de.darktrace.com Open in urlscan Pro
151.139.128.10 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Submission: On June 29 via manual (June 29th 2023, 2:24:45 pm UTC) from CL — Scanned from DE

Summary HTTP 162 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 45 IPs in 6 countries across 35 domains to perform 162 HTTP transactions. The main IP is 151.139.128.10, located in United States and belongs to STACKPATH-CDN, US. The main domain is de.darktrace.com.
TLS certificate: Issued by R3 on May 13th 2023. Valid for: 3 months.

This is the only time de.darktrace.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
34	2600:9000:230... 2600:9000:2304:a00:12:9e5f:cac0:93a1	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
11	2606:4700::68... 2606:4700::6812:aa72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:480... 2a02:26f0:480:994::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	172.65.208.22 172.65.208.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:224... 2600:9000:2249:1600:1:28b3:b280:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	3.161.127.194 3.161.127.194	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	108.138.17.72 108.138.17.72	16509 (AMAZON-02) (AMAZON-02)
1	104.17.114.41 104.17.114.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2600:9000:219... 2600:9000:219c:5e00:11:3b84:d200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1d26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	13.225.34.5 13.225.34.5	16509 (AMAZON-02) (AMAZON-02)
2	54.195.140.228 54.195.140.228	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:310... 2a02:26f0:3100::1735:28d2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	172.65.202.201 172.65.202.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.238.60 172.65.238.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.65.192.122 172.65.192.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	2600:1f18:612... 2600:1f18:612b:4264:debb:60:73cb:4464	14618 (AMAZON-AES) (AMAZON-AES)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2600:9000:224... 2600:9000:2247:d800:1d:8d6d:3b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.49.138.0 52.49.138.0	16509 (AMAZON-02) (AMAZON-02)
1 1	34.249.242.252 34.249.242.252	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1	2600:9000:217... 2600:9000:2171:7000:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.65.232.43 172.65.232.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	95.101.111.170 95.101.111.170	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:ab0... 2a02:26f0:ab00::214:8e41	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	35.156.62.81 35.156.62.81	16509 (AMAZON-02) (AMAZON-02)
162	45

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

de.darktrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2600:9000:2304:a00:12:9e5f:cac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets-global.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:aa72 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:994::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2249:1600:1:28b3:b280:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.weglot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.127.194 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-127-194.vie50.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-72.fra56.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.114.41 (None, )

ASN13335 (CLOUDFLARENET, US)

ir.darktrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:219c:5e00:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1d26 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.34.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-34-5.cdg3.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.195.140.228 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-140-228.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100::1735:28d2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.192.122 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:debb:60:73cb:4464 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2247:d800:1d:8d6d:3b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.138.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-138-0.eu-west-1.compute.amazonaws.com

darktrace.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.242.252 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-242-252.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

9120626.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2171:7000:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-eu1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 95.101.111.170 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-170.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ab00::214:8e41 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.62.81 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-62-81.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	website-files.com assets-global.website-files.com — Cisco Umbrella Rank: 14427 assets.website-files.com — Cisco Umbrella Rank: 13844	6 MB
29	gstatic.com www.gstatic.com fonts.gstatic.com	2 MB
19	google.com www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 113	178 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 407	144 KB
10	6sc.co j.6sc.co — Cisco Umbrella Rank: 6369 c.6sc.co — Cisco Umbrella Rank: 9185 ipv6.6sc.co — Cisco Umbrella Rank: 6440 b.6sc.co — Cisco Umbrella Rank: 4176	19 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 414 www.linkedin.com — Cisco Umbrella Rank: 544 px4.ads.linkedin.com — Cisco Umbrella Rank: 6544	5 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 390	13 KB
3	doubleclick.net 1 redirects 9120626.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	3 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 218 darktrace.demdex.net	5 KB
3	jquery.com code.jquery.com — Cisco Umbrella Rank: 749	105 KB
3	weglot.com cdn.weglot.com — Cisco Umbrella Rank: 15381	42 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 411	61 KB
3	darktrace.com de.darktrace.com ir.darktrace.com — Cisco Umbrella Rank: 951954	126 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 10419	573 B
2	google.de www.google.de — Cisco Umbrella Rank: 4752 adservice.google.de — Cisco Umbrella Rank: 10561	970 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635	2 KB
2	hscollectedforms.net js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 29445 forms-eu1.hscollectedforms.net — Cisco Umbrella Rank: 30619	26 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 914	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	120 KB
2	company-target.com s.company-target.com — Cisco Umbrella Rank: 1995 api.company-target.com — Cisco Umbrella Rank: 3913	2 KB
2	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 4924 tag-logger.demandbase.com — Cisco Umbrella Rank: 4700	30 KB
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 469	820 B
1	hsforms.com forms-eu1.hsforms.com — Cisco Umbrella Rank: 32222	983 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1031	370 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1111	517 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 374	239 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1248	393 B
1	hs-analytics.net js-eu1.hs-analytics.net — Cisco Umbrella Rank: 19975	21 KB
1	hs-banner.com js-eu1.hs-banner.com — Cisco Umbrella Rank: 19576	64 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 717	99 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 678	305 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 274	25 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	30 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	4 KB
1	hs-scripts.com js-eu1.hs-scripts.com — Cisco Umbrella Rank: 18075	1 KB
162	35

	Domain	Requested by
34	assets-global.website-files.com	de.darktrace.com assets-global.website-files.com
25	www.gstatic.com	www.google.com www.gstatic.com
18	www.google.com	de.darktrace.com www.gstatic.com www.google.com
11	cdn.cookielaw.org	de.darktrace.com cdn.cookielaw.org
8	assets.website-files.com	assets-global.website-files.com
6	b.6sc.co	de.darktrace.com
4	fonts.gstatic.com	www.google.com
3	bat.bing.com	de.darktrace.com bat.bing.com
3	px.ads.linkedin.com	3 redirects
3	code.jquery.com	de.darktrace.com
3	cdn.weglot.com	de.darktrace.com cdn.weglot.com
3	assets.adobedtm.com	de.darktrace.com assets.adobedtm.com
2	epsilon.6sense.com	j.6sc.co
2	j.6sc.co	assets.adobedtm.com j.6sc.co
2	9120626.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	dsum-sec.casalemedia.com	1 redirects s.company-target.com
2	snap.licdn.com	assets.adobedtm.com snap.licdn.com
2	www.googletagmanager.com	assets.adobedtm.com
2	dpm.demdex.net	assets.adobedtm.com de.darktrace.com
2	de.darktrace.com	de.darktrace.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	adservice.google.de	adservice.google.com
1	www.google.de	de.darktrace.com
1	adservice.google.com	9120626.fls.doubleclick.net
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	forms-eu1.hsforms.com	de.darktrace.com
1	px4.ads.linkedin.com	de.darktrace.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	forms-eu1.hscollectedforms.net	js-eu1.hscollectedforms.net
1	cm.everesttech.net	1 redirects
1	darktrace.demdex.net	assets.adobedtm.com
1	tag-logger.demandbase.com	tag.demandbase.com
1	pixel.rubiconproject.com	s.company-target.com
1	partners.tremorhub.com	s.company-target.com
1	js-eu1.hscollectedforms.net	js-eu1.hs-scripts.com
1	js-eu1.hs-analytics.net	js-eu1.hs-scripts.com
1	js-eu1.hs-banner.com	js-eu1.hs-scripts.com
1	api.company-target.com	tag.demandbase.com
1	id.rlcdn.com	de.darktrace.com
1	s.company-target.com	tag.demandbase.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	ir.darktrace.com	de.darktrace.com
1	tag.demandbase.com	de.darktrace.com
1	cdnjs.cloudflare.com	de.darktrace.com
1	d3e54v103j8qbb.cloudfront.net	de.darktrace.com
1	cdn.jsdelivr.net	de.darktrace.com
1	js-eu1.hs-scripts.com	de.darktrace.com
162	50

This site contains links to these domains. Also see Links.

Domain
customerportal.darktrace.com
partners.darktrace.com
ir.darktrace.com
www.microsoft.com
twitter.com
www.esentire.com
www.justice.gov
www.youtube.com
riskybiznews.substack.com
medium.com
blog.avast.com
blog.sekoia.io
www.crowdstrike.com
www.bleepingcomputer.com
www.mandiant.com
www.securityweek.com
securelist.com
www.sentinelone.com
www.linkedin.com
darktrace.com
fr.darktrace.com
it.darktrace.com
ko.darktrace.com
ja.darktrace.com
es.darktrace.com
pt-br.darktrace.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
fr.darktrace.com R3	`2023-05-13` - `2023-08-11`	3 months	crt.sh
*.website-files.com Amazon RSA 2048 M01	`2023-02-23` - `2023-11-09`	9 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.weglot.com Amazon RSA 2048 M01	`2023-02-07` - `2024-03-07`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-08-17` - `2023-09-18`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.company-target.com R3	`2023-06-18` - `2023-09-16`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-09-16` - `2023-10-18`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.demandbase.com Amazon RSA 2048 M01	`2023-02-22` - `2023-09-08`	7 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
6sc.co R3	`2023-05-25` - `2023-08-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Frame ID: 1454C1B1083D64466932DF15B3848FA2
Requests: 108 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 1AAA0F0DF96BFED95DFEC9BBBC35F621
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kZS5kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=80drc175uiqh
Frame ID: 2BDECEAA93990D6C428C2546D45E6B04
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kZS5kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=m1d24yc6cmjx
Frame ID: A0E83A2BBD10B21BCE69603C389F7E6E
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kZS5kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=kfw943wl2aw4
Frame ID: 34293384B186644EE2523DF32737285E
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kZS5kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=dpan9oegkxo3
Frame ID: 4CAACD74CBEE0FAB1512C05603351520
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kZS5kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=2l13do3noshc
Frame ID: 2906033F08D81F25C8AF1B2A9B445F21
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kZS5kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=kbix35bt3nqr
Frame ID: E539005BC838FB11DCA1B2FC129C4565
Requests: 8 HTTP requests in this frame

Frame: https://darktrace.demdex.net/dest5.html?d_nsid=0
Frame ID: D2BAD16E8F861B10F3D4D63C1E12EEAD
Requests: 1 HTTP requests in this frame

Frame: https://9120626.fls.doubleclick.net/activityi;dc_pre=CNuhv6_X6P8CFW1Ewgod5oQEPw;src=9120626;type=unive0;cat=darkt00;ord=5089008179056;gtm=45fe36s0;auiddc=1645327795.1688048680;u1=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2;~oref=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Frame ID: C8009EB10BB124208CEB0482567902CC
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNuhv6_X6P8CFW1Ewgod5oQEPw;src=9120626;type=unive0;cat=darkt00;ord=5089008179056;gtm=45fe36s0;auiddc=1645327795.1688048680;u1=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2;~oref=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Frame ID: 096B14D684900BEAC8B5BC6E05DCA415
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CNuhv6_X6P8CFW1Ewgod5oQEPw;src=9120626;type=unive0;cat=darkt00;ord=5089008179056;gtm=45fe36s0;auiddc=1645327795.1688048680;u1=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2;~oref=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Frame ID: 2F16A0BB175A2C8736D0D8EA48989444
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW
Frame ID: DF443E09917934C1199A1E39DB2A22E2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW
Frame ID: B577B3A2551D158E3F122EE754AEEF3F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW
Frame ID: A0476C6AE8F5AE356A894C5E5F65F74A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW
Frame ID: 26709ABC726B70CEC0BFEA73C35CD7CE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW
Frame ID: F7C3AAFA6B00F3BADF31B9B940ED7A05
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW
Frame ID: 17DDAFDD5A1689F0EF0EA27470428F71
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The resurgence of the raccoon: Steps of a Raccoon Stealer v2 Infection (Part 2) | Darktrace BlogBack ButtonSearch IconFilter Icon

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Weglot (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

cdn\.weglot\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

162
Requests

97 %
HTTPS

52 %
IPv6

35
Domains

50
Subdomains

45
IPs

6
Countries

9295 kB
Transfer

16613 kB
Size

33
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://customerportal.darktrace.com/
Title: Kundenportal

Search URL Search Domain Scan URL

URL: https://partners.darktrace.com/
Title: Partner-Portal

Search URL Search Domain Scan URL

URL: https://partners.darktrace.com/apply
Title: Partner werden

Search URL Search Domain Scan URL

URL: https://ir.darktrace.com/
Title: Investoren

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/security/blog/2022/05/17/in-hot-pursuit-of-cryware-defending-hot-wallets-from-attacks/
Title: https://www.microsoft.com/security/blog/2022/05/17/in-hot-pursuit-of-cryware-defending-hot-wallets-from-attacks/

Search URL Search Domain Scan URL

URL: https://twitter.com/3xp0rtblog/status/1507312171914461188
Title: https://twitter.com/3xp0rtblog/status/1507312171914461188

Search URL Search Domain Scan URL

URL: https://www.esentire.com/blog/esentire-threat-intelligence-malware-analysis-raccoon-stealer-v2-0
Title: https://www.esentire.com/blog/esentire-threat-intelligence-malware-analysis-raccoon-stealer-v2-0

Search URL Search Domain Scan URL

URL: https://www.justice.gov/usao-wdtx/pr/newly-unsealed-indictment-charges-ukrainian-national-international-cybercrime-operation
Title: https://www.justice.gov/usao-wdtx/pr/newly-unsealed-indictment-charges-ukrainian-national-international-cybercrime-operation

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=Fsz6acw-ZJY
Title: https://www.youtube.com/watch?v=Fsz6acw-ZJ

Search URL Search Domain Scan URL

URL: https://riskybiznews.substack.com/p/raccoon-stealer-dev-didnt-die-in
Title: https://riskybiznews.substack.com/p/raccoon-stealer-dev-didnt-die-in

Search URL Search Domain Scan URL

URL: https://medium.com/s2wblog/raccoon-stealer-is-back-with-a-new-version-5f436e04b20d
Title: https://medium.com/s2wblog/raccoon-stealer-is-back-with-a-new-version-5f436e04b20d

Search URL Search Domain Scan URL

URL: https://blog.avast.com/fakecrack-campaign
Title: https://blog.avast.com/fakecrack-campaign

Search URL Search Domain Scan URL

URL: https://blog.sekoia.io/raccoon-stealer-v2-part-2-in-depth-analysis/
Title: https://blog.sekoia.io/raccoon-stealer-v2-part-2-in-depth-analysis/

Search URL Search Domain Scan URL

URL: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/
Title: https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/3cx-confirms-north-korean-hackers-behind-supply-chain-attack/
Title: https://www.bleepingcomputer.com/news/security/3cx-confirms-north-korean-hackers-behind-supply-chain-attack/

Search URL Search Domain Scan URL

URL: https://www.mandiant.com/resources/blog/3cx-software-supply-chain-compromise
Title: https://www.mandiant.com/resources/blog/3cx-software-supply-chain-compromise

Search URL Search Domain Scan URL

URL: https://www.securityweek.com/cascading-supply-chain-attack-3cx-hacked-after-employee-downloaded-trojanized-app/
Title: https://www.securityweek.com/cascading-supply-chain-attack-3cx-hacked-after-employee-downloaded-trojanized-app/

Search URL Search Domain Scan URL

URL: https://securelist.com/gopuram-backdoor-deployed-through-3cx-supply-chain-attack/109344/
Title: https://securelist.com/gopuram-backdoor-deployed-through-3cx-supply-chain-attack/109344/

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/3cx-hack-caused-by-trading-software-supply-chain-attack/
Title: https://www.bleepingcomputer.com/news/security/3cx-hack-caused-by-trading-software-supply-chain-attack/

Search URL Search Domain Scan URL

URL: https://www.sentinelone.com/blog/smoothoperator-ongoing-campaign-trojanizes-3cx-software-in-software-supply-chain-attack/
Title: https://www.sentinelone.com/blog/smoothoperator-ongoing-campaign-trojanizes-3cx-software-in-software-supply-chain-attack/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/darktrace/

Search URL Search Domain Scan URL

URL: https://twitter.com/Darktrace

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@DarktraceAI/videos

Search URL Search Domain Scan URL

URL: https://darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Title: English

Search URL Search Domain Scan URL

URL: https://fr.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Title: Français

Search URL Search Domain Scan URL

URL: https://it.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Title: Italiano

Search URL Search Domain Scan URL

URL: https://ko.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Title: 한국어

Search URL Search Domain Scan URL

URL: https://ja.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Title: 日本語

Search URL Search Domain Scan URL

URL: https://es.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Title: Español

Search URL Search Domain Scan URL

URL: https://pt-br.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Title: Português Brasileiro

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1703859879&external_user_id=7f5ede60-ab26-4620-94b0-7c0fb49c12d5 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1703859879&external_user_id=7f5ede60-ab26-4620-94b0-7c0fb49c12d5&C=1

Request Chain 86

https://cm.everesttech.net/cm/dd?d_uuid=31350655441127545770446631467335509584 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZJ2UJwAAAI7UbwOJ

Request Chain 103

https://9120626.fls.doubleclick.net/activityi;src=9120626;type=unive0;cat=darkt00;ord=5089008179056;gtm=45fe36s0;auiddc=1645327795.1688048680;u1=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2;~oref=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2 HTTP 302
https://9120626.fls.doubleclick.net/activityi;dc_pre=CNuhv6_X6P8CFW1Ewgod5oQEPw;src=9120626;type=unive0;cat=darkt00;ord=5089008179056;gtm=45fe36s0;auiddc=1645327795.1688048680;u1=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2;~oref=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Request Chain 107

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1688048679885&url=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1688048679885&url=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D67174%26time%3D1688048679885%26url%3Dhttps%253A%252F%252Fde.darktrace.com%252Fblog%252Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1688048679885&url=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1688048679885&url=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2&cookiesTest=true&liSync=true&e_ipv6=AQL8LFAj4RVIwwAAAYkHir_XbjEcM-dRIstj7SmuiSuW6rU2m0DK181ahCi3rURnH61YYZDo

162 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2 Show response
de.darktrace.com/blog/ 234 KB
60 KB 5935ms
5839ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Resource Hash

ed15a1528e5e36c63430e28039add93e9059dd946f0541efb2f5f3345551073f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
content-encoding: gzip
content-language: de
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Thu, 29 Jun 2023 14:24:38 GMT
link: <https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2>; rel="canonical"
processed-by: Weglot
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding,x-wf-forwarded-proto
weglot-translated: true
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-cluster-name: eu-west-1-prod-hosting-red
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-hw: 1688048672.cds115.am5.hn,1688048678.cds115.am5.sl
x-lambda-id: dfef7396-bc1d-4edc-9c15-d223963b3a95
x-request-id: 3109b670-c87b-48d6-8c7c-0cb7f0a6b436
x-served-by: cache-iad-kiad7000165-IAD, cache-dub4323-DUB
x-timer: S1688048673.795536,VS0,VE4898

GET
H2 200 web-phoenix.5978ff634.min.css
assets-global.website-files.com/626ff19cdd07d1258d49238d/css/ 488 KB
90 KB 180ms
49ms Stylesheet
text/css 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.5978ff634.min.css
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 69db68c0e734f6f16080634b31af09e235a8520d068e65f984303de943e02297

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 11:14:18 GMT
content-encoding: gzip
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
x-amz-version-id: QVqRadPLy.SVj.4t4twMfki8zn_C.V7R
age: 11421
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 91821
last-modified: Thu, 29 Jun 2023 11:14:02 GMT
server: AmazonS3
etag: "6b49daa48af78a4e79cbb16711b572dd"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: akHDMvPQmUpPC67BpZs5Q79UIHODWEwb4WtOIGCsYMKYbF11VlUZiw==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
876 B 190ms
67ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a678c4996f3af19954605ff0cbb95c2a1880c522da930831c8d20c08a101ac62

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 554
x-xss-protection: 1; mode=block
expires: Thu, 29 Jun 2023 14:24:38 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 115ms
47ms Script
application/javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffc79feebdfe105c3de8840c2a5814b3fae59d3529463fdf9329080967ed92ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Jun 2023 14:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ss3gfiwT9vXTSvNlfc+4JQ==
age: 74307
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6820
x-ms-lease-status: unlocked
last-modified: Mon, 26 Jun 2023 18:15:29 GMT
server: cloudflare
etag: 0x8DB7671529D7907
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f7f39f14-f01e-0180-5767-a83d19000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7deed58f2d951911-FRA

GET
H2 200 launch-581b2cfa7858.min.js Show response
assets.adobedtm.com/ea4e25aa0549/f752722fa920/ 154 KB
47 KB 147ms
32ms Script
application/x-javascript 2a02:26f0:480:994::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:994::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 5560a2f9b290ae957e4c008304b3b1debcce91b98f0764325c728710eec87083

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:38 GMT
content-encoding: gzip
last-modified: Thu, 29 Jun 2023 09:07:47 GMT
server: AkamaiNetStorage
etag: "3bee43625b62167bb7263cde941574cd:1688029667.963463"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://de.darktrace.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 47722
expires: Thu, 29 Jun 2023 15:24:38 GMT

GET
H2 200 25522132.js Show response
js-eu1.hs-scripts.com/ 1 KB
1 KB 217ms
107ms Script
application/javascript 172.65.208.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-scripts.com/25522132.js
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9b978e6a495d41423a108c5549eb494e14468746baa73c017ceede0e44cff83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:38 GMT
content-encoding: br
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 02bc884f-26d2-4106-b0a0-029ad9984a03
x-envoy-upstream-service-time: 53
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 02bc884f-26d2-4106-b0a0-029ad9984a03
last-modified: Thu, 29 Jun 2023 14:16:57 GMT
server: cloudflare
x-trace: 2B98C88A894ADC5CB1A1B5705218596C4178B5F182000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://de.darktrace.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=30
access-control-allow-credentials: true
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-6568b767df-spplh
cf-ray: 7deed591489d9b49-FRA

GET
H2 200 weglot.min.js Show response
cdn.weglot.com/ 105 KB
37 KB 138ms
41ms Script
application/javascript 2600:9000:2249:1600:1:28b3:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.weglot.com/weglot.min.js
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2249:1600:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7264058fd5d16c3e494ead87aa4fe7addd3fd50f62c540fcbcf69da9e8720ebf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 72901e1a1a6af8228b948e1ec3586ace.cloudfront.net (CloudFront)
date: Thu, 29 Jun 2023 14:23:01 GMT
last-modified: Wed, 21 Jun 2023 10:33:43 GMT
server: AmazonS3
x-amz-cf-pop: MXP63-P4
age: 98
etag: W/"fb67683ee7d20126b3597a80ff43162f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
x-amz-cf-id: jMDzPX64TWCazFdgllbBK_0webiTtSnZ0DFD3F3wAeuPTAjEfcnkxw==

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.13.2/themes/base/ 35 KB
8 KB 111ms
33ms Stylesheet
text/css 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.13.2/themes/base/jquery-ui.css
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: c8c2157918c9fed0bb9dcc56c96b52dc7af70b05ca0228e467eaf91777751ad7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:38 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-8d03"
vary: Accept-Encoding
x-hw: 1688048678.dop227.am5.t,1688048678.cds232.am5.hn,1688048678.cds003.am5.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 8356

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 116ms
38ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:38 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1688048678.dop227.am5.t,1688048678.cds232.am5.hn,1688048678.cds007.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 socialshare.js Show response
cdn.jsdelivr.net/npm/@finsweet/attributes-socialshare@1/ 9 KB
4 KB 115ms
28ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@finsweet/attributes-socialshare@1/socialshare.js

Requested by

Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

eafd7e17be354753ca120ef03d28aa45a37c423e89e9f2602e8fd5a24400f150

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 29 Jun 2023 14:24:38 GMT
x-content-type-options: nosniff
content-encoding: br
age: 9183
x-jsd-version: 1.3.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3619
x-served-by: cache-fra-eddf8230105-FRA
x-jsd-version-type: version
etag: W/"2385-rwl9CAsmlk954AGumYBzecK5wJE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 62c4e22e866dec1fe2712cb3_Darktrace%20Logo%20B%3AO%20-%20Vector.svg
assets-global.website-files.com/626ff19cdd07d1258d49238d/ 8 KB
3 KB 61ms
44ms Image
image/svg+xml 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/62c4e22e866dec1fe2712cb3_Darktrace%20Logo%20B%3AO%20-%20Vector.svg
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef6b6ed623b9789747d2e491b3ad692793d461be2f27bdf0c531b2d953fa670d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 05:57:25 GMT
x-amz-version-id: U3NyuUAtCMgfEVbn9mSuYAOoErDsuB9M
content-encoding: gzip
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 14027234
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 06 Jul 2022 01:15:27 GMT
server: AmazonS3
etag: W/"c34059ce90d8a25cb81c8342bac3caad"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: 3n8ygE_YC1KumAHRGlgYybakfMnWhO-aavtr1b72pqRHJVg56S_G5Q==

GET
H2 200 62c4e24dc156cb0b0f553f00_Darktrace%20Logo%20W%3AO%20-%20Vector.svg
assets-global.website-files.com/626ff19cdd07d1258d49238d/ 4 KB
2 KB 62ms
45ms Image
image/svg+xml 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/62c4e24dc156cb0b0f553f00_Darktrace%20Logo%20W%3AO%20-%20Vector.svg
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb569f6cb17f458762401b465a42bef12e5d53c5159fe280fdeebce485918f15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 08:19:27 GMT
x-amz-version-id: atk2MPCHNIcTHrkcjIHBKdHEDkFTRJJf
content-encoding: gzip
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 14709912
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 06 Jul 2022 01:15:59 GMT
server: AmazonS3
etag: W/"5991991ddb298b4d5a41b64e945abc05"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: WbSe0GC313L2LVtZdf-t9B4_DYdH1AQb71cBuq9-ryB2CkeKgTJBWg==

GET
H2 200 636a6f9e66ad3177c6607d2b_R2%201.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 59 KB
60 KB 75ms
59ms Image
image/png 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/636a6f9e66ad3177c6607d2b_R2%201.png
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8dcea064f42cc64fdaedef160828d1d67a15445d4c71330e02216cd5e33fbc08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 08 May 2023 01:49:07 GMT
x-amz-version-id: Kwv_PT.cb.y14TU3l7XMWnptfcK3kNSm
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 4538132
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 60550
last-modified: Tue, 08 Nov 2022 16:20:57 GMT
server: AmazonS3
etag: "4a6fdc486e5f45301d3a6c0744aef999"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 3IU9SVjgQ9kyvfaUqAw93j-IXiXp7tDKdPrsIovwNrX-0X3aIsbfuw==

GET
H2 200 636a6fb1d3363ebdad14d1cf_R2%202.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 67 KB
67 KB 84ms
68ms Image
image/png 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/636a6fb1d3363ebdad14d1cf_R2%202.png
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3aeb80f1a8079225ec23fb8c2146912e0c5388d0fb51835c41c619bc52bf42ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 27 May 2023 10:27:35 GMT
x-amz-version-id: 52uiL3j0EhO8W4iuY7bo3JuEBqHoL9ZO
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 2865424
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 68112
last-modified: Tue, 08 Nov 2022 16:21:13 GMT
server: AmazonS3
etag: "c1229a6e2bf96bf8277c647d64c34b55"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: cNIluHWxf2p08_S5l2QZtkZcBb16QXy2vs1KZhI5taQ3CMsCpn0j-A==

GET
H2 200 636a6fc291e958f40d858d4f_R2%203.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 71 KB
72 KB 63ms
47ms Image
image/png 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/636a6fc291e958f40d858d4f_R2%203.png
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 858b9641acb71b5463d69f74a7fc85c0183102bd836ca47c76c5e729d8da33d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 07:03:31 GMT
x-amz-version-id: ydiJj_N0Kb0z5TterPt28mgqzUYqUfEV
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 2100068
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 72719
last-modified: Tue, 08 Nov 2022 16:21:28 GMT
server: AmazonS3
etag: "da276450dc4663b058ca5cea8fa6f33d"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: s61NAzK1c9FUq_iWCq3nBoUyPArrPBbCmlJOd4sTyrJSmQIcfrFcoA==

GET
H2 200 636a82333d7b9730a82babe3_Figure%204.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 231 KB
231 KB 102ms
85ms Image
image/png 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/636a82333d7b9730a82babe3_Figure%204.png
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8b79e968df0f74cd51d569a2b75ffe7474f91fc221de749e01fe7663c328bce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 09:35:42 GMT
x-amz-version-id: _UvNZry5Ojvt88.DMR5j6CpxyxHw2PVc
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 2350137
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 236269
last-modified: Tue, 08 Nov 2022 16:22:13 GMT
server: AmazonS3
etag: "40f4a75b20bcb8f2a78a58b65ac25aad"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: ZEaHq1j0BV8fZeq9kToJR8a54zP3C-r3kTnI3WSmgho84cyBx8_Yjg==

GET
H2 200 636a8246e251209289da308f_Figure%205.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 33 KB
34 KB 95ms
79ms Image
image/png 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/636a8246e251209289da308f_Figure%205.png
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e8fb1edd4e6ac76dbb05bba77c54c77671bb00143b7dabf92bf3edf996fb595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 29 May 2023 14:12:10 GMT
x-amz-version-id: kuYcWbqxCsX8IMnQ3U7vZTQJyrwDNnco
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 2679148
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 34291
last-modified: Tue, 08 Nov 2022 16:22:31 GMT
server: AmazonS3
etag: "b3faf385b6de56eb199739076ce5843f"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 7lN5apTj0L_KJTo24j9Z6uPvjpjsURUYSsgPSVGkUZXlQvCc71HZkw==

GET
H2 200 636a8251a5916fcf7f9dbfe6_Figure%206.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 34 KB
34 KB 90ms
74ms Image
image/png 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/636a8251a5916fcf7f9dbfe6_Figure%206.png
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 868c6354c19c6bf06c6f879f94ba1498579c60b1283d44dfe9c056211494e7ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 24 May 2023 15:38:08 GMT
x-amz-version-id: ZVrM8AEVhLdrQ9pbPOLjO7s2sbJe4K8O
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 3105991
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 34592
last-modified: Tue, 08 Nov 2022 16:22:43 GMT
server: AmazonS3
etag: "abec61d4391dda3d97e8e41fd79a3f98"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: V-pJ-BSz_bfqy7CCSY3agfiuf3xkUxJiXLQ8oLI1JsJJvra3--CSgg==

GET
H2 200 636a8260cf49e75b67cd4fc4_Figure%207.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 34 KB
35 KB 123ms
107ms Image
image/png 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/636a8260cf49e75b67cd4fc4_Figure%207.png
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 889d1f642f074226934ed8675283fe04bc4aa7810b528f71b6ff9fd93b8f0b0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 07:11:38 GMT
x-amz-version-id: v8fkKpMwiaOrGdSEZLjm5.pnKN9wmObX
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 2445181
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35020
last-modified: Tue, 08 Nov 2022 16:22:57 GMT
server: AmazonS3
etag: "0bf1b74bade233e30337172a952a7897"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: vrF1a9h0JlDSRTPCYCYCjTE-bVHIFiHHEBM8LVOnWbif7dDZhmTGJg==

GET
H2 200 636a827c61e0e48686f8bcfd_Figure%208.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 327 KB
328 KB 126ms
110ms Image
image/png 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/636a827c61e0e48686f8bcfd_Figure%208.png
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a36db0362a5e9d292bbdf29f863546f2890efb7416068417ca7b11f00fc30b8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 29 May 2023 14:10:06 GMT
x-amz-version-id: uNjXx_duQLpZvFbGf0MRDSHp1W5zxNDF
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 2679272
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 335292
last-modified: Tue, 08 Nov 2022 16:23:25 GMT
server: AmazonS3
etag: "fd5b8eb061fa89fc31f0c104ff1e913e"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: cnDFAMyR-Ho2SgwRx6ohLtFKc8I7qRClk8ES-QDDVSHR25u25uhqyA==

GET
H2 200 636a828b56178743e7279944_Figure%209.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 158 KB
158 KB 145ms
130ms Image
image/png 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/636a828b56178743e7279944_Figure%209.png
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b12db669cf3a559b812931dc1c37d4fc8aa8e33077cc410d22f3fe30a8cd466

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 17:17:12 GMT
x-amz-version-id: IhITCQCRQPXlyHkQmH725qRqUVFQmo4V
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 335247
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 161576
last-modified: Tue, 08 Nov 2022 16:23:41 GMT
server: AmazonS3
etag: "8f0757d9c2d699db316cbc9aa2466cf4"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 5CuxnnNhYx5PhvgUQPvqu_yZ8wjqfy9X_ZOWTq_xYJ-6y65K8T0khw==

GET
H2 200 636a829939b40c15cfde75c4_Figure%2010.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 204 KB
205 KB 153ms
138ms Image
image/png 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/636a829939b40c15cfde75c4_Figure%2010.png
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 412e086400741907bbf4dd6a656b651ca220ebea9970278930fccfa7328b20c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 24 May 2023 15:38:09 GMT
x-amz-version-id: PqL5sGE24FS3g6mPRrRTF6jHWk.M_zBK
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 3105990
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 209393
last-modified: Tue, 08 Nov 2022 16:23:54 GMT
server: AmazonS3
etag: "252d315633a286a5b0773f5a14d34f73"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: e5IG5tyziQ6CJ9ExlRYlpeHGI91Ep6mUyEjnN759ujTwjLIoV-6Ptg==

GET
H2 200 636a82b4faeb1225f55b2c7a_Figure%2011.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 554 KB
555 KB 173ms
158ms Image
image/png 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/636a82b4faeb1225f55b2c7a_Figure%2011.png
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf2f96e668062701f4fa1528d8abcf800b14885d56701aa9e4b4cbf01c1215aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 17:17:12 GMT
x-amz-version-id: Q50J9w9RjyvTohSsGAuLana2EVlG86Kh
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 335247
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 567475
last-modified: Tue, 08 Nov 2022 16:24:21 GMT
server: AmazonS3
etag: "e914954cc5ec5ebf83a560fb5bb86424"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 7RjbTnMzx35QXGCEG_3mry0YVbqz2wp6A1shXAG8DQTSYuTYip5O-g==

GET
H2 200 636a82c44db971667c4b0e90_Figure%2012.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 272 KB
273 KB 174ms
158ms Image
image/png 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/636a82c44db971667c4b0e90_Figure%2012.png
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 163a54a4c369a3b52b445847e397af3df73583c92f3bc2ed61f3773d729f41a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 24 May 2023 14:58:01 GMT
x-amz-version-id: Ps3CU9AEtjlJ_v.rEGoHppzsGw638oFc
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 3108398
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 278920
last-modified: Tue, 08 Nov 2022 16:24:37 GMT
server: AmazonS3
etag: "de5e42606fa9aec4f92ce312c0403d6f"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 1uYgUDgSN39DNPvmHsCQeRYv1yKtkBNACNuI9_MXTeCp7US14LlS6A==

GET
H2 200 636a82d20901c9302a036cc4_Figure%2013.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 468 KB
469 KB 164ms
148ms Image
image/png 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/636a82d20901c9302a036cc4_Figure%2013.png
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cb68f573a69f12ac22b656de23d0efcb5eb9505eeba1d579112b730151cdc2c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 29 May 2023 14:10:06 GMT
x-amz-version-id: mzEAbpKNmEwQLf3oSPU4K8.XY4yMXbWU
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 2679273
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 478867
last-modified: Tue, 08 Nov 2022 16:24:51 GMT
server: AmazonS3
etag: "084df4beb724d480b02dc1a1d4abc2cc"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: ZQvMGZnqMdc6SUGl3PixKIl4TRXOGVIyuULpfoQNptOpj3bm2o21Tg==

GET
H2 200 636a82e0bdee08508d202e8e_Figure%2014.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 186 KB
187 KB 174ms
159ms Image
image/png 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/636a82e0bdee08508d202e8e_Figure%2014.png
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26faad62422049b4c91af4247cb57c76c08edd5283c89aadbfa5f06d41fa90e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 29 May 2023 14:10:06 GMT
x-amz-version-id: 6ntBkcyihakHPZJ2T1Lp9wEYaf5iCa8c
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 2679273
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 190914
last-modified: Tue, 08 Nov 2022 16:25:05 GMT
server: AmazonS3
etag: "2e80ce27f20121bc4c600fe37c460ba1"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: LLzpiNxEvQ0316wcSeBqA-qOnsQNRUFMDHFGr3YF4bS4p4jXLErH6g==

GET
H2 200 636a8315a287f5bf948b424e_Figure%2015.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 268 KB
269 KB 174ms
159ms Image
image/png 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/636a8315a287f5bf948b424e_Figure%2015.png
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43c2b937d200a8e16791e93a6f369388c9c83fba2d238147d73da36cc749f028

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 09:35:42 GMT
x-amz-version-id: uumiKkET9NaGTnvNH1Ed4BmWlg3DMzD8
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 2350137
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 274293
last-modified: Tue, 08 Nov 2022 16:25:59 GMT
server: AmazonS3
etag: "403919ec2e1b57ad0eebb31924770e98"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: lSuImvOwyMhUzC5ga3z4JVv99pROop8oHd3qToihtsPB7H-7mz0iIw==

GET
H2 200 636a832bfaeb123d145b3c61_Figure%2016.png
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 213 KB
213 KB 174ms
159ms Image
image/png 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/636a832bfaeb123d145b3c61_Figure%2016.png
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06433d685c68e0346ea00a414010af610a2a0e865203e2584607dbc0389f8984

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 07:07:06 GMT
x-amz-version-id: JJEp6X.ba4chnYt_0IP1VzcP5n9lgT9P
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 1495053
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 217933
last-modified: Tue, 08 Nov 2022 16:26:21 GMT
server: AmazonS3
etag: "7722ea55cf8ed91b21bb88608b04de07"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: LSNoFFDtCp4pzbW89Zs_2usVeVNQciPjdlvPPKncdMOORTpC9jwS4w==

GET
H2 200 6439504aac7642d452f73227_Orrange%20Arrow.svg
assets-global.website-files.com/626ff19cdd07d1258d49238d/ 515 B
972 B 173ms
158ms Image
image/svg+xml 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/6439504aac7642d452f73227_Orrange%20Arrow.svg
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4132d7151489539efda9fcd764f395c17bcf6d28f2b77787ea49d2acaf987c9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 03 May 2023 17:21:14 GMT
x-amz-version-id: EsH5slD6K9c8haLetnad.x967jb3Dp0C
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 4914204
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 515
last-modified: Fri, 14 Apr 2023 13:08:27 GMT
server: AmazonS3
etag: "dbf50e460599d6583e104fddeb06617d"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 79rO4uHF29H4XAKOe1u25n17__rz9Q7jleAA3bQHVNqprINQYWJn0g==

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
30 KB 174ms
49ms Script
application/javascript 3.161.127.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=626ff19cdd07d1258d49238d
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.127.194 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-127-194.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://de.darktrace.com/
Origin: https://de.darktrace.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 04:22:57 GMT
content-encoding: br
via: 1.1 13afb8e7aed9ddd5edded864e5dbc878.cloudfront.net (CloudFront)
age: 36108
x-amz-cf-pop: VIE50-P2
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: KguMH2Zul2dhU0riVHCDveGkN23g804sWfahj7EyF5OOnAetTjgeqA==

GET
H2 200 web-phoenix.63e4e7006.js Show response
assets-global.website-files.com/626ff19cdd07d1258d49238d/js/ 2 MB
220 KB 48ms
47ms Script
text/javascript 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/js/web-phoenix.63e4e7006.js
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a74e3777aa608aa74d3f80ed1bf8d9981b6879714a1cb4023e9949512b5c58e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: Zw6_pfsM64.p5uESWnlr8f07wlIATQ4c
content-encoding: gzip
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
date: Thu, 29 Jun 2023 13:25:37 GMT
age: 3542
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 224580
last-modified: Wed, 28 Jun 2023 13:54:15 GMT
server: AmazonS3
etag: "dc13d878135bc6fa7eda1b5509c93cb8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 71Iqyh2hK0TkNhEeuePi-yVghv-Zju3uHAOb-2ol3t7__FPZdt2P8A==

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.13.2/ 249 KB
66 KB 37ms
33ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.13.2/jquery-ui.min.js
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:38 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-3e46c"
vary: Accept-Encoding
x-hw: 1688048678.dop227.am5.t,1688048678.cds232.am5.hn,1688048678.cds256.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67628

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.4/ 69 KB
25 KB 112ms
39ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.4/gsap.min.js

Requested by

Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b36764faf17f2803c4ef3a5ea18b0187dc9ae66b13ec253c71ddb3178d2ccf52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1976522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25169
last-modified: Thu, 22 Dec 2022 06:00:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63a3f27f-6251"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2s9YKVimxZly9GtLuhMGoqY0WKOA0uefDHbffxg39tAmgQoS1JH%2F2TBf31tgUP3098c%2FrffRqT4J4UVHYsAUn1J1lkEeJ%2FppPzP6Xm6H%2FXM6PqDHvoXoIbtHOQBas4%2FwZYE5P%2FNb%2BCUV9cAZ2oUdTJp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7deed5910a419134-FRA
expires: Tue, 18 Jun 2024 14:24:38 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ 430 KB
173 KB 194ms
58ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://de.darktrace.com/
Origin: https://de.darktrace.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 21:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 21:08:38 GMT

GET
H2 200 20244352-54bc-40a3-80e3-0daa9d221c87.json Show response
cdn.cookielaw.org/consent/20244352-54bc-40a3-80e3-0daa9d221c87/ 6 KB
3 KB 111ms
45ms XHR
application/x-javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/20244352-54bc-40a3-80e3-0daa9d221c87/20244352-54bc-40a3-80e3-0daa9d221c87.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ed951ca234a2aae2ddef8ef3167b9c632c4581f8c44903934c3113507c4c840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Jun 2023 14:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 24603
content-md5: O32+igPEVrnpWERNPp4ZoQ==
content-length: 2032
x-ms-lease-status: unlocked
last-modified: Wed, 17 May 2023 08:45:55 GMT
server: cloudflare
etag: 0x8DB56B321096755
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: df28b31f-b01e-0140-659c-88b75d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7deed590ed883730-FRA
expires: Fri, 30 Jun 2023 14:24:38 GMT

GET
H2 200 234baeaaccaa2f09e0dc6c004f571bbd6.json Show response
cdn.weglot.com/projects-settings/ 3 KB
1 KB 146ms
71ms Fetch
application/json 2600:9000:2249:1600:1:28b3:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.weglot.com/projects-settings/234baeaaccaa2f09e0dc6c004f571bbd6.json
Requested by: Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2249:1600:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ec24ee0f8d876759e7fe32ef7797aa41a356684070785e6d94fb3370cd6601f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:12:36 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 28 Jun 2023 08:04:12 GMT
server: AmazonS3
via: 1.1 29373b9bd21dbfdb73f410724bfb6328.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P4
etag: W/"5034db35851621694b628211ffb7967d"
age: 723
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: wcATYNab_YJvzbEzL8MtcpVhqjfZ57Hn1Nt1OyM6YX6_h_OEh03XRA==

GET
H2 200 20cb0107a53f0895.min.js Show response
tag.demandbase.com/ 144 KB
30 KB 114ms
34ms Script
application/javascript 108.138.17.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/20cb0107a53f0895.min.js

Requested by

Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-72.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0fffc2b097e07cb45ce8ad4f803f382ddada12ac833ffe7647047eb933d4bfee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: CT_wI4nYHP2WEtdGgr6XhYYWi.0ssb0P
content-encoding: gzip
via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
date: Thu, 29 Jun 2023 14:21:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P7
age: 548
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 26 Jun 2023 22:16:45 GMT
server: AmazonS3
etag: W/"dab91b0f3a7db59c62a38d16408fa67c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: JeeWLLUbxy7B5SvgKKQ4755HY-lSoQWWskYM85FJHBao9B5CAZIL3Q==

GET
H2 200 /
ir.darktrace.com/ 0
0 201ms
107ms Other
text/html 104.17.114.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ir.darktrace.com/
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.114.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 resources
de.darktrace.com/ 0
66 KB 576ms
571ms Other
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://de.darktrace.com/resources

Requested by

Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

processed-by: Weglot
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
date: Thu, 29 Jun 2023 14:24:39 GMT
content-encoding: gzip
age: 5026
x-cache: MISS, HIT
x-cluster-name: eu-west-1-prod-hosting-red
weglot-cached-translations: true
x-request-id: e78c4ef8-45f8-4bf7-bf8e-192341894063
x-served-by: cache-iad-kjyo7100119-IAD, cache-dub4325-DUB
x-timer: S1688048679.581994,VS0,VE5
x-lambda-id: 1947c7e6-adda-4a43-b8f9-3742b30e270b
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,x-wf-forwarded-proto
content-type: text/html
content-language: de
x-hw: 1688048678.cds115.am5.hn,1688048679.cds115.am5.sl
weglot-translated: true
accept-ranges: bytes
link: <https://de.darktrace.com/resources>; rel="canonical"
x-cache-hits: 0, 1

GET
H2 200 647db7ac0e044a9ddac74279_631f476ebfd2671286096dad_Cullman.jpeg
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 1 MB
1 MB 168ms
167ms Image
image/jpeg 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/647db7ac0e044a9ddac74279_631f476ebfd2671286096dad_Cullman.jpeg
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cbb1fa406c6d27851d47286a24a41cd63c87edefea475cce47b1e717129dd5e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: TlH5Yzdiew1RqSnChASwU4HT1snY3F1L
date: Thu, 29 Jun 2023 14:24:38 GMT
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 7445
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1251975
last-modified: Mon, 05 Jun 2023 10:31:04 GMT
server: AmazonS3
etag: "9dbafcbc028f21a1541c2e4db32c4751"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: RA3v9caeYqLibbH-yLA4SBSVgtkCQoF-nN5g8TrmKy2eHJZeFEfKgw==

GET
H2 200 647db7b75b4dee56582a4738_64303af4ab67bd208ac93852_Strengthening-Security-Posture.webp
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 164 KB
165 KB 168ms
167ms Image
image/webp 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/647db7b75b4dee56582a4738_64303af4ab67bd208ac93852_Strengthening-Security-Posture.webp
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75ebb64b00eb8642d1df4c751f904e2e163d6f9a391d5c1482cd54c014689a12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: gPfzIOJPkSqs94gUzke_pgw3rfBcqtuL
date: Thu, 29 Jun 2023 14:24:38 GMT
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 46093
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 168170
last-modified: Mon, 05 Jun 2023 10:31:11 GMT
server: AmazonS3
etag: "602cd34f03217ad72e9c4c3914289dc0"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: dCJK9VIkjQJYvqGndCfUjKZEuh46D6VCJkA3j8LU0b63dLnNZ_bzdQ==

GET
H2 200 649b0c8f87f7fe5316a46abc_649aad021b3f375a9c9729c6_GettyImages-1400563623.webp
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 61 KB
62 KB 147ms
145ms Image
image/webp 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/649b0c8f87f7fe5316a46abc_649aad021b3f375a9c9729c6_GettyImages-1400563623.webp
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5585cea846413e0da1c97100ab327c7517a073b49e810db1d5300c2dd5ea9e6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 16:32:13 GMT
x-amz-version-id: jHMOh2.3iy1SAm645sizai5_OV.NseSP
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 165146
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 62946
last-modified: Tue, 27 Jun 2023 16:21:38 GMT
server: AmazonS3
etag: "45fb19a4d2328031600d00ddcb893b0e"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: SpxpFyR_PJlWlfJ72EjkzUzucc4t708U3FyzofJpPAJV-thrLqzL3A==

GET
H2 200 649b0ce3b1a9d149c5174bff_649aad02d143c3697ba7ed9c_GettyImages-1175464498.webp
assets-global.website-files.com/626ff4d25aca2edf4325ff97/ 161 KB
161 KB 147ms
146ms Image
image/webp 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff4d25aca2edf4325ff97/649b0ce3b1a9d149c5174bff_649aad02d143c3697ba7ed9c_GettyImages-1175464498.webp
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f9cd239bffac3772d5d13211793dd51325889c8493e493a2b14e8ae63b065f9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 16:32:17 GMT
x-amz-version-id: 6mqfYGniDaTHK6tkIpR._7dsftZsagMx
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 165142
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 164480
last-modified: Tue, 27 Jun 2023 16:23:01 GMT
server: AmazonS3
etag: "a9820bb5d18eac3cae42ebe3ec3c9346"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: LdvG0gARX10sdnPZfG6j5Veb1qel5D4Oh2_nhoxlFnTV3cba0lnAEQ==

GET
H2 200 6411aa96cb32ec1f5fcb7bac_Primary%20CTA%204.webp
assets-global.website-files.com/626ff19cdd07d1258d49238d/ 82 KB
83 KB 142ms
142ms Image
image/webp 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/6411aa96cb32ec1f5fcb7bac_Primary%20CTA%204.webp
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.5978ff634.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35554656118ced47368a42899d05e4449d1b7583a8f45851baa58f88debc9bf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.5978ff634.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 01:48:17 GMT
x-amz-version-id: TMsl_ozp.N89vHlK2cE2laBz_RYI9tQt
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 45382
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 84336
last-modified: Wed, 15 Mar 2023 11:23:45 GMT
server: AmazonS3
etag: "c163a21b325f21772c0d432ae780ad7a"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: m1DLXRiEuIlJ_YQ2kF3ADWyOdzsut2uFobMryV4DsQqJKkVBojruxA==

GET
H2 200 62aa2f88b8c0342cb0b7fbef_TypeType%20-%20TT%20Interphases%20Pro%20Regular.ttf
assets.website-files.com/626ff19cdd07d1258d49238d/ 136 KB
67 KB 151ms
47ms Font
application/x-font-ttf 2600:9000:219c:5e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/626ff19cdd07d1258d49238d/62aa2f88b8c0342cb0b7fbef_TypeType%20-%20TT%20Interphases%20Pro%20Regular.ttf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.5978ff634.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:5e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6fd219289d32bb4cdc8e8831a6f56c5cc0e4246f324bb598277e0c9036753d4

Request headers

Referer: https://assets-global.website-files.com/
Origin: https://de.darktrace.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 19 May 2023 08:27:50 GMT
x-amz-version-id: pdAuGtTsh6vh4TYRUxRutxs_j7OuOOpJ
content-encoding: gzip
via: 1.1 ef7ace463c0659c94b8e007b4dc9ae9a.cloudfront.net (CloudFront)
age: 3563809
x-amz-cf-pop: CDG3-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 15 Jun 2022 19:35:09 GMT
server: AmazonS3
etag: W/"c1b8cbcc934aea3e53c8fc4904d8060d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: n4BaayeyLA5rxXc52h4hmKcJp8Nygoo2RvZ9nCUlO6S-rh7NBJaSWg==

GET
H2 200 62aa2f9a73505602c43cdef2_TypeType%20-%20TT%20Interphases%20Pro%20Bold.ttf
assets.website-files.com/626ff19cdd07d1258d49238d/ 135 KB
64 KB 271ms
170ms Font
application/x-font-ttf 2600:9000:219c:5e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/626ff19cdd07d1258d49238d/62aa2f9a73505602c43cdef2_TypeType%20-%20TT%20Interphases%20Pro%20Bold.ttf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.5978ff634.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:5e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: adecd63acc4782d7f6bea59bda9e02bfcc6f90ed14ace7f83e06c6c814b58e2a

Request headers

Referer: https://assets-global.website-files.com/
Origin: https://de.darktrace.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 07:55:56 GMT
x-amz-version-id: w8aES_2JIQeWMFtSaIseSTPNz4Sh5jKS
content-encoding: br
via: 1.1 ef7ace463c0659c94b8e007b4dc9ae9a.cloudfront.net (CloudFront)
age: 7194523
x-amz-cf-pop: CDG3-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 15 Jun 2022 19:33:53 GMT
server: AmazonS3
etag: W/"a2975bcd95ef12e21b2c7596dfb5828d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: MlF3SiBvziGC-LWP9TjqJbmPJ_lX3iV25lPXQHxst4MlOjswfqh0gw==

GET
H2 200 62acf31df96e161165588832_StyreneA-Light.otf
assets.website-files.com/626ff19cdd07d1258d49238d/ 132 KB
132 KB 246ms
146ms Font
application/x-font-otf 2600:9000:219c:5e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/626ff19cdd07d1258d49238d/62acf31df96e161165588832_StyreneA-Light.otf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.5978ff634.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:5e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48979155896cea590bb6085850a98bf7ccb5b48e9761ad03b8e8f671e92c746c

Request headers

Referer: https://assets-global.website-files.com/
Origin: https://de.darktrace.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 11 May 2023 07:25:21 GMT
x-amz-version-id: w8g2iCwLejUBizGiBe150U7KltgEmhWT
via: 1.1 ef7ace463c0659c94b8e007b4dc9ae9a.cloudfront.net (CloudFront)
age: 4258758
x-amz-cf-pop: CDG3-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 134944
last-modified: Fri, 17 Jun 2022 21:33:20 GMT
server: AmazonS3
etag: "08b809329d98100a4607a4cdabe0fdf5"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-otf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: ekkD1l8VZs0kqORCBeCDa9Sp_lX1Jmm5_3ld2hL_JuFoZzVP1gKMPA==

GET
H2 200 62acf31ec1b8a5861008d246_StyreneA-Regular.otf
assets.website-files.com/626ff19cdd07d1258d49238d/ 131 KB
132 KB 196ms
96ms Font
application/x-font-otf 2600:9000:219c:5e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/626ff19cdd07d1258d49238d/62acf31ec1b8a5861008d246_StyreneA-Regular.otf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.5978ff634.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:5e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d282ef9078d7899784c452efef335121768aedc33283ae5b4b4c225e1a176e9

Request headers

Referer: https://assets-global.website-files.com/
Origin: https://de.darktrace.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:04:34 GMT
x-amz-version-id: .yjRckXzzQhPS5NACGbsll3L5bmPRvUS
via: 1.1 ef7ace463c0659c94b8e007b4dc9ae9a.cloudfront.net (CloudFront)
age: 3478805
x-amz-cf-pop: CDG3-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 134580
last-modified: Fri, 17 Jun 2022 21:33:26 GMT
server: AmazonS3
etag: "0513543bda71e03e493a5829a82d5093"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-otf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: xJ8TEs-ob0DQ0Knn35rdqb0pKUXe4cV4xxauDbANh6TM5HY96-QZpA==

GET
H2 200 62acf31d9b121861e37a191e_StyreneA-Bold.otf
assets.website-files.com/626ff19cdd07d1258d49238d/ 139 KB
140 KB 301ms
202ms Font
application/x-font-otf 2600:9000:219c:5e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/626ff19cdd07d1258d49238d/62acf31d9b121861e37a191e_StyreneA-Bold.otf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.5978ff634.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:5e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8887f03d90e75a4a4265a4bb43bf9407297051173a798e6e2e6f4876c68ffe1d

Request headers

Referer: https://assets-global.website-files.com/
Origin: https://de.darktrace.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:05:17 GMT
x-amz-version-id: dvKaGj.A0aZ2J_bsMgTamPlkgyJpWIYD
via: 1.1 ef7ace463c0659c94b8e007b4dc9ae9a.cloudfront.net (CloudFront)
age: 3478762
x-amz-cf-pop: CDG3-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 142736
last-modified: Fri, 17 Jun 2022 21:33:20 GMT
server: AmazonS3
etag: "fae1497ceede8e63582e0eca18d35d58"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-otf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: NRHNMo5o7Dpxjl1B7d4-T6pbccZrtFKU8NN5ohc5y2_MjtwlNU-sKw==

GET
H2 200 62aa2f9cb7cba93307b8e466_TypeType%20-%20TT%20Interphases%20Pro%20Light.ttf
assets.website-files.com/626ff19cdd07d1258d49238d/ 136 KB
66 KB 286ms
187ms Font
application/x-font-ttf 2600:9000:219c:5e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/626ff19cdd07d1258d49238d/62aa2f9cb7cba93307b8e466_TypeType%20-%20TT%20Interphases%20Pro%20Light.ttf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.5978ff634.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:5e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2708bde98da236fca8a23d86312f8f88263bbb724bfd3a1fc1cc82d45b903bd0

Request headers

Referer: https://assets-global.website-files.com/
Origin: https://de.darktrace.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:54:34 GMT
x-amz-version-id: h92c_pwrIc3recOs63YPV7bC1zHAAilf
content-encoding: br
via: 1.1 ef7ace463c0659c94b8e007b4dc9ae9a.cloudfront.net (CloudFront)
age: 4048205
x-amz-cf-pop: CDG3-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 16 Jun 2022 16:59:44 GMT
server: AmazonS3
etag: W/"a3c0be829f4964140bdf55006466ad74"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: 5s0XZHs2Dl3rIQKPh6OxNKhkspNKP5QjC8AkMs-PyxiaYkhmrRiQJQ==

GET
H2 200 62aa2f9b38cc775f4bdc1381_TypeType%20-%20TT%20Interphases%20Pro%20DemiBold.ttf
assets.website-files.com/626ff19cdd07d1258d49238d/ 136 KB
65 KB 279ms
181ms Font
application/x-font-ttf 2600:9000:219c:5e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/626ff19cdd07d1258d49238d/62aa2f9b38cc775f4bdc1381_TypeType%20-%20TT%20Interphases%20Pro%20DemiBold.ttf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.5978ff634.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:5e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79a7d5deff1189cba78946faa0ed6bd78a1c9292cfad4329b208d0be5a045ff7

Request headers

Referer: https://assets-global.website-files.com/
Origin: https://de.darktrace.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 18 May 2023 23:49:18 GMT
x-amz-version-id: 1q.Kipg6KvQuvMwrlLhzKvk3zJ.eCFMs
content-encoding: br
via: 1.1 ef7ace463c0659c94b8e007b4dc9ae9a.cloudfront.net (CloudFront)
age: 3594921
x-amz-cf-pop: CDG3-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Jul 2022 16:04:37 GMT
server: AmazonS3
etag: W/"6e56bc5a25ce4549b6a7580fd047582c"
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: Qko6UlRibXcV67PWsyk7RmdlQsknu68j4XY_9CPndV71a_JXH8oMWw==

GET
H2 200 62aa2f9b9e86c1ca0a28ed0a_TypeType%20-%20TT%20Interphases%20Pro%20Italic.ttf
assets.website-files.com/626ff19cdd07d1258d49238d/ 138 KB
66 KB 292ms
193ms Font
application/x-font-ttf 2600:9000:219c:5e00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/626ff19cdd07d1258d49238d/62aa2f9b9e86c1ca0a28ed0a_TypeType%20-%20TT%20Interphases%20Pro%20Italic.ttf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/css/web-phoenix.5978ff634.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:5e00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 34ad7018726a6090097b8e4fbfec539f043b50f5adc4be96a6601a40fe6831a4

Request headers

Referer: https://assets-global.website-files.com/
Origin: https://de.darktrace.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 13 May 2023 05:42:09 GMT
x-amz-version-id: udmeZaUyI0tFEs.wkEZ5LG2LRcExsEUX
content-encoding: br
via: 1.1 ef7ace463c0659c94b8e007b4dc9ae9a.cloudfront.net (CloudFront)
age: 4092150
x-amz-cf-pop: CDG3-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 15 Jun 2022 19:33:53 GMT
server: AmazonS3
etag: W/"1e8c3d5e9d71cc8458dd57af18da9b86"
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: IE9e3Mx9P0mLjTpi8qFuWtLXYRjZsAMVgJYiOMHjORI4vZS160LfTA==

GET
H2 200 6465ee11484f58b13a613163_Arow%20Desktop.svg
assets-global.website-files.com/626ff19cdd07d1258d49238d/ 551 B
1010 B 125ms
122ms Image
image/svg+xml 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/6465ee11484f58b13a613163_Arow%20Desktop.svg
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17764635f4f70e406ddc60a0e6cbdf246af1c9a49956c6edf88f13a39e1ef53f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 18 May 2023 09:47:36 GMT
x-amz-version-id: Gd8pbU25UzGFBVMemk1P5cPbpr8RimWc
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 3645422
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 551
last-modified: Thu, 18 May 2023 09:21:23 GMT
server: AmazonS3
etag: "d5f42c0ea122d9a614a222735b946165"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: X9RwOkwxhBwDNR6QbQmeuHznEIwVmU-UoJBMNQooRVgkVcsWhsU9rQ==

GET
H2 200 62d845d8a4c357036c43d980_Blog%20Post%20Image.jpg
assets-global.website-files.com/626ff19cdd07d1258d49238d/ 113 KB
113 KB 126ms
124ms Image
image/jpeg 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/62d845d8a4c357036c43d980_Blog%20Post%20Image.jpg
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcd591865677b0c8754082d60e5fbddb3ceee63f563c7362b2800d5f5c84d619

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 16:25:09 GMT
x-amz-version-id: Zg34QEknOZYravmxgrs6muV9quUHuX32
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 14767170
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 115520
last-modified: Wed, 20 Jul 2022 18:13:46 GMT
server: AmazonS3
etag: "961f2d36b0461f573a4db16dd1e5b877"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: GNi0C8MZK8VzRTdjiP1B4vInDdrFMbM8eRhjxJ9HyPTlm_5GsEuTsw==

GET
H2 200 6454d3090c26dacc6d886840_Blog%20Hero%20Deco.svg
assets-global.website-files.com/626ff19cdd07d1258d49238d/ 475 B
934 B 125ms
123ms Image
image/svg+xml 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/6454d3090c26dacc6d886840_Blog%20Hero%20Deco.svg
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 05580beab81991e3bc00c261992d6579a28696fde9eb6e623988bb74fa2e4e97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:23:08 GMT
x-amz-version-id: RaZnocDTNEsNafZTA0Px2yKrOq5VsKuG
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 3902491
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 475
last-modified: Fri, 05 May 2023 09:57:30 GMT
server: AmazonS3
etag: "225587c38d6374e81434a981f1976960"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: yyiKIsDPnz-dHuhrXjdzfBU6BHAvPYX-i9A8ep2_JBztNfIMPCKkaA==

GET
H2 200 6409b2f3f0c862332f902d03_LinkedIn%20Dark.svg
assets-global.website-files.com/626ff19cdd07d1258d49238d/ 670 B
1 KB 127ms
125ms Image
image/svg+xml 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/6409b2f3f0c862332f902d03_LinkedIn%20Dark.svg
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc6e0c4111cd38963ea6b4a56e332b87f188f6785c45065351a7d7b959c31287

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 12:12:27 GMT
x-amz-version-id: a58NbSzcmrrDM3qq8HMvbNJmXiwWvhO1
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 9684732
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 670
last-modified: Thu, 09 Mar 2023 10:20:37 GMT
server: AmazonS3
etag: "c66a503f70a97b74d80b3598fe5cda47"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: xCIbtTEyltV5q5FgYisUKmn9vH6uDqL358aCRUWweqPtwg7GiXwl0g==

GET
H2 200 6409b321f0c8622b95902e5d_Twitter.svg
assets-global.website-files.com/626ff19cdd07d1258d49238d/ 957 B
1 KB 130ms
127ms Image
image/svg+xml 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/6409b321f0c8622b95902e5d_Twitter.svg
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4e86a27453afdeaabf13f8b7a136e816db8d2ccd9241bdcd40c5b90a6fac786

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 12:12:27 GMT
x-amz-version-id: mYulO8gLu1LfAIOLFZqJejgRUFMrB7ZY
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 9684732
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 957
last-modified: Thu, 09 Mar 2023 10:21:22 GMT
server: AmazonS3
etag: "58e8c9864e435e05a0585300a81ffa5e"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: q3eWAavIAjpuO91W3rEuKquW4ePHhPE4NZ3tgN5grRqSSOhPWfPX8g==

GET
H2 200 6409b2f376b5be7e02ad8a6f_Facebook%20Dark.svg
assets-global.website-files.com/626ff19cdd07d1258d49238d/ 469 B
929 B 129ms
128ms Image
image/svg+xml 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/6409b2f376b5be7e02ad8a6f_Facebook%20Dark.svg
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5709c24c903fdd841258a235316578adfc91781ea0d4a408a8cc3425441ec5bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 12:37:21 GMT
x-amz-version-id: zJxc1Q5jm_uENcuo9vhAmlywHXE_4cT8
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 9683238
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 469
last-modified: Thu, 09 Mar 2023 10:20:36 GMT
server: AmazonS3
etag: "83dc56bf7b08efe89c31c5dfa74f1370"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: -Tg4FpdpG2-3Z_y-LxR8hN14Lb0J2mxUH7ABEkKj2x0X6z7YcnSs_w==

GET
H2 200 6409b9fc313f7e63f43415f3_Reddit.svg
assets-global.website-files.com/626ff19cdd07d1258d49238d/ 2 KB
1 KB 127ms
125ms Image
image/svg+xml 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/6409b9fc313f7e63f43415f3_Reddit.svg
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c60aa6cea20713c1b75fa3808d390c54a08a32c80d0582810077552070a44d92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 11:22:57 GMT
x-amz-version-id: jZX8O_4DfTOUnHy2TrTf8XBFJfXX6FoR
content-encoding: br
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age: 9687702
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 09 Mar 2023 10:50:37 GMT
server: AmazonS3
etag: W/"a3d9bb9bad70cfb42a0f0d87b5d4cb6e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: VPHcfFWHxFQTfAJ7Pfx1vef2XWYcK42blztZ_AIsdr8hXkdIxfx2wQ==

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
305 B 109ms
48ms XHR
application/json 2606:4700::6812:1d26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0d734d7b8016f22e077bc1e2d5929c74d5f992e72e28c54daa63f1e9a9ac84b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://de.darktrace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7deed591ceae9107-FRA
access-control-allow-headers: Content-Type

GET
H2 200 sync Show response
s.company-target.com/s/ Frame 1AAA 634 B
978 B 217ms
122ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/20cb0107a53f0895.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e26a854ce6e931f17f339d58f13eb839796acbd7d6c6f78daa9ad357b17556dc

Request headers

Referer: https://de.darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Thu, 29 Jun 2023 14:24:39 GMT
via: 1.1 google

GET
H2 451 464526.gif
id.rlcdn.com/ 0
99 B 107ms
37ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:38 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202304.1.0/ 401 KB
97 KB 37ms
36ms Script
application/javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1114132a79b42ce8e5064f57a1560a3b3f0e1659afc33e4698bab53e1301fbfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Jun 2023 14:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: f9AvZgohx9TU9t078cCRXA==
age: 61187
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99020
x-ms-lease-status: unlocked
last-modified: Thu, 11 May 2023 06:31:14 GMT
server: cloudflare
etag: 0x8DB51E951BA9202
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c1394cd4-d01e-015b-13d8-8399cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7deed5933a2a1911-FRA

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 3 KB
1 KB 164ms
73ms XHR
application/json 13.225.34.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2&page_title=The%20resurgence%20of%20the%20raccoon%3A%20Steps%20of%20a%20Raccoon%20Stealer%20v2%20Infection%20(Part%202)%20%7C%20Darktrace%20Blog
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/20cb0107a53f0895.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.34.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-34-5.cdg3.r.cloudfront.net
Software: nginx /
Resource Hash: 36f8e2f21bb7ea566952ed42cf553cef04e5055510f6ac81d40cb39c9523ba30

Request headers

Referer: https://de.darktrace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 29 Jun 2023 14:24:39 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 a0315f0b67e5f02ccce009ce0a219e88.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
x-cache: Miss from cloudfront
request-id: d8fe30c6-4b57-4e58-8364-6c04286a6e25
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://de.darktrace.com
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nEwaCodtOenI9Z5PgA37nYyHF-ZJPpFQOKs9famR0N4re5WbupV7xQ==
expires: Wed, 28 Jun 2023 14:24:39 GMT

GET
H2 200 weglot.min.css
cdn.weglot.com/ 28 KB
5 KB 37ms
37ms Stylesheet
text/css 2600:9000:2249:1600:1:28b3:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.weglot.com/weglot.min.css?v=4
Requested by: Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2249:1600:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6cbf5b3bbfcd2f23a688b189310c36484be77a86a6a59ab11d2666a255d172d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 10:53:01 GMT
content-encoding: gzip
via: 1.1 72901e1a1a6af8228b948e1ec3586ace.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Wed, 21 Jun 2023 10:37:05 GMT
server: AmazonS3
x-amz-cf-pop: MXP63-P4
age: 99099
etag: W/"396483c84619a8b59a272ec60b4059c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: 8FKtN2P_JWGMGy2KWRWVqL279pdj1lvnT0QhkJEYOFJi8uASGOzT-w==

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 368 B
1 KB 185ms
49ms XHR
application/json 54.195.140.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=4AE530AF633C985D0A495E93%40AdobeOrg&d_nsid=0&ts=1688048679071

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.140.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-140-228.eu-west-1.compute.amazonaws.com

Software

Resource Hash

56de831de7fbe36df97e77f2d0ae0754bb0038bec0db4a2b3d3e427d7d1c99f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://de.darktrace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v050-0ae36bcaa.edge-irl1.demdex.com 5 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: RFyL4q0kTr0=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://de.darktrace.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 310
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 32ms
32ms Script
application/x-javascript 2a02:26f0:480:994::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:994::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:39 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://de.darktrace.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12384
expires: Thu, 29 Jun 2023 15:24:39 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 3 KB
2 KB 37ms
37ms Script
application/x-javascript 2a02:26f0:480:994::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:994::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:39 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://de.darktrace.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1598
expires: Thu, 29 Jun 2023 15:24:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 126 KB
49 KB 201ms
72ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9120626

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f83ea8d23b029e5a8528514f68bff883e9a6bd231271607b473574d4ec47e133

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49959
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Jun 2023 14:24:39 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
773 B 120ms
34ms Script
application/x-javascript 2a02:26f0:3100::1735:28d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:28d2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

42c9d1df23e2f7d82d90b2bd6bab3b5398e81889cb9bde1d4a530acc663c9c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Jun 2023 17:35:57 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=72029
accept-ranges: bytes
content-length: 560

GET
H2 200 banner.js Show response
js-eu1.hs-banner.com/v2/25522132/ 209 KB
64 KB 193ms
65ms Script
text/javascript 172.65.202.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-banner.com/v2/25522132/banner.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25522132.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9d0a36760f8f3ab8d1cd467ed7d0996772c1799ecee7605d0591275648fe481

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:39 GMT
x-amz-version-id: JuzeAJwde6wBFsi9v.QQRUu5f5uasngZ
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: WC8VBZCETHV8XGQA
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 28
x-amz-id-2: eFyPIYKdjGUhCMgNWNzp1lGLyoGCVXnhmwxhwmuXONulr7Z8dVpFw+76+pk2x0L47e7kyAyDGJw=
x-evy-trace-listener: listener_https
x-request-id: 65def0e3-96d7-4daa-b597-dfd2e93d4da5
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 22 Jun 2023 17:00:09 GMT
server: cloudflare
etag: W/"0776caea63791d149f6c806ec76ca378"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://de.darktrace.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-85d65fb994-5xgrz
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7deed5954bdd997b-FRA
expires: Thu, 29 Jun 2023 14:29:39 GMT

GET
H2 200 25522132.js Show response
js-eu1.hs-analytics.net/analytics/1688048400000/ 66 KB
21 KB 190ms
85ms Script
text/javascript 172.65.238.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-analytics.net/analytics/1688048400000/25522132.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25522132.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8dfc73064b909f520f25cd69adb4ae2192485793074f418381cbd080e20341d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:39 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: K450VZBKTYRFTSYN
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: b7dfdf4f-52c8-42d5-a390-682c91a7b092
x-envoy-upstream-service-time: 23
x-amz-id-2: 03iW71f9p+SFrCHBRhWK4nD+ie4Kk6Y+yLAoRJZLicJpbaPvpyB/T3zUPTP+EiEp50dYHzbIUpw=
x-evy-trace-listener: listener_https
x-request-id: b7dfdf4f-52c8-42d5-a390-682c91a7b092
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 15 Jun 2023 14:55:20 GMT
server: cloudflare
etag: W/"0b79bf22ad066b3f512fbd54bd0faabb"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-85d65fb994-hw76q
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7deed5952acf926d-FRA
expires: Thu, 29 Jun 2023 14:29:39 GMT

GET
H2 200 collectedforms.js Show response
js-eu1.hscollectedforms.net/ 69 KB
25 KB 165ms
50ms Script
application/javascript 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hscollectedforms.net/collectedforms.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25522132.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f148a333a7585ab1391cceb303d946f5bf1b38ba6bb8eae863125ccde728bb3

Request headers

Referer: https://de.darktrace.com/
Origin: https://de.darktrace.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:39 GMT
x-amz-version-id: S1jmwKbmrdTaJO._teNI0LpuWSvl4WIJ
via: 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-cf-pop: FRA56-P2
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: f7904dc6-c591-4b11-a056-c97b6179c138
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.378/bundles/project.js&cfRay=7deed5953ce80476-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f7904dc6-c591-4b11-a056-c97b6179c138
last-modified: Tue, 13 Jun 2023 09:45:35 UTC
server: cloudflare
etag: W/"b19afd994dc32a5784e74169cca8128a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-5b45bc9bc5-p7df5
cf-ray: 7deed5953ce80476-FRA
x-amz-cf-id: fEP5ylX2feWJQCQ2wvk9eSG6K4dhl-snRUTZzpIVFYfryBtiS6DIhg==
x-hs-target-asset: collected-forms-embed-js/static-1.378/bundles/project.js

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1AAA
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1703859879&external_user_id=7f5ede60-ab26-4620-94b0-7c0fb49c12d5
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1703859879&external_user_id=7f5ede60-ab26-4620-94b0-7c0fb49c12d5&C=1

43 B
766 B

34ms
34ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1703859879&external_user_id=7f5ede60-ab26-4620-94b0-7c0fb49c12d5&C=1
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 14:24:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 14:24:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=18&expiry=1703859879&external_user_id=7f5ede60-ab26-4620-94b0-7c0fb49c12d5&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 1AAA 43 B
393 B 401ms
131ms Image
image/gif 2600:1f18:612b:4264:debb:60:73cb:4464
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIDM=7f5ede60-ab26-4620-94b0-7c0fb49c12d5
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:debb:60:73cb:4464 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 29 Jun 2023 14:24:39 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 1AAA 0
239 B 130ms
30ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?nid=5578&put=7f5ede60-ab26-4620-94b0-7c0fb49c12d5&v=1181926
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/20244352-54bc-40a3-80e3-0daa9d221c87/06f4eea1-8b01-4e79-8fb6-068228f39f7f/ 48 KB
10 KB 49ms
49ms Fetch
application/x-javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/20244352-54bc-40a3-80e3-0daa9d221c87/06f4eea1-8b01-4e79-8fb6-068228f39f7f/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df5e020a0b03feb2fb9b4dc60259ebc8dd850a0e51140d84ff03c3b6080ada95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Jun 2023 14:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 32116
content-md5: fo5ttQJOfm7lxkr/yDsZGQ==
content-length: 10369
x-ms-lease-status: unlocked
last-modified: Wed, 17 May 2023 08:45:58 GMT
server: cloudflare
etag: 0x8DB56B322B32F42
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 948360e3-a01e-0097-0889-a5bb2f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7deed5952b7f3730-FRA
expires: Fri, 30 Jun 2023 14:24:39 GMT

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
417 B 296ms
212ms XHR
text/html 2600:9000:2247:d800:1d:8d6d:3b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=nEwaCodtOenI9Z5PgA37nYyHF-ZJPpFQOKs9famR0N4re5WbupV7xQ==&api-version=v2
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/20cb0107a53f0895.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2247:d800:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
date: Wed, 28 Jun 2023 21:33:02 GMT
via: 1.1 af09e2fad70f0089517e8c3ed33c1334.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P2
age: 60698
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 0
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: E4AsSCfyEE-0WRn81wumGUxE0XMzIlA6ipfaByvRWi-O6FQcYAVd0A==

GET
DATA 200
OK truncated
/ 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9948ae846979246ddfe993e604739594ce0e7cdfa77657412b9b0090009dcf23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 2BDE 52 KB
29 KB 81ms
78ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kZS5kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=80drc175uiqh

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3d02bb0683c1cfd07d526646fa0248aa3a49d6dd6c3bc2a824eed4d07c8d1d01

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ilYkRltPXBeZSv58jOtpCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://de.darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 29049
content-security-policy: script-src 'report-sample' 'nonce-ilYkRltPXBeZSv58jOtpCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 14:24:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame A0E8 51 KB
28 KB 147ms
146ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kZS5kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=m1d24yc6cmjx

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3d7ef803a29ad883b14ce3f4302eafda5dc19796471ccf37845cefe903e65538

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nKAkFD-ChuDTtl0k510EcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://de.darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28788
content-security-policy: script-src 'report-sample' 'nonce-nKAkFD-ChuDTtl0k510EcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 14:24:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 3429 52 KB
28 KB 133ms
128ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kZS5kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=kfw943wl2aw4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

40066fc73a208c54f8b7d81ed8fa7a3f4e840f252d8157fd3c5f45dab5c27d30

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5bOirUErDUvZTRKzvmN-EA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://de.darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28899
content-security-policy: script-src 'report-sample' 'nonce-5bOirUErDUvZTRKzvmN-EA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 14:24:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4CAA 52 KB
29 KB 225ms
218ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kZS5kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=dpan9oegkxo3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f629afab7957d7c314c9085470bd3880d3911cfa6ef548fa97339c85dd3b1868

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gKtYTesOc7KOm03cfB1fNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://de.darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28956
content-security-policy: script-src 'report-sample' 'nonce-gKtYTesOc7KOm03cfB1fNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 14:24:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 2906 52 KB
29 KB 170ms
165ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kZS5kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=2l13do3noshc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

108ef49879528e238e740b5c5f198816339b92cae7d5cf59d01918fe64002336

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--T70mgBp-zTvGdP020bmMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://de.darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28984
content-security-policy: script-src 'report-sample' 'nonce--T70mgBp-zTvGdP020bmMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 14:24:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame E539 52 KB
29 KB 180ms
179ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kZS5kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=kbix35bt3nqr

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

500a0cc036f1c0c947d7f8e3d3d2d914d52500e89dd04272bea937a963a215f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XOT1PZlyMloSG72RkXOvXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://de.darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 29016
content-security-policy: script-src 'report-sample' 'nonce-XOT1PZlyMloSG72RkXOvXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 14:24:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 62cb281b38027f507517f419_Gradient%20Button%20Rotate2.json Show response
assets-global.website-files.com/626ff19cdd07d1258d49238d/ 2 KB
1 KB 129ms
43ms XHR
application/json 2600:9000:2304:a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/62cb281b38027f507517f419_Gradient%20Button%20Rotate2.json
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/626ff19cdd07d1258d49238d/js/web-phoenix.63e4e7006.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea3931de93ca6940e75c6da8d126fccd812f1cf590cbf7844136d5c6c0685bf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 13 May 2023 08:22:31 GMT
x-amz-version-id: _JWgRDHLwVrMn2Yku2SFY3Ftq6u4Ip1i
content-encoding: br
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
age: 4082529
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sun, 10 Jul 2022 19:27:26 GMT
server: AmazonS3
etag: W/"bde15e8c08bdae257ac118c5e638a3e5"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: VG3Pn9YdRhKfkxhLuXTtT75GH4TyY6mOzGvg79oHnEcH3p50hiVSsw==

GET
H/1.1 200
OK dest5.html Show response
darktrace.demdex.net/ Frame D2BA 7 KB
3 KB 199ms
47ms Document
text/html 52.49.138.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://darktrace.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.138.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-138-0.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://de.darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v050-0672f2eac.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 02FTxG+UTiI=
content-encoding: gzip
date: Thu, 29 Jun 2023 14:24:39 GMT
last-modified: Wed, 28 Jun 2023 13:20:50 GMT
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZJ2UJwAAAI7UbwOJ
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=31350655441127545770446631467335509584
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZJ2UJwAAAI7UbwOJ

42 B
942 B

48ms
48ms

Image
image/gif

54.195.140.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZJ2UJwAAAI7UbwOJ

Requested by

Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

HTTP/1.1

Server

54.195.140.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-140-228.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-081b3f51f.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: BhPvqntdT9A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZJ2UJwAAAI7UbwOJ
Date: Thu, 29 Jun 2023 14:24:39 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame 2BDE 55 KB
24 KB 188ms
77ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kZS5kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=80drc175uiqh

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 12:13:29 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame 2BDE 430 KB
173 KB 319ms
209ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 21:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 21:08:38 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame 3429 55 KB
24 KB 226ms
118ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 12:13:29 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame 3429 430 KB
173 KB 303ms
195ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 21:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 21:08:38 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame A0E8 55 KB
24 KB 190ms
97ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 12:13:29 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame A0E8 430 KB
173 KB 147ms
54ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 21:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 21:08:38 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame 2906 55 KB
24 KB 146ms
56ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 12:13:29 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame 2906 430 KB
173 KB 311ms
220ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 21:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 21:08:38 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame E539 55 KB
24 KB 242ms
153ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 12:13:29 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame E539 430 KB
173 KB 311ms
223ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 21:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 21:08:38 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame 4CAA 55 KB
24 KB 223ms
137ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 12:13:29 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame 4CAA 430 KB
173 KB 269ms
184ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 21:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 21:08:38 GMT

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 41ms
41ms Script
application/x-javascript 2a02:26f0:3100::1735:28d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:28d2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Jun 2023 22:23:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=17034
accept-ranges: bytes
content-length: 4807

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202304.1.0/assets/ 13 KB
3 KB 37ms
37ms Fetch
application/json 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa355c393e03f831dbdbcc678ba16396aab95930b1bc5b0549695d40cc955ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Jun 2023 14:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: VwzPf/atFGVLVHgPLKsA5g==
age: 24603
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3019
x-ms-lease-status: unlocked
last-modified: Thu, 11 May 2023 06:31:08 GMT
server: cloudflare
etag: 0x8DB51E94E2F9DF3
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: f3510fa9-701e-0112-3ebc-8aaaaf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7deed598b84b3730-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202304.1.0/assets/v2/ 61 KB
12 KB 45ms
44ms Fetch
application/json 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Jun 2023 14:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: U0I+ien3T2GIYJcFxPdemQ==
age: 26778
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12544
x-ms-lease-status: unlocked
last-modified: Thu, 11 May 2023 06:31:10 GMT
server: cloudflare
etag: 0x8DB51E94F811CDE
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 14c185ba-b01e-00cc-5c33-87bc53000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7deed598b84d3730-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202304.1.0/assets/ 21 KB
4 KB 41ms
41ms Fetch
text/css 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Jun 2023 14:24:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 62943
x-ms-lease-status: unlocked
last-modified: Thu, 11 May 2023 06:31:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: d42e8db3-801e-00e6-7f33-87c916000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7deed598b84f3730-FRA

GET
H2

200

activityi;dc_pre=CNuhv6_X6P8CFW1Ewgod5oQEPw;src=9120626;type=unive0;cat=darkt00;ord=5089008179056;gtm=45fe36s0;auiddc=1645327795.1688048680;u1=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence... Show response
9120626.fls.doubleclick.net/ Frame C800
Redirect Chain

https://9120626.fls.doubleclick.net/activityi;src=9120626;type=unive0;cat=darkt00;ord=5089008179056;gtm=45fe36s0;auiddc=1645327795.1688048680;u1=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgen...
https://9120626.fls.doubleclick.net/activityi;dc_pre=CNuhv6_X6P8CFW1Ewgod5oQEPw;src=9120626;type=unive0;cat=darkt00;ord=5089008179056;gtm=45fe36s0;auiddc=1645327795.1688048680;u1=https%3A%2F%2Fde.d...

687 B
495 B

96ms
95ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9120626.fls.doubleclick.net/activityi;dc_pre=CNuhv6_X6P8CFW1Ewgod5oQEPw;src=9120626;type=unive0;cat=darkt00;ord=5089008179056;gtm=45fe36s0;auiddc=1645327795.1688048680;u1=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2;~oref=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9120626

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

f105a48d82d342c95728b98a5e49263d749ef781e137a809831ed2c2eb049ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://de.darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 319
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 14:24:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 14:24:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9120626.fls.doubleclick.net/activityi;dc_pre=CNuhv6_X6P8CFW1Ewgod5oQEPw;src=9120626;type=unive0;cat=darkt00;ord=5089008179056;gtm=45fe36s0;auiddc=1645327795.1688048680;u1=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2;~oref=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
70 KB 73ms
72ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-401176436

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5d34825c42c1f8c0355c351fc04521f72642c2726b8a315946efc47fa87990b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72031
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Jun 2023 14:24:39 GMT

GET
H2 200 json Show response
forms-eu1.hscollectedforms.net/collected-forms/v1/config/ 116 B
400 B 64ms
48ms XHR
application/json 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=25522132&utk=
Requested by: Host: js-eu1.hscollectedforms.net
URL: https://js-eu1.hscollectedforms.net/collectedforms.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6f67012173d003d1310c16e0e38a778b787655bdc8b4205e7b5b58e821c73de

Request headers

Accept: application/json, text/plain, */*
Referer: https://de.darktrace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 99d108ef-3293-4769-9cac-682bc1b863cb
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 99d108ef-3293-4769-9cac-682bc1b863cb
server: cloudflare
access-control-max-age: 180
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://de.darktrace.com
x-evy-trace-virtual-host: all
content-type: application/json;charset=utf-8
cache-control: max-age=0
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-5b45bc9bc5-p7df5
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7deed59969600476-FRA

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/67174/domain/de.darktrace.com/ 36 B
370 B 268ms
190ms XHR
application/json 2600:9000:2171:7000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/67174/domain/de.darktrace.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2171:7000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://de.darktrace.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:40 GMT
content-encoding: gzip
via: 1.1 90515c29ffc08c36814da3b1fe9d04e8.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: E0WkqGyrlhglLXxULyV1yzAiNbBCvdmHu8LXBTnR92LqR_CEhnfuSA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1688048679885&url=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1688048679885&url=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2&...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D67174%26time%3D1688048679885%26url%3Dhttps%253A%252F%252Fde.darktrace.com%252Fblo...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1688048679885&url=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2&...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1688048679885&url=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2...

0
265 B

240ms
175ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1688048679885&url=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2&cookiesTest=true&liSync=true&e_ipv6=AQL8LFAj4RVIwwAAAYkHir_XbjEcM-dRIstj7SmuiSuW6rU2m0DK181ahCi3rURnH61YYZDo
Requested by: Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:41 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 1A271780DE804DED8D6907A6047DA484 Ref B: FRAEDGE1407 Ref C: 2023-06-29T14:24:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX/RXYBSxtxI0meBucxXg==

Redirect headers

date: Thu, 29 Jun 2023 14:24:40 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 5A781C06C8C94CDDAB3EEF3495E11AF2 Ref B: FRAEDGE2008 Ref C: 2023-06-29T14:24:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=67174&time=1688048679885&url=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2&cookiesTest=true&liSync=true&e_ipv6=AQL8LFAj4RVIwwAAAYkHir_XbjEcM-dRIstj7SmuiSuW6rU2m0DK181ahCi3rURnH61YYZDo
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX/RXX9P4JKVp7nRD+hUA==

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
625 B 44ms
43ms Image
image/svg+xml 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Jun 2023 14:24:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 35874
x-ms-lease-status: unlocked
last-modified: Wed, 28 Jun 2023 06:35:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: a711888d-d01e-0098-6f8d-a956d9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7deed59979a31911-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
489 B 37ms
37ms Fetch
image/svg+xml 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Jun 2023 14:24:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 62943
x-ms-lease-status: unlocked
last-modified: Wed, 28 Jun 2023 02:48:08 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: ca916dab-801e-00a2-0674-a9157a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7deed59999a63730-FRA

GET
H2 200 ot_company_logo.png
cdn.cookielaw.org/logos/static/ 4 KB
4 KB 41ms
40ms Image
image/png 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_company_logo.png

Requested by

Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Jun 2023 14:24:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: E8+sk/ECzKgTUVtDLikiIA==
age: 77122
content-length: 4036
x-ms-lease-status: unlocked
last-modified: Wed, 28 Jun 2023 06:35:02 GMT
server: cloudflare
etag: 0x8DB77A1CDAB7B6D
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 459f93bf-701e-017f-76a4-a90081000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7deed599a9d71911-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 38ms
38ms Image
image/svg+xml 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Jun 2023 14:24:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 29546
x-ms-lease-status: unlocked
last-modified: Wed, 28 Jun 2023 14:53:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 9db3ef5a-f01e-014c-54ea-a959ac000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7deed599a9d81911-FRA

GET
H/1.1 200
OK counters.gif
forms-eu1.hsforms.com/embed/v3/ 35 B
983 B 135ms
46ms Image
image/gif 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=6

Requested by

Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 14:24:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 0051d484-3af9-44d7-b302-6d2c4f1b508a
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0051d484-3af9-44d7-b302-6d2c4f1b508a
Server: cloudflare
X-Trace: 2B00B0389A4D22563AB90D73E7997C99939F8AD0FB000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/star-hubspot-td/envoy-proxy-79bb87d888-m76dn
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 7deed59a5f072bb8-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/401176436/ 3 KB
2 KB 295ms
172ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/401176436/?random=1688048680037&cv=11&fst=1688048680037&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2&hn=www.googleadservices.com&frm=0&tiba=The%20resurgence%20of%20the%20raccoon%3A%20Steps%20of%20a%20Raccoon%20Stealer%20v2%20Infection%20(Part%202)%20%7C%20Darktrace%20Blog&auid=1645327795.1688048680&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-401176436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d45471c66bbb4bae45f19ef64d69ebaf81abe398b9484b6b54509614a4ec3988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 14:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1414
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 118ms
55ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 29 Jun 2023 14:24:39 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7EE66F4E91724F00AD166BBE11B726EC Ref B: FRAEDGE1913 Ref C: 2023-06-29T14:24:40Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 b474d74a-fc48-497d-b3dd-02eddc4b51ac.js Show response
j.6sc.co/j/ 4 KB
4 KB 544ms
437ms Script
application/javascript 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/j/b474d74a-fc48-497d-b3dd-02eddc4b51ac.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ea4e25aa0549/f752722fa920/launch-581b2cfa7858.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-170.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: fd86fe420268206f681edfdde283a00ce6f15dbd6bb7e09de5e8fd02cb88d463

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 7Mw1NroldPLZ5O4d9EdaVphfP5jkyP9k
date: Thu, 29 Jun 2023 14:24:40 GMT
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-amz-meta-content-type: application/json
content-length: 4059
pragma: no-cache
last-modified: Thu, 29 Jun 2023 08:52:59 GMT
server: AmazonS3
etag: "3aa2cc199385c20dfc4ccbd07cc6556f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: anRDFfbcaVoK0MfglfBOkTjVvYKQ9P12ksA_p-25iumNaxcFQuytnA==
expires: Thu, 29 Jun 2023 14:24:40 GMT

GET
H2 204 211011833.js Show response
bat.bing.com/p/action/ 0
118 B 149ms
148ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/211011833.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 29 Jun 2023 14:24:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EC36D0125CF043199CD0C358E3DC7739 Ref B: FRAEDGE1913 Ref C: 2023-06-29T14:24:40Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 55ms
51ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=211011833&Ver=2&mid=4c6fd7e7-8e32-4ce9-9d30-bd5bed2179ea&sid=aef62660168811ee8a4e3f68411bc8a2&vid=aef69d40168811ee8f5c55428f705aca&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20resurgence%20of%20the%20raccoon%3A%20Steps%20of%20a%20Raccoon%20Stealer%20v2%20Infection%20(Part%202)%20%7C%20Darktrace%20Blog&p=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2&r=&lt=7049&evt=pageLoad&sv=1&rn=378519

Requested by

Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 29 Jun 2023 14:24:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3096F1517E514421A0EA4FA9242716DD Ref B: FRAEDGE1913 Ref C: 2023-06-29T14:24:40Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CNuhv6_X6P8CFW1Ewgod5oQEPw;src=9120626;type=unive0;cat=darkt00;ord=5089008179056;gtm=45fe36s0;auiddc=1645327795.1688048680;u1=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-ra... Show response
adservice.google.com/ddm/fls/i/ Frame 096B 686 B
693 B 218ms
95ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNuhv6_X6P8CFW1Ewgod5oQEPw;src=9120626;type=unive0;cat=darkt00;ord=5089008179056;gtm=45fe36s0;auiddc=1645327795.1688048680;u1=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2;~oref=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Requested by

Host: 9120626.fls.doubleclick.net
URL: https://9120626.fls.doubleclick.net/activityi;dc_pre=CNuhv6_X6P8CFW1Ewgod5oQEPw;src=9120626;type=unive0;cat=darkt00;ord=5089008179056;gtm=45fe36s0;auiddc=1645327795.1688048680;u1=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2;~oref=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ded752458bf77187cacf383583479601f35bcb9f00b67ed9e20b194bca63f23d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9120626.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 318
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 14:24:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2906 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2906 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 2906 2 KB
2 KB 54ms
54ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 15:17:24 GMT
x-content-type-options: nosniff
age: 515236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 30 Jun 2023 15:17:24 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2906 15 KB
16 KB 188ms
58ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 00:06:15 GMT
x-content-type-options: nosniff
age: 137905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 00:06:15 GMT

GET
DATA 200
OK truncated
/ Frame 4CAA 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4CAA 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4CAA 2 KB
2 KB 54ms
54ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 15:17:24 GMT
x-content-type-options: nosniff
age: 515236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 30 Jun 2023 15:17:24 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4CAA 15 KB
15 KB 161ms
73ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 00:06:15 GMT
x-content-type-options: nosniff
age: 137905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 00:06:15 GMT

GET
DATA 200
OK truncated
/ Frame 3429 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3429 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3429 2 KB
2 KB 54ms
54ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 15:17:24 GMT
x-content-type-options: nosniff
age: 515236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 30 Jun 2023 15:17:24 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3429 15 KB
15 KB 181ms
122ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 00:06:15 GMT
x-content-type-options: nosniff
age: 137905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 00:06:15 GMT

GET
DATA 200
OK truncated
/ Frame E539 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E539 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E539 2 KB
2 KB 55ms
54ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 15:17:24 GMT
x-content-type-options: nosniff
age: 515236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 30 Jun 2023 15:17:24 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E539 15 KB
15 KB 123ms
123ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 00:06:15 GMT
x-content-type-options: nosniff
age: 137905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 00:06:15 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 2BDE 102 B
133 B 64ms
63ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=IqA9DpBOUJevxkykws9RiIBs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bad26f37947717a5b9564dd23d44644d869182f7f9830bf5fae2dd26c16fa021

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kZS5kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=80drc175uiqh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Thu, 29 Jun 2023 14:24:40 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 2906 102 B
133 B 63ms
63ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=IqA9DpBOUJevxkykws9RiIBs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bad26f37947717a5b9564dd23d44644d869182f7f9830bf5fae2dd26c16fa021

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kZS5kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=2l13do3noshc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Thu, 29 Jun 2023 14:24:40 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 4CAA 102 B
133 B 64ms
64ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=IqA9DpBOUJevxkykws9RiIBs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bad26f37947717a5b9564dd23d44644d869182f7f9830bf5fae2dd26c16fa021

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kZS5kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=dpan9oegkxo3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Thu, 29 Jun 2023 14:24:40 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 3429 102 B
133 B 64ms
63ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=IqA9DpBOUJevxkykws9RiIBs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bad26f37947717a5b9564dd23d44644d869182f7f9830bf5fae2dd26c16fa021

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kZS5kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=kfw943wl2aw4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Thu, 29 Jun 2023 14:24:40 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame A0E8 102 B
133 B 63ms
63ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=IqA9DpBOUJevxkykws9RiIBs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bad26f37947717a5b9564dd23d44644d869182f7f9830bf5fae2dd26c16fa021

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kZS5kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=m1d24yc6cmjx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Thu, 29 Jun 2023 14:24:40 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame E539 102 B
133 B 63ms
63ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=IqA9DpBOUJevxkykws9RiIBs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bad26f37947717a5b9564dd23d44644d869182f7f9830bf5fae2dd26c16fa021

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW&co=aHR0cHM6Ly9kZS5kYXJrdHJhY2UuY29tOjQ0Mw..&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=kbix35bt3nqr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Thu, 29 Jun 2023 14:24:40 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/401176436/ 42 B
64 B 67ms
66ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/401176436/?random=1688048680037&cv=11&fst=1688047200000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2&frm=0&tiba=The%20resurgence%20of%20the%20raccoon%3A%20Steps%20of%20a%20Raccoon%20Stealer%20v2%20Infection%20(Part%202)%20%7C%20Darktrace%20Blog&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3823361678&rmt_tld=0&ipr=y

Requested by

Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 14:24:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/401176436/ 42 B
455 B 186ms
66ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/401176436/?random=1688048680037&cv=11&fst=1688047200000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2&frm=0&tiba=The%20resurgence%20of%20the%20raccoon%3A%20Steps%20of%20a%20Raccoon%20Stealer%20v2%20Infection%20(Part%202)%20%7C%20Darktrace%20Blog&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3823361678&rmt_tld=1&ipr=y

Requested by

Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 14:24:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CNuhv6_X6P8CFW1Ewgod5oQEPw;src=9120626;type=unive0;cat=darkt00;ord=5089008179056;gtm=45fe36s0;auiddc=1645327795.1688048680;u1=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-ra... Show response
adservice.google.de/ddm/fls/i/ Frame 2F16 194 B
515 B 220ms
96ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CNuhv6_X6P8CFW1Ewgod5oQEPw;src=9120626;type=unive0;cat=darkt00;ord=5089008179056;gtm=45fe36s0;auiddc=1645327795.1688048680;u1=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2;~oref=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNuhv6_X6P8CFW1Ewgod5oQEPw;src=9120626;type=unive0;cat=darkt00;ord=5089008179056;gtm=45fe36s0;auiddc=1645327795.1688048680;u1=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2;~oref=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 14:24:40 GMT
expires: Thu, 29 Jun 2023 14:24:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6si.min.js Show response
j.6sc.co/ 35 KB
11 KB 37ms
36ms Script
application/javascript 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/j/b474d74a-fc48-497d-b3dd-02eddc4b51ac.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

4aec96eddab69454e554bb60664da2e5043c363ebef6921644f619523e7274d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 14:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 May 2023 00:27:16 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "64641f64-8a3f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 11052
expires: Thu, 29 Jun 2023 14:24:40 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame DF44 7 KB
1 KB 70ms
65ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2e05167d19bacfee49cd9b490f562afa0345df8f8861fa13cff6aff5dabacb47

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BkKGzbC8x4xh2c111gBtfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://de.darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1152
content-security-policy: script-src 'report-sample' 'nonce-BkKGzbC8x4xh2c111gBtfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 14:24:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame B577 7 KB
1 KB 68ms
68ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

beb72c3faedb9972615214e84aa9fece4a459aca64044edc48bc5b1c38c924fb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3DcJCTWd2nc5-FM1MaFy8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://de.darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1154
content-security-policy: script-src 'report-sample' 'nonce-3DcJCTWd2nc5-FM1MaFy8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 14:24:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame A047 7 KB
1 KB 68ms
68ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

609f4659e4b92557363500487b435d59ae104d9910956316292c070cb3b83c54

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uMXEwoBtFYFaaLgOkdDzGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://de.darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1154
content-security-policy: script-src 'report-sample' 'nonce-uMXEwoBtFYFaaLgOkdDzGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 14:24:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 2670 7 KB
1 KB 70ms
69ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b266433eab22a7ee729a802d16f86578392e33a2044cf97e53d5ee362679d0ee

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-howy7teJGrj8SVgyktAEeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://de.darktrace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1153
content-security-policy: script-src 'report-sample' 'nonce-howy7teJGrj8SVgyktAEeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 14:24:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET bframe
www.google.com/recaptcha/api2/ Frame F7C3 0
0

GET bframe
www.google.com/recaptcha/api2/ Frame 17DD 0
0

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
820 B 107ms
33ms XHR
application/json 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 14:24:41 GMT
AN-X-Request-Uuid: cbc76c1a-fe0a-4ab0-bd0f-0555af70f55a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://de.darktrace.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 193.32.248.215; 193.32.248.215; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
193 B 33ms
32ms XHR
text/html 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:41 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://de.darktrace.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 20 B
302 B 134ms
28ms XHR
text/html 2a02:26f0:ab00::214:8e41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::214:8e41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: eca911cde383d98bf0ebfaeae9ffcbf9a217014053c43f8a4206d325f4988a5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 14:24:41 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://de.darktrace.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a03:1b20:b:f011::1e
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468902_34901565_190926055_25_770_28_0_-";dur=1
content-length: 20
expires: Thu, 29 Jun 2023 14:24:41 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame DF44 55 KB
24 KB 55ms
54ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 12:13:29 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame DF44 430 KB
173 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 21:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 21:08:38 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame B577 55 KB
24 KB 55ms
54ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 12:13:29 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame B577 430 KB
173 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 21:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 21:08:38 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame A047 55 KB
24 KB 56ms
56ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 12:13:29 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame A047 430 KB
173 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 21:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 21:08:38 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame 2670 55 KB
24 KB 57ms
56ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 12:13:29 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame 2670 430 KB
173 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 21:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 21:08:38 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 236ms
230ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=58e1d7a8a68ff8537d596ebcbffc4824&svisitor=null&visitor=1c0fbbb9-6712-4c12-814b-8e6e6e306fa0&session=8932f057-bfc7-4172-88d1-4502918032ac&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2029%20Jun%202023%2014%3A24%3A41%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%2258e1d7a8a68ff8537d596ebcbffc4824%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Jun%202023%2014%3A24%3A41%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Jun%202023%2014%3A24%3A41%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22bfc303872745c57fc21c407e92980bd51b495b1e%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Jun%202023%2014%3A24%3A41%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Jun%202023%2014%3A24%3A41%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Jun%202023%2014%3A24%3A41%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Jun%202023%2014%3A24%3A41%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Jun%202023%2014%3A24%3A41%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Jun%202023%2014%3A24%3A41%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%22b474d74a-fc48-497d-b3dd-02eddc4b51ac%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Jun%202023%2014%3A24%3A41%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Jun%202023%2014%3A24%3A41%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Jun%202023%2014%3A24%3A41%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2029%20Jun%202023%2014%3A24%3A41%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Since%20the%20release%20of%20version%202%20of%20Raccoon%20Stealer%20in%20May%202022%2C%20Darktrace%E2%80%99s%20SOC%20has%20observed%20a%20continuous%20surge%20in%20Raccoon%20Stealer%20v2%20activity.%20In%20this%20blog%2C%20we%20will%20outline%20the%20typical%20steps%20of%20a%20Raccoon%20Stealer%20v2%20infection%2C%20paying%20close%20attention%20to%20the%20info-stealer%E2%80%99s%20network-based%20behaviors.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20resurgence%20of%20the%20raccoon%3A%20Steps%20of%20a%20Raccoon%20Stealer%20v2%20Infection%20(Part%202)%20%7C%20Darktrace%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2&pageViewId=a2d3b48a-d9de-4be4-86bd-19d1b56d83cc&an_uid=0&webTagId=b474d74a-fc48-497d-b3dd-02eddc4b51ac

Requested by

Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:41 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 232ms
232ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=58e1d7a8a68ff8537d596ebcbffc4824&svisitor=null&visitor=1c0fbbb9-6712-4c12-814b-8e6e6e306fa0&session=8932f057-bfc7-4172-88d1-4502918032ac&event=ipv6&q=%7B%22address%22%3A%222a03%3A1b20%3Ab%3Af011%3A%3A1e%22%7D&isIframe=false&m=%7B%22description%22%3A%22Since%20the%20release%20of%20version%202%20of%20Raccoon%20Stealer%20in%20May%202022%2C%20Darktrace%E2%80%99s%20SOC%20has%20observed%20a%20continuous%20surge%20in%20Raccoon%20Stealer%20v2%20activity.%20In%20this%20blog%2C%20we%20will%20outline%20the%20typical%20steps%20of%20a%20Raccoon%20Stealer%20v2%20infection%2C%20paying%20close%20attention%20to%20the%20info-stealer%E2%80%99s%20network-based%20behaviors.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20resurgence%20of%20the%20raccoon%3A%20Steps%20of%20a%20Raccoon%20Stealer%20v2%20Infection%20(Part%202)%20%7C%20Darktrace%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2&pageViewId=a2d3b48a-d9de-4be4-86bd-19d1b56d83cc&an_uid=0&webTagId=b474d74a-fc48-497d-b3dd-02eddc4b51ac

Requested by

Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:41 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 105ms
30ms Preflight 35.156.62.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.62.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-62-81.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://de.darktrace.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://de.darktrace.com
access-control-max-age: 1800
date: Thu, 29 Jun 2023 14:24:41 GMT
server: nginx

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 722 B
573 B 97ms
36ms XHR
application/json 35.156.62.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.62.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-62-81.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fe26156dcbc0058c9fc1cdfb4ecbec01c82711a31548024e2f9950d817406cb2

Request headers

Referer: https://de.darktrace.com/
accept-language: de-DE,de;q=0.9
Authorization: Token bfc303872745c57fc21c407e92980bd51b495b1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:41 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://de.darktrace.com
access-control-allow-credentials: true
content-length: 388

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 229ms
229ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:42 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 231ms
231ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:43 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
486 B 222ms
221ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:44 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
486 B 234ms
234ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: de.darktrace.com
URL: https://de.darktrace.com/blog/the-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.darktrace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 14:24:45 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Lf3_gwhAAAAACaFnlMKksutGOG2QvB1pTDsiDmW

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ir.darktrace.com/	1969-12-31 23:59:59	Name: ir-session Value: 3be962a3f8fa8b48126b96085023a178Wowxtcep1WDot2tDuQSCCtCp%2BgMx41U4jV9iXBIYr3e%2B3yj1ND5rB%2BYro2wqG%2FUDug52mbYqqw6137JFXAGYzK%2BTkErgD2I3TI9bifuFFGPf9wJIa1Wss00U%2F6d8cHwc
ir.darktrace.com/	1970-01-20 12:54:15	Name: XSRF-TOKEN Value: 2ddb8e93b48aebb8f59a478c30bc3dd4WpPMzNNCHOWaLi2spy1bv6IFLLPbuCTkAvFcNLgtoNAN8DR7%2FXS8F1l6rfRlchNoT4KYWKcfNiWb65G%2BmVjmNLkZe3Pesia%2BVt1Uk%2F%2Bp9oOds%2Bd6OsRVPlp7Z8xbKki7
ir.darktrace.com/	1969-12-31 23:59:59	Name: ir-session-values Value: c1369daab968986819f4e82085b97b7dEIice5rRWAGNKVCdr5hVulI70lklIyJzhj1Bt0JIAhGauCCWdattZEiVfj1%2F8h%2BPmRmLA5AlUZNKrxlqkNMYCC%2B7t%2FNqhJ5k%2BZzoi6ibCfPNad5Tl8SZsw1XvYfZK1OyteTWsAnwyzhlnAFHXs3xGmfoa%2Fi3suL9YXtiXSrK52CRPIzYA0E2M5F9%2B9ThVPhFD2cfEykqinYnP85656e8%2BePhiHAeRNvprGbeTd5SQK%2FvkRQjykfLoVYkg6TgSd%2F0YJ7rqK5sV1drMUDANJBKScpxOOj7BAQu0TGEcQ%2F%2FwIiZFY0yH77VRZUJE%2FkgaV4Q
.company-target.com/	1970-01-20 22:30:08	Name: tuuid Value: 7f5ede60-ab26-4620-94b0-7c0fb49c12d5
.company-target.com/	1970-01-20 22:30:08	Name: tuuid_lu Value: 1688048679\|ix:0\|mctv:0\|rp:0
.demdex.net/	1970-01-20 17:13:20	Name: demdex Value: 31350655441127545770446631467335509584
.casalemedia.com/	1970-01-20 21:39:44	Name: CMID Value: ZJ2UJ50YMeN6dahB1iTeEQAA
.casalemedia.com/	1970-01-20 15:03:44	Name: CMPS Value: 3290
.casalemedia.com/	1970-01-20 15:03:44	Name: CMPRO Value: 3290
.tremorhub.com/	1970-01-20 21:40:05	Name: tvid Value: 8444622a006445828d1b342c690dca19
.tremorhub.com/	1970-01-20 22:30:08	Name: tv_UIDM Value: 7f5ede60-ab26-4620-94b0-7c0fb49c12d5
.darktrace.com/	1969-12-31 23:59:59	Name: AMCVS_4AE530AF633C985D0A495E93%40AdobeOrg Value: 1
.darktrace.com/	1970-01-20 15:03:44	Name: _gcl_au Value: 1.1.1645327795.1688048680
.everesttech.net/	1970-01-20 21:39:44	Name: everest_g_v2 Value: g_surferid~ZJ2UJwAAAI7UbwOJ
.darktrace.com/	1970-01-20 21:39:44	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Jun+29+2023+14%3A24%3A39+GMT%2B0000+(GMT)&version=202304.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fde.darktrace.com%2Fblog%2Fthe-resurgence-of-the-raccoon-steps-of-a-raccoon-stealer-v2-infection-part-2&groups=C0001%3A1%2CC0004%3A0%2CC0003%3A0%2CC0002%3A0
.dpm.demdex.net/	1970-01-20 17:13:20	Name: dpm Value: 31350655441127545770446631467335509584
.darktrace.com/	1970-01-20 22:30:08	Name: AMCV_4AE530AF633C985D0A495E93%40AdobeOrg Value: 179643557%7CMCIDTS%7C19538%7CMCMID%7C27333346373888074000602915184565523753%7CMCAAMLH-1688653479%7C6%7CMCAAMB-1688653479%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1688055879s%7CNONE%7CMCSYNCSOP%7C411-19545%7CvVersion%7C5.5.0
.linkedin.com/	1970-01-20 15:03:44	Name: li_sugr Value: 081db934-3825-4dfd-b54d-3e1f13e26a70
.linkedin.com/	1970-01-20 21:39:44	Name: bcookie Value: "v=2&b8ffe185-a4a8-4e24-82a9-8e2ac5add764"
.linkedin.com/	1970-01-20 12:55:35	Name: lidc Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2792:u=1:x=1:i=1688048680:t=1688135080:v=2:sig=AQHjrIdvbza89lJDKKyMVZN6yxwupWdb"
de.darktrace.com/	1970-01-20 12:55:35	Name: ln_or Value: eyI2NzE3NCI6ImQifQ%3D%3D
.darktrace.com/	1970-01-20 12:55:35	Name: _uetsid Value: aef62660168811ee8a4e3f68411bc8a2
.darktrace.com/	1970-01-20 22:15:44	Name: _uetvid Value: aef69d40168811ee8f5c55428f705aca
.doubleclick.net/	1970-01-20 12:54:09	Name: test_cookie Value: CheckForPermission
.bing.com/	1970-01-20 22:15:44	Name: MUID Value: 23BDAA1AD86F64570582B925D96F6508
.linkedin.com/	1970-01-20 13:37:20	Name: UserMatchHistory Value: AQIDFhYeo0KqKgAAAYkHir0fGDKNBjbahDWikrPM-ow-uVda6ZFnq_gn8pbNJ3f9_EMc_FeQDq8cwg
.linkedin.com/	1970-01-20 13:37:20	Name: AnalyticsSyncHistory Value: AQIz-wdno1jbwQAAAYkHir0f9sNHNhbYB3xWPb46P6oVhWHx_ZsucWH6E2KJXqevs4mY59DmP11NQ4joTP3FHg
.www.linkedin.com/	1970-01-20 21:39:44	Name: bscookie Value: "v=1&20230629142440689c1d41-85b6-4468-85e3-5a58b6432f36AQEXNGkJ9pV1N0DJ5s37_ZhPNuE0j92h"
.linkedin.com/	1970-01-20 17:13:20	Name: li_gc Value: MTswOzE2ODgwNDg2ODA7MjswMjHU+zJnb4sb3iOHNgY5E4c6U1A7m75Zi9k46utIWpJK5Q==
de.darktrace.com/	1970-01-20 13:04:13	Name: _an_uid Value: 0
de.darktrace.com/	1970-01-20 22:30:08	Name: _gd_visitor Value: 1c0fbbb9-6712-4c12-814b-8e6e6e306fa0
de.darktrace.com/	1970-01-20 12:54:23	Name: _gd_session Value: 8932f057-bfc7-4172-88d1-4502918032ac
.6sc.co/	1970-01-20 22:30:08	Name: 6suuid Value: aad01702eff31a0029949d64ad0100004e630900

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9120626.fls.doubleclick.net
adservice.google.com
adservice.google.de
api.company-target.com
assets-global.website-files.com
assets.adobedtm.com
assets.website-files.com
b.6sc.co
bat.bing.com
c.6sc.co
cdn.cookielaw.org
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.weglot.com
cdnjs.cloudflare.com
cm.everesttech.net
code.jquery.com
d3e54v103j8qbb.cloudfront.net
darktrace.demdex.net
de.darktrace.com
dpm.demdex.net
dsum-sec.casalemedia.com
epsilon.6sense.com
fonts.gstatic.com
forms-eu1.hscollectedforms.net
forms-eu1.hsforms.com
geolocation.onetrust.com
googleads.g.doubleclick.net
id.rlcdn.com
ipv6.6sc.co
ir.darktrace.com
j.6sc.co
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hscollectedforms.net
partners.tremorhub.com
pixel.rubiconproject.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.company-target.com
secure.adnxs.com
snap.licdn.com
tag-logger.demandbase.com
tag.demandbase.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.google.com
104.17.114.41
108.138.17.72
13.107.42.14
13.225.34.5
142.250.185.198
151.139.128.10
172.65.192.122
172.65.202.201
172.65.208.22
172.65.232.43
172.65.238.60
185.80.39.216
185.89.211.116
2001:4de0:ac18::1:a:1a
2600:1f18:612b:4264:debb:60:73cb:4464
2600:9000:2171:7000:2:53b2:240:93a1
2600:9000:219c:5e00:11:3b84:d200:93a1
2600:9000:2247:d800:1d:8d6d:3b40:93a1
2600:9000:2249:1600:1:28b3:b280:93a1
2600:9000:2304:a00:12:9e5f:cac0:93a1
2606:4700::6811:190e
2606:4700::6812:1d26
2606:4700::6812:aa72
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:802::2008
2a00:1450:4001:806::2002
2a00:1450:4001:810::2004
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a02:26f0:3100::1735:28d2
2a02:26f0:480:994::1e80
2a02:26f0:ab00::214:8e41
2a04:4e42::485
3.161.127.194
34.249.242.252
34.96.71.22
35.156.62.81
35.244.174.68
52.49.138.0
54.195.140.228
69.173.144.165
95.101.111.170
05580beab81991e3bc00c261992d6579a28696fde9eb6e623988bb74fa2e4e97
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06433d685c68e0346ea00a414010af610a2a0e865203e2584607dbc0389f8984
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0d282ef9078d7899784c452efef335121768aedc33283ae5b4b4c225e1a176e9
0fffc2b097e07cb45ce8ad4f803f382ddada12ac833ffe7647047eb933d4bfee
108ef49879528e238e740b5c5f198816339b92cae7d5cf59d01918fe64002336
1114132a79b42ce8e5064f57a1560a3b3f0e1659afc33e4698bab53e1301fbfd
163a54a4c369a3b52b445847e397af3df73583c92f3bc2ed61f3773d729f41a0
17764635f4f70e406ddc60a0e6cbdf246af1c9a49956c6edf88f13a39e1ef53f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
26faad62422049b4c91af4247cb57c76c08edd5283c89aadbfa5f06d41fa90e1
2708bde98da236fca8a23d86312f8f88263bbb724bfd3a1fc1cc82d45b903bd0
2e05167d19bacfee49cd9b490f562afa0345df8f8861fa13cff6aff5dabacb47
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
34ad7018726a6090097b8e4fbfec539f043b50f5adc4be96a6601a40fe6831a4
35554656118ced47368a42899d05e4449d1b7583a8f45851baa58f88debc9bf9
36f8e2f21bb7ea566952ed42cf553cef04e5055510f6ac81d40cb39c9523ba30
3a74e3777aa608aa74d3f80ed1bf8d9981b6879714a1cb4023e9949512b5c58e
3aeb80f1a8079225ec23fb8c2146912e0c5388d0fb51835c41c619bc52bf42ca
3d02bb0683c1cfd07d526646fa0248aa3a49d6dd6c3bc2a824eed4d07c8d1d01
3d7ef803a29ad883b14ce3f4302eafda5dc19796471ccf37845cefe903e65538
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e8fb1edd4e6ac76dbb05bba77c54c77671bb00143b7dabf92bf3edf996fb595
3ed951ca234a2aae2ddef8ef3167b9c632c4581f8c44903934c3113507c4c840
40066fc73a208c54f8b7d81ed8fa7a3f4e840f252d8157fd3c5f45dab5c27d30
412e086400741907bbf4dd6a656b651ca220ebea9970278930fccfa7328b20c9
4132d7151489539efda9fcd764f395c17bcf6d28f2b77787ea49d2acaf987c9b
42c9d1df23e2f7d82d90b2bd6bab3b5398e81889cb9bde1d4a530acc663c9c63
43c2b937d200a8e16791e93a6f369388c9c83fba2d238147d73da36cc749f028
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
48979155896cea590bb6085850a98bf7ccb5b48e9761ad03b8e8f671e92c746c
4aec96eddab69454e554bb60664da2e5043c363ebef6921644f619523e7274d7
4b12db669cf3a559b812931dc1c37d4fc8aa8e33077cc410d22f3fe30a8cd466
500a0cc036f1c0c947d7f8e3d3d2d914d52500e89dd04272bea937a963a215f8
5560a2f9b290ae957e4c008304b3b1debcce91b98f0764325c728710eec87083
5585cea846413e0da1c97100ab327c7517a073b49e810db1d5300c2dd5ea9e6d
56de831de7fbe36df97e77f2d0ae0754bb0038bec0db4a2b3d3e427d7d1c99f0
5709c24c903fdd841258a235316578adfc91781ea0d4a408a8cc3425441ec5bc
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
609f4659e4b92557363500487b435d59ae104d9910956316292c070cb3b83c54
6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69db68c0e734f6f16080634b31af09e235a8520d068e65f984303de943e02297
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cbf5b3bbfcd2f23a688b189310c36484be77a86a6a59ab11d2666a255d172d0
7264058fd5d16c3e494ead87aa4fe7addd3fd50f62c540fcbcf69da9e8720ebf
75ebb64b00eb8642d1df4c751f904e2e163d6f9a391d5c1482cd54c014689a12
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
79a7d5deff1189cba78946faa0ed6bd78a1c9292cfad4329b208d0be5a045ff7
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7f148a333a7585ab1391cceb303d946f5bf1b38ba6bb8eae863125ccde728bb3
858b9641acb71b5463d69f74a7fc85c0183102bd836ca47c76c5e729d8da33d4
868c6354c19c6bf06c6f879f94ba1498579c60b1283d44dfe9c056211494e7ec
87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c
8887f03d90e75a4a4265a4bb43bf9407297051173a798e6e2e6f4876c68ffe1d
889d1f642f074226934ed8675283fe04bc4aa7810b528f71b6ff9fd93b8f0b0f
8dcea064f42cc64fdaedef160828d1d67a15445d4c71330e02216cd5e33fbc08
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
9948ae846979246ddfe993e604739594ce0e7cdfa77657412b9b0090009dcf23
9ec24ee0f8d876759e7fe32ef7797aa41a356684070785e6d94fb3370cd6601f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a36db0362a5e9d292bbdf29f863546f2890efb7416068417ca7b11f00fc30b8d
a678c4996f3af19954605ff0cbb95c2a1880c522da930831c8d20c08a101ac62
a6fd219289d32bb4cdc8e8831a6f56c5cc0e4246f324bb598277e0c9036753d4
aa355c393e03f831dbdbcc678ba16396aab95930b1bc5b0549695d40cc955ca1
adecd63acc4782d7f6bea59bda9e02bfcc6f90ed14ace7f83e06c6c814b58e2a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b266433eab22a7ee729a802d16f86578392e33a2044cf97e53d5ee362679d0ee
b36764faf17f2803c4ef3a5ea18b0187dc9ae66b13ec253c71ddb3178d2ccf52
b4e86a27453afdeaabf13f8b7a136e816db8d2ccd9241bdcd40c5b90a6fac786
b6f67012173d003d1310c16e0e38a778b787655bdc8b4205e7b5b58e821c73de
b8b79e968df0f74cd51d569a2b75ffe7474f91fc221de749e01fe7663c328bce
bad26f37947717a5b9564dd23d44644d869182f7f9830bf5fae2dd26c16fa021
bcd591865677b0c8754082d60e5fbddb3ceee63f563c7362b2800d5f5c84d619
beb72c3faedb9972615214e84aa9fece4a459aca64044edc48bc5b1c38c924fb
c60aa6cea20713c1b75fa3808d390c54a08a32c80d0582810077552070a44d92
c8c2157918c9fed0bb9dcc56c96b52dc7af70b05ca0228e467eaf91777751ad7
cb68f573a69f12ac22b656de23d0efcb5eb9505eeba1d579112b730151cdc2c5
cbb1fa406c6d27851d47286a24a41cd63c87edefea475cce47b1e717129dd5e4
cf2f96e668062701f4fa1528d8abcf800b14885d56701aa9e4b4cbf01c1215aa
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d0d734d7b8016f22e077bc1e2d5929c74d5f992e72e28c54daa63f1e9a9ac84b
d45471c66bbb4bae45f19ef64d69ebaf81abe398b9484b6b54509614a4ec3988
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
d5d34825c42c1f8c0355c351fc04521f72642c2726b8a315946efc47fa87990b
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ded752458bf77187cacf383583479601f35bcb9f00b67ed9e20b194bca63f23d
df5e020a0b03feb2fb9b4dc60259ebc8dd850a0e51140d84ff03c3b6080ada95
e26a854ce6e931f17f339d58f13eb839796acbd7d6c6f78daa9ad357b17556dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b978e6a495d41423a108c5549eb494e14468746baa73c017ceede0e44cff83
e9d0a36760f8f3ab8d1cd467ed7d0996772c1799ecee7605d0591275648fe481
ea3931de93ca6940e75c6da8d126fccd812f1cf590cbf7844136d5c6c0685bf0
eafd7e17be354753ca120ef03d28aa45a37c423e89e9f2602e8fd5a24400f150
eca911cde383d98bf0ebfaeae9ffcbf9a217014053c43f8a4206d325f4988a5d
ed15a1528e5e36c63430e28039add93e9059dd946f0541efb2f5f3345551073f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6b6ed623b9789747d2e491b3ad692793d461be2f27bdf0c531b2d953fa670d
f105a48d82d342c95728b98a5e49263d749ef781e137a809831ed2c2eb049ed5
f629afab7957d7c314c9085470bd3880d3911cfa6ef548fa97339c85dd3b1868
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f83ea8d23b029e5a8528514f68bff883e9a6bd231271607b473574d4ec47e133
f8dfc73064b909f520f25cd69adb4ae2192485793074f418381cbd080e20341d
f9cd239bffac3772d5d13211793dd51325889c8493e493a2b14e8ae63b065f9b
fb569f6cb17f458762401b465a42bef12e5d53c5159fe280fdeebce485918f15
fc6e0c4111cd38963ea6b4a56e332b87f188f6785c45065351a7d7b959c31287
fd86fe420268206f681edfdde283a00ce6f15dbd6bb7e09de5e8fd02cb88d463
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe26156dcbc0058c9fc1cdfb4ecbec01c82711a31548024e2f9950d817406cb2
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffc79feebdfe105c3de8840c2a5814b3fae59d3529463fdf9329080967ed92ba

de.darktrace.com Open in urlscan Pro 151.139.128.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

162 Requests

97 %HTTPS

52 %IPv6

35 Domains

50 Subdomains

45 IPs

6 Countries

9295 kBTransfer

16613 kBSize

33 Cookies

32 Outgoing links

Redirected requests

162 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

de.darktrace.com Open in urlscan Pro
151.139.128.10 Public Scan

Screenshot
Live screenshot

Full Image

162
Requests

97 %
HTTPS

52 %
IPv6

35
Domains

50
Subdomains

45
IPs

6
Countries

9295 kB
Transfer

16613 kB
Size

33
Cookies

162 HTTP transactions
9 data transactions