hiddenlayer.com Open in urlscan Pro
141.193.213.20 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Submission: On September 26 via api (September 26th 2024, 2:14:43 am UTC) from TR — Scanned from DE

Summary HTTP 96 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 20 domains to perform 96 HTTP transactions. The main IP is 141.193.213.20, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is hiddenlayer.com.
TLS certificate: Issued by WE1 on September 4th 2024. Valid for: 3 months.

This is the only time hiddenlayer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	141.193.213.20 141.193.213.20	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2606:4700:440... 2606:4700:4400::6812:2197	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:940a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	54.77.7.148 54.77.7.148	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700:10:... 2606:4700:10::6816:3b5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.117.162.98 34.117.162.98	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:224... 2600:9000:224a:9000:7:d7d6:3c40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2600:1901:1:7... 2600:1901:1:7c5::	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	18.158.205.16 18.158.205.16	16509 (AMAZON-02) (AMAZON-02)
96	22

7 141.193.213.20 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

hiddenlayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2108 (United States)

ASN13335 (CLOUDFLARENET, US)

nitroscripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:4400::6812:2197 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ikpnbdn.nitrocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:940a (United States)

ASN13335 (CLOUDFLARENET, US)

to.getnitropack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.7.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-7-148.eu-west-1.compute.amazonaws.com

log.cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:10::6816:3b5b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.162.98 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.162.117.34.bc.googleusercontent.com

pixel.byspotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:9000:7:d7d6:3c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.clearbitscripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:1:7c5:: (United States)

ASN15169 (GOOGLE, US)

pixels.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.158.205.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-205-16.eu-central-1.compute.amazonaws.com

x.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	nitrocdn.com cdn-ikpnbdn.nitrocdn.com	172 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 57	393 KB
8	cdn-cookieyes.com cdn-cookieyes.com — Cisco Umbrella Rank: 7775	45 KB
7	fontawesome.com ka-p.fontawesome.com — Cisco Umbrella Rank: 3705 kit.fontawesome.com — Cisco Umbrella Rank: 2181	270 KB
7	hiddenlayer.com hiddenlayer.com	53 KB
5	gstatic.com fonts.gstatic.com	94 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 358 px4.ads.linkedin.com — Cisco Umbrella Rank: 6989	2 KB
2	clearbitjs.com x.clearbitjs.com — Cisco Umbrella Rank: 19396	45 KB
2	spotify.com pixels.spotify.com — Cisco Umbrella Rank: 3536	271 B
2	google.de www.google.de — Cisco Umbrella Rank: 9833	127 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 152 googleads.g.doubleclick.net — Cisco Umbrella Rank: 53	578 B
2	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 4111 www.google.com — Cisco Umbrella Rank: 3	24 B
2	cookieyes.com log.cookieyes.com — Cisco Umbrella Rank: 8663	437 B
1	clearbit.com app.clearbit.com — Cisco Umbrella Rank: 20372	1 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	3 KB
1	clearbitscripts.com tag.clearbitscripts.com — Cisco Umbrella Rank: 16015	1 KB
1	byspotify.com pixel.byspotify.com — Cisco Umbrella Rank: 7762	22 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 906	14 KB
1	getnitropack.com to.getnitropack.com — Cisco Umbrella Rank: 19599	119 B
1	nitroscripts.com nitroscripts.com — Cisco Umbrella Rank: 18784	761 B
96	20

	Domain	Requested by
24	cdn-ikpnbdn.nitrocdn.com	hiddenlayer.com
10	www.googletagmanager.com	hiddenlayer.com
8	cdn-cookieyes.com	hiddenlayer.com cdn-cookieyes.com
7	hiddenlayer.com	cdn-ikpnbdn.nitrocdn.com hiddenlayer.com
6	ka-p.fontawesome.com	cdn-ikpnbdn.nitrocdn.com
5	fonts.gstatic.com	hiddenlayer.com cdn-ikpnbdn.nitrocdn.com
3	px.ads.linkedin.com	1 redirects snap.licdn.com
2	x.clearbitjs.com	hiddenlayer.com
2	pixels.spotify.com	pixel.byspotify.com
2	www.google.de
2	log.cookieyes.com	cdn-ikpnbdn.nitrocdn.com
1	app.clearbit.com	x.clearbitjs.com
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	px4.ads.linkedin.com
1	www.googleadservices.com	hiddenlayer.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	tag.clearbitscripts.com	hiddenlayer.com
1	pixel.byspotify.com	hiddenlayer.com
1	snap.licdn.com	hiddenlayer.com
1	kit.fontawesome.com	cdn-ikpnbdn.nitrocdn.com
1	to.getnitropack.com	hiddenlayer.com
1	nitroscripts.com	hiddenlayer.com
96	24

This site contains links to these domains. Also see Links.

Domain
www.cookieyes.com
www.facebook.com
twitter.com
linkedin.com
www.linkedin.com

Subject Issuer	Validity	Valid
hiddenlayer.com WE1	`2024-09-04` - `2024-12-03`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
nitroscripts.com WE1	`2024-08-27` - `2024-11-25`	3 months	crt.sh
nitrocdn.com Cloudflare Inc ECC CA-3	`2024-02-23` - `2024-12-31`	10 months	crt.sh
getnitropack.com Cloudflare Inc ECC CA-3	`2024-01-13` - `2024-12-31`	a year	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
log.cookieyes.com Amazon RSA 2048 M02	`2024-03-26` - `2025-04-25`	a year	crt.sh
cdn-cookieyes.com WE1	`2024-09-22` - `2024-12-21`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
pixel.byspotify.com WR3	`2024-08-19` - `2024-11-17`	3 months	crt.sh
clearbitscripts.com Amazon RSA 2048 M03	`2024-05-11` - `2025-06-08`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google.de WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.googleadservices.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-09-11` - `2025-03-11`	6 months	crt.sh
*.spotify.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-05` - `2025-02-04`	a year	crt.sh
clearbitjs.com Amazon RSA 2048 M02	`2024-02-15` - `2025-03-16`	a year	crt.sh
clearbit.com Amazon RSA 2048 M03	`2024-02-15` - `2025-03-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Frame ID: 0A6EB57DD04E5D9DE089C153EF90F3E3
Requests: 112 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HiddenLayer Research | New Gemini for Workspace Vulnerability

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

prettyPhoto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery\.prettyPhoto\.js

Page Statistics

96
Requests

82 %
HTTPS

74 %
IPv6

20
Domains

24
Subdomains

22
IPs

4
Countries

1117 kB
Transfer

3599 kB
Size

8
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookieyes.com/product/cookie-consent

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/&t=New%20Gemini%20for%20Workspace%20Vulnerability
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=New%20Gemini%20for%20Workspace%20Vulnerability&url=https://hiddenlayer.com/?p=10250
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://linkedin.com/shareArticle?mini=true&title=New%20Gemini%20for%20Workspace%20Vulnerability&url=https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Title: Share on Linkedin

Search URL Search Domain Scan URL

URL: https://twitter.com/hiddenlayersec
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/hiddenlayersec/
Title: Linkedin

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5765668&time=1727316878989&url=https%3A%2F%2Fhiddenlayer.com%2Fresearch%2Fnew-gemini-for-workspace-vulnerability%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5765668&time=1727316878989&url=https%3A%2F%2Fhiddenlayer.com%2Fresearch%2Fnew-gemini-for-workspace-vulnerability%2F&e_ipv6=AQLIOY5L2H4qTQAAAZIsG-cFUwe5BtXJpAY6rJ7I1RzqDvkYnh_47KAbrwnYclJ9coD1F4pI85LQaniOh-rbYqmbA2EbLA

Request Chain 99

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11463784157/?random=1377757319&cv=11&fst=1727316878973&bg=ffffff&guid=ON&async=1&gtm=45be49n0v9175552887za200zb9174415828&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fhiddenlayer.com%2Fresearch%2Fnew-gemini-for-workspace-vulnerability%2F&label=GOVCCKG_j4oZEN3trdoq&hn=www.googleadservices.com&frm=0&tiba=HiddenLayer%20Research%20%7C%20New%20Gemini%20for%20Workspace%20Vulnerability&npa=1&pscdl=noapi&auid=1071276610.1727316879&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAkondHJpZ2dlciwgZXZlbnQtc291cmNlPW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI_97058TfiAMVGaH9Bx1ZdCtnMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhhodHRwczovL2hpZGRlbmxheWVyLmNvbS9CV0NoRUk4T25PdHdZUXJ0S0wtODcxOUlYWUFSSXNBR3dJenhBTmFxU09WdzVoaThoeUY0ZmtxYWlJLVJQaVJnbG16UzBLdUc4aE54anRjem01c1EyUUFTYw HTTP 302
https://www.google.com/pagead/1p-conversion/11463784157/?random=1377757319&cv=11&fst=1727316878973&bg=ffffff&guid=ON&async=1&gtm=45be49n0v9175552887za200zb9174415828&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fhiddenlayer.com%2Fresearch%2Fnew-gemini-for-workspace-vulnerability%2F&label=GOVCCKG_j4oZEN3trdoq&hn=www.googleadservices.com&frm=0&tiba=HiddenLayer%20Research%20%7C%20New%20Gemini%20for%20Workspace%20Vulnerability&npa=1&pscdl=noapi&auid=1071276610.1727316879&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAkondHJpZ2dlciwgZXZlbnQtc291cmNlPW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI_97058TfiAMVGaH9Bx1ZdCtnMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhhodHRwczovL2hpZGRlbmxheWVyLmNvbS9CV0NoRUk4T25PdHdZUXJ0S0wtODcxOUlYWUFSSXNBR3dJenhBTmFxU09WdzVoaThoeUY0ZmtxYWlJLVJQaVJnbG16UzBLdUc4aE54anRjem01c1EyUUFTYw&is_vtc=1&cid=CAQSGwDpaXnfgj-vdgLhmbv2p6A8ub5vfpQw8bCu4g&random=826676892 HTTP 302
https://www.google.de/pagead/1p-conversion/11463784157/?random=1377757319&cv=11&fst=1727316878973&bg=ffffff&guid=ON&async=1&gtm=45be49n0v9175552887za200zb9174415828&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fhiddenlayer.com%2Fresearch%2Fnew-gemini-for-workspace-vulnerability%2F&label=GOVCCKG_j4oZEN3trdoq&hn=www.googleadservices.com&frm=0&tiba=HiddenLayer%20Research%20%7C%20New%20Gemini%20for%20Workspace%20Vulnerability&npa=1&pscdl=noapi&auid=1071276610.1727316879&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAkondHJpZ2dlciwgZXZlbnQtc291cmNlPW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI_97058TfiAMVGaH9Bx1ZdCtnMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhhodHRwczovL2hpZGRlbmxheWVyLmNvbS9CV0NoRUk4T25PdHdZUXJ0S0wtODcxOUlYWUFSSXNBR3dJenhBTmFxU09WdzVoaThoeUY0ZmtxYWlJLVJQaVJnbG16UzBLdUc4aE54anRjem01c1EyUUFTYw&is_vtc=1&cid=CAQSGwDpaXnfgj-vdgLhmbv2p6A8ub5vfpQw8bCu4g&random=826676892&ipr=y

96 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/ 166 KB
40 KB 249ms
192ms Document
text/html 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: a77f9165d50ddf715764629bcafa82bdd9237d6d5f94df1ff0aab1ed2a4d11e4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Mobile
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8c8fbdd8dbcf1cbf-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 26 Sep 2024 02:14:38 GMT
link: <https://cdn-ikpnbdn.nitrocdn.com>; rel=preconnect <https://hiddenlayer.com/?p=10250>; rel=shortlink
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 5
x-cache-ctime: 1727268204
x-cache-group: normal
x-cacheable: SHORT
x-nitro-cache: HIT
x-nitro-cache-from: drop-in
x-nitro-rev: 5fda900
x-powered-by: WP Engine

GET
H3 200 1Ptgg87LROyAm3K8-C8CSKlvPfE.woff2
fonts.gstatic.com/s/anton/v25/ 5 KB
5 KB 48ms
21ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/anton/v25/1Ptgg87LROyAm3K8-C8CSKlvPfE.woff2

Requested by

Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8a1a6a476a3744dfed81c7be6d6b1b6c332f35ae3251e270d33ffd5a10def84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://hiddenlayer.com
Referer: https://hiddenlayer.com/

Response headers

age: 2710
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 26 Sep 2025 01:29:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 01:29:28 GMT
last-modified: Thu, 24 Aug 2023 20:45:01 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5200
x-xss-protection: 0
server: sffe

GET
H3 200 1Ptgg87LROyAm3K9-C8CSKlvPfE.woff2
fonts.gstatic.com/s/anton/v25/ 20 KB
20 KB 49ms
22ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/anton/v25/1Ptgg87LROyAm3K9-C8CSKlvPfE.woff2

Requested by

Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

606a91ed2bc8cc56113dc14f9f5ecdb052ee42c57131f3cd457b6d233ee61336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://hiddenlayer.com
Referer: https://hiddenlayer.com/

Response headers

age: 148540
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 24 Sep 2025 08:58:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 08:58:58 GMT
last-modified: Thu, 24 Aug 2023 20:21:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20756
x-xss-protection: 0
server: sffe

GET c89d2ff8-b10f-49e5-8a99-2682efa4b65e
https://hiddenlayer.com/ 0
0

GET
H2 200 VPjJFZafAracAoolanwjINjDOpBvYBoS Show response
nitroscripts.com/ 993 B
761 B 84ms
35ms Script
text/javascript 2606:4700:4400::6812:2108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nitroscripts.com/VPjJFZafAracAoolanwjINjDOpBvYBoS

Requested by

Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2108 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

834a654264521b39545447577b0fbbc130e2c1ecba2fb29c77f4d806de9c3de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=600, stale-while-revalidate=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 464
cf-ray: 8c8fbdda7c4abb50-FRA
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: text/javascript
last-modified: Thu, 26 Sep 2024 02:03:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
DATA 200
OK truncated
/ 95 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84c2ac3e9104923e08b9eb6bd22d2048e63108342873ddab334aa21fc8b8bac9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 95 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 728dee91d9f1fde5fd2fba426f81800e96fc1436cd341ff9bcad39f64bd760d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 95 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad9e17f5f6013688dc48e472bb23bca89a0c09bf7f999f0eb3df985c23afa4dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 95 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed91c46741b4e6ba12ec5a5a1f0408440b6f73fb070398b2cd57d5df8a07d35a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 95 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d05004f1a6f4a3b82a6ffc8e94fd2e872bd58cf13b154ce7d06a12c382f8c8b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 95 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3ac666949983c795e85d4315b105d44f12fce8e2978e58f6732170d9b0a25e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 97 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 018466510be5af5f857af683ef751f255fe8229678e7b30c9e96f4a287786f54

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f8f44d93949d6dfa8a926ee08527fbcab0241c0a8e6500061b3c82ec34a758d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76f960b1c018af3c602a89d2f02236dc08a4167cca0f205cebeb3ca8d421f460

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 97 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dd1c39b216094b6318d2185574ac4c4dc000430c6f3b83c428e88ea169adcba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 97 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7448ba3e8d551f0c955c6467907128339211877ee76c74ce3957b765d73a5a47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cc47afb44ef8c9182b50efa27c5f9222c84c95d53cf304e35afc02d527829b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 95 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecf06e0881a5ef96b1b1dd37f70c0165f216027c770779d5b71dde62f3476653

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 95 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecf06e0881a5ef96b1b1dd37f70c0165f216027c770779d5b71dde62f3476653

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 95 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b34de9712693ed232cc1b259ba86244716c1206dd9350c91f7cd07866ba9d2a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 95 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b34de9712693ed232cc1b259ba86244716c1206dd9350c91f7cd07866ba9d2a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 95 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84c2ac3e9104923e08b9eb6bd22d2048e63108342873ddab334aa21fc8b8bac9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32067dc1a05a00123de57e8e43ab9a02c0c25a3b6430b2d95ea9bda092ba3b9a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 1Ptgg87LROyAm3Kz-C8CSKlv.woff2
fonts.gstatic.com/s/anton/v25/ 12 KB
12 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/anton/v25/1Ptgg87LROyAm3Kz-C8CSKlv.woff2

Requested by

Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6f407e937ffb3cb9c275992f426d548402bf2afdc9df01c106139de7432983d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://hiddenlayer.com
Referer: https://hiddenlayer.com/

Response headers

age: 160016
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 24 Sep 2025 05:47:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 05:47:42 GMT
last-modified: Thu, 24 Aug 2023 20:21:17 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12080
x-xss-protection: 0
server: sffe

GET
H3 200 hiddenlayer-icons.woff2
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/source/rev-5fda900/hiddenlayer.com/wp-content/uploads/avia_fonts/hiddenlayer-icons/ 4 KB
4 KB 63ms
30ms Font
font/woff2 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/source/rev-5fda900/hiddenlayer.com/wp-content/uploads/avia_fonts/hiddenlayer-icons/hiddenlayer-icons.woff2
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d0f4cc9ab5b19f3d6bec78e4ec5c1f5ea34696eb6ccdcaedf2769d81d86a5e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://hiddenlayer.com
Referer: https://hiddenlayer.com/

Response headers

link: <https://hiddenlayer.com/wp-content/uploads/avia_fonts/hiddenlayer-icons/hiddenlayer-icons.woff2>; rel="canonical"
cache-control: max-age=31536000, public
cf-cache-status: HIT
etag: "66b67d60-ebe"
age: 2913459
cf-ray: 8c8fbdda9efb049f-FRA
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 3624
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: font/woff2
last-modified: Fri, 09 Aug 2024 20:34:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 va9I4kzIxd1KFrBoQeNVkqDO.woff2
fonts.gstatic.com/s/chivo/v18/ 30 KB
30 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/chivo/v18/va9I4kzIxd1KFrBoQeNVkqDO.woff2

Requested by

Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffa27b67c8afb4093f8b6d995fd349db452357f81db5bbeb2f015be3e99a280a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://hiddenlayer.com
Referer: https://hiddenlayer.com/

Response headers

age: 149598
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 24 Sep 2025 08:41:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 08:41:20 GMT
last-modified: Thu, 17 Nov 2022 15:48:44 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31172
x-xss-protection: 0
server: sffe

GET
H3 200 Gemini_Phishing_FeaturedImageWP.jpg
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/images/optimized/rev-bcf818c/hiddenlayer.com/wp-content/uploads/ 20 KB
20 KB 58ms
35ms Image
image/webp 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/images/optimized/rev-bcf818c/hiddenlayer.com/wp-content/uploads/Gemini_Phishing_FeaturedImageWP.jpg
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 395c5ecbb01e01c4272d4a75c4cf2cf21226cb2f818c32f700d3d20d8fa1b909

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

link: <https://hiddenlayer.com/wp-content/uploads/Gemini_Phishing_FeaturedImageWP.jpg>; rel="canonical"
cache-control: max-age=31536000, public
cf-cache-status: HIT
etag: "66f3fb89-4e89"
age: 464
cf-ray: 8c8fbddacfb89f54-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19972
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: image/webp
last-modified: Wed, 25 Sep 2024 12:01:13 GMT
vary: Accept, Accept-Encoding
server: cloudflare

GET
H3 200 mobileMenuBG.png
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/images/optimized/rev-bcf818c/hiddenlayer.com/wp-content/uploads/ 541 B
814 B 54ms
32ms Image
image/png 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/images/optimized/rev-bcf818c/hiddenlayer.com/wp-content/uploads/mobileMenuBG.png
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9b5d2c495f233060eff4d1b00856d0d9a4ebbdb3b6be3d7d62c85648d3a53ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

link: <https://hiddenlayer.com/wp-content/uploads/mobileMenuBG.png>; rel="canonical"
cache-control: max-age=31536000, public
cf-cache-status: HIT
etag: "66b67d11-28e"
age: 502515
cf-ray: 8c8fbddacfb69f54-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 541
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: image/png
last-modified: Fri, 09 Aug 2024 20:33:21 GMT
vary: Accept, Accept-Encoding
server: cloudflare

POST
H2 200 p
to.getnitropack.com/ 0
119 B 132ms
80ms Ping
text/plain 2606:4700:4400::ac40:940a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://to.getnitropack.com/p

Requested by

Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:940a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://hiddenlayer.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 8c8fbddb793ad2d6-FRA
content-length: 0
cf-cache-status: DYNAMIC
date: Thu, 26 Sep 2024 02:14:38 GMT
server: cloudflare

GET
H3 200 nitro-min-noimport-8700de0835c38654cdf04e3d486217b7-stylesheet.css
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/combinedCss/ 187 KB
22 KB 35ms
35ms Stylesheet
text/css 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/combinedCss/nitro-min-noimport-8700de0835c38654cdf04e3d486217b7-stylesheet.css
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10ca11dbcd9799dd7cd5db941875590fbb9678dac10881e3267cbc3bebeeadd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

cache-control: max-age=31536000, public
content-encoding: br
cf-cache-status: HIT
etag: W/"66f4056c-2ec3a"
age: 467
cf-ray: 8c8fbddb2fe79f54-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: text/css
last-modified: Wed, 25 Sep 2024 12:43:24 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 nitro-min-noimport-6d001a40dae855563820d5525a2c5093-stylesheet.css
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/externalFontFace/ 11 KB
859 B 32ms
32ms Stylesheet
text/css 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/externalFontFace/nitro-min-noimport-6d001a40dae855563820d5525a2c5093-stylesheet.css
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 658e3d1e9a558388afd4640ce0f03fcaa0ebed0b110540635cfc107399c5bacd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

cache-control: max-age=31536000, public
content-encoding: br
cf-cache-status: HIT
etag: W/"66b67d39-2c00"
age: 1968002
cf-ray: 8c8fbddb2fe99f54-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: text/css
last-modified: Fri, 09 Aug 2024 20:34:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 HiddenLayer-Site-Favicon.jpg
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/images/optimized/rev-bcf818c/hiddenlayer.com/wp-content/uploads/ 14 KB
14 KB 30ms
30ms Other
image/webp 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/images/optimized/rev-bcf818c/hiddenlayer.com/wp-content/uploads/HiddenLayer-Site-Favicon.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b8698cf35ce501685c027154c3304e2831caacabb97d6249967e11e6aff1e40

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

link: <https://hiddenlayer.com/wp-content/uploads/HiddenLayer-Site-Favicon.jpg>; rel="canonical"
cache-control: max-age=31536000, public
cf-cache-status: HIT
etag: "66b67d0b-3804"
age: 502514
cf-ray: 8c8fbddb2fea9f54-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14214
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: image/webp
last-modified: Fri, 09 Aug 2024 20:33:15 GMT
vary: Accept, Accept-Encoding
server: cloudflare

GET
H3 200 fa-fontello.woff2
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/source/rev-5fda900/hiddenlayer.com/wp-content/plugins/enfold-fast/assets/fonts/ 4 KB
5 KB 31ms
30ms Font
font/woff2 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/source/rev-5fda900/hiddenlayer.com/wp-content/plugins/enfold-fast/assets/fonts/fa-fontello.woff2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82c512c982d75150bb51f97cb89c9aa15f84dff4fa6a079e844e6e3578aef839

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://hiddenlayer.com
Referer: https://hiddenlayer.com/

Response headers

link: <https://hiddenlayer.com/wp-content/plugins/enfold-fast/assets/fonts/fa-fontello.woff2>; rel="canonical"
cache-control: max-age=31536000, public
cf-cache-status: HIT
etag: "66b67d60-123c"
age: 2131645
cf-ray: 8c8fbddb8f5f049f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4528
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: font/woff2
last-modified: Fri, 09 Aug 2024 20:34:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 404 Group-61706.png
hiddenlayer.com/wp-content/themes/hiddenlayer/assets/wp-content/uploads/ 548 B
548 B 184ms
184ms Image
text/html 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiddenlayer.com/wp-content/themes/hiddenlayer/assets/wp-content/uploads/Group-61706.png
Requested by: Host: cdn-ikpnbdn.nitrocdn.com
URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/combinedCss/nitro-min-noimport-8700de0835c38654cdf04e3d486217b7-stylesheet.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn-ikpnbdn.nitrocdn.com/

Response headers

cf-ray: 8c8fbddb9da81cbf-FRA
content-encoding: br
cf-cache-status: HIT
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare

GET
BLOB 200
OK b2a9798f-96a4-47c3-a1bd-a44cfe9db86a Show response
https://hiddenlayer.com/ 342 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hiddenlayer.com/b2a9798f-96a4-47c3-a1bd-a44cfe9db86a
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a5d48c5ba349b688ecedef31fd0c0c5b8a7851d6f48c70fec3dca6c971cadc3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript
Content-Length: 342

GET
BLOB 200
OK 81b7e652-cd9d-4c81-a808-0e2353393c0e Show response
https://hiddenlayer.com/ 153 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hiddenlayer.com/81b7e652-cd9d-4c81-a808-0e2353393c0e
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e090feb2587a31fa3efdbec1e1d817b57015553ab62c04b0654067c207c0c5f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript
Content-Length: 153

GET
H3 200 nitro-min-script.js Show response
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/cdn-cookieyes.com/client_data/3ca5ad1047b39dc7bc301384/ 97 KB
35 KB 34ms
33ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/cdn-cookieyes.com/client_data/3ca5ad1047b39dc7bc301384/nitro-min-script.js
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba22ed737b1037fc403866197ecc0896d559365f399f84f739e0e3161c04a00b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

link: <https://cdn-cookieyes.com/client_data/3ca5ad1047b39dc7bc301384/script.js>; rel="canonical"
cache-control: max-age=31536000, public
content-encoding: br
cf-cache-status: HIT
etag: W/"66b67d60-1833f"
age: 502514
cf-ray: 8c8fbddba8259f54-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript
last-modified: Fri, 09 Aug 2024 20:34:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 nitro-min-f43b551b749a36845288913120943cc6.jquery.min.js Show response
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-includes/js/jquery/ 86 KB
31 KB 53ms
52ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-includes/js/jquery/nitro-min-f43b551b749a36845288913120943cc6.jquery.min.js
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

link: <https://hiddenlayer.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1>; rel="canonical"
cache-control: max-age=31536000, public
content-encoding: br
cf-cache-status: HIT
etag: W/"66b67d60-15689"
age: 4072192
cf-ray: 8c8fbddba8299f54-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript
last-modified: Fri, 09 Aug 2024 20:34:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 nitro-min-558973c0fd98109493258c8470e94016.jquery-migrate.min.js Show response
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-includes/js/jquery/ 13 KB
5 KB 54ms
54ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-includes/js/jquery/nitro-min-558973c0fd98109493258c8470e94016.jquery-migrate.min.js
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

link: <https://hiddenlayer.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1>; rel="canonical"
cache-control: max-age=31536000, public
content-encoding: br
cf-cache-status: HIT
etag: W/"66b67d60-3599"
age: 4072192
cf-ray: 8c8fbddba82c9f54-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript
last-modified: Fri, 09 Aug 2024 20:34:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 nitro-min-005e7afb3769b3c7d54566ab9a356498.jquery.prettyPhoto.js Show response
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-content/plugins/wp-video-lightbox/js/ 22 KB
6 KB 54ms
54ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-content/plugins/wp-video-lightbox/js/nitro-min-005e7afb3769b3c7d54566ab9a356498.jquery.prettyPhoto.js
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c2493275f292da95a4a8446a029bdd25050adda489e517094c2d972ab2d2f4a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

link: <https://hiddenlayer.com/wp-content/plugins/wp-video-lightbox/js/jquery.prettyPhoto.js?ver=3.1.6>; rel="canonical"
cache-control: max-age=31536000, public
content-encoding: br
cf-cache-status: HIT
etag: W/"66b67d60-573f"
age: 2627893
cf-ray: 8c8fbddba82e9f54-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript
last-modified: Fri, 09 Aug 2024 20:34:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
BLOB 200
OK 0fc49ce6-e29a-4266-b8ca-3f6f3530bf89 Show response
https://hiddenlayer.com/ 557 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hiddenlayer.com/0fc49ce6-e29a-4266-b8ca-3f6f3530bf89
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9eba87f28884a476dc60170927f8c4946014ba6dd691004556b7b35963e66b35

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript
Content-Length: 557

GET
H3 200 nitro-min-005e7afb3769b3c7d54566ab9a356498.video-lightbox.js Show response
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-content/plugins/wp-video-lightbox/js/ 6 KB
1 KB 54ms
54ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-content/plugins/wp-video-lightbox/js/nitro-min-005e7afb3769b3c7d54566ab9a356498.video-lightbox.js
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1da2264daa3b93151608805c56ccae1d3d0cd1ba961fb2a0f0593b5d22607ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

link: <https://hiddenlayer.com/wp-content/plugins/wp-video-lightbox/js/video-lightbox.js?ver=3.1.6>; rel="canonical"
cache-control: max-age=31536000, public
content-encoding: br
cf-cache-status: HIT
etag: W/"66ed17cd-1a1a"
age: 502514
cf-ray: 8c8fbddba8319f54-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript
last-modified: Fri, 20 Sep 2024 06:35:57 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 nitro-min-avia-head-scripts-23b8991274003d7e5d620e94d1633d4d---66f28d0980337.js Show response
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-content/uploads/dynamic_avia/ 2 KB
916 B 35ms
35ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-content/uploads/dynamic_avia/nitro-min-avia-head-scripts-23b8991274003d7e5d620e94d1633d4d---66f28d0980337.js
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58ff9eb6df900abfb969d968f46db835fb8e2b351dc4d7af98a278d195fc5ec8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

link: <https://hiddenlayer.com/wp-content/uploads/dynamic_avia/avia-head-scripts-23b8991274003d7e5d620e94d1633d4d---66f28d0980337.js>; rel="canonical"
cache-control: max-age=31536000, public
content-encoding: br
cf-cache-status: HIT
etag: W/"66f2aa3d-711"
age: 124837
cf-ray: 8c8fbddba8349f54-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript
last-modified: Tue, 24 Sep 2024 12:02:05 GMT
vary: Accept-Encoding
server: cloudflare

GET
BLOB 200
OK 3800dff8-6f4b-4615-8223-8dcdb2dff88f Show response
https://hiddenlayer.com/ 170 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hiddenlayer.com/3800dff8-6f4b-4615-8223-8dcdb2dff88f
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01a59dec3cac9eaf671080aa8a0d9923377ccfa6b4f545cbbed101a2ccb4cf4c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript
Content-Length: 170

GET
BLOB 200
OK 114b1020-2d26-4ba0-baed-fe3990a7f520 Show response
https://hiddenlayer.com/ 79 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hiddenlayer.com/114b1020-2d26-4ba0-baed-fe3990a7f520
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7363b59cecd855d1d7b67a62aadd40e72e8b69ea62cacca14ff8c58e2ca33b04

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript
Content-Length: 79

GET
BLOB 200
OK 890ccd4c-1f4e-46fa-870a-4a69d7dbfbbe Show response
https://hiddenlayer.com/ 302 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hiddenlayer.com/890ccd4c-1f4e-46fa-870a-4a69d7dbfbbe
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4dadde3e2a4d7d84532b5f5ba112e8a5f6d045a6175388fbc3049207e723c1f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript
Content-Length: 302

GET
BLOB 200
OK 15196199-2ce3-436e-aca5-5e059347fba2 Show response
https://hiddenlayer.com/ 190 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hiddenlayer.com/15196199-2ce3-436e-aca5-5e059347fba2
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 421443cdb3c67b65c101abe196da6a89bdb475ae4f358c8c6ab947e4f715a679

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript
Content-Length: 190

GET
BLOB 200
OK 65f10c65-ca5c-43e7-bfb7-908a36fab423 Show response
https://hiddenlayer.com/ 386 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hiddenlayer.com/65f10c65-ca5c-43e7-bfb7-908a36fab423
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aed8b178b8d8ff7e1c4f1f69cd6f4224172fd8db272770cda7e76f2be82d9578

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript
Content-Length: 386

GET
H3 200 nitro-min-da52d91116.js Show response
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/kit.fontawesome.com/ 13 KB
5 KB 28ms
28ms Script
text/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/kit.fontawesome.com/nitro-min-da52d91116.js
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cabfdc0137ba973b15326e555e63e2bad33d63b174dea48e5783b814349c5f20

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://hiddenlayer.com
Referer: https://hiddenlayer.com/

Response headers

link: <https://kit.fontawesome.com/da52d91116.js>; rel="canonical"
cache-control: max-age=31536000, public
content-encoding: br
cf-cache-status: HIT
etag: W/"66b67d60-343e"
age: 2644407
cf-ray: 8c8fbddbaf6b049f-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: text/javascript
last-modified: Fri, 09 Aug 2024 20:34:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 nitro-min-email-decode.min.js Show response
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
861 B 54ms
54ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/nitro-min-email-decode.min.js
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

link: <https://hiddenlayer.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js>; rel="canonical"
cache-control: max-age=31536000, public
content-encoding: br
cf-cache-status: HIT
etag: W/"66b67d39-570"
age: 2627893
cf-ray: 8c8fbddba8379f54-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript
last-modified: Fri, 09 Aug 2024 20:34:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 nitro-min-sticky-sidebar.min.js Show response
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/cdnjs.cloudflare.com/ajax/libs/sticky-sidebar/3.3.1/ 10 KB
4 KB 33ms
33ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/cdnjs.cloudflare.com/ajax/libs/sticky-sidebar/3.3.1/nitro-min-sticky-sidebar.min.js
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cf54a6eb9676ef17b3890208b3af8b336f8c8c2b8efe0d820b2baf274f7bd65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://hiddenlayer.com
Referer

Response headers

link: <https://cdnjs.cloudflare.com/ajax/libs/sticky-sidebar/3.3.1/sticky-sidebar.min.js>; rel="canonical"
cache-control: max-age=31536000, public
content-encoding: br
cf-cache-status: HIT
etag: W/"66b67d39-2a14"
age: 496269
cf-ray: 8c8fbddbaf6c049f-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 09 Aug 2024 20:34:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
BLOB 200
OK a9e0dc71-99c6-4d10-a23e-caf3b247ad4a Show response
https://hiddenlayer.com/ 175 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hiddenlayer.com/a9e0dc71-99c6-4d10-a23e-caf3b247ad4a
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c04e775942cb0bb8a2666fb2d11b11bbe7a5b7575b9d4691f84120b2d99d77b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript
Content-Length: 175

GET
BLOB 200
OK 288ffbff-c526-403f-a1a3-c326d24fb401 Show response
https://hiddenlayer.com/ 174 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hiddenlayer.com/288ffbff-c526-403f-a1a3-c326d24fb401
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cac14a832c038b71056684b91e3fd3c5dee3ba2a1b3b2b34ca1f520cc4efc36a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript
Content-Length: 174

GET
BLOB 200
OK 114c027f-34ab-405a-958a-cf1adced6305 Show response
https://hiddenlayer.com/ 377 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hiddenlayer.com/114c027f-34ab-405a-958a-cf1adced6305
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5339ddcc98b22893ab6490cd6966dce23fcbd2e0b6060dc06ccc8637bfdff1e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript
Content-Length: 377

GET
BLOB 200
OK 53fc1897-2e68-4621-9301-8f8c23fc8a69 Show response
https://hiddenlayer.com/ 124 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hiddenlayer.com/53fc1897-2e68-4621-9301-8f8c23fc8a69
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab2d29da1e9d4b1d6d581f293a0d5268bfaa9687cc64314a901b1d738e8ca99c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript
Content-Length: 124

GET
H3 200 nitro-min-cd4538be001d8038dacdf0c490071916.prism-core.js Show response
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-content/plugins/prismatic/lib/prism/js/ 7 KB
3 KB 53ms
53ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-content/plugins/prismatic/lib/prism/js/nitro-min-cd4538be001d8038dacdf0c490071916.prism-core.js
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60e77411f58a05d45dd27987aeeb87ec76105324fb0ffb51fa03378a7631a02a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

link: <https://hiddenlayer.com/wp-content/plugins/prismatic/lib/prism/js/prism-core.js?ver=3.4.3>; rel="canonical"
cache-control: max-age=31536000, public
content-encoding: br
cf-cache-status: HIT
etag: W/"66b67d39-1dde"
age: 2129724
cf-ray: 8c8fbddba8399f54-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript
last-modified: Fri, 09 Aug 2024 20:34:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 nitro-min-cd4538be001d8038dacdf0c490071916.plugin-toolbar.js Show response
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-content/plugins/prismatic/lib/prism/js/ 2 KB
960 B 53ms
53ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-content/plugins/prismatic/lib/prism/js/nitro-min-cd4538be001d8038dacdf0c490071916.plugin-toolbar.js
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 352c1beced07ac325c0bed92012806b823fcfad769221aa7ccb4d99064494429

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

link: <https://hiddenlayer.com/wp-content/plugins/prismatic/lib/prism/js/plugin-toolbar.js?ver=3.4.3>; rel="canonical"
cache-control: max-age=31536000, public
content-encoding: br
cf-cache-status: HIT
etag: W/"66b67d39-77d"
age: 496269
cf-ray: 8c8fbddba83a9f54-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript
last-modified: Fri, 09 Aug 2024 20:34:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 nitro-min-cd4538be001d8038dacdf0c490071916.plugin-line-highlight.js Show response
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-content/plugins/prismatic/lib/prism/js/ 4 KB
2 KB 54ms
53ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-content/plugins/prismatic/lib/prism/js/nitro-min-cd4538be001d8038dacdf0c490071916.plugin-line-highlight.js
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 063ece5bd3ad41dcb2834ce96682fc0f1f0424071537a8f714ec722925c0f8fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

link: <https://hiddenlayer.com/wp-content/plugins/prismatic/lib/prism/js/plugin-line-highlight.js?ver=3.4.3>; rel="canonical"
cache-control: max-age=31536000, public
content-encoding: br
cf-cache-status: HIT
etag: W/"66b67d39-f21"
age: 1232294
cf-ray: 8c8fbddba83b9f54-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript
last-modified: Fri, 09 Aug 2024 20:34:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 nitro-min-cd4538be001d8038dacdf0c490071916.plugin-line-numbers.js Show response
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-content/plugins/prismatic/lib/prism/js/ 3 KB
1 KB 55ms
55ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-content/plugins/prismatic/lib/prism/js/nitro-min-cd4538be001d8038dacdf0c490071916.plugin-line-numbers.js
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5c99feed70b757a4ab0f8bfd80584f773db6694e9e0ce2dab3164fa55a89a35

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

link: <https://hiddenlayer.com/wp-content/plugins/prismatic/lib/prism/js/plugin-line-numbers.js?ver=3.4.3>; rel="canonical"
cache-control: max-age=31536000, public
content-encoding: br
cf-cache-status: HIT
etag: W/"66b67d39-ace"
age: 2141416
cf-ray: 8c8fbddba83d9f54-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript
last-modified: Fri, 09 Aug 2024 20:34:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 nitro-min-cd4538be001d8038dacdf0c490071916.plugin-show-language.js Show response
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-content/plugins/prismatic/lib/prism/js/ 6 KB
3 KB 56ms
55ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-content/plugins/prismatic/lib/prism/js/nitro-min-cd4538be001d8038dacdf0c490071916.plugin-show-language.js
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 232e69e80be0a427859339ec3793ef82dcceceed73a562c67d5b4f1791fd6a49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

link: <https://hiddenlayer.com/wp-content/plugins/prismatic/lib/prism/js/plugin-show-language.js?ver=3.4.3>; rel="canonical"
cache-control: max-age=31536000, public
content-encoding: br
cf-cache-status: HIT
etag: W/"66b67d39-1722"
age: 2141416
cf-ray: 8c8fbddba83e9f54-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript
last-modified: Fri, 09 Aug 2024 20:34:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 nitro-min-cd4538be001d8038dacdf0c490071916.plugin-copy-clipboard.js Show response
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-content/plugins/prismatic/lib/prism/js/ 2 KB
929 B 53ms
53ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-content/plugins/prismatic/lib/prism/js/nitro-min-cd4538be001d8038dacdf0c490071916.plugin-copy-clipboard.js
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9fdcca872f30e1e2aa809dcf50566aa3116040e027f33f56304456df35fa671

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

link: <https://hiddenlayer.com/wp-content/plugins/prismatic/lib/prism/js/plugin-copy-clipboard.js?ver=3.4.3>; rel="canonical"
cache-control: max-age=31536000, public
content-encoding: br
cf-cache-status: HIT
etag: W/"66b67d39-6bd"
age: 1952284
cf-ray: 8c8fbddba83f9f54-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript
last-modified: Fri, 09 Aug 2024 20:34:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 nitro-min-cd4538be001d8038dacdf0c490071916.lang-shell-session.js Show response
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-content/plugins/prismatic/lib/prism/js/ 6 KB
3 KB 53ms
53ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-content/plugins/prismatic/lib/prism/js/nitro-min-cd4538be001d8038dacdf0c490071916.lang-shell-session.js
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5e68d19f28db95145a2521599628eba7f9d1942221f55d0d199c11b896f7d58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

link: <https://hiddenlayer.com/wp-content/plugins/prismatic/lib/prism/js/lang-shell-session.js?ver=3.4.3>; rel="canonical"
cache-control: max-age=31536000, public
content-encoding: br
cf-cache-status: HIT
etag: W/"66b68ea8-1992"
age: 913927
cf-ray: 8c8fbddba8409f54-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript
last-modified: Fri, 09 Aug 2024 21:48:24 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 nitro-min-avia-footer-scripts-b4564c74c74d70f03e641902f3a4b1cf---66f28d0a0d273.js Show response
cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-content/uploads/dynamic_avia/ 16 KB
4 KB 70ms
69ms Script
application/javascript 2606:4700:4400::6812:2197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/wp-content/uploads/dynamic_avia/nitro-min-avia-footer-scripts-b4564c74c74d70f03e641902f3a4b1cf---66f28d0a0d273.js
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf1b6e99c49bef2930bd2995cb03735cb87411f2714c6496c82f57f4f05b575c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

link: <https://hiddenlayer.com/wp-content/uploads/dynamic_avia/avia-footer-scripts-b4564c74c74d70f03e641902f3a4b1cf---66f28d0a0d273.js>; rel="canonical"
cache-control: max-age=31536000, public
content-encoding: br
cf-cache-status: HIT
etag: W/"66f2aa3d-3f09"
age: 124837
cf-ray: 8c8fbddba8429f54-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript
last-modified: Tue, 24 Sep 2024 12:02:05 GMT
vary: Accept-Encoding
server: cloudflare

GET
BLOB 200
OK 99ffb261-1f2e-4e81-a3e9-753adb383aae Show response
https://hiddenlayer.com/ 133 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hiddenlayer.com/99ffb261-1f2e-4e81-a3e9-753adb383aae
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8faad681287911f0921a6265eb96aff27244f1926f8a634ad0112a28489050e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript
Content-Length: 133

GET
BLOB 200
OK 2129f6d0-dc26-49b6-a299-a326e44e63fb Show response
https://hiddenlayer.com/ 130 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hiddenlayer.com/2129f6d0-dc26-49b6-a299-a326e44e63fb
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8721e64a227d6b9e3fb695a956a0656854acb7d9a6b48a085f2f97888a5a86a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript
Content-Length: 130

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 318 KB
106 KB 103ms
59ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V657TN00XF

Requested by

Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

47dfff785d14567e1ca1bece93fbfd12f1fb2a4650b9206fd03965b95d04cafa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 26 Sep 2024 02:14:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 108094
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 258 KB
92 KB 72ms
34ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WB38PZC4

Requested by

Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f40b671b37ea74f02b819ad51335302040fe345118518a89624f3c3d7c2d6179

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 26 Sep 2024 02:14:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 26 Sep 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 93163
x-xss-protection: 0
server: Google Tag Manager

POST
H2 200 log
log.cookieyes.com/api/v1/ 2 B
219 B 143ms
44ms Ping
text/plain 54.77.7.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.cookieyes.com/api/v1/log
Requested by: Host: cdn-ikpnbdn.nitrocdn.com
URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/cdn-cookieyes.com/client_data/3ca5ad1047b39dc7bc301384/nitro-min-script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.7.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-7-148.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary9mLVosKMbP2kSvxI
Referer: https://hiddenlayer.com/

Response headers

x-robots-tag: noindex, nofollow
link: <https://www.cookieyes.com>; rel="canonical"
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-origin: *
content-length: 2
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: text/plain; charset=utf-8
x-powered-by: Express

GET
H2 200 banner.js Show response
cdn-cookieyes.com/client_data/3ca5ad1047b39dc7bc301384/ 100 KB
33 KB 88ms
30ms Script
application/javascript 2606:4700:10::6816:3b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/3ca5ad1047b39dc7bc301384/banner.js
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c98b3045d46520a7b7d9bc4e7c2cd3e3fb03e852eb7ed091b8c4126ac9bc45b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding: gzip
cf-cache-status: HIT
etag: "19190-622b6ab169b61-gzip"
age: 149829
access-control-allow-methods: GET, OPTIONS
cf-ray: 8c8fbddc5c9b2bb6-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33636
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript
last-modified: Sun, 22 Sep 2024 15:10:10 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 1 MB
179 KB 85ms
35ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=da52d91116
Requested by: Host: cdn-ikpnbdn.nitrocdn.com
URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/kit.fontawesome.com/nitro-min-da52d91116.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae7c0230749b8a1ac31acdabea1094f958afa5775035ae537cda4a07bf973582

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: "6695a0b7-2cce4"
age: 4230236
cf-ray: 8c8fbddc7dafd2df-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 183524
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: text/css
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 27 KB
4 KB 81ms
31ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v4-shims.min.css?token=da52d91116
Requested by: Host: cdn-ikpnbdn.nitrocdn.com
URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/kit.fontawesome.com/nitro-min-da52d91116.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0fdba09e5424857290d8e5aa6beb9953d22465dd8cd82e760e549a3f0663320

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: "6695a0b7-10e7"
age: 1700884
cf-ray: 8c8fbddc7daad2df-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4327
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: text/css
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 50 KB
7 KB 85ms
35ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v5-font-face.min.css?token=da52d91116
Requested by: Host: cdn-ikpnbdn.nitrocdn.com
URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/kit.fontawesome.com/nitro-min-da52d91116.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dba1570e2c1f739e153f9c8d38e73de101eb05a1c3b158b3a267e55c4b545a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: "6695a0b8-1c1c"
age: 4324630
cf-ray: 8c8fbddc7dacd2df-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7196
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: text/css
last-modified: Mon, 15 Jul 2024 22:20:40 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 7 KB
2 KB 83ms
33ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v4-font-face.min.css?token=da52d91116
Requested by: Host: cdn-ikpnbdn.nitrocdn.com
URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/kit.fontawesome.com/nitro-min-da52d91116.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42ffeae687ee562cc3d669407321ce1754cc922ed793e3371efac196b33cbf47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: "6695a0b7-6ca"
age: 4377554
cf-ray: 8c8fbddc7dadd2df-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1738
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: text/css
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/da52d91116/16496203/ 0
387 B 80ms
30ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/da52d91116/16496203/kit-upload.css
Requested by: Host: cdn-ikpnbdn.nitrocdn.com
URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/kit.fontawesome.com/nitro-min-da52d91116.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

access-control-max-age: 3000
x-request-id: F-q5RqGhDT02ISVrpvTh
cf-cache-status: HIT
etag: 54af53b207eef226d6511e0a88e3038e
age: 2795250
access-control-allow-methods: GET, OPTIONS
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: text/css
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
cache-control: max-age=31556926, public, must-revalidate
cf-ray: 8c8fbddc7f9a2c23-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
server: cloudflare

GET
H2 200 body.css
hiddenlayer.com/wp-content/plugins/enfold-fast/assets/css/ 25 KB
3 KB 38ms
37ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiddenlayer.com/wp-content/plugins/enfold-fast/assets/css/body.css?v=1.2.26
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5f2deb77413dba50b4e4ff391c008ad5e2b9d8c6ba68e5f52879147a2b1335b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"6608be80-648a"
age: 2557206
cf-ray: 8c8fbddc3df61cbf-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Sun, 31 Mar 2024 01:38:08 GMT

GET
H2 200 body.css
hiddenlayer.com/wp-content/themes/hiddenlayer/assets/css/ 41 KB
7 KB 45ms
45ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hiddenlayer.com/wp-content/themes/hiddenlayer/assets/css/body.css?v=3.75
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2304803950784c984200a3808f30da89d8cc88ff7fff1cd0929c6f94c35e7a92

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"669158b4-a3f5"
age: 3197118
cf-ray: 8c8fbddc3dfb1cbf-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Fri, 12 Jul 2024 16:24:20 GMT

GET
H2 200 gridBlockOne.png
hiddenlayer.com/wp-content/uploads/ 994 B
1 KB 42ms
42ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiddenlayer.com/wp-content/uploads/gridBlockOne.png
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/wp-content/themes/hiddenlayer/assets/css/body.css?v=3.75
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab1e7366d6a59659d01ff3916510adac4e2054bb6a004f377dc9af529b04e267

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/wp-content/themes/hiddenlayer/assets/css/body.css?v=3.75

Response headers

cf-bgj: imgq:100,h2pri
etag: "6608be67-432"
age: 3197116
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=1074
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: image/webp
content-disposition: inline; filename="gridBlockOne.webp"
vary: Accept
last-modified: Sun, 31 Mar 2024 01:37:43 GMT
cache-control: public, max-age=31536000
cf-ray: 8c8fbddc9e261cbf-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 994
server: cloudflare

GET
H2 200 postGridNewOverlay.png
hiddenlayer.com/wp-content/uploads/ 134 B
339 B 38ms
38ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiddenlayer.com/wp-content/uploads/postGridNewOverlay.png
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/wp-content/themes/hiddenlayer/assets/css/body.css?v=3.75
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72176abd29a1752c1250743100b7cc46eca40752d67de400e8a273dd9d20f8d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/wp-content/themes/hiddenlayer/assets/css/body.css?v=3.75

Response headers

cf-bgj: imgq:100,h2pri
etag: "6608be68-104"
age: 3197115
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=260
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: image/webp
content-disposition: inline; filename="postGridNewOverlay.webp"
vary: Accept
last-modified: Sun, 31 Mar 2024 01:37:44 GMT
cache-control: public, max-age=31536000
cf-ray: 8c8fbddc9e271cbf-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 134
server: cloudflare

GET
H2 200 loading.svg
hiddenlayer.com/wp-content/themes/hiddenlayer/assets/img/svg/ 697 B
460 B 35ms
35ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiddenlayer.com/wp-content/themes/hiddenlayer/assets/img/svg/loading.svg
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/wp-content/themes/hiddenlayer/assets/css/body.css?v=3.75
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9520913d41133464cefaaea3ba4ea4c6f6d2383da26152bcf51370c06b34fcf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/wp-content/themes/hiddenlayer/assets/css/body.css?v=3.75

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"669158b4-2b9"
age: 3197116
cf-ray: 8c8fbddc9e291cbf-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Fri, 12 Jul 2024 16:24:20 GMT

GET
H3 200 gNMEW3NwSYq_9WD3yHQiFaWw9MM.woff2
fonts.gstatic.com/s/antonio/v19/ 26 KB
26 KB 21ms
19ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/antonio/v19/gNMEW3NwSYq_9WD3yHQiFaWw9MM.woff2

Requested by

Host: cdn-ikpnbdn.nitrocdn.com
URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/hiddenlayer.com/externalFontFace/nitro-min-noimport-6d001a40dae855563820d5525a2c5093-stylesheet.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba5180d849010126a9c073f0c31c9a5d8f71f2aa6add8fe670af58e387f0e48f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://hiddenlayer.com
Referer: https://cdn-ikpnbdn.nitrocdn.com/

Response headers

age: 151052
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 24 Sep 2025 08:17:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 08:17:06 GMT
last-modified: Thu, 24 Aug 2023 20:37:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26636
x-xss-protection: 0
server: sffe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 318 KB
106 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V657TN00XF&l=dataLayer&cx=c

Requested by

Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c13315d493b4a489bae739c2b025502085925dc48234cccf1c4bb630100d5904

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 26 Sep 2024 02:14:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 108106
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
89 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11463784157&l=dataLayer&cx=c

Requested by

Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

86d649c6a9b59427aafee5227c678e4ba155bbad9b2c9d9212945e2c796c12d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 26 Sep 2024 02:14:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 26 Sep 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 91474
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 122ms
34ms Script
application/javascript 2a02:26f0:3500:10::210:a99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

cache-control: max-age=42797
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Thu, 26 Sep 2024 02:14:38 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 ping.min.js Show response
pixel.byspotify.com/ 22 KB
22 KB 70ms
21ms Script
text/javascript 34.117.162.98
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.byspotify.com/ping.min.js
Requested by: Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.162.98 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 98.162.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=NZyeaA==, md5=Tt3uyVr9qWmz0bL7lwwesQ==
etag: "4eddeec95afda969b3d1b2fb970c1eb1"
age: 3029
x-goog-stored-content-encoding: identity
expires: Thu, 26 Sep 2024 02:24:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 22096
date: Thu, 26 Sep 2024 01:24:09 GMT
last-modified: Tue, 25 Jun 2024 13:55:33 GMT
content-type: text/javascript
x-guploader-uploadid: AD-8ljtC3mRH04eTnawW-lJU-zusAL-h0DQ9H1R5TyrI_C9svybsNTqlnPmAfbTNentycDkmTuk
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
via: 1.1 google
accept-ranges: bytes
x-goog-generation: 1719323733334567
content-length: 22096
server: UploadServer

GET
H2 200 tags.js Show response
tag.clearbitscripts.com/v1/pk_666daa2992c92014d42625dc19c788c3/ 2 KB
1 KB 302ms
250ms Script
application/javascript 2600:9000:224a:9000:7:d7d6:3c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.clearbitscripts.com/v1/pk_666daa2992c92014d42625dc19c788c3/tags.js

Requested by

Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:9000:7:d7d6:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Clearbit /

Resource Hash

daa71aa61f5b3044848b72e212b773fe90befb0a6f36fd41ca51c1ae90322cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: private, max-age=600
content-encoding: gzip
etag: W/"e43c8090f18ec5669ae9aa7d0b9feb01"
x-envoy-response-flags: -
x-content-type-options: nosniff
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: HrKatD6wLAZqUVmWc15EFM1LROTO82sT7gjoLGlIMYLtrwll748Lvg==
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
server: Clearbit
x-amz-cf-pop: DUS51-P1

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 81ms
28ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-V657TN00XF&gtm=45je49n0v9174419859z89174415828za200zb9174415828&_p=1727316878665&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=1719135183.1727316879&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727316878&sct=1&seg=0&dl=https%3A%2F%2Fhiddenlayer.com%2Fresearch%2Fnew-gemini-for-workspace-vulnerability%2F&dt=HiddenLayer%20Research%20%7C%20New%20Gemini%20for%20Workspace%20Vulnerability&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=730
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V657TN00XF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://hiddenlayer.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
554 B 84ms
27ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-V657TN00XF&cid=1719135183.1727316879&gtm=45je49n0v9174419859z89174415828za200zb9174415828&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101671035~101747727
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V657TN00XF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://hiddenlayer.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 28ms
27ms Image
text/html 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-V657TN00XF&v=3&t=t&pid=331645889&cv=1&rv=49n0&tc=17&tag_exp=101671035~101747727&es=1&e=gtm.init_consent&eid=-1&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Thu, 26 Sep 2024 02:14:38 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 28ms
27ms Image
text/html 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-V657TN00XF&v=3&t=t&pid=331645889&cv=1&rv=49n0&tc=17&tag_exp=101671035~101747727&es=1&e=gtm.init&eid=0&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ccdgaadslink.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemform.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdautoredact.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaadslink.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Thu, 26 Sep 2024 02:14:38 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 56ms
29ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V657TN00XF&cid=1719135183.1727316879&gtm=45je49n0v9174419859z89174415828za200zb9174415828&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101671035~101747727&tag_exp=101671035~101747727&z=1449539344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 26 Sep 2024 02:14:38 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 29ms
28ms Image
text/html 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-V657TN00XF&v=3&t=t&pid=331645889&cv=1&rv=49n0&tc=17&tag_exp=101671035~101747727&es=1&e=gtag.config&eid=1&u=AAAAAAAIAAAAACA&ut=Ag&h=Ag&epr=1G.2G&tr=1gct&ti=1gct&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Thu, 26 Sep 2024 02:14:38 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 28ms
28ms Image
text/html 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-V657TN00XF&v=3&t=t&pid=331645889&cv=1&rv=49n0&tc=17&tag_exp=101671035~101747727&es=1&e=gtag.config&eid=3&u=AAAAAAAIAAAAACA&ut=Ag&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Thu, 26 Sep 2024 02:14:38 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 28ms
28ms Image
text/html 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-V657TN00XF&v=3&t=t&pid=331645889&cv=1&rv=49n0&tc=17&tag_exp=101671035~101747727&e=gtm.init&eid=0&u=AAAAAAAIAAAAACA&ut=Ag&h=Ag&tr=5ogt1pdatav2.5ccdgafirst.5setproductsettings.5ccdgaadslink.5ogtgooglesignals.5ccdgaregscope.5ccdemdownload.5ccdemform.5ccdemoutboundclick.5ccdempageview.5ccdemscroll.5ccdemsitesearch.5ccdemvideo.5ccdconversionmarking.5ccdautoredact.5ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaadslink.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Thu, 26 Sep 2024 02:14:38 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 pro-fa-brands-400-1.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 40 KB
40 KB 30ms
29ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-brands-400-1.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67a0b817dfea4caab2f044f9f57fed96ce0445d197aad5683f8c2f737389e486

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://hiddenlayer.com
Referer: https://hiddenlayer.com/

Response headers

cache-control: max-age=31556926
cf-cache-status: HIT
etag: "6695a637-9e3c"
age: 2735989
cf-ray: 8c8fbddd8fb4d2df-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40508
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: font/woff2
last-modified: Mon, 15 Jul 2024 22:44:07 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 37 KB
37 KB 28ms
27ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-brands-400-0.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79e9417cf4d24e3c015aad8e60a7c3ccdf12942cf2e7885937ddbcfde2bbd7b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://hiddenlayer.com
Referer: https://hiddenlayer.com/

Response headers

cache-control: max-age=31556926
cf-cache-status: HIT
etag: "6695a637-9204"
age: 2660404
cf-ray: 8c8fbddd8fb6d2df-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37380
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: font/woff2
last-modified: Mon, 15 Jul 2024 22:44:07 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/11463784157/ 5 KB
3 KB 71ms
34ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11463784157/?random=1727316878973&cv=11&fst=1727316878973&bg=ffffff&guid=ON&async=1&gtm=45be49n0v9175552887za200zb9174415828&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fhiddenlayer.com%2Fresearch%2Fnew-gemini-for-workspace-vulnerability%2F&label=GOVCCKG_j4oZEN3trdoq&hn=www.googleadservices.com&frm=0&tiba=HiddenLayer%20Research%20%7C%20New%20Gemini%20for%20Workspace%20Vulnerability&npa=1&pscdl=noapi&auid=1071276610.1727316879&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

cac4e7f835f860ff5e401b7e7f120f25fe5fde0d393de3705f3fe7902086b6f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2675
date: Thu, 26 Sep 2024 02:14:39 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
818 B 199ms
144ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=5765668&time=1727316878989&url=https%3A%2F%2Fhiddenlayer.com%2Fresearch%2Fnew-gemini-for-workspace-vulnerability%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: *
Referer: https://hiddenlayer.com/

Response headers

x-li-pop: afd-prod-lva1-x
content-encoding: gzip
x-fs-uuid: 000622fc4cfe4aaa44d4153e759283bd
x-msedge-ref: Ref A: CC135A59C476429EBE353EF36D91D8CD Ref B: DUS30EDGE0919 Ref C: 2024-09-26T02:14:39Z
x-li-fabric: prod-lva1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYi/Ez+SqpE1BU+dZKDvQ==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5765668&time=1727316878989&url=https%3A%2F%2Fhiddenlayer.com%2Fresearch%2Fnew-gemini-for-workspace-vulnerability%2F
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5765668&time=1727316878989&url=https%3A%2F%2Fhiddenlayer.com%2Fresearch%2Fnew-gemini-for-workspace-vulnerability%2F&e_ipv6=AQLIOY5L2H4qTQAAAZIsG-...

0
265 B

185ms
132ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5765668&time=1727316878989&url=https%3A%2F%2Fhiddenlayer.com%2Fresearch%2Fnew-gemini-for-workspace-vulnerability%2F&e_ipv6=AQLIOY5L2H4qTQAAAZIsG-cFUwe5BtXJpAY6rJ7I1RzqDvkYnh_47KAbrwnYclJ9coD1F4pI85LQaniOh-rbYqmbA2EbLA
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: CCBF2A0A40F446E1989E65617FC9460C Ref B: FRAEDGE1512 Ref C: 2024-09-26T02:14:39Z
x-li-fabric: prod-lva1
x-li-uuid: AAYi/E0BAxM0Ue+8QrHzpg==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Thu, 26 Sep 2024 02:14:39 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5765668&time=1727316878989&url=https%3A%2F%2Fhiddenlayer.com%2Fresearch%2Fnew-gemini-for-workspace-vulnerability%2F&e_ipv6=AQLIOY5L2H4qTQAAAZIsG-cFUwe5BtXJpAY6rJ7I1RzqDvkYnh_47KAbrwnYclJ9coD1F4pI85LQaniOh-rbYqmbA2EbLA
x-msedge-ref: Ref A: 11CBE84229B644D882BD0D8CB32DF5C4 Ref B: FRAEDGE1116 Ref C: 2024-09-26T02:14:39Z
x-li-fabric: prod-lva1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid: AAYi/Ez+JckE9M+vxX06UQ==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Thu, 26 Sep 2024 02:14:39 GMT

POST
H2 200 ingest Show response
pixels.spotify.com/v1/ 52 B
271 B 31ms
31ms Fetch
application/json 2600:1901:1:7c5::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pixels.spotify.com/v1/ingest

Requested by

Host: pixel.byspotify.com
URL: https://pixel.byspotify.com/ping.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:7c5:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

3a993a033bd7b4596c3664c2acfb6f30210426f212a7e3df20b0d4605b3fe91a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://hiddenlayer.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000
grpc-status: 0
content-encoding: gzip
x-envoy-upstream-service-time: 1
x-content-type-options: nosniff
via: HTTP/2 edgeproxy, 1.1 google
grpc-accept-encoding: gzip,x-snappy-framed
access-control-allow-origin: https://hiddenlayer.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/json
vary: Accept-Encoding
grpc-encoding: identity
server: envoy

OPTIONS
H2 200 ingest
pixels.spotify.com/v1/ 0
0 73ms
26ms Preflight 2600:1901:1:7c5::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.spotify.com/v1/ingest
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:1:7c5:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://hiddenlayer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: https://hiddenlayer.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 26 Sep 2024 02:14:38 GMT
server: envoy
vary: Accept-Encoding
via: HTTP/2 edgeproxy, 1.1 google

GET
H3

200

/
www.google.de/pagead/1p-conversion/11463784157/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11463784157/?random=1377757319&cv=11&fst=1727316878973&bg=ffffff&guid=ON&async=1&gtm=45be49n0v9175552887za200zb9174415828&gcd=13l3l3...
https://www.google.com/pagead/1p-conversion/11463784157/?random=1377757319&cv=11&fst=1727316878973&bg=ffffff&guid=ON&async=1&gtm=45be49n0v9175552887za200zb9174415828&gcd=13l3l3l2l1l1&dma_cps=sypham...
https://www.google.de/pagead/1p-conversion/11463784157/?random=1377757319&cv=11&fst=1727316878973&bg=ffffff&guid=ON&async=1&gtm=45be49n0v9175552887za200zb9174415828&gcd=13l3l3l2l1l1&dma_cps=syphamo...

42 B
64 B

33ms
33ms

Image
image/gif

2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/11463784157/?random=1377757319&cv=11&fst=1727316878973&bg=ffffff&guid=ON&async=1&gtm=45be49n0v9175552887za200zb9174415828&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fhiddenlayer.com%2Fresearch%2Fnew-gemini-for-workspace-vulnerability%2F&label=GOVCCKG_j4oZEN3trdoq&hn=www.googleadservices.com&frm=0&tiba=HiddenLayer%20Research%20%7C%20New%20Gemini%20for%20Workspace%20Vulnerability&npa=1&pscdl=noapi&auid=1071276610.1727316879&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAkondHJpZ2dlciwgZXZlbnQtc291cmNlPW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI_97058TfiAMVGaH9Bx1ZdCtnMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhhodHRwczovL2hpZGRlbmxheWVyLmNvbS9CV0NoRUk4T25PdHdZUXJ0S0wtODcxOUlYWUFSSXNBR3dJenhBTmFxU09WdzVoaThoeUY0ZmtxYWlJLVJQaVJnbG16UzBLdUc4aE54anRjem01c1EyUUFTYw&is_vtc=1&cid=CAQSGwDpaXnfgj-vdgLhmbv2p6A8ub5vfpQw8bCu4g&random=826676892&ipr=y

Protocol

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 26 Sep 2024 02:14:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/11463784157/?random=1377757319&cv=11&fst=1727316878973&bg=ffffff&guid=ON&async=1&gtm=45be49n0v9175552887za200zb9174415828&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fhiddenlayer.com%2Fresearch%2Fnew-gemini-for-workspace-vulnerability%2F&label=GOVCCKG_j4oZEN3trdoq&hn=www.googleadservices.com&frm=0&tiba=HiddenLayer%20Research%20%7C%20New%20Gemini%20for%20Workspace%20Vulnerability&npa=1&pscdl=noapi&auid=1071276610.1727316879&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAkondHJpZ2dlciwgZXZlbnQtc291cmNlPW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI_97058TfiAMVGaH9Bx1ZdCtnMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhhodHRwczovL2hpZGRlbmxheWVyLmNvbS9CV0NoRUk4T25PdHdZUXJ0S0wtODcxOUlYWUFSSXNBR3dJenhBTmFxU09WdzVoaThoeUY0ZmtxYWlJLVJQaVJnbG16UzBLdUc4aE54anRjem01c1EyUUFTYw&is_vtc=1&cid=CAQSGwDpaXnfgj-vdgLhmbv2p6A8ub5vfpQw8bCu4g&random=826676892&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 26 Sep 2024 02:14:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 destinations.min.js Show response
x.clearbitjs.com/v2/pk_666daa2992c92014d42625dc19c788c3/ 0
172 B 248ms
200ms Script
application/javascript 18.158.205.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_666daa2992c92014d42625dc19c788c3/destinations.min.js

Requested by

Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.205.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-205-16.eu-central-1.compute.amazonaws.com

Software

Clearbit /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: private, max-age=600
x-envoy-response-flags: -
x-content-type-options: nosniff
content-length: 0
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript;charset=utf-8
server: Clearbit

GET
H2 200 tracking.min.js Show response
x.clearbitjs.com/v2/pk_666daa2992c92014d42625dc19c788c3/ 168 KB
45 KB 366ms
318ms Script
application/javascript 18.158.205.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_666daa2992c92014d42625dc19c788c3/tracking.min.js

Requested by

Host: hiddenlayer.com
URL: https://hiddenlayer.com/research/new-gemini-for-workspace-vulnerability/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.205.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-205-16.eu-central-1.compute.amazonaws.com

Software

Clearbit /

Resource Hash

029f18dd01a6a1b6fbe828feba6eef360efeb2cb3d4b41df61348311f024a881

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: private, max-age=600
content-encoding: gzip
x-envoy-response-flags: -
x-content-type-options: nosniff
date: Thu, 26 Sep 2024 02:14:38 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
server: Clearbit

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
195 B 122ms
120ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hiddenlayer.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 4DD5E47F782F4E4A84F8CD684BBCDBEE Ref B: FRAEDGE1116 Ref C: 2024-09-26T02:14:39Z
x-li-fabric: prod-lva1
access-control-allow-credentials: true
x-li-uuid: AAYi/E0DDaux5LVyq2HqEg==
x-li-proto: http/2
access-control-allow-origin: https://hiddenlayer.com
x-cache: CONFIG_NOCACHE
date: Thu, 26 Sep 2024 02:14:39 GMT
vary: Origin

POST
H2 200 p Show response
app.clearbit.com/v1/ 16 B
1 KB 273ms
225ms XHR
application/json 18.158.205.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clearbit.com/v1/p

Requested by

Host: x.clearbitjs.com
URL: https://x.clearbitjs.com/v2/pk_666daa2992c92014d42625dc19c788c3/tracking.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.205.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-205-16.eu-central-1.compute.amazonaws.com

Software

Clearbit /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://hiddenlayer.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-max-age: 7200
access-control-expose-headers
content-encoding: gzip
x-envoy-response-flags: -
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
content-security-policy-report-only: default-src 'self'; script-src 'unsafe-inline' 'report-sample' 'self' https://browser.sentry-cdn.com https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js https://cdn.clearbit.com https://cdn.segment.com/analytics.js/v1/auzWlbWIBrAsKnGQIiT0X3IjfZyepgW5/analytics.min.js https://checkout.stripe.com https://connect.facebook.net https://edge.fullstory.com/s/fs.js https://fast.appcues.com https://www.google-analytics.com/analytics.js https://x.clearbitjs.com https://cdn.clearbit.com https://*.commandbar.com; style-src 'unsafe-inline' 'report-sample' 'self' https://cdn.clearbit.com https://*.commandbar.com https://fast.appcues.com https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.amplitude.com https://*.commandbar.com https://api.segment.io https://checkout.stripe.com https://rs.fullstory.com https://www.google-analytics.com wss://api.appcues.net https://stats.g.doubleclick.net https://sentry.io https://logo.clearbit.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*.commandbar.com https://checkout.stripe.com; img-src 'self' https://*.commandbar.com https://*.stripe.com data: https://cdn.clearbit.com https://images.ctfassets.net https://logo.clearbit.com https://www.facebook.com https://connect.facebook.net https://www.google.com https://unpkg.com/react-flag-kit https://cloudfront.net/v1/avatars https://*.googleusercontent.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
x-content-type-options: nosniff
access-control-allow-origin: https://hiddenlayer.com
date: Thu, 26 Sep 2024 02:14:39 GMT
content-type: application/json
vary: Accept-Encoding, Origin
server: Clearbit

GET
H2 200 j_BZlo9g.json Show response
cdn-cookieyes.com/client_data/3ca5ad1047b39dc7bc301384/ 44 B
335 B 68ms
28ms Fetch
application/json 2606:4700:10::6816:3b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/3ca5ad1047b39dc7bc301384/j_BZlo9g.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/3ca5ad1047b39dc7bc301384/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e94327faff4beb446170632aa16f67207548b51e481fae77aefeea9c2ce9133

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"2c-622b6ab16ab01"
age: 230759
access-control-allow-methods: GET, OPTIONS
cf-ray: 8c8fbde23e934d37-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:39 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
last-modified: Sun, 22 Sep 2024 15:10:10 GMT

GET
H2 200 0uv8H91s.json Show response
cdn-cookieyes.com/client_data/3ca5ad1047b39dc7bc301384/config/ 33 KB
6 KB 26ms
25ms Fetch
application/json 2606:4700:10::6816:3b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/3ca5ad1047b39dc7bc301384/config/0uv8H91s.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/3ca5ad1047b39dc7bc301384/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeb405a96fc7c9078c9687286a6d50a4ca12dc3c0d74e3390721421ae24fc5b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"83d9-622b6ab16ab01"
age: 230759
access-control-allow-methods: GET, OPTIONS
cf-ray: 8c8fbde26ea84d37-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:39 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
last-modified: Sun, 22 Sep 2024 15:10:10 GMT

GET
H2 200 P7RJyJPy.json Show response
cdn-cookieyes.com/client_data/3ca5ad1047b39dc7bc301384/translations/ 2 KB
815 B 28ms
28ms Fetch
application/json 2606:4700:10::6816:3b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/3ca5ad1047b39dc7bc301384/translations/P7RJyJPy.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/3ca5ad1047b39dc7bc301384/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14612faefc54e67007084332e850f554ca6ba980bebd2f88beb4051dffa87d61

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6ef-622b6ab16baa1"
age: 230759
access-control-allow-methods: GET, OPTIONS
cf-ray: 8c8fbde29ebf4d37-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:39 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
last-modified: Sun, 22 Sep 2024 15:10:10 GMT

GET
H2 200 aavq0rZq.json Show response
cdn-cookieyes.com/client_data/3ca5ad1047b39dc7bc301384/audit-table/ 5 KB
2 KB 29ms
28ms Fetch
application/json 2606:4700:10::6816:3b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/3ca5ad1047b39dc7bc301384/audit-table/aavq0rZq.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/3ca5ad1047b39dc7bc301384/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be834f0ddeec8abad847052a7541e325ec9f6483af0f727de62c9d4b29d6fa53

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"14e0-622b6ab168bc1"
age: 230759
access-control-allow-methods: GET, OPTIONS
cf-ray: 8c8fbde2ced94d37-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:39 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
last-modified: Sun, 22 Sep 2024 15:10:10 GMT

GET
H2 200 revisit.svg
cdn-cookieyes.com/assets/images/ 2 KB
1 KB 26ms
26ms Image
image/svg+xml 2606:4700:10::6816:3b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cookieyes.com/assets/images/revisit.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

cache-control: max-age=0, s-maxage=604800, proxy-revalidate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"923-5da3a668dacc0"
age: 230568
cf-ray: 8c8fbde2f87f2bb6-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare
last-modified: Tue, 15 Mar 2022 04:40:47 GMT

GET
H2 200 close.svg
cdn-cookieyes.com/assets/images/ 1 KB
773 B 27ms
27ms Image
image/svg+xml 2606:4700:10::6816:3b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cookieyes.com/assets/images/close.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

cache-control: max-age=0, s-maxage=604800, proxy-revalidate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"541-5da3a66c769d4"
age: 230570
cf-ray: 8c8fbde2f8812bb6-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare
last-modified: Tue, 15 Mar 2022 04:40:50 GMT

GET
H2 200 poweredbtcky.svg
cdn-cookieyes.com/assets/images/ 4 KB
2 KB 27ms
27ms Image
image/svg+xml 2606:4700:10::6816:3b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cookieyes.com/assets/images/poweredbtcky.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

cache-control: max-age=0, s-maxage=604800, proxy-revalidate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"eb2-5da3a68c50d09"
age: 230566
cf-ray: 8c8fbde2f8822bb6-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 02:14:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare
last-modified: Tue, 15 Mar 2022 04:41:24 GMT

POST
H2 200 log
log.cookieyes.com/api/v1/ 2 B
218 B 47ms
46ms Ping
text/plain 54.77.7.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.cookieyes.com/api/v1/log
Requested by: Host: cdn-ikpnbdn.nitrocdn.com
URL: https://cdn-ikpnbdn.nitrocdn.com/VPjJFZafAracAoolanwjINjDOpBvYBoS/assets/static/optimized/rev-5fda900/cdn-cookieyes.com/client_data/3ca5ad1047b39dc7bc301384/nitro-min-script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.7.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-7-148.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryWpbXa9oukn4rkBJN
Referer: https://hiddenlayer.com/

Response headers

x-robots-tag: noindex, nofollow
link: <https://www.cookieyes.com>; rel="canonical"
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-origin: *
content-length: 2
date: Thu, 26 Sep 2024 02:14:39 GMT
content-type: text/plain; charset=utf-8
x-powered-by: Express

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 27ms
27ms Image
text/html 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-V657TN00XF&v=3&t=t&pid=331645889&cv=1&rv=49n0&tc=17&tag_exp=101671035~101747727&es=1&e=*&eid=13&u=AgAAAIAIAAAAACAAAAAAAAAY&ut=Ag&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://hiddenlayer.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Thu, 26 Sep 2024 02:14:40 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hiddenlayer.com
URL: blob:https://hiddenlayer.com/c89d2ff8-b10f-49e5-8a99-2682efa4b65e

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 23:48:37	Name: test_cookie Value: CheckForPermission
.linkedin.com/	1970-01-21 08:34:12	Name: bcookie Value: "v=2&9d5f5cd8-4512-4921-8781-9a1fd0cb295b"
.linkedin.com/	1970-01-21 04:07:48	Name: li_gc Value: MTswOzE3MjczMTY4Nzk7MjswMjGnKId0PkGxES97B0j7aNuvAKEKVtt8cZ4u+Vc3QPiDtA==
.linkedin.com/	1970-01-20 23:50:03	Name: lidc Value: "b=VGST05:s=V:r=V:a=V:p=V:g=3199:u=1:x=1:i=1727316879:t=1727403279:v=2:sig=AQFzbsgD4R2kHOIOKnnOfQLYnDX-Wh2h"
.hiddenlayer.com/	1970-01-21 08:34:12	Name: cb_user_id Value: null
.hiddenlayer.com/	1970-01-21 08:34:12	Name: cb_group_id Value: null
.hiddenlayer.com/	1970-01-21 08:34:12	Name: cb_anonymous_id Value: %220ed24330-f2a3-4412-8e3f-2e4178fac131%22
.hiddenlayer.com/	1970-01-21 08:34:12	Name: cookieyes-consent Value: consentid:bFlZUHoxZDR4QVJGTlVlMEZ1MmZTUmlhcDVrNDhuNkI,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no,other:no

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hiddenlayer.com/wp-content/themes/hiddenlayer/assets/wp-content/uploads/Group-61706.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.clearbit.com
cdn-cookieyes.com
cdn-ikpnbdn.nitrocdn.com
fonts.gstatic.com
googleads.g.doubleclick.net
hiddenlayer.com
ka-p.fontawesome.com
kit.fontawesome.com
log.cookieyes.com
nitroscripts.com
pixel.byspotify.com
pixels.spotify.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
snap.licdn.com
stats.g.doubleclick.net
tag.clearbitscripts.com
to.getnitropack.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.clearbitjs.com
hiddenlayer.com
13.107.42.14
141.193.213.20
142.250.186.98
18.158.205.16
2001:4860:4802:32::36
2600:1901:1:7c5::
2600:9000:224a:9000:7:d7d6:3c40:93a1
2606:4700:10::6816:3b5b
2606:4700:4400::6812:2108
2606:4700:4400::6812:2197
2606:4700:4400::6812:2844
2606:4700:4400::ac40:93bc
2606:4700:4400::ac40:940a
2620:1ec:21::14
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9b
2a02:26f0:3500:10::210:a99
34.117.162.98
54.77.7.148
018466510be5af5f857af683ef751f255fe8229678e7b30c9e96f4a287786f54
01a59dec3cac9eaf671080aa8a0d9923377ccfa6b4f545cbbed101a2ccb4cf4c
029f18dd01a6a1b6fbe828feba6eef360efeb2cb3d4b41df61348311f024a881
063ece5bd3ad41dcb2834ce96682fc0f1f0424071537a8f714ec722925c0f8fa
10ca11dbcd9799dd7cd5db941875590fbb9678dac10881e3267cbc3bebeeadd7
14612faefc54e67007084332e850f554ca6ba980bebd2f88beb4051dffa87d61
1b8698cf35ce501685c027154c3304e2831caacabb97d6249967e11e6aff1e40
1d0f4cc9ab5b19f3d6bec78e4ec5c1f5ea34696eb6ccdcaedf2769d81d86a5e9
2304803950784c984200a3808f30da89d8cc88ff7fff1cd0929c6f94c35e7a92
232e69e80be0a427859339ec3793ef82dcceceed73a562c67d5b4f1791fd6a49
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2dd1c39b216094b6318d2185574ac4c4dc000430c6f3b83c428e88ea169adcba
2f8f44d93949d6dfa8a926ee08527fbcab0241c0a8e6500061b3c82ec34a758d
32067dc1a05a00123de57e8e43ab9a02c0c25a3b6430b2d95ea9bda092ba3b9a
352c1beced07ac325c0bed92012806b823fcfad769221aa7ccb4d99064494429
395c5ecbb01e01c4272d4a75c4cf2cf21226cb2f818c32f700d3d20d8fa1b909
3a993a033bd7b4596c3664c2acfb6f30210426f212a7e3df20b0d4605b3fe91a
421443cdb3c67b65c101abe196da6a89bdb475ae4f358c8c6ab947e4f715a679
42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880
42ffeae687ee562cc3d669407321ce1754cc922ed793e3371efac196b33cbf47
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47dfff785d14567e1ca1bece93fbfd12f1fb2a4650b9206fd03965b95d04cafa
4cf54a6eb9676ef17b3890208b3af8b336f8c8c2b8efe0d820b2baf274f7bd65
4dadde3e2a4d7d84532b5f5ba112e8a5f6d045a6175388fbc3049207e723c1f7
4e94327faff4beb446170632aa16f67207548b51e481fae77aefeea9c2ce9133
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5339ddcc98b22893ab6490cd6966dce23fcbd2e0b6060dc06ccc8637bfdff1e0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58ff9eb6df900abfb969d968f46db835fb8e2b351dc4d7af98a278d195fc5ec8
5dba1570e2c1f739e153f9c8d38e73de101eb05a1c3b158b3a267e55c4b545a8
606a91ed2bc8cc56113dc14f9f5ecdb052ee42c57131f3cd457b6d233ee61336
60e77411f58a05d45dd27987aeeb87ec76105324fb0ffb51fa03378a7631a02a
658e3d1e9a558388afd4640ce0f03fcaa0ebed0b110540635cfc107399c5bacd
67a0b817dfea4caab2f044f9f57fed96ce0445d197aad5683f8c2f737389e486
6a5d48c5ba349b688ecedef31fd0c0c5b8a7851d6f48c70fec3dca6c971cadc3
6cc47afb44ef8c9182b50efa27c5f9222c84c95d53cf304e35afc02d527829b5
6d05004f1a6f4a3b82a6ffc8e94fd2e872bd58cf13b154ce7d06a12c382f8c8b
72176abd29a1752c1250743100b7cc46eca40752d67de400e8a273dd9d20f8d1
728dee91d9f1fde5fd2fba426f81800e96fc1436cd341ff9bcad39f64bd760d9
7363b59cecd855d1d7b67a62aadd40e72e8b69ea62cacca14ff8c58e2ca33b04
7448ba3e8d551f0c955c6467907128339211877ee76c74ce3957b765d73a5a47
76f960b1c018af3c602a89d2f02236dc08a4167cca0f205cebeb3ca8d421f460
79e9417cf4d24e3c015aad8e60a7c3ccdf12942cf2e7885937ddbcfde2bbd7b5
82c512c982d75150bb51f97cb89c9aa15f84dff4fa6a079e844e6e3578aef839
834a654264521b39545447577b0fbbc130e2c1ecba2fb29c77f4d806de9c3de6
84c2ac3e9104923e08b9eb6bd22d2048e63108342873ddab334aa21fc8b8bac9
86d649c6a9b59427aafee5227c678e4ba155bbad9b2c9d9212945e2c796c12d9
8721e64a227d6b9e3fb695a956a0656854acb7d9a6b48a085f2f97888a5a86a6
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8c04e775942cb0bb8a2666fb2d11b11bbe7a5b7575b9d4691f84120b2d99d77b
8c2493275f292da95a4a8446a029bdd25050adda489e517094c2d972ab2d2f4a
8faad681287911f0921a6265eb96aff27244f1926f8a634ad0112a28489050e5
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5
9eba87f28884a476dc60170927f8c4946014ba6dd691004556b7b35963e66b35
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
a1da2264daa3b93151608805c56ccae1d3d0cd1ba961fb2a0f0593b5d22607ca
a3ac666949983c795e85d4315b105d44f12fce8e2978e58f6732170d9b0a25e3
a5e68d19f28db95145a2521599628eba7f9d1942221f55d0d199c11b896f7d58
a77f9165d50ddf715764629bcafa82bdd9237d6d5f94df1ff0aab1ed2a4d11e4
a9fdcca872f30e1e2aa809dcf50566aa3116040e027f33f56304456df35fa671
ab1e7366d6a59659d01ff3916510adac4e2054bb6a004f377dc9af529b04e267
ab2d29da1e9d4b1d6d581f293a0d5268bfaa9687cc64314a901b1d738e8ca99c
ad9e17f5f6013688dc48e472bb23bca89a0c09bf7f999f0eb3df985c23afa4dc
ae7c0230749b8a1ac31acdabea1094f958afa5775035ae537cda4a07bf973582
aeb405a96fc7c9078c9687286a6d50a4ca12dc3c0d74e3390721421ae24fc5b4
aed8b178b8d8ff7e1c4f1f69cd6f4224172fd8db272770cda7e76f2be82d9578
b34de9712693ed232cc1b259ba86244716c1206dd9350c91f7cd07866ba9d2a8
b5f2deb77413dba50b4e4ff391c008ad5e2b9d8c6ba68e5f52879147a2b1335b
ba22ed737b1037fc403866197ecc0896d559365f399f84f739e0e3161c04a00b
ba5180d849010126a9c073f0c31c9a5d8f71f2aa6add8fe670af58e387f0e48f
be834f0ddeec8abad847052a7541e325ec9f6483af0f727de62c9d4b29d6fa53
c13315d493b4a489bae739c2b025502085925dc48234cccf1c4bb630100d5904
c6f407e937ffb3cb9c275992f426d548402bf2afdc9df01c106139de7432983d
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c98b3045d46520a7b7d9bc4e7c2cd3e3fb03e852eb7ed091b8c4126ac9bc45b0
cabfdc0137ba973b15326e555e63e2bad33d63b174dea48e5783b814349c5f20
cac14a832c038b71056684b91e3fd3c5dee3ba2a1b3b2b34ca1f520cc4efc36a
cac4e7f835f860ff5e401b7e7f120f25fe5fde0d393de3705f3fe7902086b6f3
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf1b6e99c49bef2930bd2995cb03735cb87411f2714c6496c82f57f4f05b575c
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
daa71aa61f5b3044848b72e212b773fe90befb0a6f36fd41ca51c1ae90322cb1
e090feb2587a31fa3efdbec1e1d817b57015553ab62c04b0654067c207c0c5f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b5d2c495f233060eff4d1b00856d0d9a4ebbdb3b6be3d7d62c85648d3a53ea
ecf06e0881a5ef96b1b1dd37f70c0165f216027c770779d5b71dde62f3476653
ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b
ed91c46741b4e6ba12ec5a5a1f0408440b6f73fb070398b2cd57d5df8a07d35a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fdba09e5424857290d8e5aa6beb9953d22465dd8cd82e760e549a3f0663320
f40b671b37ea74f02b819ad51335302040fe345118518a89624f3c3d7c2d6179
f5c99feed70b757a4ab0f8bfd80584f773db6694e9e0ce2dab3164fa55a89a35
f8a1a6a476a3744dfed81c7be6d6b1b6c332f35ae3251e270d33ffd5a10def84
f9520913d41133464cefaaea3ba4ea4c6f6d2383da26152bcf51370c06b34fcf
ffa27b67c8afb4093f8b6d995fd349db452357f81db5bbeb2f015be3e99a280a

hiddenlayer.com Open in urlscan Pro 141.193.213.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

96 Requests

82 %HTTPS

74 %IPv6

20 Domains

24 Subdomains

22 IPs

4 Countries

1117 kBTransfer

3599 kBSize

8 Cookies

6 Outgoing links

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hiddenlayer.com Open in urlscan Pro
141.193.213.20 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

82 %
HTTPS

74 %
IPv6

20
Domains

24
Subdomains

22
IPs

4
Countries

1117 kB
Transfer

3599 kB
Size

8
Cookies

96 HTTP transactions
18 data transactions