348d72db0b288807197238e9fc7"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: ZWXZxPyKqiZsjWILywSQAV7dGkrD8g4Yabz3xQyuXaBFSWeVFiXl4g==

GET
H2 200 63d86f2172e81a1f8ce16996_Figure%209.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 272 KB
273 KB 292ms
286ms Image
image/png 2600:9000:2251:d800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/63d86f2172e81a1f8ce16996_Figure%209.png
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 053cc9e227a902647a63ffe3d84e4c503d96ddb0ce4f218b870b2a7585b3766e

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 19:02:40 GMT
x-amz-version-id: qOO9ER.hajMlBL4olYfs9aw3ChahZuuf
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
age: 2641650
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 279029
last-modified: Tue, 31 Jan 2023 01:30:11 GMT
server: AmazonS3
etag: "3f116f23a647b0ca843a02a4bb22c1e8"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: WQxBNkfIGP42Agk0x71p45IYNb_j6GAxnU9zXp3PEVBQaEhB7EbLvA==

GET
H2 200 63d86f2e7c5026419448e485_Figure%2010.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 75 KB
75 KB 260ms
254ms Image
image/png 2600:9000:2251:d800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/63d86f2e7c5026419448e485_Figure%2010.png
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6c71c13e2eb7d71c7f1afd8d533eb962c8f55b74c88d9502d422df0fc407289

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 16:53:24 GMT
x-amz-version-id: XnP9udetEn6GRSnWBiX4gICRPjP1jnlj
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
age: 2217406
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 76607
last-modified: Tue, 31 Jan 2023 01:30:24 GMT
server: AmazonS3
etag: "257f5c8edff6bd8a3f8ebfd1b4fbb260"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: WcLy3E36zD4agDGl_6PEPWxxxlocB4v88nc0gVGwcUwKd5qFMOsoZw==

GET
H2 200 63d86f3e8afa2f0243eb6674_Figure%2011.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 319 KB
320 KB 258ms
253ms Image
image/png 2600:9000:2251:d800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/63d86f3e8afa2f0243eb6674_Figure%2011.png
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e667b8253b8ab0613261b3b5b44c414a49316e4bf792b3d9313bd10d6a766db

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 21:37:00 GMT
x-amz-version-id: jnFfKJuApD696gI92TeCN1vqO6Gi1h87
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
age: 1163590
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 326837
last-modified: Tue, 31 Jan 2023 01:30:39 GMT
server: AmazonS3
etag: "bbae4de3b0d179fe90a49250b2d453b2"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 7kX6L0xUf065zXF4L4U7U5yihkELnfBXe2Sous12Vbrvj93zg8KZhw==

GET
H2 200 63d86f4d43add8f956afce65_Figure%2012.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 63 KB
64 KB 265ms
259ms Image
image/png 2600:9000:2251:d800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/63d86f4d43add8f956afce65_Figure%2012.png
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 189840c16cabfa5dc9955763486a23a8b358c36d29d3606fddcb5d54d07d51ca

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 13:15:49 GMT
x-amz-version-id: 0AeZdQg1OpmfCpWDHOiCIQL6Q3nN9nrm
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
age: 1539260
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 64981
last-modified: Tue, 31 Jan 2023 01:30:54 GMT
server: AmazonS3
etag: "abc24112fcda613b9502ee88f4d5fad8"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: gdKSdK2epn_hw6P6nFOazctWkhGkLlb9t_c1e0liYGEV4IPQZ1Uhkg==

GET
H2 200 63d86f76560ffc0ca3ba06ce_Figure%2013.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 20 KB
21 KB 260ms
255ms Image
image/png 2600:9000:2251:d800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/63d86f76560ffc0ca3ba06ce_Figure%2013.png
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 773be328014883196fd5aa9d9d9fce04fd7b0a9518135429e7525a0a9e644de2

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 13:15:50 GMT
x-amz-version-id: Rw_hoJmS9C8XM_bnRWmJHOsdu7olyb8E
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
age: 1539260
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 20923
last-modified: Tue, 31 Jan 2023 17:16:49 GMT
server: AmazonS3
etag: "2600a1e5680a79a608e0103e2f789d22"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: S3KcD0d0ZKbRYJnUusnZxDBQLyTj9pOE9yomipxrA4oOM252NLNDnA==

GET
H2 200 63d94d09ac739d068bed7c5a_Figure%2014.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 33 KB
34 KB 261ms
256ms Image
image/png 2600:9000:2251:d800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/63d94d09ac739d068bed7c5a_Figure%2014.png
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4def5823699bf001215356a5091c653e45dee3fe3ef6c7b9db6caa0b96746ca

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 19:02:40 GMT
x-amz-version-id: Y3DGNWL7YRPJdpsWIYgwxtYCM04lWbLj
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
age: 2641650
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 33971
last-modified: Tue, 31 Jan 2023 17:16:58 GMT
server: AmazonS3
etag: "88b2594e1a5e137207359485610bf88a"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: KQWgOeTHrIkd36ltmhGYNABoM5_iG3ntTacSS7zzrO5UE6tEjxXMDg==

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 67 B
222 B 121ms
75ms XHR
application/json 2606:4700:4400::6812:2b9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ccfd8491a4f2101549ea6031091edc3616340f714216323f1f604f674749239

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://darktrace.com/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7a20a158ca403145-MAD
access-control-allow-headers: Content-Type

GET
H2 200 weglot.min.css
cdn.weglot.com/ 28 KB
5 KB 91ms
91ms Stylesheet
text/css 2600:9000:20eb:8400:1:28b3:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.weglot.com/weglot.min.css?v=4
Requested by: Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8eb91a0802b9e79aef3e47554a25b80de2f8ef73d3053b28c81820734179f4e9

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 10:29:54 GMT
content-encoding: gzip
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Thu, 02 Mar 2023 10:29:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 80416
etag: W/"b72cdd8118949f04803d561712cf0c5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: vvH5jkTNnJpjh4Yqr8lxPinKIJpm1V0XM4KFhB22gehFxSJcCltaMQ==

GET
H2 200 datadog-logs-v4.js Show response
www.datadoghq-browser-agent.com/ 44 KB
15 KB 240ms
69ms Script
application/javascript 18.65.38.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Requested by: Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.38.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-38-185.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e277232eb7b144125a112c56c998e0280b16bae5b04663ded89be9bb4d9b04f3

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:06 GMT
content-encoding: br
via: 1.1 de7a608ee8aa91b02488536faf8169a0.cloudfront.net (CloudFront)
last-modified: Thu, 02 Mar 2023 13:21:13 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 3
x-amz-server-side-encryption: AES256
etag: W/"2a851e6f2fbf0563b78988de9f5feac6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: S0LAMUKMVUEL6Rvn8mqPOOosaT2opdAUNCRqBFVnNesYezc6GFNCKA==

GET
H2 200 otBannerSdk.js Show response
cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/ 392 KB
94 KB 59ms
59ms Script
application/javascript 2606:4700:4400::6812:2b9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/otBannerSdk.js

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

063a721d5e221c66b0b3b52b66fd39f634d49e9aa16827ac5281666257d84e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 08:50:09 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: fVkC4hw/1GZwVOLkH8kBAQ==
age: 36135
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 95639
x-ms-lease-status: unlocked
last-modified: Thu, 05 Jan 2023 18:09:24 GMT
server: cloudflare
etag: 0x8DAEF47FA202F01
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6d07a14c-d01e-0049-2ec6-4b17fb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a20a15a08b43857-MAD
expires: Sat, 04 Mar 2023 08:50:09 GMT

GET
DATA 200
OK truncated
/ 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9948ae846979246ddfe993e604739594ce0e7cdfa77657412b9b0090009dcf23

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 155ms
54ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:09 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 62cb281b38027f507517f419_Gradient%20Button%20Rotate2.json Show response
assets-global.website-files.com/626ff19cdd07d1258d49238d/ 2 KB
1 KB 180ms
60ms XHR
application/json 2600:9000:2251:d800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/62cb281b38027f507517f419_Gradient%20Button%20Rotate2.json
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/js/web-phoenix.59804ec49.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea3931de93ca6940e75c6da8d126fccd812f1cf590cbf7844136d5c6c0685bf0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 02:58:09 GMT
x-amz-version-id: _JWgRDHLwVrMn2Yku2SFY3Ftq6u4Ip1i
content-encoding: br
via: 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
age: 4773121
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sun, 10 Jul 2022 19:27:26 GMT
server: AmazonS3
etag: W/"bde15e8c08bdae257ac118c5e638a3e5"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: Q0JMaxayr-yhVs_8vZXwJe2csBoLJc_pmc4al1UtiHbEwDC9HQV5Yg==

GET
H2 200 slugs Show response
cdn-api-weglot.com/translations/ 533 B
2 KB 133ms
44ms Fetch
application/json 2606:4700:20::681a:5c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-api-weglot.com/translations/slugs?api_key=wg_234baeaaccaa2f09e0dc6c004f571bbd6&language_to=fr&v=1658845381

Requested by

Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9270bbe635cc7cf73fcdaa51e5e9ea0ad367a2ca4eeec9b837c5779ceb45cd40

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-f6f9cc331844b3b75daa89e8fb04ec84' dashboard.weglot.com .weglot.com .stripe.com .announcekit.app .nolt.io .jsdelivr.net .firstpromoter.com beacon-v2.helpscout.net .google.com .google-analytics.com .googletagmanager.com .googleadservices.com .gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com .snap.licdn.com .redditstatic.com connect.facebook.net .hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:10 GMT
content-security-policy: script-src 'nonce-f6f9cc331844b3b75daa89e8fb04ec84' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ed801d50b0a23f17d14fe9a36280ac36.cloudfront.net (CloudFront)
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
x-amz-cf-pop: MAD56-P2
age: 346893
content-encoding: br
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 27 Feb 2023 08:28:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,PATCH
content-type: application/json
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J686igamVO8u%2FwW%2FR0Ls7g%2FXkj6Vz%2F1BAZW2EcvN9DaiPoCqBMkXOOfq4r33LnZD6QwVEBUyKirk6BIqubkbkjp3IRYxwxPRx3MtHwBfApu%2BsMTe0Qh1piVAnTQ5mqUSWruLaZoMKFklBgYY5LJJ7w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=31536000, must-revalidate
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
access-control-allow-origin: *
cf-ray: 7a20a15ded7c3839-MAD
access-control-allow-headers: Content-Type
x-amz-cf-id: 1QXc6U__SfSvlehYpC_jss-89E24A7Apm41qSvs3YRFjBoE3n0mrqQ==
expires: Wed, 25 Jan 2023 11:36:12 GMT

GET
H2 200 slugs Show response
cdn-api-weglot.com/translations/ 2 B
982 B 134ms
45ms Fetch
application/json 2606:4700:20::681a:5c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-api-weglot.com/translations/slugs?api_key=wg_234baeaaccaa2f09e0dc6c004f571bbd6&language_to=it&v=1658845381

Requested by

Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-5aece51310b1e6fc1fa4f6e9ed4153b7' dashboard.weglot.com .weglot.com .stripe.com .announcekit.app .nolt.io .jsdelivr.net .firstpromoter.com beacon-v2.helpscout.net .google.com .google-analytics.com .googletagmanager.com .googleadservices.com .gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com .snap.licdn.com .redditstatic.com connect.facebook.net .hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:10 GMT
content-security-policy: script-src 'nonce-5aece51310b1e6fc1fa4f6e9ed4153b7' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b33e450e1cd477843a111c167611fc90.cloudfront.net (CloudFront)
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
x-amz-cf-pop: MAD56-P2
age: 346893
content-encoding: br
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 27 Feb 2023 08:28:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,PATCH
content-type: application/json
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BmdhcaSp6raHknf%2FHsqTuG%2FlLfTf%2FIYf%2B%2BeKE7aRZxaShsyFj2zDyuYf7m2CKgO0IHOl9%2F7dbZn%2FqqoLSJRNqGLB9Ou9hIWAJe4wFgeNipSlClbtkEh6no9bLkNyzV%2F8s%2FnwrNZLmpZK5hSijqE9A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=31536000, must-revalidate
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
access-control-allow-origin: *
cf-ray: 7a20a15ded7d3839-MAD
access-control-allow-headers: Content-Type
x-amz-cf-id: 87H6XnmEfgV_qfGRr8ABcdfwKHmHRFKZ9uJTyNRlewCQowEshJzJhg==
expires: Wed, 25 Jan 2023 11:36:12 GMT

GET
H2 200 slugs Show response
cdn-api-weglot.com/translations/ 2 B
2 KB 135ms
46ms Fetch
application/json 2606:4700:20::681a:5c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-api-weglot.com/translations/slugs?api_key=wg_234baeaaccaa2f09e0dc6c004f571bbd6&language_to=ko&v=1658845381

Requested by

Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-8efab7b70d870747de833e5a19ef5ba5' dashboard.weglot.com .weglot.com .stripe.com .announcekit.app .nolt.io .jsdelivr.net .firstpromoter.com beacon-v2.helpscout.net .google.com .google-analytics.com .googletagmanager.com .googleadservices.com .gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com .snap.licdn.com .redditstatic.com connect.facebook.net .hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:10 GMT
content-security-policy: script-src 'nonce-8efab7b70d870747de833e5a19ef5ba5' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fe41458437820e017e1a964e74df0578.cloudfront.net (CloudFront)
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
x-amz-cf-pop: MAD56-P2
age: 190657
content-encoding: br
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 01 Mar 2023 03:52:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,PATCH
content-type: application/json
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PpuHvcPqSrI8n2%2FuokTsvk%2BwfrKHXSqcr5XP0s4cIdzh64tx5x2FM0QGNY2crt3d78Jmiwap8zioqb1n9bqFsVE4yesMDj5pj%2F55O5m7ftxaFhxQ4FtfJTWhxwnlY2x0BF4DGJx54enIcK462dlMag%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=31536000, must-revalidate
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
access-control-allow-origin: *
cf-ray: 7a20a15ded7e3839-MAD
access-control-allow-headers: Content-Type
x-amz-cf-id: qP41iAyFpRWGT662uGU72YPV5VsdyvinawyD9hnbMx36a2UK1VbS-w==
expires: Wed, 25 Jan 2023 11:36:12 GMT

GET
H2 200 slugs Show response
cdn-api-weglot.com/translations/ 2 B
975 B 139ms
50ms Fetch
application/json 2606:4700:20::681a:5c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-api-weglot.com/translations/slugs?api_key=wg_234baeaaccaa2f09e0dc6c004f571bbd6&language_to=ja&v=1658845381

Requested by

Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-08b344070e119a5ab18d7e1099526a17' dashboard.weglot.com .weglot.com .stripe.com .announcekit.app .nolt.io .jsdelivr.net .firstpromoter.com beacon-v2.helpscout.net .google.com .google-analytics.com .googletagmanager.com .googleadservices.com .gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com .snap.licdn.com .redditstatic.com connect.facebook.net .hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:10 GMT
content-security-policy: script-src 'nonce-08b344070e119a5ab18d7e1099526a17' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a1c5b41398f2acc5c6d4914b2e941256.cloudfront.net (CloudFront)
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
x-amz-cf-pop: MAD56-P2
age: 346893
content-encoding: br
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 27 Feb 2023 08:28:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,PATCH
content-type: application/json
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BieosVM51WIGNSxRvNatOGnm%2FW4nbHbC3PQxfOkJqlCGK2EXWNDD51ziVCm8iKvCJXGpc9sIFiddrHgmG%2B%2Bx%2Btl473k1VwF0T3LRI5V5j3x%2BEAVtgJJr537J8kZxavqmMt6LQCILWwfWu6VcmqwMDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=31536000, must-revalidate
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
access-control-allow-origin: *
cf-ray: 7a20a15ded7f3839-MAD
access-control-allow-headers: Content-Type
x-amz-cf-id: gCzfjF0Z8TOUVv33b7Vq_Z5-1v02-b0-a9-ReVYjlL6n27EDHCiwnQ==
expires: Wed, 25 Jan 2023 11:36:12 GMT

GET
H2 200 slugs Show response
cdn-api-weglot.com/translations/ 2 B
1 KB 136ms
47ms Fetch
application/json 2606:4700:20::681a:5c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-api-weglot.com/translations/slugs?api_key=wg_234baeaaccaa2f09e0dc6c004f571bbd6&language_to=es&v=1658845381

Requested by

Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-6b2da7d64b784aa329cb7a2ff467f2e5' dashboard.weglot.com .weglot.com .stripe.com .announcekit.app .nolt.io .jsdelivr.net .firstpromoter.com beacon-v2.helpscout.net .google.com .google-analytics.com .googletagmanager.com .googleadservices.com .gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com .snap.licdn.com .redditstatic.com connect.facebook.net .hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:10 GMT
content-security-policy: script-src 'nonce-6b2da7d64b784aa329cb7a2ff467f2e5' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e0a9984713015b278be44810aa21197a.cloudfront.net (CloudFront)
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
x-amz-cf-pop: CDG53-C1
age: 3084320
content-encoding: br
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 26 Jan 2023 16:04:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,PATCH
content-type: application/json
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eA73DhqB%2FCb%2F2cVSTsga9a5flKl0YvNeSe2VMkVuDJiNlDhsErbnfGf7uXRdjQTB46rllMfck2Hfp3X1Ys9FkLqvHT6MX9ttmz9KxUdsAH7%2FPftcMYG6ILPFx%2Bm1gPZ6tfPV5opPr9%2BIFIE%2F%2BWlYPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=31536000, must-revalidate
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
access-control-allow-origin: *
cf-ray: 7a20a15ded803839-MAD
access-control-allow-headers: Content-Type
x-amz-cf-id: EHNT7YpBUJ0MnVxxvkG_8OdJK-WCGGQpWlIwoTcIUFbmBErIyjk8cg==
expires: Wed, 25 Jan 2023 11:37:32 GMT

GET
H2 200 slugs Show response
cdn-api-weglot.com/translations/ 2 B
2 KB 150ms
62ms Fetch
application/json 2606:4700:20::681a:5c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-api-weglot.com/translations/slugs?api_key=wg_234baeaaccaa2f09e0dc6c004f571bbd6&language_to=de&v=1658845381

Requested by

Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-c8421af626e70096ea4db54335bc2aff' dashboard.weglot.com .weglot.com .stripe.com .announcekit.app .nolt.io .jsdelivr.net .firstpromoter.com beacon-v2.helpscout.net .google.com .google-analytics.com .googletagmanager.com .googleadservices.com .gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com .snap.licdn.com .redditstatic.com connect.facebook.net .hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:10 GMT
content-security-policy: script-src 'nonce-c8421af626e70096ea4db54335bc2aff' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3166f2aedf1f4565c8dcf3735a2c07a6.cloudfront.net (CloudFront)
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
x-amz-cf-pop: LIS50-C1
age: 3178148
content-encoding: br
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Jan 2023 12:02:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,PATCH
content-type: application/json
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjD3A3sLFgqwnvDgH0H5O2pb54K8fQapUJtEpHOXffjsqOy9HO9lUCLh9L33ljrM%2BAULjqPmMkXcxvdCGMLbwdjBOPfhv%2B0tqQDyPht6bn3%2Fw3%2BD8A%2Fxdk7YCaNUsjXSP8lexc%2FAl1Ve9QU3pacgXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=31536000, must-revalidate
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
access-control-allow-origin: *
cf-ray: 7a20a15ded813839-MAD
access-control-allow-headers: Content-Type
x-amz-cf-id: AG6XeJ1JNjdWLU22tZUNoYtrQH_kiPSON8_tgZz2D4hKKANBYYND0w==
expires: Wed, 25 Jan 2023 11:36:12 GMT

GET
H2 200 slugs Show response
cdn-api-weglot.com/translations/ 79 B
2 KB 137ms
49ms Fetch
application/json 2606:4700:20::681a:5c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-api-weglot.com/translations/slugs?api_key=wg_234baeaaccaa2f09e0dc6c004f571bbd6&language_to=br&v=1658845381

Requested by

Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e52ba320502e2cd491874b86e0e3fbffbd189d8913f5f46c6092056ecfa24104

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-19436da52017b4e925b8f73124b0a551' dashboard.weglot.com .weglot.com .stripe.com .announcekit.app .nolt.io .jsdelivr.net .firstpromoter.com beacon-v2.helpscout.net .google.com .google-analytics.com .googletagmanager.com .googleadservices.com .gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com .snap.licdn.com .redditstatic.com connect.facebook.net .hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:10 GMT
content-security-policy: script-src 'nonce-19436da52017b4e925b8f73124b0a551' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 c19df961760c76bdd5a67949a9005b8c.cloudfront.net (CloudFront)
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
x-amz-cf-pop: MAD56-P2
age: 346893
content-encoding: br
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 27 Feb 2023 08:28:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,PATCH
content-type: application/json
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOAF%2BQU4blYsrCKy3ifZXL%2FqLfoVtF3jOj40eMl6fi0jhmOELbP0Dq%2B3wGm4yPk9ngfdpobgYIXW82zuzvSTjnCYQ%2BDolOQjsz65EZ9BFmSVBi1Ts5tX%2FHTrznRM4lgnrrzdPgFADsew0V8Zlbru%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=31536000, must-revalidate
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
access-control-allow-origin: *
cf-ray: 7a20a15ded823839-MAD
access-control-allow-headers: Content-Type
x-amz-cf-id: L0aqflILome_rgBjQG9phS-fr1XY1EYnMCrvqLX98c9FbzW_VDZtAw==
expires: Wed, 25 Jan 2023 11:36:12 GMT

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 449 B
938 B 266ms
98ms XHR
application/json 13.225.78.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fdarktrace.com%2Fblog%2Fvidar-info-stealer-malware-distributed-via-malvertising-on-google&page_title=Vidar%20Info-Stealer%20Malware%20Distributed%20via%20Malvertising%20on%20Google%20-%20Darktrace%20Blog
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/20cb0107a53f0895.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-2.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 96f56f8b1f3f9d294227c20137fbe974b304bdc01a5e44070b6da9f93d5dd665

Request headers

Referer: https://darktrace.com/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 03 Mar 2023 08:50:10 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
request-id: 7b283855-50f5-4886-adef-c968d5de78b0
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://darktrace.com
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xF7pY77NuKLJ0CyvtEObB2eQVe1nH7j7pNlaB7dnvWRrXbeKhzFiNA==
expires: Thu, 02 Mar 2023 08:50:10 GMT

GET
H2 200 banner.js Show response
js-eu1.hs-banner.com/v2/25522132/ 202 KB
63 KB 258ms
120ms Script
text/javascript 172.65.202.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-banner.com/v2/25522132/banner.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25522132.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e63f883028a6f238e7fb930148de7887a2c235717a9613d01b4407327dda559

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:10 GMT
x-amz-version-id: VnbI81zTr0I.22hRDfsFy6j5eK1J.VD1
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: NZRZFTF0TRYXHBBX
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 21
x-amz-id-2: mJQsF46N5kZ1pj+1r19rCptKldJ0X7F9sCfqRvwRtuPXJz56lA8hOMB0DeBjfLSQ0mVD1qs62ME=
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 14 Feb 2023 08:57:04 GMT
server: cloudflare
x-evy-trace-route: nginx-catch-all
etag: W/"18629651c9042fe38c7304497fa80a2f"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://darktrace.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-5d6fcf645-867pj
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7a20a15e4f8d69fa-MAD
expires: Fri, 03 Mar 2023 08:55:10 GMT

GET
H2 200 collectedforms.js Show response
js-eu1.hscollectedforms.net/ 68 KB
25 KB 213ms
78ms Script
application/javascript 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hscollectedforms.net/collectedforms.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25522132.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3f2b8b4f35e3ac89735724f660e345274378e92d3d1c1f2695c04a0460fab3c

Request headers

Referer: https://darktrace.com/
Origin: https://darktrace.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:10 GMT
x-amz-version-id: UTgFLxzqgfPWpvgFow3DNbYx_N7FOQZ9
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-cf-pop: FRA56-P2
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.331/bundles/project.js&cfRay=7a20a15e3f583846-FRA, 7a20a15e3f583846-FRA
x-cache: RefreshHit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ad97f9bd-a5c3-4609-a3e7-cf1ce1fa2946
last-modified: Thu, 02 Mar 2023 01:24:29 UTC
server: cloudflare
etag: W/"9656224f3534bbb83c23ef97671f6be1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-7cb8fdd96d-t7hp6
cf-ray: 7a20a15e3f583846-MAD
x-amz-cf-id: 1D28RbLxeAQfPM6usWdb0f27E1fLAcglPKOBH4QfEGeON_Ogdos_lg==
x-hs-target-asset: collected-forms-embed-js/static-1.331/bundles/project.js

GET
H2 200 25522132.js Show response
js-eu1.hs-analytics.net/analytics/1677833400000/ 65 KB
21 KB 255ms
120ms Script
text/javascript 172.65.238.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-analytics.net/analytics/1677833400000/25522132.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25522132.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0f1b8d0e369c461d2f69c257755a15118f7348093978f307d98b1f8f9ac5cf5

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:10 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: B5BCFME6MMDGPZRG
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 22
x-amz-id-2: OJTnnwewXb90tiGsZKjDojxUfWu3HdOQriRLWQL/OvaK4Z96gnQnttliun0b1fVP2MGYJquj3RM=
x-evy-trace-listener: listener_https
x-request-id: 40c190b6-9f38-4570-bf2c-17f0b6374d51
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 02 Mar 2023 23:10:21 GMT
server: cloudflare
etag: W/"86a26b183976bfa4eedba0ac91d07479"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-7b58fb5747-pxjv7
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7a20a15e3b6f69d2-MAD
expires: Fri, 03 Mar 2023 08:55:10 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame F28E 44 KB
23 KB 112ms
94ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=xe4op45beefj

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__es.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7c5c7099614c321217b438c382066782c6e26a29c4b9ed7e511c9763d1cd8a05

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JPCVRc9anmoA_nL9CSwxHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23451
content-security-policy: script-src 'report-sample' 'nonce-JPCVRc9anmoA_nL9CSwxHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 08:50:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0C40 43 KB
23 KB 148ms
132ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=qo71cowue5tg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__es.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c6b0a06c2fac74f703aaf96a5134808fb4cd344e16a31fc3a014146dbbb047fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fygfG4nf8_Si0k_KOO_uHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23406
content-security-policy: script-src 'report-sample' 'nonce-fygfG4nf8_Si0k_KOO_uHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 08:50:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame B6F4 48 KB
26 KB 249ms
239ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=5nohdh5h144z

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__es.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eda7d1b612553d114b9e72d8828d70fab62f8730c369193f57756a59b9510f4e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lEK6vGFXOeOylDqsAvzx6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 26858
content-security-policy: script-src 'report-sample' 'nonce-lEK6vGFXOeOylDqsAvzx6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 08:50:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 713B 49 KB
27 KB 183ms
179ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=4kksbe5lxlvo

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__es.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

81a4bbeb147117eb656bb705b942a5146e4f22e4016f0bb1aaed1af3f897fd3e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-n2V-M7TczJu50GmFEPoFDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27471
content-security-policy: script-src 'report-sample' 'nonce-n2V-M7TczJu50GmFEPoFDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 08:50:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 9EDE 43 KB
23 KB 129ms
127ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=rbl4649qgn2e

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__es.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b5e6af88413eb1dc1d14fa40e3c236e0226967a94309665ce149c86dead4b283

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oC8kI-xGvicsvSekTZWbeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23350
content-security-policy: script-src 'report-sample' 'nonce-oC8kI-xGvicsvSekTZWbeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 08:50:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 en.json Show response
cdn-ukwest.onetrust.com/consent/2f0e2e84-c239-468b-b9dc-95c94890809c/d5ff8eee-09cb-4368-a822-e6582bcf7ca7/ 63 KB
14 KB 68ms
67ms Fetch
application/x-javascript 2606:4700:4400::6812:2b9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/2f0e2e84-c239-468b-b9dc-95c94890809c/d5ff8eee-09cb-4368-a822-e6582bcf7ca7/en.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac28e66b26e0b29b45349b503981d837c7f052682fa5263b2f539234295dfc8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 08:50:10 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: l8wPUoeTNnQ+tbl9KuoqHw==
age: 82240
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13960
x-ms-lease-status: unlocked
last-modified: Wed, 11 Jan 2023 10:11:28 GMT
server: cloudflare
etag: 0x8DAF3BC3432076F
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0138270c-701e-000b-15c6-4b3cef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a20a15e9a583145-MAD

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame F28E 55 KB
24 KB 213ms
89ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=xe4op45beefj

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 06:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 06:40:25 GMT

GET
H3 200 recaptcha__es.js Show response
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame F28E 408 KB
162 KB 321ms
198ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__es.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23964f884b2633ede349f98022479ec412919b33afb4ea4676fc95cd393fcb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 17:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165970
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 17:16:18 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame 9EDE 55 KB
24 KB 205ms
112ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 06:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 06:40:25 GMT

GET
H3 200 recaptcha__es.js Show response
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame 9EDE 408 KB
162 KB 293ms
201ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__es.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23964f884b2633ede349f98022479ec412919b33afb4ea4676fc95cd393fcb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 17:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165970
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 17:16:18 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame 0C40 55 KB
24 KB 134ms
65ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 06:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 06:40:25 GMT

GET
H3 200 recaptcha__es.js Show response
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame 0C40 408 KB
162 KB 276ms
207ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__es.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23964f884b2633ede349f98022479ec412919b33afb4ea4676fc95cd393fcb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 17:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165970
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 17:16:18 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame 713B 55 KB
24 KB 197ms
161ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 06:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 06:40:25 GMT

GET
H3 200 recaptcha__es.js Show response
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame 713B 408 KB
162 KB 272ms
238ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__es.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23964f884b2633ede349f98022479ec412919b33afb4ea4676fc95cd393fcb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 17:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165970
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 17:16:18 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame B6F4 55 KB
24 KB 154ms
136ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 06:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 06:40:25 GMT

GET
H3 200 recaptcha__es.js Show response
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame B6F4 408 KB
162 KB 237ms
219ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__es.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23964f884b2633ede349f98022479ec412919b33afb4ea4676fc95cd393fcb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 17:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165970
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 17:16:18 GMT

GET
H2 200 otFlat.json Show response
cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/assets/ 13 KB
3 KB 52ms
51ms Fetch
application/json 2606:4700:4400::6812:2b9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/assets/otFlat.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 08:50:10 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: zqQbOscO3o5SqFKuQoJ/AA==
age: 82240
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Thu, 05 Jan 2023 18:09:13 GMT
server: cloudflare
etag: 0x8DAEF47F34E6366
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c51b0287-201e-0018-80c6-4b090e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a20a1600c473145-MAD
expires: Sat, 04 Mar 2023 08:50:10 GMT

GET
H2 200 otPcCenter.json Show response
cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/assets/v2/ 61 KB
13 KB 47ms
46ms Fetch
application/json 2606:4700:4400::6812:2b9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29f9fcd87e27d4d0d0aabb7e633fa0c0ec7038ebebcad0033fa9a91831205878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 08:50:10 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: XXQ/19qk1P30LeI2+X3S1Q==
age: 77563
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12551
x-ms-lease-status: unlocked
last-modified: Thu, 05 Jan 2023 18:09:15 GMT
server: cloudflare
etag: 0x8DAEF47F4E6463D
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d9722f24-b01e-0052-77c6-4b3969000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a20a1600c483145-MAD
expires: Sat, 04 Mar 2023 08:50:10 GMT

GET
H2 200 otCommonStyles.css Show response
cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/assets/ 21 KB
4 KB 57ms
57ms Fetch
text/css 2606:4700:4400::6812:2b9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/assets/otCommonStyles.css

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 08:50:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 82240
x-ms-lease-status: unlocked
last-modified: Thu, 05 Jan 2023 18:09:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: beabe442-801e-003c-63c6-4b9040000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7a20a1600c493145-MAD
expires: Sat, 04 Mar 2023 08:50:10 GMT

GET
H2 200 json Show response
forms-eu1.hscollectedforms.net/collected-forms/v1/config/ 116 B
448 B 247ms
82ms XHR
application/json 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=25522132&utk=
Requested by: Host: js-eu1.hscollectedforms.net
URL: https://js-eu1.hscollectedforms.net/collectedforms.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6f67012173d003d1310c16e0e38a778b787655bdc8b4205e7b5b58e821c73de

Request headers

Accept: application/json, text/plain, */*
Referer: https://darktrace.com/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 358121a4-2f23-4b90-b720-0ae37dea7499
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 92259e04-4ba1-4187-a139-afe5e8b6e029
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://darktrace.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-7cb8fdd96d-6m77k
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7a20a1612ba83846-MAD

GET
H2 200 ot_guard_logo.svg Show response
cdn-ukwest.onetrust.com/logos/static/ 497 B
489 B 45ms
44ms Fetch
image/svg+xml 2606:4700:4400::6812:2b9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/logos/static/ot_guard_logo.svg

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 08:50:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 82240
x-ms-lease-status: unlocked
last-modified: Tue, 28 Feb 2023 21:23:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: beabe4d1-801e-003c-6cc6-4b9040000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7a20a1609d113145-MAD
expires: Sat, 04 Mar 2023 08:50:10 GMT

GET
H2 200 ot_company_logo.png
cdn-ukwest.onetrust.com/logos/static/ 4 KB
4 KB 49ms
48ms Image
image/png 2606:4700:4400::6812:2b9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-ukwest.onetrust.com/logos/static/ot_company_logo.png

Requested by

Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 08:50:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-md5: E8+sk/ECzKgTUVtDLikiIA==
age: 36135
content-length: 4036
x-ms-lease-status: unlocked
last-modified: Tue, 28 Feb 2023 21:23:27 GMT
server: cloudflare
etag: 0x8DB19D2082012C2
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 78f868b1-b01e-0070-15c6-4b575f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a20a160d80c3857-MAD
expires: Sat, 04 Mar 2023 08:50:10 GMT

GET
H2 200 powered_by_logo.svg
cdn-ukwest.onetrust.com/logos/static/ 5 KB
2 KB 62ms
62ms Image
image/svg+xml 2606:4700:4400::6812:2b9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-ukwest.onetrust.com/logos/static/powered_by_logo.svg

Requested by

Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Mar 2023 08:50:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 36140
x-ms-lease-status: unlocked
last-modified: Tue, 28 Feb 2023 21:23:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5f6de10d-301e-002e-17c6-4ba45c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7a20a160d80f3857-MAD
expires: Sat, 04 Mar 2023 08:50:10 GMT

GET
H/1.1 200
OK counters.gif
forms-eu1.hsforms.com/embed/v3/ 35 B
667 B 222ms
78ms Image
image/gif 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=6

Requested by

Host: darktrace.com
URL: https://darktrace.com/blog/vidar-info-stealer-malware-distributed-via-malvertising-on-google

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 08:50:11 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-HubSpot-Correlation-Id: 410aab50-2384-40ca-a2d1-35f7a4979e39
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 35
Server: cloudflare
X-Trace: 2B4733205C5754E72A0432F5E5D01CD5076A2AE254000000000000000000
Vary: origin
Content-Type: image/gif
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 7a20a162a9d22f8c-MAD

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 9EDE 102 B
134 B 96ms
96ms Other
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

145ca6237429a5ff5644115eec341fa33d149ab15a53a8db427d0a9fb376028d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=rbl4649qgn2e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 03 Mar 2023 08:50:11 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0C40 102 B
134 B 95ms
94ms Other
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

145ca6237429a5ff5644115eec341fa33d149ab15a53a8db427d0a9fb376028d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=qo71cowue5tg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 03 Mar 2023 08:50:11 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame B6F4 102 B
134 B 94ms
94ms Other
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

145ca6237429a5ff5644115eec341fa33d149ab15a53a8db427d0a9fb376028d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=5nohdh5h144z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 03 Mar 2023 08:50:11 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 713B 102 B
134 B 93ms
93ms Other
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

145ca6237429a5ff5644115eec341fa33d149ab15a53a8db427d0a9fb376028d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=4kksbe5lxlvo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 03 Mar 2023 08:50:11 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame F28E 102 B
134 B 94ms
93ms Other
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

145ca6237429a5ff5644115eec341fa33d149ab15a53a8db427d0a9fb376028d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kYXJrdHJhY2UuY29tOjQ0Mw..&hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=xe4op45beefj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 03 Mar 2023 08:50:11 GMT

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
1 KB 232ms
93ms Image
image/gif 172.65.240.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1706262889&v=1.1&a=25522132&rcu=https%3A%2F%2Fdarktrace.com%2Fblog%2Fvidar-info-stealer-malware-distributed-via-malvertising-on-google&pu=https%3A%2F%2Fdarktrace.com%2Fblog%2Fvidar-info-stealer-malware-distributed-via-malvertising-on-google&t=Vidar+Info-Stealer+Malware+Distributed+via+Malvertising+on+Google+-+Darktrace+Blog&cts=1677833411383&vi=820d914e03f8c9855b0d0dc3c429792e&nc=true&u=21031588.820d914e03f8c9855b0d0dc3c429792e.1677833411374.1677833411374.1677833411374.1&b=21031588.1.1677833411374&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:50:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: cdd2dc6c-db4f-4307-a7b6-2e9850a53f2e
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: dc920805-a658-481a-8977-de9e4c19e84d
last-modified: Fri, 03 Mar 2023 08:50:11 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K75xkVQwKKUrvkjr%2FtVjnGS6EoWqBU6LiIB7Nxs2lItiS8ELBvzpWRQHOBHXJSmh14IZmThZGL7cNdgKY2Ga8S0jify%2FftMn0VdRl8YA2B3u7M8iN3nGB2ZSQYJiTOk8Og%2BlVnuUEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: fra04/analytics-tracking-td/envoy-proxy-549476cf7b-fbrm6
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 7a20a1661f711a7c-MAD
x-robots-tag: none

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame A722 7 KB
1 KB 98ms
97ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__es.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fe56ae54c1f7183aa30f09f0fb8663c54d03707d6a8d1dcde1d0041fae7fce93

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WZ7Od6RqqMPBDIhUyyq3FA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1118
content-security-policy: script-src 'report-sample' 'nonce-WZ7Od6RqqMPBDIhUyyq3FA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 08:50:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 3BB9 7 KB
1 KB 97ms
97ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__es.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2d14042b1e637ccb0cd8872dad09557d9485e10d9ba4e74c7ee81d3feb84e4fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R5cmnLdUjdBq2bX5pHFgMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1117
content-security-policy: script-src 'report-sample' 'nonce-R5cmnLdUjdBq2bX5pHFgMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 08:50:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 3A3E 7 KB
1 KB 97ms
96ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__es.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

620491cc73d0e24286cbae76c4bc3e44a24d6675e71231bf92cdcafd568aefdd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qYJjPgUW9sLn_IwM_ipfOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1118
content-security-policy: script-src 'report-sample' 'nonce-qYJjPgUW9sLn_IwM_ipfOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 08:50:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 3E8E 7 KB
1 KB 98ms
97ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__es.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

85f110868b7dd028b77e6656eadf9a398aea33c184f5cff81ca52cdc13a35686

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5YLD3PFQX4mKA3qUq-77Vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1117
content-security-policy: script-src 'report-sample' 'nonce-5YLD3PFQX4mKA3qUq-77Vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 08:50:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame FC6B 7 KB
1 KB 106ms
105ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__es.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7592fb3d3f18d2d89c385b60fdc13a9f151d8dabf10b1e389de84afdd9d0da35

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GJcl6kxtzR9dMGWxVFZkrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1118
content-security-policy: script-src 'report-sample' 'nonce-GJcl6kxtzR9dMGWxVFZkrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 08:50:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame A722 55 KB
24 KB 63ms
62ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 06:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 06:40:25 GMT

GET
H3 200 recaptcha__es.js Show response
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame A722 408 KB
162 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__es.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23964f884b2633ede349f98022479ec412919b33afb4ea4676fc95cd393fcb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 17:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165970
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 17:16:18 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame 3BB9 55 KB
24 KB 65ms
63ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 06:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 06:40:25 GMT

GET
H3 200 recaptcha__es.js Show response
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame 3BB9 408 KB
162 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__es.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23964f884b2633ede349f98022479ec412919b33afb4ea4676fc95cd393fcb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 17:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165970
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 17:16:18 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame 3A3E 55 KB
24 KB 63ms
63ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 06:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 06:40:25 GMT

GET
H3 200 recaptcha__es.js Show response
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame 3A3E 408 KB
162 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__es.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23964f884b2633ede349f98022479ec412919b33afb4ea4676fc95cd393fcb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 17:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165970
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 17:16:18 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame 3E8E 55 KB
24 KB 63ms
62ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 06:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 06:40:25 GMT

GET
H3 200 recaptcha__es.js Show response
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame 3E8E 408 KB
162 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__es.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23964f884b2633ede349f98022479ec412919b33afb4ea4676fc95cd393fcb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 17:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165970
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 17:16:18 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame FC6B 55 KB
24 KB 69ms
61ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 06:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 06:40:25 GMT

GET
H3 200 recaptcha__es.js Show response
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame FC6B 408 KB
162 KB 71ms
63ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__es.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=es&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23964f884b2633ede349f98022479ec412919b33afb4ea4676fc95cd393fcb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 17:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165970
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 17:16:18 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
careers.darktrace.com/	1970-01-20 10:04:00	Name: XSRF-TOKEN Value: eyJpdiI6ImhmQ21uc3ZGV05RTkVLY25MaTZJalE9PSIsInZhbHVlIjoiaEpEWE1hSm9wYklPS0ROeUV6bVV1VGtQcXdNd3RhQlN0bEFaSFNwd0F1aWxUbEIyTjhxbHBvclpkRWtZeHJqWExKRkozTTdtT2gzVTVIeWVCZk44bjlNWU5sQmtqVnZOY2tneWtIUnVLTTU4YmQyL09mVTlJQnloMW92dkpyWlMiLCJtYWMiOiJmZTE4Y2QxMjY4ODgzNDIxYWEzMTkyYjAyMjY5Y2I5NzZiNTIzNjk2ZDBiZmJkNDE3NDhkZTAwYzI3OGM2MjYxIiwidGFnIjoiIn0%3D
careers.darktrace.com/	1970-01-20 10:04:00	Name: darktrace_careers_session Value: eyJpdiI6Ii9mUHMrZEM4NXlRaEE5Wk0vd3U2QWc9PSIsInZhbHVlIjoiV1lTWEl5c0dmQ2RTeEFlRmpJRTR2WWxaeVM1TWl1V0JKVDJjakZYSkN0azVIU1FrWmthdURZYWx3ZTFHdUVCSzJMSFN0dmV3S296dnVVY0ltNE9ySVlsd1NLc2dTUzlvRFZtOHNydmxDdCtYMjlYZDNzZlRrRm9tZmZhTk9YMTMiLCJtYWMiOiI4YTgzMDNlYWY4ZmIyM2YwMzYwZDVhMzQ1YWVlZWRkNWRkZjk2OWJlMzJiZDVlYmUzNzZjNTlmM2VkN2IzZjFjIiwidGFnIjoiIn0%3D
ir.darktrace.com/	1969-12-31 23:59:59	Name: ir-session Value: cb14219d0c95de6d736b663156672ea0Fpa%2B1eAFEHkXpsUToV5PtI09PvD2pqKkpvWluJctw%2Bqj7qEpleF%2Bt1x5HLIsk5K8eM1mhx86cT%2BMHgZx6WSOoiAoPBYAk9gDMFJs5%2FSct61b5rWgfrf77xhuqVabvnJT
ir.darktrace.com/	1970-01-20 10:04:00	Name: XSRF-TOKEN Value: e8cf8601f0addd307c0d9b83d68f06c43GUwtCd5UpM2UOIHgVqyl%2F0CSBVwlnGZIDGkIxdLGCXq%2BfXX4tC1qO6pgFuMsORO6B066NvPEORDhi4f%2FBij0G0mDcYdlgd0Oas2l7gtRWzmL7PB3hnjMjUmuKQepxlY
ir.darktrace.com/	1969-12-31 23:59:59	Name: ir-session-values Value: ccf9c3b12c4ce9f9816f8dc0089fce8flsEQS%2F1xCMImI7BQm%2F51udvo7%2Fq5X40mUEoOSX4cc6wIAhoNfotpyjDZv7ByA8F1AXlOnB8dbnObdvX8tt49WfNX9Edvvtr3or4Uwwj6Kcd01s%2FOAgl6fz98bQvFtgwo82tHMldIMcD4MUgKMZny6NJpC%2FEUU4TujPyW8HnxIofK4qJg1yD7re9acxiLCRN%2FVLdEIE6ASAnmCqThXCzatfyzapRnaIJ2rvF8qnj5WtY%2BJHMQ9ON1kw4lECFgQ7B0yNjoegjenYlkK10S0JVS94Q0gE9WeDwcrioa2%2BmIKtDph8kaMs5NPnJN6TfJQG1p
.darktrace.com/	1970-01-20 18:49:29	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Mar+03+2023+08%3A50%3A10+GMT%2B0000+(GMT)&version=202212.1.0&isIABGlobal=false&hosts=&consentId=a0ff7ce9-cd25-491e-bc31-e26e93926d34&interactionCount=0&landingPath=https%3A%2F%2Fdarktrace.com%2Fblog%2Fvidar-info-stealer-malware-distributed-via-malvertising-on-google&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.darktrace.com/	1970-01-20 14:23:05	Name: __hstc Value: 21031588.820d914e03f8c9855b0d0dc3c429792e.1677833411374.1677833411374.1677833411374.1
.darktrace.com/	1970-01-20 14:23:05	Name: hubspotutk Value: 820d914e03f8c9855b0d0dc3c429792e
.darktrace.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.darktrace.com/	1970-01-20 10:03:55	Name: __hssc Value: 21031588.1.1677833411374
.hubspot.com/	1970-01-20 10:03:55	Name: __cf_bm Value: 69nXiIBOiNZywyr4MhhxLaFshIOD93YeRHpBBn4TsRw-1677833411-0-AaPtgw8ZkPC6jhsmlpx0r0/zR8OLvSMXXWPiM7r/J6KYHUJOmtFhZlTb6iruCAQV2LQxzfMLNSMvdcuD9mVBTCg=
darktrace.com/	1970-01-20 10:03:54	Name: _dd_s Value: logs=1&id=c916dede-a4e1-4664-b270-0783fc809820&created=1677833410314&expire=1677834310314

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.company-target.com
assets-global.website-files.com
assets.adobedtm.com
assets.website-files.com
careers.darktrace.com
cdn-api-weglot.com
cdn-ukwest.onetrust.com
cdn.weglot.com
cdnjs.cloudflare.com
d3e54v103j8qbb.cloudfront.net
darktrace.com
forms-eu1.hscollectedforms.net
forms-eu1.hsforms.com
geolocation.onetrust.com
id.rlcdn.com
ir.darktrace.com
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hscollectedforms.net
tag.demandbase.com
track-eu1.hubspot.com
www.datadoghq-browser-agent.com
www.google.com
www.gstatic.com
104.20.203.23
13.225.78.2
13.32.27.124
172.65.192.122
172.65.202.201
172.65.208.22
172.65.232.43
172.65.238.60
172.65.240.166
172.67.0.161
18.65.38.185
18.66.17.172
2600:9000:20eb:8400:1:28b3:b280:93a1
2600:9000:223f:6a00:11:3b84:d200:93a1
2600:9000:2251:d800:12:9e5f:cac0:93a1
2606:4700:20::681a:5c5
2606:4700:4400::6812:2b9e
2606:4700::6811:180e
2a00:1450:4001:831::2003
2a00:1450:400d:80a::2004
2a02:26f0:f700:481::1e80
35.244.174.68
54.194.170.100
02306dba6d85ef1b362d4e0b373993df1d50e84381afb168594485ed63473916
053cc9e227a902647a63ffe3d84e4c503d96ddb0ce4f218b870b2a7585b3766e
063a721d5e221c66b0b3b52b66fd39f634d49e9aa16827ac5281666257d84e92
0d282ef9078d7899784c452efef335121768aedc33283ae5b4b4c225e1a176e9
145ca6237429a5ff5644115eec341fa33d149ab15a53a8db427d0a9fb376028d
189840c16cabfa5dc9955763486a23a8b358c36d29d3606fddcb5d54d07d51ca
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
23964f884b2633ede349f98022479ec412919b33afb4ea4676fc95cd393fcb3a
24d8068b5b4d7858f29a39e3a8779e8591abc963126b4cd2eed1e3591a31ac2e
2708bde98da236fca8a23d86312f8f88263bbb724bfd3a1fc1cc82d45b903bd0
29f9fcd87e27d4d0d0aabb7e633fa0c0ec7038ebebcad0033fa9a91831205878
2d14042b1e637ccb0cd8872dad09557d9485e10d9ba4e74c7ee81d3feb84e4fa
34ad7018726a6090097b8e4fbfec539f043b50f5adc4be96a6601a40fe6831a4
36a4b74142fec50507eb6066baa8de5d880cd6aa0c8e9b6306bfd0eaf0313b76
374ffd46c5846ab5afe2bfe5d53a0bb657d2a98d1b90ea40b6890ff02b5adccc
38d60058d3e3297c6acd28b3cabda06fb428ffd847ed2a28a404031d23162c56
3ccfd8491a4f2101549ea6031091edc3616340f714216323f1f604f674749239
41cc42e8be799233ee8e647157fa742b80db7b35797aead7cbe168b20c83ec2c
48979155896cea590bb6085850a98bf7ccb5b48e9761ad03b8e8f671e92c746c
4e63f883028a6f238e7fb930148de7887a2c235717a9613d01b4407327dda559
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
620491cc73d0e24286cbae76c4bc3e44a24d6675e71231bf92cdcafd568aefdd
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7592fb3d3f18d2d89c385b60fdc13a9f151d8dabf10b1e389de84afdd9d0da35
773be328014883196fd5aa9d9d9fce04fd7b0a9518135429e7525a0a9e644de2
79a7d5deff1189cba78946faa0ed6bd78a1c9292cfad4329b208d0be5a045ff7
7be39153d5edd36ee5b7264043d986e973a377666a70e711a11f72b9593b3d00
7c3a98b51ac998315ef6607104e5b075e099a514cc2526cf7693dfcddf187f6e
7c5c7099614c321217b438c382066782c6e26a29c4b9ed7e511c9763d1cd8a05
7e667b8253b8ab0613261b3b5b44c414a49316e4bf792b3d9313bd10d6a766db
81a4bbeb147117eb656bb705b942a5146e4f22e4016f0bb1aaed1af3f897fd3e
85f110868b7dd028b77e6656eadf9a398aea33c184f5cff81ca52cdc13a35686
8887f03d90e75a4a4265a4bb43bf9407297051173a798e6e2e6f4876c68ffe1d
8ad68166d031fc338103c4e3c8755a2df011e5d85445a4dd3cb240f3281f0771
8eb91a0802b9e79aef3e47554a25b80de2f8ef73d3053b28c81820734179f4e9
9270bbe635cc7cf73fcdaa51e5e9ea0ad367a2ca4eeec9b837c5779ceb45cd40
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
96f56f8b1f3f9d294227c20137fbe974b304bdc01a5e44070b6da9f93d5dd665
98245e5de1433429f457cde03339c4fc155ee802fa1b7355d3b86752613c0a20
9948ae846979246ddfe993e604739594ce0e7cdfa77657412b9b0090009dcf23
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a6c71c13e2eb7d71c7f1afd8d533eb962c8f55b74c88d9502d422df0fc407289
a6fd219289d32bb4cdc8e8831a6f56c5cc0e4246f324bb598277e0c9036753d4
ac28e66b26e0b29b45349b503981d837c7f052682fa5263b2f539234295dfc8e
adecd63acc4782d7f6bea59bda9e02bfcc6f90ed14ace7f83e06c6c814b58e2a
b36764faf17f2803c4ef3a5ea18b0187dc9ae66b13ec253c71ddb3178d2ccf52
b3f2b8b4f35e3ac89735724f660e345274378e92d3d1c1f2695c04a0460fab3c
b5e6af88413eb1dc1d14fa40e3c236e0226967a94309665ce149c86dead4b283
b6f67012173d003d1310c16e0e38a778b787655bdc8b4205e7b5b58e821c73de
b7c7c882e0d16b9c3d586ee27feea4aa743a7093d4899eaeddd77ff5474a31fb
b8e72bf762969e361156a7a233c1f848e2a16b38d6e88633d6771744d4998f31
bab8fc2750a4e25460b948b26a83cacf12c8033ca87d1476d2a2edc6060d3bff
bcd591865677b0c8754082d60e5fbddb3ceee63f563c7362b2800d5f5c84d619
be1450871d943d13fb8aafff1a60013ad5afb64b43a694028a9e01fe95996541
c43aa1c98e666815b1e46069e4c1611bfc91dc1480c87f37b74a8f93a35b5898
c4def5823699bf001215356a5091c653e45dee3fe3ef6c7b9db6caa0b96746ca
c6b0a06c2fac74f703aaf96a5134808fb4cd344e16a31fc3a014146dbbb047fa
cd0522a8b470d20a6362f6cf9100065ce872edd22b7a7d8d107d3241562ce339
d31257af7cd51d364384e20639a2676c6f7fa9fd21a993d891b1b626e07c99fe
da9a77e15c8cbf2596563d3bc8020cc9e547d2b99976a0b77f5eeadf1c492feb
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e277232eb7b144125a112c56c998e0280b16bae5b04663ded89be9bb4d9b04f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52ba320502e2cd491874b86e0e3fbffbd189d8913f5f46c6092056ecfa24104
ea3931de93ca6940e75c6da8d126fccd812f1cf590cbf7844136d5c6c0685bf0
ea7d156ae3b839441a81b7022c246c640970ca75f7ca82daa012044afa661674
eda7d1b612553d114b9e72d8828d70fab62f8730c369193f57756a59b9510f4e
ef6b6ed623b9789747d2e491b3ad692793d461be2f27bdf0c531b2d953fa670d
f0f1b8d0e369c461d2f69c257755a15118f7348093978f307d98b1f8f9ac5cf5
f5b3961567e508fe7601ff7327bca5bd4c599d9b2a84083cda76be7d97fc0920
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa7e91d982ceb5df0be7f50ac57343b265d5c342da4a7c7a910c290c4bc13ef6
fb569f6cb17f458762401b465a42bef12e5d53c5159fe280fdeebce485918f15
fe56ae54c1f7183aa30f09f0fb8663c54d03707d6a8d1dcde1d0041fae7fce93

darktrace.com Open in urlscan Pro 54.194.170.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

106 Requests

100 %HTTPS

39 %IPv6

20 Domains

25 Subdomains

24 IPs

5 Countries

5790 kBTransfer

11769 kBSize

12 Cookies

15 Outgoing links

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

darktrace.com Open in urlscan Pro
54.194.170.100 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

100 %
HTTPS

39 %
IPv6

20
Domains

25
Subdomains

24
IPs

5
Countries

5790 kB
Transfer

11769 kB
Size

12
Cookies

106 HTTP transactions
1 data transactions