securityintelligence.com Open in urlscan Pro
2606:4700::6812:19f1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Submission: On July 29 via api (July 29th 2024, 6:52:53 am UTC) from IN — Scanned from US

Summary HTTP 385 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 28 IPs in 2 countries across 20 domains to perform 385 HTTP transactions. The main IP is 2606:4700::6812:19f1, located in United States and belongs to CLOUDFLARENET, US. The main domain is securityintelligence.com. The Cisco Umbrella rank of the primary domain is 978862.
TLS certificate: Issued by WE1 on July 1st 2024. Valid for: 3 months.

This is the only time securityintelligence.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	2606:4700::68... 2606:4700::6812:19f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
272	104.86.85.84 104.86.85.84	16625 (AKAMAI-AS) (AKAMAI-AS)
12	142.250.31.132 142.250.31.132	15169 (GOOGLE) (GOOGLE)
2 4	104.17.246.203 104.17.246.203	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.160.41.25 18.160.41.25	16509 (AMAZON-02) (AMAZON-02)
3	173.194.207.95 173.194.207.95	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4004:c21::5e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c07::84	15169 (GOOGLE) (GOOGLE)
2	2600:9000:251... 2600:9000:2510:8600:f:fcff:7940:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:400d:c04::61	15169 (GOOGLE) (GOOGLE)
10	2600:9000:251... 2600:9000:2511:d800:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.207.151.54 23.207.151.54	16625 (AKAMAI-AS) (AKAMAI-AS)
5	18.238.49.99 18.238.49.99	16509 (AMAZON-02) (AMAZON-02)
1	52.85.61.60 52.85.61.60	16509 (AMAZON-02) (AMAZON-02)
4	18.209.203.94 18.209.203.94	14618 (AMAZON-AES) (AMAZON-AES)
6	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:1408:8c0... 2600:1408:8c00::172e:9631	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:251... 2600:9000:2511:c00:18:1662:bec0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2607:f8b0:400... 2607:f8b0:400d:c07::66	15169 (GOOGLE) (GOOGLE)
4	3.232.45.199 3.232.45.199	14618 (AMAZON-AES) (AMAZON-AES)
4 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.225.63.27 13.225.63.27	16509 (AMAZON-02) (AMAZON-02)
1	13.226.34.79 13.226.34.79	16509 (AMAZON-02) (AMAZON-02)
1	18.238.49.62 18.238.49.62	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:200... 2600:9000:2009:7600:1d:8d6d:3b40:93a1	16509 (AMAZON-02) (AMAZON-02)
385	28

27 2606:4700::6812:19f1 (United States)

ASN13335 (CLOUDFLARENET, US)

securityintelligence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

272 104.86.85.84 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-86-85-84.deploy.static.akamaitechnologies.com

1.www.s81c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www-api.ibm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.31.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f132.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.17.246.203 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.41.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-25.iad55.r.cloudfront.net

analytics.newscred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.194.207.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c21::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c07::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2510:8600:f:fcff:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)

images-cdn.welcomesoftware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c04::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2511:d800:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.207.151.54 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-151-54.deploy.static.akamaitechnologies.com

cloud.ibm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.238.49.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-99.jfk52.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-60.ewr53.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.209.203.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-203-94.compute-1.amazonaws.com

collect.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:8c00::172e:9631 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2511:c00:18:1662:bec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

pixel.newscred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:400d:c07::66 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.232.45.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-45-199.compute-1.amazonaws.com

visitor-service-us-east-1.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-27.ewr53.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.34.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-79.ewr53.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.49.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-62.jfk52.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2009:7600:1d:8d6d:3b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
271	s81c.com 1.www.s81c.com — Cisco Umbrella Rank: 79248	2 MB
27	securityintelligence.com securityintelligence.com — Cisco Umbrella Rank: 978862	570 KB
14	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 382	222 KB
10	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1751	137 KB
9	gstatic.com fonts.gstatic.com	177 KB
8	tealiumiq.com collect.tealiumiq.com — Cisco Umbrella Rank: 5011 visitor-service-us-east-1.tealiumiq.com — Cisco Umbrella Rank: 13148	11 KB
7	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669 www.linkedin.com — Cisco Umbrella Rank: 914 px4.ads.linkedin.com — Cisco Umbrella Rank: 7330	4 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
6	bing.com bat.bing.com — Cisco Umbrella Rank: 534	32 KB
6	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 4912	44 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	322 KB
4	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 1314	61 KB
3	company-target.com s.company-target.com — Cisco Umbrella Rank: 2669 segments.company-target.com — Cisco Umbrella Rank: 3589 api.company-target.com — Cisco Umbrella Rank: 9578	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	3 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 1352	778 B
2	demandbase.com scripts.demandbase.com — Cisco Umbrella Rank: 22842 tag-logger.demandbase.com — Cisco Umbrella Rank: 13079	25 KB
2	welcomesoftware.com images-cdn.welcomesoftware.com — Cisco Umbrella Rank: 618799	226 KB
2	ibm.com www-api.ibm.com — Cisco Umbrella Rank: 158005 cloud.ibm.com — Cisco Umbrella Rank: 69259	5 KB
2	newscred.com analytics.newscred.com — Cisco Umbrella Rank: 200404 pixel.newscred.com	9 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	14 KB
385	20

	Domain	Requested by
271	1.www.s81c.com	securityintelligence.com client
27	securityintelligence.com	securityintelligence.com
14	cdn.ampproject.org	securityintelligence.com cdn.ampproject.org
10	tags.tiqcdn.com	1.www.s81c.com tags.tiqcdn.com
9	fonts.gstatic.com	fonts.googleapis.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
6	bat.bing.com	tags.tiqcdn.com bat.bing.com
6	consent.trustarc.com	tags.tiqcdn.com consent.trustarc.com
5	px.ads.linkedin.com	3 redirects snap.licdn.com
4	visitor-service-us-east-1.tealiumiq.com	tags.tiqcdn.com
4	collect.tealiumiq.com	tags.tiqcdn.com
4	www.googletagmanager.com	analytics.newscred.com www.googletagmanager.com tags.tiqcdn.com
4	unpkg.com	2 redirects securityintelligence.com
3	fonts.googleapis.com	securityintelligence.com
2	id.rlcdn.com	2 redirects
2	images-cdn.welcomesoftware.com	securityintelligence.com
1	tag-logger.demandbase.com	scripts.demandbase.com
1	api.company-target.com	scripts.demandbase.com
1	segments.company-target.com
1	s.company-target.com	scripts.demandbase.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	pixel.newscred.com
1	snap.licdn.com	tags.tiqcdn.com
1	scripts.demandbase.com	tags.tiqcdn.com
1	cloud.ibm.com	1.www.s81c.com
1	www-api.ibm.com	1.www.s81c.com
1	analytics.newscred.com	securityintelligence.com
385	28

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.linkedin.com
www.facebook.com
www.ibm.com
www.twitter.com
www.youtube.com
ibm.com

Subject Issuer	Validity	Valid
securityintelligence.com WE1	`2024-07-01` - `2024-09-29`	3 months	crt.sh
www.ibm.com GeoTrust RSA CA 2018	`2024-07-12` - `2025-07-11`	a year	crt.sh
misc-sni.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.welcomesoftware.com Amazon RSA 2048 M02	`2023-12-25` - `2025-01-21`	a year	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2024-03-19` - `2025-04-17`	a year	crt.sh
wildcard.bluemix.net DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2024-03-16` - `2025-04-14`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-08-23` - `2024-09-23`	a year	crt.sh
*.tealiumiq.com Amazon RSA 2048 M03	`2024-06-25` - `2025-07-23`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
*.company-target.com R11	`2024-06-16` - `2024-09-14`	3 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-26`	a year	crt.sh
*.demandbase.com Amazon RSA 2048 M02	`2024-06-10` - `2025-07-08`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Frame ID: 0B543E1E580E7D549CCDE20CF78D7293
Requests: 395 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: C25196F68EFDA6CA476983BB587A98DC
Requests: 1 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=ibm.com
Frame ID: 498F7E51EBF580A590B7F6B654CE58C5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The rise of malicious Chrome extensions targeting Latin America

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

385
Requests

98 %
HTTPS

43 %
IPv6

20
Domains

28
Subdomains

28
IPs

2
Countries

4111 kB
Transfer

17599 kB
Size

46
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/intent/tweet?text=The%20rise%20of%20malicious%20Chrome%20extensions%20targeting%20Latin%20America&url=https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Search URL Search Domain Scan URL

URL: https://www.ibm.com/trusteer
Title: More from Trusteer

Search URL Search Domain Scan URL

URL: https://www.ibm.com/trusteer?_ga=2.176421932.825771903.1681720589-1696218077.1674670845
Title: IBM Security Trusteer solutions

Search URL Search Domain Scan URL

URL: https://www.ibm.com/reports/threat-intelligence?utm_medium=OSocial&utm_source=Blog&utm_content=SSSWW&utm_id=si-universal-ad

Search URL Search Domain Scan URL

URL: http://www.twitter.com/ibmsecurity

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/ibm-security

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@IBMTechnology

Search URL Search Domain Scan URL

URL: http://www.ibm.com/?ce=ISM0484&ct=SWG&cmp=IBMSocial&cm=h&cr=Security&ccy=US
Title: © 2024 IBM

Search URL Search Domain Scan URL

URL: https://www.ibm.com/contact/?ce=ISM0484&ct=SWG&cmp=IBMSocial&cm=h&cr=Security&ccy=US
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.ibm.com/privacy/?ce=ISM0484&ct=SWG&cmp=IBMSocial&cm=h&cr=Security&ccy=US
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.ibm.com/legal/?ce=ISM0484&ct=SWG&cmp=IBMSocial&cm=h&cr=Security&ccy=US&cm_mc_uid=03001744655915532865554&cm_mc_sid_50200000=84159441565120380187
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://www.ibm.com/accessibility/?ce=ISM0484&ct=SWG&cmp=IBMSocial&cm=h&cr=Security&ccy=US
Title: Accessibility

Search URL Search Domain Scan URL

URL: http://ibm.com/security?ce=ISM0484&ct=SWG&cmp=IBMSocial&cm=h&cr=Security&ccy=US
Title: Sponsored by .cls-1 { fill: #fff; } si-icon-eightbarfeature

Search URL Search Domain Scan URL

URL: https://www.ibm.com/privacy
Title: privacy statement

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
https://unpkg.com/swiper@11.1.8/swiper-bundle.min.js

Request Chain 28

https://unpkg.com/swiper/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@11.1.8/swiper-bundle.min.css

Request Chain 364

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9268&time=1722235968482&li_adsId=00cac42f-1019-4476-abbe-35db24e12e3a&url=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9268&time=1722235968482&li_adsId=00cac42f-1019-4476-abbe-35db24e12e3a&url=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D9268%26time%3D1722235968482%26li_adsId%3D00cac42f-1019-4476-abbe-35db24e12e3a%26url%3Dhttps%253A%252F%252Fsecurityintelligence.com%252Fposts%252Frise-of-malicious-chrome-extensions-targeting-latin-america%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9268&time=1722235968482&li_adsId=00cac42f-1019-4476-abbe-35db24e12e3a&url=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=9268&time=1722235968482&li_adsId=00cac42f-1019-4476-abbe-35db24e12e3a&url=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F&cookiesTest=true&liSync=true&e_ipv6=AQKPsdPAUUKroQAAAZD9Q13Az8CohuJyhWE3mXJJmmBrLKjuCAGspB5Wa4quFVCkaRkQ3U-S-_MACNkMOQ-D_pYJem07-A

Request Chain 366

https://id.rlcdn.com/464526.gif HTTP 307
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCMD4nLUGEgUI6AcQAEIASgA HTTP 307
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297uTmxyOA0TaSHZxAY0GabRZqOw0XyiEJmp_-ghOpJM4Y

385 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/ 146 KB
29 KB 3319ms
3286ms Document
text/html 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ff1e20ac21b988c7a5a11957d20b430e5881ab860cc7b7e6197346b4b418d6a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=14400
cf-cache-status: EXPIRED
cf-ray: 8aab2fe9a88543bc-EWR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 29 Jul 2024 06:52:40 GMT
expires: Mon, 29 Jul 2024 10:52:40 GMT
last-modified: Mon, 29 Jul 2024 06:52:40 GMT
link: <https://securityintelligence.com/wp-json/>; rel="https://api.w.org/", <https://securityintelligence.com/wp-json/wp/v2/ibm_internals/442502>; rel="alternate"; title="JSON"; type="application/json", <https://securityintelligence.com/?p=442502>; rel=shortlink
referrer-policy: no-referrer-when-downgrade
server: cloudflare
server-timing: intid;desc=fb0a28f577a63b97
vary: Accept-Encoding

GET
H2 200 ibm-common.js Show response
1.www.s81c.com/common/stats/ 263 KB
74 KB 628ms
15ms Script
application/x-javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/stats/ibm-common.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

d552b712911c65689d6831f7b6b30d5227a88ac851c18e10259e365fe9c02582

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
last-modified: Tue, 09 Jul 2024 17:43:32 GMT
server: AkamaiNetStorage
content-md5: jn9BgIDKGjkPyNnzkxja7g==
etag: "8e7f418080ca1a390fc8d9f39318daee:1720547048.207821"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=564265
accept-ranges: bytes
content-length: 75864
expires: Sun, 04 Aug 2024 19:37:05 GMT

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 410ms
16ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 29 Jul 2024 06:52:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73122
x-xss-protection: 0
server: sffe
etag: "2af4af216080b72b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 29 Jul 2024 06:52:40 GMT

GET
H2 200 amp-list-0.1.js Show response
cdn.ampproject.org/v0/ 42 KB
13 KB 23ms
21ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-list-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

07afe241f59a16aefebc10c2fa6721c17ae71811a6ba05adfe0ced9be1749caf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 29 Jul 2024 06:52:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13005
x-xss-protection: 0
server: sffe
etag: "cedf7960566c5049"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 29 Jul 2024 06:52:47 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
15 KB 18ms
17ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

8fa3336a40a94aa993e77e58243ee944bcec9084f71f4ed34399c96224c4e2eb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 29 Jul 2024 06:52:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15359
x-xss-protection: 0
server: sffe
etag: "878b797225258d2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 29 Jul 2024 06:52:47 GMT

GET
H2 200 amp-accordion-0.1.js Show response
cdn.ampproject.org/v0/ 17 KB
6 KB 23ms
16ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-accordion-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

6cfee30ce3e55ce3054f711f54ad7627185998b731aea71f58fc61a2b51fe84c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 29 Jul 2024 06:52:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5823
x-xss-protection: 0
server: sffe
etag: "3d8f5360088962a9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 29 Jul 2024 06:52:47 GMT

GET
H2 200 amp-animation-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
19 KB 21ms
15ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-animation-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

0344be44426784aba6f7c22503f008280e7f375cb03671316e731e2a0a20e6b7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 29 Jul 2024 06:52:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19001
x-xss-protection: 0
server: sffe
etag: "1a825cc0a6d42b34"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 29 Jul 2024 06:52:47 GMT

GET
H2 200 amp-position-observer-0.1.js Show response
cdn.ampproject.org/v0/ 10 KB
4 KB 30ms
24ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-position-observer-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

0cbe8f1a689365769f72815d900eea61be71b584dfee280af4dc88c21f9c2241

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 29 Jul 2024 06:52:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3695
x-xss-protection: 0
server: sffe
etag: "7335b8a6666b6e79"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 29 Jul 2024 06:52:47 GMT

GET
H2 200 amp-bind-0.1.js Show response
cdn.ampproject.org/v0/ 50 KB
16 KB 24ms
18ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-bind-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

13443ae5ca0734c899cfa3350a33befdf086e9a725fef1b01e6e60853221b0bc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 29 Jul 2024 06:52:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16373
x-xss-protection: 0
server: sffe
etag: "ed03e9697165ef03"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 29 Jul 2024 06:52:47 GMT

GET
H2 200 amp-autocomplete-0.1.js Show response
cdn.ampproject.org/v0/ 29 KB
9 KB 29ms
23ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

e82835d695b77ae15ecc4fff53c06aaf6d142f26c1b2f2816f8c496baf43d6c4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 29 Jul 2024 06:52:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9448
x-xss-protection: 0
server: sffe
etag: "fabc6b87ad052cc7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 29 Jul 2024 06:52:47 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 31ms
25ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

bad7b315a41d04900531b5a422181a07a5579df44ea80dc5219e297ff2cd6d76

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 29 Jul 2024 06:52:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4701
x-xss-protection: 0
server: sffe
etag: "909d59e83a84f291"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 29 Jul 2024 06:52:47 GMT

GET
H2 200 card-section-simple.min.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 315 KB
32 KB 647ms
35ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

2c5a8d602972048c36a43bc7204ccf206c50eb380fc209bf00b98833c26e7c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 288d7647-27d7-4558-90e0-0b1be1ae3b34
content-length: 32842
last-modified: Tue, 22 Aug 2023 18:00:57 GMT
server: Cleversafe
etag: "9aed32cd145e102091b7f6e63988d362"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 288d7647-27d7-4558-90e0-0b1be1ae3b34
cache-control: max-age=1921659
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 12:40:19 GMT

GET
H2 200 card-section-simple.min.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 315 KB
32 KB 664ms
52ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

6a342819ad55eb833b9d94923f4a3a790cbc67ffa1ec7fbc800f2682f3c2f4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 7e769c3a-ea6d-4b8a-90cd-7855c91d5739
content-length: 32844
last-modified: Tue, 12 Dec 2023 14:31:52 GMT
server: Cleversafe
etag: "0926711a9fcae264b7b3d4138ba67e9a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 7e769c3a-ea6d-4b8a-90cd-7855c91d5739
cache-control: max-age=36934
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:08:14 GMT

GET
H2 200 card-section-simple.min.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 239 KB
26 KB 638ms
27ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

69e90c7e56645fc910589528888c00a914b1ec05cf00c77f7ddf9d99770e9142

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 74bd8f48-a62b-4a62-8ea7-010b1b62ed84
content-length: 26495
last-modified: Mon, 11 Dec 2023 21:21:52 GMT
server: Cleversafe
etag: "9aa4b757da692bd04b6e54a7244f1a70"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 74bd8f48-a62b-4a62-8ea7-010b1b62ed84
cache-control: max-age=36994
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:09:14 GMT

GET
H2 200 amp-lightbox-gallery-0.1.js Show response
cdn.ampproject.org/v0/ 65 KB
19 KB 32ms
26ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-lightbox-gallery-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

7cfa68c00b8e7e71feb75a06b2677316115bfc82646a631bf30d68055beac176

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 29 Jul 2024 06:52:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19066
x-xss-protection: 0
server: sffe
etag: "2f5a3dac033d3252"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 29 Jul 2024 06:52:47 GMT

GET
H2

200

swiper-bundle.min.js Show response
unpkg.com/swiper@11.1.8/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.js
https://unpkg.com/swiper@11.1.8/swiper-bundle.min.js

147 KB
54 KB

18ms
18ms

Script
application/javascript

104.17.246.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@11.1.8/swiper-bundle.min.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Server

104.17.246.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b96c34a986fbb68ebd9925414da39d0f0aa4e086c44c67bdb92f6e4299b6e5bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 235924
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J3QK6HC7Q26GY8RJD8T2X8CT-lga
server: cloudflare
etag: "24cda-TnZ+mLfctxrntyvgoun8YFwLPn0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8aab3000696cc352-EWR

Redirect headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J3YKWKE1JN5TNP8774WKG7MY-lga
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 323
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /swiper@11.1.8/swiper-bundle.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8aab3000495fc352-EWR

GET
H2 200 amp-video-0.1.js Show response
cdn.ampproject.org/v0/ 52 KB
16 KB 29ms
23ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-video-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

f92eb0255e0c85c8e9c0cefc183438851a8e4020008ce83ee24f874ce234f516

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 29 Jul 2024 06:52:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15934
x-xss-protection: 0
server: sffe
etag: "6dc1ff43a4ecd922"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 29 Jul 2024 06:52:47 GMT

GET
H2 200 amp-youtube-0.1.js Show response
cdn.ampproject.org/v0/ 36 KB
11 KB 36ms
29ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-youtube-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

07ce80873f9653330b0888cd1174316bd53929f9ab3632fb66b36baca15da70c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 29 Jul 2024 06:52:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11229
x-xss-protection: 0
server: sffe
etag: "5b0c2c8769206025"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 29 Jul 2024 06:52:47 GMT

GET
H2 200 AI-on-digital-chip-with-neon-lights.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2024/07/ 238 KB
239 KB 34ms
28ms Image
image/webp 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2024/07/AI-on-digital-chip-with-neon-lights.jpeg.webp
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ab7332898c1287857bc2f28648f42037bb3a4a5f61e5939976a272a9322dfb4

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 16 Jul 2024 13:00:12 GMT
server: cloudflare
age: 3350
etag: "3b94c-61d5ced1d5d62"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8aab302bfcb543bc-EWR
content-length: 244044
expires: Mon, 29 Jul 2024 10:52:47 GMT

GET
H2 200 ida_stats.js Show response
1.www.s81c.com/common/stats/ 263 KB
74 KB 29ms
23ms Script
application/x-javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/stats/ida_stats.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

c8f74c2211499eea2627b22479d04215a7bd43afe4c99ca3fcc0a00c7858da91

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
last-modified: Tue, 09 Jul 2024 17:43:23 GMT
server: AkamaiNetStorage
content-md5: foUT1V2nmY3ZrNEcEXpPYw==
etag: "7e8513d55da7998dd9acd11c117a4f63:1720547045.581507"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=564092
accept-ranges: bytes
content-length: 75868
expires: Sun, 04 Aug 2024 19:34:19 GMT

GET
H2 200 modules.css
securityintelligence.com/wp-content/themes/sapphire/minifications/ 71 KB
10 KB 7285ms
7281ms Stylesheet
text/css 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/minifications/modules.css?v=1715191630
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 545ef6ead6a9dc0d3d26407b68fe2249fc910d54a9657d5d32de0a856e892e13

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Wed, 08 May 2024 18:07:10 GMT
server: cloudflare
etag: "11b38-617f52bd5fb60-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
cf-ray: 8aab302b4c5c43bc-EWR
content-length: 9724

GET
H2 200 style.min.css
securityintelligence.com/wp-includes/css/dist/block-library/ 110 KB
15 KB 7281ms
7277ms Stylesheet
text/css 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f64379224831ca1f833fd877854e2b1532aad9f60d642e863678fd6d14d6aea

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Jul 2024 18:49:06 GMT
server: cloudflare
etag: "1b79e-61e02bb9bfbb3-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
cf-ray: 8aab302b4c5d43bc-EWR
content-length: 14840

GET
H2 200 style.css
securityintelligence.com/wp-content/plugins/taxonomy-images/css/ 447 B
304 B 7278ms
7274ms Stylesheet
text/css 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-content/plugins/taxonomy-images/css/style.css?ver=0.9.6
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dd1908c6a8fd56a009de150a0d1b0c6c18a21543ff2f246a7108f385a22500e

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:01 GMT
server: cloudflare
etag: "1bf-60a227f54b752-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
cf-ray: 8aab302b4c5e43bc-EWR
content-length: 217

GET
H2 200 jquery.min.js Show response
securityintelligence.com/wp-includes/js/jquery/ 86 KB
30 KB 7283ms
7280ms Script
application/x-javascript 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Thu, 30 Nov 2023 19:57:40 GMT
server: cloudflare
etag: "15601-60b641068b666-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 8aab302b4c6043bc-EWR
content-length: 30368

GET
H2 200 jquery-migrate.min.js Show response
securityintelligence.com/wp-includes/js/jquery/ 13 KB
5 KB 7280ms
7277ms Script
application/x-javascript 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "3509-60a227f66a926-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 8aab302b4c6143bc-EWR
content-length: 4872

GET
H2 200 analytics_c7caef17012f48e99285467c1b6d8423.js Show response
analytics.newscred.com/ 22 KB
8 KB 235ms
15ms Script
application/javascript 18.160.41.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.newscred.com/analytics_c7caef17012f48e99285467c1b6d8423.js
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.41.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-41-25.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f217256166bce9376568ac982825c272d71b252c8a8dc92458b5bd7ab4244121

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 20:05:02 GMT
content-encoding: gzip
via: 1.1 06186860a5ea94b333945ca9761eb36c.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jul 2024 22:12:09 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P1
age: 38866
etag: W/"13e2f1d52b6b0f1def5bb78795e5ca33"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: glYuZEe1X9l8yRB-kHJkbC_qyp6AJbMAbuaz_TFv8yNz0G9AtYodag==

GET
H2 200 css
fonts.googleapis.com/ 10 KB
872 B 405ms
60ms Stylesheet
text/css 173.194.207.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.207.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f95.1e100.net

Software

ESF /

Resource Hash

20e00dd4e268dc8a079f63839014b0180acb03489e694d5f67c7e8ca73b9610f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 06:52:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jul 2024 06:52:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
740 B 407ms
62ms Stylesheet
text/css 173.194.207.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.207.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f95.1e100.net

Software

ESF /

Resource Hash

e878c84c5a5d323e7649bed33fee3829cbadb6ef0722d52a262099f7f906d8ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 06:52:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jul 2024 06:52:40 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
983 B 374ms
29ms Stylesheet
text/css 173.194.207.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=IBM+Plex+Serif&display=swap

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.207.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qk-in-f95.1e100.net

Software

ESF /

Resource Hash

edcb16fa396f7e60ad5d1796cf74ec7ba81cb86ab93878f23c09eec468dac6ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 05:01:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jul 2024 06:52:40 GMT

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@11.1.8/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.css
https://unpkg.com/swiper@11.1.8/swiper-bundle.min.css

18 KB
6 KB

18ms
17ms

Stylesheet
text/css

104.17.246.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@11.1.8/swiper-bundle.min.css

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Server

104.17.246.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4450a1b6d074ed92fd0ca384c6d7b58668212260ff936f5163e22167146c074

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 235803
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J3QKAAEYWT7AMRAET5HV70JR-lga
server: cloudflare
etag: "4800-pMgDklEO3XG8IW3XpwC/od9lYwU"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8aab3000696bc352-EWR

Redirect headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J3YM03KHM5XA9JAWH30MVHWK-lga
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 208
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /swiper@11.1.8/swiper-bundle.min.css
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8aab3000495ec352-EWR

GET
H2 200 single.css
securityintelligence.com/wp-content/themes/sapphire/minifications/ 71 KB
11 KB 7280ms
7278ms Stylesheet
text/css 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/minifications/single.css?v=1710357099
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0227033bd5c1308b7c468b078482f8a512d0c3554a90a16ac95910f4b058c6d

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Wed, 13 Mar 2024 19:11:39 GMT
server: cloudflare
etag: "11d79-6138f8b5af0a0-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
cf-ray: 8aab302b4c5f43bc-EWR
content-length: 10931

GET
H2 200 cta-section.min.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 92 KB
12 KB 634ms
25ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

534a72d8cbdb7e793828deb405bead2f4c57e6e6c8e4bcb70c6c1d5508e09d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 39a26293-73b0-44ce-ac4d-b5b597fc1d73
content-length: 12454
last-modified: Tue, 18 Apr 2023 01:06:25 GMT
server: Cleversafe
etag: "d08e76a0e2534a2d405ec768aa552d89"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 39a26293-73b0-44ce-ac4d-b5b597fc1d73
cache-control: max-age=1926033
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:53:13 GMT

GET
H2 200 cta-section.min.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 92 KB
13 KB 626ms
17ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a70c2df9665defd3c6bcd1ecf9f29eb39f8c9ecd93e8ab522d30aa4ea25c3b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 2be826d4-8371-49d0-b2b7-511c4117c53a
content-length: 12487
last-modified: Tue, 12 Dec 2023 14:31:55 GMT
server: Cleversafe
etag: "e1c535225493631ec8c6427afbd730a7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 2be826d4-8371-49d0-b2b7-511c4117c53a
cache-control: max-age=37111
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:11:11 GMT

GET
H2 200 cta-section.min.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 80 KB
11 KB 621ms
13ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

82769b62d196eb232019812300ebae249a33a833797db0921447c429db379c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: c0bc29e9-84ad-47df-954f-ed40a4cce8e1
content-length: 10752
last-modified: Mon, 11 Dec 2023 21:21:55 GMT
server: Cleversafe
etag: "bb07f2546f4434d8b5dec87d04587607"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: c0bc29e9-84ad-47df-954f-ed40a4cce8e1
cache-control: max-age=37368
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:15:28 GMT

GET
H2 200 qppr_frontend_script.min.js Show response
securityintelligence.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/ 2 KB
699 B 7275ms
7273ms Script
application/x-javascript 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js?ver=5.2.4
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fc2845d22c09928ba9dae73f657a21ede05bed89a42efafe1028bcbe4ee499b

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:01 GMT
server: cloudflare
etag: "636-60a227f549812-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 8aab302b4c6343bc-EWR
content-length: 541

GET
H2 200 settings.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 3 KB
1 KB 30ms
13ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/settings.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

8f52e656ea443d8568ab27dd68776e39dc7ddc03af9fa234a93e7f537287cb0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b7576e87-0ef2-49c9-a207-27eabfef2a7c
content-length: 959
last-modified: Mon, 11 Dec 2023 21:22:16 GMT
server: Cleversafe
etag: "ee9112816a9b0155bf35f3936c323c1e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b7576e87-0ef2-49c9-a207-27eabfef2a7c
cache-control: max-age=40362
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 18:05:22 GMT

GET
H2 200 stable-selector.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 5 KB
2 KB 62ms
46ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/stable-selector.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

3329f8744f63d73dc769e111107ab2e3fc688aadbbc5c26a4e64031a72ba2a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: a1bed0b4-d120-4f46-9841-82cac5e7bde4
content-length: 1660
last-modified: Mon, 11 Dec 2023 21:22:17 GMT
server: Cleversafe
etag: "37db46b799fbed2f1486b7184b634c5c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: a1bed0b4-d120-4f46-9841-82cac5e7bde4
cache-control: max-age=40381
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 18:05:41 GMT

GET
H2 200 query-assigned-elements.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 20 KB
7 KB 30ms
13ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/query-assigned-elements.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

ace941f3e5f95397596ca7394eba3d53e79e7c717ba7fab29e857c4010b353b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 304d3a90-e368-4b93-87ce-6b6ed1db6277
content-length: 6918
last-modified: Mon, 11 Dec 2023 21:22:06 GMT
server: Cleversafe
etag: "e8cdaa5f4c1fce541b50d4bfd2596147"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 304d3a90-e368-4b93-87ce-6b6ed1db6277
cache-control: max-age=36828
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:06:28 GMT

GET
H2 200 content-section.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 12 KB
4 KB 30ms
14ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-section.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

e0ae28c5a633fd1d7ca95e841dce0ee9614968e119122b05abe7d7bbac505558

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 0cc52d11-78ae-4f08-8240-38ac19b66c40
content-length: 3879
last-modified: Mon, 11 Dec 2023 21:21:55 GMT
server: Cleversafe
etag: "03bfb3813bc0bad7ba5c1cbbb6c152ed"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 0cc52d11-78ae-4f08-8240-38ac19b66c40
cache-control: max-age=36848
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:06:48 GMT

GET
H2 200 carbon-element.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
1 KB 63ms
47ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/carbon-element.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

f1ec7fd994ef08be61d7826fab880f881e7655fe756ebbedabef076769246852

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 7528d5e5-20d5-4609-8c22-ef0c0ce3a114
content-length: 1062
last-modified: Mon, 11 Dec 2023 21:21:51 GMT
server: Cleversafe
etag: "503b055d5b9690784e44e087ebbacbe8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 7528d5e5-20d5-4609-8c22-ef0c0ce3a114
cache-control: max-age=36982
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:09:02 GMT

GET
H2 200 card.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 21 KB
7 KB 30ms
15ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d22151a8ab284610169dd85aef94ae8520ea2aff3a309b196a521fcc0619afc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 9307ffb5-fb36-43f0-83e4-06e79b37a9da
content-length: 6401
last-modified: Mon, 11 Dec 2023 21:21:52 GMT
server: Cleversafe
etag: "742ec09beb888ee0d4a2df2cf3c04d8a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 9307ffb5-fb36-43f0-83e4-06e79b37a9da
cache-control: max-age=36971
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:08:51 GMT

GET
H2 200 card-eyebrow.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 11 KB
4 KB 30ms
15ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-eyebrow.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

44c9ebcdd27f2e42b1687408b43a9010aa0311a1ea4333ff589af21290e266e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b99c4c4f-0fda-426e-9e6e-0e668eeeb57c
content-length: 3545
last-modified: Mon, 11 Dec 2023 21:21:51 GMT
server: Cleversafe
etag: "5056ce69d29066edbf3e74328df05dee"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b99c4c4f-0fda-426e-9e6e-0e668eeeb57c
cache-control: max-age=68254
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 30 Jul 2024 01:50:14 GMT

GET
H2 200 card-footer.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 14 KB
5 KB 30ms
15ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-footer.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

36804111118e2ad330c9e26337ae8b46cf89ffdcae9eb9cd90269004a06d8e8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 81824cac-37ee-450f-b71f-b69275dc5cd0
content-length: 4317
last-modified: Mon, 11 Dec 2023 21:21:51 GMT
server: Cleversafe
etag: "d0d82a61201c0d82450b7c1d87e45fe3"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 81824cac-37ee-450f-b71f-b69275dc5cd0
cache-control: max-age=37186
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:12:26 GMT

GET
H2 200 card-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 12 KB
4 KB 31ms
16ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

15bd17f46697a0c40344ca45bb526210294bdbd89f268c3f457a4d0f1956aef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 9f232334-69f4-482f-8e47-f6709d32fbb8
content-length: 3795
last-modified: Mon, 11 Dec 2023 21:21:51 GMT
server: Cleversafe
etag: "0488a768dbd12b200a8a6b36f97e5c53"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 9f232334-69f4-482f-8e47-f6709d32fbb8
cache-control: max-age=68439
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 30 Jul 2024 01:53:19 GMT

GET
H2 200 image-logo.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 12 KB
4 KB 61ms
46ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/image-logo.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

0fd69e78d009137906a572580d329ad4dec672810b0eec8feb54ea4b511c3078

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: babf3bb0-b785-4cbc-9c6e-0ec1ee5c9572
content-length: 3648
last-modified: Mon, 11 Dec 2023 21:21:58 GMT
server: Cleversafe
etag: "ff08b53682feba68d9f45ebbe9b68a0a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: babf3bb0-b785-4cbc-9c6e-0ec1ee5c9572
cache-control: max-age=37032
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:09:52 GMT

GET
H2 200 card-cta-footer.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 13 KB
4 KB 61ms
46ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-cta-footer.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

e748d41cd9cfe01dbb54a81879719cf10802004bdf822009e81e16673a9e0bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 863faff4-dd6d-46d5-9143-175f35897fae
content-length: 4022
last-modified: Mon, 11 Dec 2023 21:21:51 GMT
server: Cleversafe
etag: "21b9a6d34ffdbb15c5e4508bb8122c38"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 863faff4-dd6d-46d5-9143-175f35897fae
cache-control: max-age=36895
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:07:35 GMT

GET
H2 200 card-group-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 253 KB
28 KB 78ms
64ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-group-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

af500480a770c61c159f2c95933c6b8f10f2dad5161667aaf3487cfc17a0d8a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 48bc453f-ac85-4dd3-9646-ed2e44ce3122
content-length: 27996
last-modified: Mon, 11 Dec 2023 21:21:51 GMT
server: Cleversafe
etag: "669063b2502f736220b47909494c8457"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 48bc453f-ac85-4dd3-9646-ed2e44ce3122
cache-control: max-age=43166
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 18:52:06 GMT

GET
H2 200 content-section-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 12 KB
4 KB 80ms
65ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-section-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

98e8a67bfc49b85d714f91c8d7fd1931c6269e2a7cb2c2e5fa554a775694abe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 14ef9257-7b74-42d7-a1b0-5ada5f35d67a
content-length: 3785
last-modified: Mon, 11 Dec 2023 21:21:55 GMT
server: Cleversafe
etag: "4fb92153959b086f579e0fe73f1c918d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 14ef9257-7b74-42d7-a1b0-5ada5f35d67a
cache-control: max-age=43701
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 19:01:01 GMT

GET
H2 200 content-section2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 50 KB
5 KB 77ms
63ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-section2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

45cf5e6406dc15cea5b9936a8cc17dfa66e525f541f58788ae196bd39fc59502

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 440b4386-55df-49f1-b9b8-0145942aa9e4
content-length: 5046
last-modified: Mon, 11 Dec 2023 21:21:55 GMT
server: Cleversafe
etag: "e1bdb72f3b5f2c3c259437aa4e00c896"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 440b4386-55df-49f1-b9b8-0145942aa9e4
cache-control: max-age=36977
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:08:57 GMT

GET
H2 200 state.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 3 KB
1 KB 78ms
64ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/state.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

3be5f3576766c960983b315b072f6ca22578e2c34d97d54c27c2b44e565a8e16

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d7092f4e-5796-4e1c-9ec0-053ba784fc12
content-length: 974
last-modified: Mon, 11 Dec 2023 21:22:17 GMT
server: Cleversafe
etag: "af3129e317bb6c9e5624850805c1e15d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d7092f4e-5796-4e1c-9ec0-053ba784fc12
cache-control: max-age=40388
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 18:05:48 GMT

GET
H2 200 class-map.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 5 KB
2 KB 78ms
64ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/class-map.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

8566c12e70a78fae249238e8e20989ede0f2ba0c5e54859b5a6cae6ed72a7095

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 9c77bc38-2473-4f24-9b23-dbf2d6e07f54
content-length: 1741
last-modified: Mon, 11 Dec 2023 21:21:52 GMT
server: Cleversafe
etag: "819c3d075696c145221a2126dc8e9bf2"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 9c77bc38-2473-4f24-9b23-dbf2d6e07f54
cache-control: max-age=36809
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:06:09 GMT

GET
H2 200 directive.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
1 KB 91ms
78ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/directive.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a2678914f25ce6f77376659fd248aa0da2f36996f4d777dba0d2dd4fc6095803

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 700b3bd5-b7a2-45ce-a3b5-0c1787450240
content-length: 1106
last-modified: Mon, 11 Dec 2023 21:21:56 GMT
server: Cleversafe
etag: "0a7d2e72198662190b3a9ff7138c677e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 700b3bd5-b7a2-45ce-a3b5-0c1787450240
cache-control: max-age=40475
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 18:07:15 GMT

GET
H2 200 defs.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 8 KB
3 KB 91ms
78ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/defs.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

f393eb2713d80f2e7cf87f9f094f4b524eedd64e3ad0fc0a9208bb348d3359d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 4d50f3e5-a31e-4d9e-b6f5-2b11b356390c
content-length: 2536
last-modified: Mon, 11 Dec 2023 21:21:56 GMT
server: Cleversafe
etag: "92a16defdf8f90f787c8f2a35cab97b7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 4d50f3e5-a31e-4d9e-b6f5-2b11b356390c
cache-control: max-age=37037
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:09:57 GMT

GET
H2 200 index3.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 12 KB
4 KB 92ms
79ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/index3.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

512ad42436ff03797962addaf6aa6f3fefdda82e75fd58d30628739b49164748

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 10831e3f-9e01-40e6-b8fa-5c813e68d633
content-length: 3995
last-modified: Mon, 11 Dec 2023 21:21:58 GMT
server: Cleversafe
etag: "4f8c2c1e6ee5ab1e33277bef8fe5fdc7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 10831e3f-9e01-40e6-b8fa-5c813e68d633
cache-control: max-age=40391
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 18:05:51 GMT

GET
H2 200 _commonjsHelpers.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 3 KB
1 KB 92ms
79ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/_commonjsHelpers.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

2dc14b2ebaa9d37bc6cb8ecda0da7588dd328660edb43a7c635d39f46a79d394

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 8cccf3ed-a2a2-438b-9f51-cd7a3b361059
content-length: 1039
last-modified: Mon, 11 Dec 2023 21:21:50 GMT
server: Cleversafe
etag: "9e7bbda90c668af882dda049bca88643"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 8cccf3ed-a2a2-438b-9f51-cd7a3b361059
cache-control: max-age=36968
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:08:48 GMT

GET
H2 200 index.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 3 KB
1 KB 92ms
80ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/index.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

e63a5f14e57733c2768ffe6a3f882f125df33487603a5a1a059daf7ccdf728f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: afea6663-0fab-4900-9467-a33253db1caa
content-length: 986
last-modified: Mon, 11 Dec 2023 21:21:58 GMT
server: Cleversafe
etag: "d0ec029db9818c89ee77a508b0fdb8b6"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: afea6663-0fab-4900-9467-a33253db1caa
cache-control: max-age=36889
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:07:29 GMT

GET
H2 200 spread.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
1 KB 92ms
80ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/spread.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a43f650076aff5160d5199648cb8aba0c77431dc6118ab697006c7e677e63fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ecd1b3d2-1b08-44a2-8e45-71ca1052fc27
content-length: 1138
last-modified: Mon, 11 Dec 2023 21:22:17 GMT
server: Cleversafe
etag: "8947413c0190fc4dbb46a7bc8c2ec513"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ecd1b3d2-1b08-44a2-8e45-71ca1052fc27
cache-control: max-age=37019
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:09:39 GMT

GET
H2 200 link.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 10 KB
3 KB 92ms
81ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/link.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

fb372a60a8b6705edbe2ab4c0d80b8418c5f1d26049433dd4d515c5eaa617e69

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 800e23a3-8f7b-41ab-a751-c94b70c2f073
content-length: 2701
last-modified: Mon, 11 Dec 2023 21:22:01 GMT
server: Cleversafe
etag: "bc18f24e3d42e80704c53d3d3c18817b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 800e23a3-8f7b-41ab-a751-c94b70c2f073
cache-control: max-age=40551
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 18:08:31 GMT

GET
H2 200 objectSpread2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
2 KB 93ms
81ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/objectSpread2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

8c0d06ba574de5682d0c5fce9a27ba5f0593ce31751c198b19d7bf83739a4e65

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 01e0f44f-68c7-47b0-82f2-52a67aaae322
content-length: 1438
last-modified: Mon, 11 Dec 2023 21:22:05 GMT
server: Cleversafe
etag: "0f53e8059faf332ff17e8c2641339c45"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 01e0f44f-68c7-47b0-82f2-52a67aaae322
cache-control: max-age=40337
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 18:04:57 GMT

GET
H2 200 decorate.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 10 KB
3 KB 93ms
81ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/decorate.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

fc9ad7df6018269998940126df5b35af77503a3b1aabc1bf7b0fa09f38b5b333

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 850b2b8b-21d6-47e0-9c74-c61bc608bd50
content-length: 3218
last-modified: Mon, 11 Dec 2023 21:21:56 GMT
server: Cleversafe
etag: "c6f9683cff144c5bab27f3d02fb6e562"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 850b2b8b-21d6-47e0-9c74-c61bc608bd50
cache-control: max-age=40387
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 18:05:47 GMT

GET
H2 200 if-defined.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 3 KB
1 KB 154ms
143ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/if-defined.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

277aa765c2c0fc1eceb225af5f16552f2753e531190b61a78e1ab23b600bb186

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: a1d122da-3d6a-43c4-a55e-2fdcfedfc8cc
content-length: 971
last-modified: Mon, 11 Dec 2023 21:21:58 GMT
server: Cleversafe
etag: "ed037b2d1359964aeba23dc02748e56d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: a1d122da-3d6a-43c4-a55e-2fdcfedfc8cc
cache-control: max-age=61202
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 23:52:42 GMT

GET
H2 200 settings2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 5 KB
2 KB 153ms
142ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/settings2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

2bea429dfcce30ae650c38ee5aa2957deed1b1f04bd81d24db0741044b025f46

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 61ea5ede-e8c2-4706-940d-b35549f77c8b
content-length: 1368
last-modified: Mon, 11 Dec 2023 21:22:16 GMT
server: Cleversafe
etag: "5e66f671119195b4c4d66adb5a3dd3f2"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 61ea5ede-e8c2-4706-940d-b35549f77c8b
cache-control: max-age=40113
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 18:01:13 GMT

GET
H2 200 focus.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
1 KB 153ms
143ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/focus.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

cb341d420886eb30d9643840bd2017e4f74c9bb86edbee866f7e3e518495ac69

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b7bab938-2c5f-4d15-8be3-ab7a490a3ec9
content-length: 1036
last-modified: Mon, 11 Dec 2023 21:21:57 GMT
server: Cleversafe
etag: "d5505f4abc086e41bbb94c65ea8be1ea"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b7bab938-2c5f-4d15-8be3-ab7a490a3ec9
cache-control: max-age=41105
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 18:17:45 GMT

GET
H2 200 marked.umd.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 73 KB
25 KB 92ms
82ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/marked.umd.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

87a2ae83fa4d6afce7a749def8ef96a4d1329f981f587296307c90869c580bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 7c5a4745-9c02-405f-96b3-7361a8867efd
content-length: 25599
last-modified: Mon, 11 Dec 2023 21:22:02 GMT
server: Cleversafe
etag: "5ea988f16abe46bff640795e88635f4d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 7c5a4745-9c02-405f-96b3-7361a8867efd
cache-control: max-age=36943
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:08:23 GMT

GET
H2 200 striptags.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 5 KB
2 KB 96ms
87ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/striptags.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

455fd63a5cee8e063c217befbf25b461788aa0e1385b2e8017422049aec2d017

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 3d7cbcc9-d49c-486a-9928-063d2d9a5723
content-length: 1671
last-modified: Mon, 11 Dec 2023 21:22:17 GMT
server: Cleversafe
etag: "0cd25036fe355b41d4da566a37ee6757"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 3d7cbcc9-d49c-486a-9928-063d2d9a5723
cache-control: max-age=40147
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 18:01:47 GMT

GET
H2 200 defs2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 3 KB
1 KB 155ms
145ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/defs2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

4f1784ddd618453f60a7b05f4b9a28c732a42c008e2cc427babddbacd0dbbd95

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 987f8271-2634-4985-98ef-db9fba547ce7
content-length: 1004
last-modified: Mon, 11 Dec 2023 21:21:56 GMT
server: Cleversafe
etag: "a7129ed3fcf4ac34c09036ee459b3f1c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 987f8271-2634-4985-98ef-db9fba547ce7
cache-control: max-age=36985
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:09:05 GMT

GET
H2 200 card2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 170 KB
18 KB 95ms
86ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

83d7d4ad5e4725bef1d746ddbf1fc16dd065c9950a344b5ac8eb8b4a66cca642

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 2f96ab61-20f0-461e-a030-2afb1eea76cc
content-length: 18233
last-modified: Mon, 11 Dec 2023 21:21:52 GMT
server: Cleversafe
etag: "a3fe5c62fc8e33365e1af5de9cb55c30"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 2f96ab61-20f0-461e-a030-2afb1eea76cc
cache-control: max-age=36890
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:07:30 GMT

GET
H2 200 cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 27 KB
8 KB 153ms
144ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

8d5dfa4004f79dd34fe59fff43b7fe46c095577d58745b6a66ff677b2bfe1553

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: c4960d86-be9c-4008-8359-df65f7e14779
content-length: 8280
last-modified: Mon, 11 Dec 2023 21:21:56 GMT
server: Cleversafe
etag: "60a0872e6525c725e08c7809806b6e2d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: c4960d86-be9c-4008-8359-df65f7e14779
cache-control: max-age=37022
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:09:42 GMT

GET
H2 200 formatVideoCaption.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
1 KB 186ms
177ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/formatVideoCaption.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c0d3d87b8bd38c73c165621f789cb83413e1e5a023801d8be026b8ca0617a6d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 8a4c255e-cb4a-4f85-9c1d-5d5a5978abcf
content-length: 1144
last-modified: Mon, 11 Dec 2023 21:21:57 GMT
server: Cleversafe
etag: "cbc4d68959493a72c58ddb3be6b1b620"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 8a4c255e-cb4a-4f85-9c1d-5d5a5978abcf
cache-control: max-age=40489
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 18:07:29 GMT

GET
H2 200 link-with-icon.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 79 KB
13 KB 154ms
146ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/link-with-icon.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

ba73ff4bde6333360947ed9d66ed173a7d217338d4a18a0b38a860e110e3d788

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 19f21b9d-ea9e-4270-9916-4315641e5e4e
content-length: 12860
last-modified: Mon, 11 Dec 2023 21:22:01 GMT
server: Cleversafe
etag: "ec1add56cf2a9201117c5e7c34c6a96a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 19f21b9d-ea9e-4270-9916-4315641e5e4e
cache-control: max-age=36934
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:08:14 GMT

GET
H2 200 20.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
2 KB 155ms
147ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/20.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

5ecaa6823047993e686bc225c8d2de74227f68a9758818a8a2faf37c5ecbba63

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: c4de17a6-5c35-4bb8-ab81-3bfdd73be8cc
content-length: 1231
last-modified: Mon, 11 Dec 2023 21:21:50 GMT
server: Cleversafe
etag: "ca8b15b9570f0ae43e8150e4b838f886"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: c4de17a6-5c35-4bb8-ab81-3bfdd73be8cc
cache-control: max-age=36994
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:09:14 GMT

GET
H2 200 settings3.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 3 KB
1 KB 155ms
147ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/settings3.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

8f52e656ea443d8568ab27dd68776e39dc7ddc03af9fa234a93e7f537287cb0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 4728c27d-7fdc-4c7e-b668-ba153f44790c
content-length: 959
last-modified: Mon, 11 Dec 2023 21:22:16 GMT
server: Cleversafe
etag: "ee9112816a9b0155bf35f3936c323c1e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 4728c27d-7fdc-4c7e-b668-ba153f44790c
cache-control: max-age=37072
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:10:32 GMT

GET
H2 200 image.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 75 KB
14 KB 155ms
147ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/image.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

cdeb355a9ffa6456ee2917eb1e985412af551ae8d30ff799e2d2249201d740cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f058fd18-0843-4a2f-8318-225fbc54be58
content-length: 13540
last-modified: Mon, 11 Dec 2023 21:21:58 GMT
server: Cleversafe
etag: "0e54f77dd3dbd023416f3f60a86ff3f4"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f058fd18-0843-4a2f-8318-225fbc54be58
cache-control: max-age=36833
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:06:33 GMT

GET
H2 200 host-listener.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 5 KB
2 KB 156ms
149ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/host-listener.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

4445c246bb44fad6c54a993d4b258c1802118fa85bbccd406662c8c5c95ac123

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: adf5220a-a315-454d-8eb9-cfd283d74efc
content-length: 1658
last-modified: Mon, 11 Dec 2023 21:21:58 GMT
server: Cleversafe
etag: "2f1cd9a87231aae108b97883c02d8ec1"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: adf5220a-a315-454d-8eb9-cfd283d74efc
cache-control: max-age=37072
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:10:32 GMT

GET
H2 200 expressive-modal.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 70 KB
13 KB 156ms
149ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/expressive-modal.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d1b5edc6ae60994126aa455fa391aab95e6d4c3c85356be0ce01e625cbac8ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: bba9065b-4850-4f29-b9ee-ebb8821c7f7b
content-length: 13093
last-modified: Mon, 11 Dec 2023 21:21:56 GMT
server: Cleversafe
etag: "9f8f88e3436b9b412b665eb443c17748"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: bba9065b-4850-4f29-b9ee-ebb8821c7f7b
cache-control: max-age=40456
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 18:06:56 GMT

GET
H2 200 expressive-modal-close-button.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 11 KB
4 KB 157ms
150ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/expressive-modal-close-button.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

55202926a14875494185d7df9264a3e871153129368ced8fe904da4cbe51e3fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: fca31a5d-6ba2-4449-b489-c75b1ec958a5
content-length: 3536
last-modified: Mon, 11 Dec 2023 21:21:56 GMT
server: Cleversafe
etag: "a080bcad72a71bf5f10c7e133f90775d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: fca31a5d-6ba2-4449-b489-c75b1ec958a5
cache-control: max-age=37006
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:09:26 GMT

GET
H2 200 modal-close-button.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 54 KB
8 KB 155ms
149ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/modal-close-button.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

fdb01d0c2c147dd308754fc4e19de4f20f4474110825eed804def2b1775c0440

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 437609dd-6f26-436e-9289-1c32897b7849
content-length: 8170
last-modified: Mon, 11 Dec 2023 21:22:05 GMT
server: Cleversafe
etag: "d9c90c5f268b3a897b57ca7058ae953a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 437609dd-6f26-436e-9289-1c32897b7849
cache-control: max-age=40311
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 18:04:31 GMT

GET
H2 200 203.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
1 KB 158ms
151ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/203.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c05bec41bceb98e3741eec5abe5ca5db721510c1e92afabc2a222d2dfefb558d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: a07ca0cb-d941-4a1d-926c-a5147eab564a
content-length: 1190
last-modified: Mon, 11 Dec 2023 21:21:50 GMT
server: Cleversafe
etag: "0f2117d5b71736529ffea8bd91f07460"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: a07ca0cb-d941-4a1d-926c-a5147eab564a
cache-control: max-age=36873
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:07:13 GMT

GET
H2 200 lightbox-image-viewer.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 77 KB
12 KB 158ms
152ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/lightbox-image-viewer.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

bd597b9019a5779af45853abf6ea477dec205d4b1b126ea80780ffa050570034

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: e9da3997-c21e-4dc2-9f15-0e63cf19e8f5
content-length: 12367
last-modified: Mon, 11 Dec 2023 21:22:00 GMT
server: Cleversafe
etag: "8d2b3319cf78e44f98b942eac0700aff"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: e9da3997-c21e-4dc2-9f15-0e63cf19e8f5
cache-control: max-age=59165
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 23:18:45 GMT

GET
H2 200 button2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 80 KB
12 KB 158ms
152ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/button2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

2a2ccac78fe77258cb0dcf897f713930423d19a155831adb0d4692382c879169

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 824b9e6f-0912-453b-ad5c-3e9dd49c9372
content-length: 12396
last-modified: Mon, 11 Dec 2023 21:21:50 GMT
server: Cleversafe
etag: "249c73a298fb3b62ea47e9669989579d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 824b9e6f-0912-453b-ad5c-3e9dd49c9372
cache-control: max-age=36848
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:06:48 GMT

GET
H2 200 button.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 72 KB
10 KB 156ms
151ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/button.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

b0f116b6070f8658986fd7db10d550321846965128feca7d1b5ae786dad708e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: a2b1e5c9-c7fc-4fce-92f4-dd9724206c6f
content-length: 10320
last-modified: Mon, 11 Dec 2023 21:21:50 GMT
server: Cleversafe
etag: "58195c8c0bf5cf9d709e2207c1139916"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: a2b1e5c9-c7fc-4fce-92f4-dd9724206c6f
cache-control: max-age=36881
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:07:21 GMT

GET
H2 200 modal-render.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 5 KB
2 KB 159ms
153ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/modal-render.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

eb16dcbcfed35fd40c5c61f3f7cb9661c7ca7608e9ad2cb9a81752fb195c76dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 963372d7-e894-4103-aca5-b5d860caea12
content-length: 1674
last-modified: Mon, 11 Dec 2023 21:22:05 GMT
server: Cleversafe
etag: "b8f3c12dc50ff91a9a80b0ccd064526f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 963372d7-e894-4103-aca5-b5d860caea12
cache-control: max-age=40755
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 18:11:55 GMT

GET
H2 200 video.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 7 KB
3 KB 159ms
154ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/video.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

ff28d591b0707bfe7a8fc66020594a85ed5d4521f1a1671623a5770d336dad4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f1e96c4e-e849-46b3-abef-9bcdc17acfcd
content-length: 2512
last-modified: Mon, 11 Dec 2023 21:22:18 GMT
server: Cleversafe
etag: "7acf467bde8c22956540090097b1fe3b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f1e96c4e-e849-46b3-abef-9bcdc17acfcd
cache-control: max-age=37076
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:10:36 GMT

GET
H2 200 cta2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 276 KB
28 KB 160ms
155ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

b31a3b2cb739733fdf9ee5f1dfdda95bf7831e50c7085d4472ecc0ff98633df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 7579b8ca-763b-44b9-ae20-a8ed10060709
content-length: 28584
last-modified: Mon, 11 Dec 2023 21:21:56 GMT
server: Cleversafe
etag: "31fe7b859ef1d15bda57144cd89f9387"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 7579b8ca-763b-44b9-ae20-a8ed10060709
cache-control: max-age=68447
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 30 Jul 2024 01:53:27 GMT

GET
H2 200 sameHeight.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
1 KB 161ms
156ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/sameHeight.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

26691fb2a91c3fe21ac008c78b11c02853e79e82abd07fece9f7ab11b3764582

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: a651f169-4a30-434f-a98d-01d265b0542b
content-length: 1120
last-modified: Mon, 11 Dec 2023 21:22:16 GMT
server: Cleversafe
etag: "c045c7e13804971c2c314900d0a3fd5a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: a651f169-4a30-434f-a98d-01d265b0542b
cache-control: max-age=37112
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:11:12 GMT

GET
H2 200 index5.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
2 KB 181ms
177ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/index5.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

8993b3ab7f762fa0645a1177e24547c2fdd729f34d1189b99e72e0c725d957cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 539093dd-7af0-4ea5-b77f-f1452a3c7af8
content-length: 1345
last-modified: Mon, 11 Dec 2023 21:21:58 GMT
server: Cleversafe
etag: "a1960d44de1dbd2cc710bcd6a489c14c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 539093dd-7af0-4ea5-b77f-f1452a3c7af8
cache-control: max-age=37014
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:09:34 GMT

GET
H2 200 dbdm-data Show response
www-api.ibm.com/data-sync/ 2 KB
2 KB 280ms
47ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www-api.ibm.com/data-sync/dbdm-data?callback=_dl.fn.dataSync.callback

Requested by

Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ibm-common.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

/ Express

Resource Hash

f20b790ced614a5e4547ad4269790666a6863a402be73fbb8ee837aa7f085987

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-powered-by: Express
etag: W/"9ac-cFvESOorQIe2sIXwcTA1k6OgS0Q:dtagent10295240705110949eiLw"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-timing: dtSInfo;desc="0", dtRpid;desc="757596270"
content-length: 1888
x-xss-protection: 1; mode=block

GET
H2 200 settings.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 4 KB
1 KB 130ms
94ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/settings.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7f2c690cc6175be879d93be0ebfc16fa2e31e09ba7a536fb73b1aa5d0e05f9ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b955c440-8e72-4398-975b-2800b07a851d
content-length: 1177
last-modified: Tue, 22 Aug 2023 18:01:10 GMT
server: Cleversafe
etag: "d3fbccd277dc823a986d3ed1e386b9c3"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b955c440-8e72-4398-975b-2800b07a851d
cache-control: max-age=1927556
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:18:36 GMT

GET
H2 200 stable-selector.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 5 KB
2 KB 131ms
96ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/stable-selector.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

fc9840876318b8c21fa8718b599a2942e6e23c9e302a37274a8b19be6a439864

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 39ea154d-6d08-4861-9ae9-23a229067d3c
content-length: 1733
last-modified: Tue, 22 Aug 2023 18:01:10 GMT
server: Cleversafe
etag: "652a317ff70442e59bbdefdfa7540f59"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 39ea154d-6d08-4861-9ae9-23a229067d3c
cache-control: max-age=1927550
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:18:30 GMT

GET
H2 200 carbon-element.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 32 KB
8 KB 131ms
96ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/carbon-element.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

580410bce2b2067d7f22d95475dad5abf008a95ddb3561a2eef756c431e1f35f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: df25840d-6539-4570-85f1-769b0260e3ad
content-length: 8364
last-modified: Tue, 22 Aug 2023 18:00:56 GMT
server: Cleversafe
etag: "3bf6e8923d8bc96696e178561bda892a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: df25840d-6539-4570-85f1-769b0260e3ad
cache-control: max-age=1926518
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:01:18 GMT

GET
H2 200 content-section.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 12 KB
4 KB 132ms
97ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/content-section.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

44a14fefb8c37af73e740e0cd2c36051bf2136f4bf9e834e7237c6be19d66c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 46540fc5-4d52-45d3-b016-72c3e11677d2
content-length: 3937
last-modified: Tue, 22 Aug 2023 18:00:59 GMT
server: Cleversafe
etag: "42086f88f346fe90e7038f9e96fc140b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 46540fc5-4d52-45d3-b016-72c3e11677d2
cache-control: max-age=1926426
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:46 GMT

GET
H2 200 card.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 17 KB
6 KB 133ms
98ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

bbc2a908d267ae71b9d9d50ea105b17c52835c0155ba62a40b4be067f4e71e85

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ab073de5-c07f-461c-ae19-34699224b8d9
content-length: 5417
last-modified: Tue, 22 Aug 2023 18:00:57 GMT
server: Cleversafe
etag: "ed902068ff980b9cb38551ce5bfad4ef"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ab073de5-c07f-461c-ae19-34699224b8d9
cache-control: max-age=1917578
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 11:32:18 GMT

GET
H2 200 card-eyebrow.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 11 KB
4 KB 132ms
98ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-eyebrow.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

cb107bfd360d379e6de729ca91b805f47a6e0affe7f814743f998d70264a671e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 81dcbe44-dd34-4473-bab1-d9ebd45be352
content-length: 3613
last-modified: Tue, 22 Aug 2023 18:00:56 GMT
server: Cleversafe
etag: "bf47b7a419b399e3b3a5b2f160fb73c0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 81dcbe44-dd34-4473-bab1-d9ebd45be352
cache-control: max-age=1926496
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:00:56 GMT

GET
H2 200 card-footer.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 14 KB
5 KB 132ms
98ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-footer.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c813bcb8b6f45b885a02fa0d03cc9b499ccda7623a3b7392c84c14f18e75c3af

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d708cf45-4996-452e-96c9-2c4699d14817
content-length: 4450
last-modified: Tue, 22 Aug 2023 18:00:56 GMT
server: Cleversafe
etag: "e6263c767f10af5d283d6325cb4b89be"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d708cf45-4996-452e-96c9-2c4699d14817
cache-control: max-age=1927556
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:18:36 GMT

GET
H2 200 card-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 12 KB
4 KB 132ms
99ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

77f5d507b3bd2c7ed625d8291b3f9a91e4ee29839781d09c67cfbe1f0f4dec49

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: cf01e61d-4bbc-4cc5-a1e2-03481ac39b90
content-length: 3863
last-modified: Tue, 22 Aug 2023 18:00:56 GMT
server: Cleversafe
etag: "4521abc06cfda5b505570e93dc4a63e9"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: cf01e61d-4bbc-4cc5-a1e2-03481ac39b90
cache-control: max-age=1926406
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:26 GMT

GET
H2 200 image-logo.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 11 KB
4 KB 133ms
99ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/image-logo.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

9bb19f369be6814be10d4cf49d4755e5925e49b872341aa8fb4ea1f4ac4b90fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 8638dbc5-616f-437e-90e0-6c64b1067ea6
content-length: 3710
last-modified: Tue, 22 Aug 2023 18:01:01 GMT
server: Cleversafe
etag: "381ffc596c8b23b0760db451f77efa4d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 8638dbc5-616f-437e-90e0-6c64b1067ea6
cache-control: max-age=1926683
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:04:03 GMT

GET
H2 200 tag-group.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 45 KB
8 KB 133ms
99ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/tag-group.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

44593cf623a1ee35822978355705c9af11033841970d543c19ee548fef0f750f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 1067f5ad-fbe8-4854-b1ea-3bc4f89a8aec
content-length: 8068
last-modified: Tue, 22 Aug 2023 18:01:11 GMT
server: Cleversafe
etag: "b37eff0803eae8cf4741444cdf0de8f0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 1067f5ad-fbe8-4854-b1ea-3bc4f89a8aec
cache-control: max-age=1926151
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:55:11 GMT

GET
H2 200 tag-link.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 44 KB
8 KB 130ms
97ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/tag-link.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

bffde2dc0f1de1372fcc64e33a129386adc36be643ed00ffeb188c06521ca2ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 55d49e54-ac87-415b-842e-294e685ad371
content-length: 7936
last-modified: Tue, 22 Aug 2023 18:01:11 GMT
server: Cleversafe
etag: "e80ea1709e8ea511a2dd006136041981"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 55d49e54-ac87-415b-842e-294e685ad371
cache-control: max-age=1926433
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:53 GMT

GET
H2 200 card-cta-footer.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 13 KB
4 KB 134ms
101ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-cta-footer.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d8c05592597de267189f0f5b92e1cff66ff3131e9d51f56adb2d33663ed76e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: e1ca9b10-1396-4400-b2ad-eaaa2c1556c1
content-length: 4148
last-modified: Tue, 22 Aug 2023 18:00:56 GMT
server: Cleversafe
etag: "45276c517200d818fec39674419710f7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: e1ca9b10-1396-4400-b2ad-eaaa2c1556c1
cache-control: max-age=1926525
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:01:25 GMT

GET
H2 200 card-group-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 329 KB
33 KB 134ms
102ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-group-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

bfad53aa5488b166229cc8470e7755b2ca60e6e4fa9e00de64bdbac5b564bb34

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: a663679d-67c4-4dbb-8659-6971dd8a553a
content-length: 33313
last-modified: Tue, 22 Aug 2023 18:00:56 GMT
server: Cleversafe
etag: "ed9a5fbf275ab860d6f3ac7a523af877"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: a663679d-67c4-4dbb-8659-6971dd8a553a
cache-control: max-age=1856821
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 19 Aug 2024 18:39:41 GMT

GET
H2 200 content-section-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 12 KB
4 KB 136ms
103ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/content-section-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c6c4aa2602e3356046f5d00ce1d6b56190e8e985618b8dc2d01e72d58ccb6492

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 4c970ac8-a72f-4cb2-a540-6464fa6ea8bd
content-length: 3853
last-modified: Tue, 22 Aug 2023 18:00:59 GMT
server: Cleversafe
etag: "e8a132a3e89b0396328110c73fb3a35c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 4c970ac8-a72f-4cb2-a540-6464fa6ea8bd
cache-control: max-age=1926498
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:00:58 GMT

GET
H2 200 content-section2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 81 KB
9 KB 136ms
104ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/content-section2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

ecdbd8d21ada7e09e601733e47c6451cc913b439cbea82ad83b93a96d9fa8cf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d0280bd9-d673-43f4-9f03-2315205e0d70
content-length: 8977
last-modified: Tue, 22 Aug 2023 18:00:59 GMT
server: Cleversafe
etag: "fe429aa51eb3afde8a3743168509d595"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d0280bd9-d673-43f4-9f03-2315205e0d70
cache-control: max-age=1918004
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 11:39:24 GMT

GET
H2 200 link.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 12 KB
4 KB 134ms
102ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/link.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7badf3f8d9de634e94a26ad4e6480afb424ace7b21992ecc724960c026347fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: dd167920-48af-4cf4-bf41-f4bfab5ebe34
content-length: 3681
last-modified: Tue, 22 Aug 2023 18:01:03 GMT
server: Cleversafe
etag: "f2cee4bc4a706f2358c14c47aa229807"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: dd167920-48af-4cf4-bf41-f4bfab5ebe34
cache-control: max-age=1926422
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:42 GMT

GET
H2 200 decorate.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 10 KB
4 KB 134ms
102ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/decorate.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

555a116644043f85e66b58349cc49079be7192f717b8238c0ead571451c492d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 2cd74a29-3761-4cc4-8d6a-774ceb0ea5cf
content-length: 3294
last-modified: Tue, 22 Aug 2023 18:00:59 GMT
server: Cleversafe
etag: "a74fea8aca62aa0330d1a115937af081"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 2cd74a29-3761-4cc4-8d6a-774ceb0ea5cf
cache-control: max-age=1926473
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:00:33 GMT

GET
H2 200 toPropertyKey.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 4 KB
2 KB 134ms
103ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/toPropertyKey.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

8f5846dedbc1a167297f4ea6714f75ba35da3d4049c707e3105568329b170a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 16b5ff85-d6b6-40af-af8b-f247b13f591a
content-length: 1243
last-modified: Tue, 22 Aug 2023 18:01:11 GMT
server: Cleversafe
etag: "083cf563bae617538d77819eee07b00b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 16b5ff85-d6b6-40af-af8b-f247b13f591a
cache-control: max-age=1926427
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:47 GMT

GET
H2 200 class-map.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 5 KB
2 KB 134ms
103ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/class-map.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

879c800760e3d4c1180ae0a041efbeecc1420edfb13513d373e2d6c8327f5f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: da99c03c-c89d-4d3f-ad41-3e753dd24a1a
content-length: 1477
last-modified: Tue, 22 Aug 2023 18:00:57 GMT
server: Cleversafe
etag: "2ca0cbd9ea8f310d7e96e2cfb9846b05"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: da99c03c-c89d-4d3f-ad41-3e753dd24a1a
cache-control: max-age=1926462
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:00:22 GMT

GET
H2 200 if-non-null.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 3 KB
1 KB 137ms
106ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/if-non-null.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

4cdd2c5e80b344731d46a78ab0effb8b8802340c5222131514d4d4bc1787bb9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: dcaa8310-8415-41ad-ae26-3a4bc903b1f8
content-length: 1041
last-modified: Tue, 22 Aug 2023 18:01:01 GMT
server: Cleversafe
etag: "489e6ac014746a8e5b4b571131e5a3e3"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: dcaa8310-8415-41ad-ae26-3a4bc903b1f8
cache-control: max-age=1926425
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:45 GMT

GET
H2 200 if-defined.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 4 KB
1 KB 137ms
107ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/if-defined.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d7082511522c4df5d87ddcabb64e2696b0b316cd7b208d2e8110089a3dc5f705

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 24575df2-092f-448c-9a88-0e8903e490df
content-length: 1149
last-modified: Tue, 22 Aug 2023 18:01:01 GMT
server: Cleversafe
etag: "de8aa82bf0c10fc28e6b3aa62f32e6bd"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 24575df2-092f-448c-9a88-0e8903e490df
cache-control: max-age=1917578
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 11:32:18 GMT

GET
H2 200 focus.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 3 KB
1 KB 135ms
105ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/focus.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

9e5c6ffc03c35b00ba073da7047038391eae135cd65088c7667519aa25af72af

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ee314703-8e0c-4b92-9750-5a26d101230e
content-length: 1110
last-modified: Tue, 22 Aug 2023 18:01:00 GMT
server: Cleversafe
etag: "8eccc3dd74ee337db5427232657cac66"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ee314703-8e0c-4b92-9750-5a26d101230e
cache-control: max-age=1773883
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Sun, 18 Aug 2024 19:37:23 GMT

GET
H2 200 settings3.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 5 KB
2 KB 207ms
177ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/settings3.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

b64a42cb2d4bb0497aa1bd9f04cbe3aaafdf5e40b62bec89004b1726f0f10b56

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 77f2617e-21c9-418e-972f-da7a59faeb80
content-length: 1469
last-modified: Tue, 22 Aug 2023 18:01:10 GMT
server: Cleversafe
etag: "31aa753a5e7774e00cdaac6af4f8872c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 77f2617e-21c9-418e-972f-da7a59faeb80
cache-control: max-age=1927556
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:18:36 GMT

GET
H2 200 marked.umd.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 73 KB
25 KB 208ms
175ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/marked.umd.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7c4bfbdad82735e58dd96f775aa45d11c965d9967e638e048318fc56df7dd5b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: a2f526e8-217f-41a6-ab64-fbb173c4c029
content-length: 25666
last-modified: Tue, 22 Aug 2023 18:01:03 GMT
server: Cleversafe
etag: "50c1b3769ed0100d916253dd6cb050c9"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: a2f526e8-217f-41a6-ab64-fbb173c4c029
cache-control: max-age=1926515
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:01:15 GMT

GET
H2 200 _commonjsHelpers.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 3 KB
1 KB 208ms
176ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/_commonjsHelpers.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

aa8fb84a43802c369be5cc8ffb33bb3f7099cd6c29d8c998bc49bf12f6f25241

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ed5f2b4f-e2d2-4073-9d96-438a3653ba77
content-length: 1106
last-modified: Tue, 22 Aug 2023 18:00:53 GMT
server: Cleversafe
etag: "a8ca399241b9972d228f869d39aed40e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ed5f2b4f-e2d2-4073-9d96-438a3653ba77
cache-control: max-age=1926424
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:44 GMT

GET
H2 200 striptags.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 5 KB
2 KB 208ms
177ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/striptags.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

3a530c73051135e4e846ff802b0ac00681e252200643093bcb1f095a0409cba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ffff57cc-8586-41c1-bbaa-f8905d261830
content-length: 1749
last-modified: Tue, 22 Aug 2023 18:01:10 GMT
server: Cleversafe
etag: "da18d94f1b083848510d7227b8164a8c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ffff57cc-8586-41c1-bbaa-f8905d261830
cache-control: max-age=1926486
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:00:46 GMT

GET
H2 200 defs.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 3 KB
1 KB 210ms
178ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/defs.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

22eecbdf47f752eb7cec9586b3fec89b38704ed2eaab7cdb58a490552c61a437

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 23d94764-8b68-4587-8b09-d1bfd37ad237
content-length: 1078
last-modified: Tue, 22 Aug 2023 18:00:59 GMT
server: Cleversafe
etag: "aa407b9180f3b116c8477a438fdc7449"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 23d94764-8b68-4587-8b09-d1bfd37ad237
cache-control: max-age=1926501
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:01:01 GMT

GET
H2 200 card2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 204 KB
20 KB 208ms
177ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

842f46a7d8ca0abc47026e28a709cb6cea557e64daad9eb91a8bff507945c92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 6cabf028-4329-4885-ba55-4029613fd6c1
content-length: 20644
last-modified: Tue, 22 Aug 2023 18:00:57 GMT
server: Cleversafe
etag: "77c8838df2cc637bf8e809268621ec63"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 6cabf028-4329-4885-ba55-4029613fd6c1
cache-control: max-age=1926170
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:55:30 GMT

GET
H2 200 link-with-icon.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 136 KB
17 KB 209ms
178ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/link-with-icon.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

1168470362c9e25221d6b6657b18253250baf449c2b6c1f1fe9db13beb2f8c7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 8c8b8ed3-2457-443d-ba4b-92027bc43f3d
content-length: 16672
last-modified: Tue, 22 Aug 2023 18:01:03 GMT
server: Cleversafe
etag: "5b4b223a59350cf957d9164982a3c4e7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 8c8b8ed3-2457-443d-ba4b-92027bc43f3d
cache-control: max-age=1926559
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:01:59 GMT

GET
H2 200 image.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 132 KB
17 KB 210ms
179ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/image.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

3d4168763cc7c89e4251a5b813bc96b2a2a1cfc6b78bd01e93eb0562a2bff69b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: e2cec020-ac14-40b5-8746-ef7c31a74c94
content-length: 17471
last-modified: Tue, 22 Aug 2023 18:01:01 GMT
server: Cleversafe
etag: "4349163a9fff17a2463f61c4fb201813"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: e2cec020-ac14-40b5-8746-ef7c31a74c94
cache-control: max-age=1926660
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:03:40 GMT

GET
H2 200 host-listener.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 5 KB
2 KB 210ms
180ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/host-listener.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

75526a1f79a580e2b1452091b385354c2ef225f0d230af14f21e194f13d47c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 428030d8-b7f5-4e36-903b-7d96a34bfb48
content-length: 2025
last-modified: Tue, 22 Aug 2023 18:01:00 GMT
server: Cleversafe
etag: "b14022000500342a8e1f7234af9d6a9c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 428030d8-b7f5-4e36-903b-7d96a34bfb48
cache-control: max-age=1926181
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:55:41 GMT

GET
H2 200 expressive-modal-close-button.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 136 KB
18 KB 210ms
180ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/expressive-modal-close-button.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

4c5eb6a7a557ccd9622cff8e53c9b95f543c97b5411a22b726fc56f078055af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: dcb22a56-2b40-4ad3-b89a-c1ddd183efd7
content-length: 17618
last-modified: Tue, 22 Aug 2023 18:00:59 GMT
server: Cleversafe
etag: "1b08c746bf646828928aa573917f66c7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: dcb22a56-2b40-4ad3-b89a-c1ddd183efd7
cache-control: max-age=1926496
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:00:56 GMT

GET
H2 200 modal-close-button.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 80 KB
9 KB 210ms
180ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/modal-close-button.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

fee248102959ee652ab2c28d934bbce89200a51a5cdc9968ce90f977f6dc1dac

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: e676b5b4-9eac-4910-a9d3-6598308c0952
content-length: 9144
last-modified: Tue, 22 Aug 2023 18:01:04 GMT
server: Cleversafe
etag: "1606e24cbc7edbbe34729f535f704119"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: e676b5b4-9eac-4910-a9d3-6598308c0952
cache-control: max-age=1926421
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:41 GMT

GET
H2 200 202.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 4 KB
2 KB 212ms
183ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/202.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

24f0af9588d389ba730e1125fd766c1ccaf512d29d325d8cac2813d1e02ecebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 57ce78f3-54f7-4693-8c82-052ea1589ca2
content-length: 1253
last-modified: Tue, 22 Aug 2023 18:00:55 GMT
server: Cleversafe
etag: "b3b17c62619e4601a8e4d8adebd7991a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 57ce78f3-54f7-4693-8c82-052ea1589ca2
cache-control: max-age=1926430
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:50 GMT

GET
H2 200 spread.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 4 KB
2 KB 213ms
183ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/spread.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d913a95a44c9d6edff5f1b0c6ac6c004cd6ed5fa4e9659f6109ad2377df8db03

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 2d5e99f7-64ed-4f97-bcdf-d761187bd683
content-length: 1269
last-modified: Tue, 22 Aug 2023 18:01:10 GMT
server: Cleversafe
etag: "555758947ac6d7b1171aedf648112fd2"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 2d5e99f7-64ed-4f97-bcdf-d761187bd683
cache-control: max-age=1926466
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:00:26 GMT

GET
H2 200 lightbox-image-viewer.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 134 KB
16 KB 213ms
183ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/lightbox-image-viewer.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

108e3ea336fad8c51dca90cfd82f2dde7603282b773a9fa7b10a68fc5b3a3a30

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: bd77fa86-c60d-4157-8b1d-9793ad862e38
content-length: 16415
last-modified: Tue, 22 Aug 2023 18:01:02 GMT
server: Cleversafe
etag: "57baf537e1bb4f76559c548e47003101"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: bd77fa86-c60d-4157-8b1d-9793ad862e38
cache-control: max-age=1926417
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:37 GMT

GET
H2 200 button.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 81 KB
11 KB 213ms
184ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/button.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

9c8f633e0bb1e0b5e8b24936fb875ff21e28f5db929bef360731ad0adafd1653

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: c5fdb2bd-a2ab-423d-8ee0-7c152082a736
content-length: 11105
last-modified: Tue, 22 Aug 2023 18:00:55 GMT
server: Cleversafe
etag: "d400d3d44ff2972ad55ee32683e4fe97"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: c5fdb2bd-a2ab-423d-8ee0-7c152082a736
cache-control: max-age=1926191
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:55:51 GMT

GET
H2 200 modal-render.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 5 KB
2 KB 213ms
184ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/modal-render.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c8d124da4c83eab62cb6300dab7e1c6365430c42338d3c529760a9c15dcd46f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b0aefb11-682f-42fa-9a1c-b2b7d56a0e2f
content-length: 1656
last-modified: Tue, 22 Aug 2023 18:01:04 GMT
server: Cleversafe
etag: "70c685d52b5bd085efc6841126a55e8d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b0aefb11-682f-42fa-9a1c-b2b7d56a0e2f
cache-control: max-age=1926511
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:01:11 GMT

GET
H2 200 settings2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 3 KB
1 KB 217ms
188ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/settings2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c9717bdf1a395d9b36792d842da11dc0f736587439691c013c651ce5acafb3c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d9e91e5a-f80e-49d4-b6b2-a600b079cb12
content-length: 1026
last-modified: Tue, 22 Aug 2023 18:01:10 GMT
server: Cleversafe
etag: "8ba56e6878e6c536a2eb82f449a89827"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d9e91e5a-f80e-49d4-b6b2-a600b079cb12
cache-control: max-age=1926468
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:00:28 GMT

GET
H2 200 formatVideoCaption.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 3 KB
1 KB 217ms
189ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/formatVideoCaption.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

4b23563b01f795fd12489dd66e36f70b33556c517c4a47de7714dfeaed3b14cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: e04ea6b1-4dff-4438-b92a-d9141113dbc5
content-length: 1194
last-modified: Tue, 22 Aug 2023 18:01:00 GMT
server: Cleversafe
etag: "b0a1cd122ab76fda7b8ecea93f986f5a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: e04ea6b1-4dff-4438-b92a-d9141113dbc5
cache-control: max-age=1926402
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:22 GMT

GET
H2 200 video.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 13 KB
4 KB 213ms
185ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/video.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d17cb7e33b4982aa013bff4d3b9aca59b461d6bcb75c9d91a12288107c30ebe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: c5ee26b0-419c-473b-965b-435c906fc31f
content-length: 3607
last-modified: Tue, 22 Aug 2023 18:01:11 GMT
server: Cleversafe
etag: "2ec7088eada2e0c2184c4ec2a7d259cb"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: c5ee26b0-419c-473b-965b-435c906fc31f
cache-control: max-age=1927556
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:18:36 GMT

GET
H2 200 203.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 4 KB
2 KB 213ms
185ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/203.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

aec2a44eeea6df3fe0ddd88e4f2dd5b227ef678b89ce754251060fc5160f9ac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 40060d1e-2142-4945-8b8d-bb1e0c66377e
content-length: 1241
last-modified: Tue, 22 Aug 2023 18:00:55 GMT
server: Cleversafe
etag: "be0852761d88408f2bdf8d5c98ab94aa"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 40060d1e-2142-4945-8b8d-bb1e0c66377e
cache-control: max-age=1926401
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:21 GMT

GET
H2 200 defs2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 4 KB
2 KB 213ms
186ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/defs2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

3dad2475c26b0269ff5725c68d74308f0f07271473f3a8828516b21d218e9d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ce179e52-afe6-4c6d-b740-5cb54df91c35
content-length: 1237
last-modified: Tue, 22 Aug 2023 18:00:59 GMT
server: Cleversafe
etag: "2ca4d6cb39daf59d6c08f0449cb15464"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ce179e52-afe6-4c6d-b740-5cb54df91c35
cache-control: max-age=1926488
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:00:48 GMT

GET
H2 200 KalturaPlayer.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 8 KB
3 KB 213ms
186ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/KalturaPlayer.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

b427f52a719026de868165a02f2bac2e8292e2b7a749e1f11fe14a71c0aed79d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 61cab303-63ab-4303-8dd4-a7129bc7ee57
content-length: 3201
last-modified: Tue, 22 Aug 2023 18:00:53 GMT
server: Cleversafe
etag: "c99b9d40123dc5b5ef1e0f8a05d7928e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 61cab303-63ab-4303-8dd4-a7129bc7ee57
cache-control: max-age=1926061
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:53:41 GMT

GET
H2 200 index2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 12 KB
4 KB 213ms
186ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/index2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

efbaa31a58e8a666e4a16f95608bf41d683be39bb09d7e75c80d8ce0ce59b235

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 5941abd5-a450-4345-90b8-fa8302fb340d
content-length: 4062
last-modified: Tue, 22 Aug 2023 18:01:01 GMT
server: Cleversafe
etag: "f825824054599d3d2ea2dd51b30a1dec"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 5941abd5-a450-4345-90b8-fa8302fb340d
cache-control: max-age=1926474
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:00:34 GMT

GET
H2 200 Analytics.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 6 KB
2 KB 213ms
187ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/Analytics.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

ea19d09e274ea490bbc49dd96de986b6826b466e9a4024c6e6e066652f151093

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 995f58df-2f3c-4a91-a010-10308e1d9734
content-length: 1987
last-modified: Tue, 22 Aug 2023 18:00:52 GMT
server: Cleversafe
etag: "22e00a964cb9ed586942458b9659725a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 995f58df-2f3c-4a91-a010-10308e1d9734
cache-control: max-age=1926495
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:00:55 GMT

GET
H2 200 index.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 3 KB
1 KB 214ms
187ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/index.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

b0fabb6cdca970485d787ab3aa2ad69ec7be6a7e1da3d1e702431ad88f513331

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: e2d14430-338d-4fdd-822c-542aa5efc2c5
content-length: 1057
last-modified: Tue, 22 Aug 2023 18:01:01 GMT
server: Cleversafe
etag: "83705cfc0ed8a484d677ba6384f7240b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: e2d14430-338d-4fdd-822c-542aa5efc2c5
cache-control: max-age=1926510
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:01:10 GMT

GET
H2 200 cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 232 KB
23 KB 214ms
187ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

819f5f74ac359bce633d6b4f3c10981663492d901065198ca0d2df185a4a855b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 2ec53ddb-66f3-4501-a004-f3a5b9281acf
content-length: 23505
last-modified: Tue, 22 Aug 2023 18:00:59 GMT
server: Cleversafe
etag: "cb62d7e72913879e7242d049c85d885d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 2ec53ddb-66f3-4501-a004-f3a5b9281acf
cache-control: max-age=1926510
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:01:10 GMT

GET
H2 200 index4.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 3 KB
1 KB 214ms
188ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/index4.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

520ce26b6197072574754f35e9234cdedc2ec12924558a291d6140fb39e0a8d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 5291f775-4d38-4168-b7a5-fcfa513c8206
content-length: 1114
last-modified: Tue, 22 Aug 2023 18:01:01 GMT
server: Cleversafe
etag: "5d7f7ec4d0ec74505102c06e5e053a62"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 5291f775-4d38-4168-b7a5-fcfa513c8206
cache-control: max-age=1926510
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:01:10 GMT

GET
H2 200 sameHeight.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 3 KB
1 KB 214ms
188ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/sameHeight.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

f09070396827145f8cb2728f9825de55826781572964ba3394a62c8234cdb06c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 65dbc23f-b242-47c4-965b-e3f353f969fb
content-length: 1192
last-modified: Tue, 22 Aug 2023 18:01:10 GMT
server: Cleversafe
etag: "4c7a033123b62ba6c9eae049bae2b0f4"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 65dbc23f-b242-47c4-965b-e3f353f969fb
cache-control: max-age=1926438
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:58 GMT

GET
H2 200 card-cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 23 KB
5 KB 217ms
191ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c8d0dcf01dafd2c20f57fa2400fb0e95051ff11be6d9e75dcf154b9bf1e4da50

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ff10561d-da91-4649-ae99-e173fa222167
content-length: 5049
last-modified: Tue, 22 Aug 2023 18:00:56 GMT
server: Cleversafe
etag: "b1d1ebce361fe116d1008d4d415b6136"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ff10561d-da91-4649-ae99-e173fa222167
cache-control: max-age=1926433
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:53 GMT

GET
H2 200 play-video.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 12 KB
5 KB 217ms
192ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/play-video.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

801557f34e0712e2d4d8957a174f30cfc1b06f4a963e41ee46aa123c495ffabe

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 2a8a32b9-788c-4b0c-a6d3-884db9f2a449
content-length: 4530
last-modified: Tue, 22 Aug 2023 18:01:04 GMT
server: Cleversafe
etag: "444c4e58493f0c91411d644afc692e3f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 2a8a32b9-788c-4b0c-a6d3-884db9f2a449
cache-control: max-age=1926433
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:53 GMT

GET
H2 200 spread2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 4 KB
2 KB 219ms
194ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/spread2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d913a95a44c9d6edff5f1b0c6ac6c004cd6ed5fa4e9659f6109ad2377df8db03

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 4425bc1d-5850-4abc-a99e-b57060237f0f
content-length: 1269
last-modified: Tue, 22 Aug 2023 18:01:10 GMT
server: Cleversafe
etag: "555758947ac6d7b1171aedf648112fd2"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 4425bc1d-5850-4abc-a99e-b57060237f0f
cache-control: max-age=1926430
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:50 GMT

GET
H2 200 settings.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
1 KB 218ms
192ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/settings.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

35748f7aa812c5ab5ad698c1f82e2001f667599b7e614106ecf6fbbff84f5983

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b83a25a8-b43e-4eff-9cc4-bfafb57af65e
content-length: 1177
last-modified: Tue, 12 Dec 2023 14:32:16 GMT
server: Cleversafe
etag: "debb11e8ba99c5a18121a38322fbf04b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b83a25a8-b43e-4eff-9cc4-bfafb57af65e
cache-control: max-age=64291
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 30 Jul 2024 00:44:11 GMT

GET
H2 200 stable-selector.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 5 KB
2 KB 218ms
193ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/stable-selector.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

3278027216d38249989e1cf39be055d632e774f68118d18a5282b8cfdee08b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: fdbe428a-9b4f-4fdc-bf50-17b7080c3c9e
content-length: 1732
last-modified: Tue, 12 Dec 2023 14:32:17 GMT
server: Cleversafe
etag: "5eba06c8541af38ad0cbd016fcd2ea8a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: fdbe428a-9b4f-4fdc-bf50-17b7080c3c9e
cache-control: max-age=37546
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:18:26 GMT

GET
H2 200 carbon-element.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 32 KB
8 KB 219ms
194ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/carbon-element.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

546f45981d2584126d3157e7035c54b05115f3fe5b21b79faf6d00a6d9508b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 5b6ee9bd-9a32-412f-88b1-bf8eafb28a54
content-length: 8364
last-modified: Tue, 12 Dec 2023 14:31:49 GMT
server: Cleversafe
etag: "221e07de8bce0ac6649b2749189fd7c1"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 5b6ee9bd-9a32-412f-88b1-bf8eafb28a54
cache-control: max-age=37622
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:19:42 GMT

GET
H2 200 content-section.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 12 KB
4 KB 236ms
211ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-section.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

4daf37c4400eb748090f8ef717a92b6c2ada74d4a27206996c1c001dc2360d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 5ea77e29-9309-493a-8612-13cccf2fd93f
content-length: 3937
last-modified: Tue, 12 Dec 2023 14:31:55 GMT
server: Cleversafe
etag: "fed4f08a205c658736e5e182edb55256"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 5ea77e29-9309-493a-8612-13cccf2fd93f
cache-control: max-age=36763
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:05:23 GMT

GET
H2 200 card.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 17 KB
6 KB 238ms
213ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d2737b45406ac420fd0d05e0405a842a92dc64102ae9539385c4f5fd19df09d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: cce24280-7625-4ff6-9b26-6d3c8126b53f
content-length: 5416
last-modified: Tue, 12 Dec 2023 14:31:52 GMT
server: Cleversafe
etag: "8ad64637db9932b76cfc9b9a90735815"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: cce24280-7625-4ff6-9b26-6d3c8126b53f
cache-control: max-age=36910
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:07:50 GMT

GET
H2 200 card-eyebrow.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 11 KB
4 KB 236ms
212ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-eyebrow.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a3d562dd7f27076647d2ee17526d676491ef9fe959edd2179d5538265d8e72cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 3c259d08-a60c-42b8-87cd-2ba4426bf81d
content-length: 3613
last-modified: Tue, 12 Dec 2023 14:31:51 GMT
server: Cleversafe
etag: "3503f24a0a4726f7b25588d48e95f06a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 3c259d08-a60c-42b8-87cd-2ba4426bf81d
cache-control: max-age=38083
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:27:23 GMT

GET
H2 200 card-footer.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 13 KB
5 KB 237ms
212ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-footer.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

5f54db8a9fb067c11f77f277791ff8e8c27dc612a6eff881c233409b5e54964f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 5e714a75-32d8-4238-bfcb-404749860149
content-length: 4446
last-modified: Tue, 12 Dec 2023 14:31:51 GMT
server: Cleversafe
etag: "14e3a2f49cb50066cd090eb1df722924"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 5e714a75-32d8-4238-bfcb-404749860149
cache-control: max-age=37955
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:25:15 GMT

GET
H2 200 card-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 12 KB
4 KB 237ms
213ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

3bdb4d576d4ad410916849e7c7d6e94f2bf3647e0fba1885b47a3b09fb262f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 08128a7e-e5ab-44b8-832d-2c6e03081ae0
content-length: 3863
last-modified: Tue, 12 Dec 2023 14:31:51 GMT
server: Cleversafe
etag: "e14e7dbcedb35cebeb3ee4243d80661d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 08128a7e-e5ab-44b8-832d-2c6e03081ae0
cache-control: max-age=37914
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:24:34 GMT

GET
H2 200 image-logo.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 11 KB
4 KB 238ms
214ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/image-logo.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

b054619e4845729c52a31708e871e23b327a53c26d7cc52309a30d1b858fe44e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ae455c8e-1b0d-4a0f-89b4-e67d30c6c8cc
content-length: 3710
last-modified: Tue, 12 Dec 2023 14:31:58 GMT
server: Cleversafe
etag: "c77075d7cbf915b9b4dfd68decea2c6c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ae455c8e-1b0d-4a0f-89b4-e67d30c6c8cc
cache-control: max-age=37905
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:24:25 GMT

GET
H2 200 tag-group.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 45 KB
8 KB 238ms
214ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/tag-group.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d65b089121a7205b05eb696462e9b58048326f236f4e010c6415673f2ac42db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b6b93bd8-f1f0-4fff-92d1-90d3118152eb
content-length: 8067
last-modified: Tue, 12 Dec 2023 14:32:18 GMT
server: Cleversafe
etag: "3403f29e6e0ea4a7ef2249c69618007c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b6b93bd8-f1f0-4fff-92d1-90d3118152eb
cache-control: max-age=36910
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:07:50 GMT

GET
H2 200 tag-link.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 44 KB
8 KB 238ms
215ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/tag-link.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c61cb46c0622deb811081ad6416cd92036f89e68e1dce91e471d92e00b0faf08

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: db4bfaaf-3e97-4ea9-bda9-d1cf5b7b8110
content-length: 7935
last-modified: Tue, 12 Dec 2023 14:32:18 GMT
server: Cleversafe
etag: "1bbd96ba9ef20cd3af762799fc02ba77"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: db4bfaaf-3e97-4ea9-bda9-d1cf5b7b8110
cache-control: max-age=37977
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:25:37 GMT

GET
H2 200 card-cta-footer.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 13 KB
4 KB 238ms
217ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-cta-footer.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

e8e8a692a3d205212b325961053e9fab1e3faadc837ff38fe709efc6a62261e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 7c9dbf78-fa80-45bb-956a-62e9e28f4d22
content-length: 4147
last-modified: Tue, 12 Dec 2023 14:31:51 GMT
server: Cleversafe
etag: "e35dc2d52ce44279161581d5f553a816"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 7c9dbf78-fa80-45bb-956a-62e9e28f4d22
cache-control: max-age=37895
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:24:15 GMT

GET
H2 200 card-group-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 329 KB
33 KB 236ms
216ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-group-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

f6fc181079860f8a70036447d0b01c27ddde9705ad9b4a85cff86e5f8d6fe991

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d7024155-6f53-4527-8e35-f259f5410684
content-length: 33313
last-modified: Tue, 12 Dec 2023 14:31:51 GMT
server: Cleversafe
etag: "c93c8e1e535edd0a986638e17d2318ef"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d7024155-6f53-4527-8e35-f259f5410684
cache-control: max-age=38089
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:27:29 GMT

GET
H2 200 content-section-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 12 KB
4 KB 236ms
216ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-section-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

b11dee66c99d6b6e3444a2f66694d0f7de9a7c8d728d68690feb7b3a4d9f924d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: cc89406f-0e8a-49b7-ac7f-ea1cd9ad2232
content-length: 3853
last-modified: Tue, 12 Dec 2023 14:31:55 GMT
server: Cleversafe
etag: "7058454e4eae3a6c152acf2b8bdb4f0b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: cc89406f-0e8a-49b7-ac7f-ea1cd9ad2232
cache-control: max-age=37018
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:09:38 GMT

GET
H2 200 content-section2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 81 KB
9 KB 238ms
219ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-section2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

be3244f18ec46e3495666e8f7a9163ffac8bc1b41ec08255609fa7ed27adc30c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 1d54bcca-af46-4082-ab83-8b7697d715f8
content-length: 8977
last-modified: Tue, 12 Dec 2023 14:31:55 GMT
server: Cleversafe
etag: "f1a3e37754db5ea2b42b3b66ebd9ebfd"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 1d54bcca-af46-4082-ab83-8b7697d715f8
cache-control: max-age=36763
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:05:23 GMT

GET
H2 200 link.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 12 KB
4 KB 238ms
219ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/link.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

4ad7d300b807f0923a45372fdd08592d6a85b8c17b51b9a730b82f137b700c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b05ed153-7f25-4413-9cbf-e1c6705f8616
content-length: 3629
last-modified: Tue, 12 Dec 2023 14:32:02 GMT
server: Cleversafe
etag: "1e550986036bfd6b710413202f519eff"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b05ed153-7f25-4413-9cbf-e1c6705f8616
cache-control: max-age=36754
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:05:14 GMT

GET
H2 200 decorate.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 10 KB
4 KB 238ms
219ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/decorate.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

9edc28759e1866c29cc73e8b388ac0b1b044e93cca651a8da39102e263b525a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 89c9da3f-39f1-47a8-b0d2-8409bc91d93e
content-length: 3294
last-modified: Tue, 12 Dec 2023 14:31:56 GMT
server: Cleversafe
etag: "d1680ca225bf52cd3d4c00020f9f2752"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 89c9da3f-39f1-47a8-b0d2-8409bc91d93e
cache-control: max-age=45567
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 19:32:07 GMT

GET
H2 200 toPropertyKey.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
2 KB 239ms
220ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/toPropertyKey.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

bbc367f73bc831632abae23bd931a4b50ebabe6bb1a36a89e48c9e5ec3dfea8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b7c5b36f-8078-4609-bb9f-772d5ceaa59e
content-length: 1242
last-modified: Tue, 12 Dec 2023 14:32:18 GMT
server: Cleversafe
etag: "7c88b4f8a2f4def1d8a6b9a40faace8b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b7c5b36f-8078-4609-bb9f-772d5ceaa59e
cache-control: max-age=64239
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 30 Jul 2024 00:43:19 GMT

GET
H2 200 class-map.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 5 KB
2 KB 239ms
220ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/class-map.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

8f19c6d6e152827203ecdde3583ef11e2f28ff0b8903beca54647f255949deaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: c14779bd-52a1-4eac-a788-1469ae7fae57
content-length: 1477
last-modified: Tue, 12 Dec 2023 14:31:52 GMT
server: Cleversafe
etag: "a7c84b7008f080615dd200aacba1e1ee"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: c14779bd-52a1-4eac-a788-1469ae7fae57
cache-control: max-age=64244
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 30 Jul 2024 00:43:24 GMT

GET
H2 200 if-non-null.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 3 KB
1 KB 239ms
221ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/if-non-null.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

bd14d0b978a5aaa57bf28684442136fe2afdb7e4768a81a5365d75250b032321

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: cb19c157-13eb-4659-847c-201a931b0db4
content-length: 1041
last-modified: Tue, 12 Dec 2023 14:31:58 GMT
server: Cleversafe
etag: "db036fee260ecc20ffe2bdabb84c6979"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: cb19c157-13eb-4659-847c-201a931b0db4
cache-control: max-age=64300
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 30 Jul 2024 00:44:20 GMT

GET
H2 200 if-defined.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
1 KB 239ms
221ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/if-defined.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

1590392832c5c7e5fcfa0e76a406b9f40aa3384fa6d1a392c06cfff47633a920

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 62d0bcc8-5c52-43ce-bdbf-4aa26ee32937
content-length: 1148
last-modified: Tue, 12 Dec 2023 14:31:58 GMT
server: Cleversafe
etag: "de9bb21ffec8151769033f0447c75ad6"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 62d0bcc8-5c52-43ce-bdbf-4aa26ee32937
cache-control: max-age=37589
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:19:09 GMT

GET
H2 200 focus.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 3 KB
1 KB 240ms
222ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/focus.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

e7cbc8627c6e593075352516c356c6789b7ae8d73a3f8f67d468529bbc94c4cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 52e4a036-0643-4ada-944c-9948442d2ac3
content-length: 1109
last-modified: Tue, 12 Dec 2023 14:31:57 GMT
server: Cleversafe
etag: "0c42d9baaa811fa1800e78b0a8e6c86f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 52e4a036-0643-4ada-944c-9948442d2ac3
cache-control: max-age=37403
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:16:03 GMT

GET
H2 200 settings3.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 5 KB
2 KB 240ms
222ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/settings3.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

70e86f96c689b4d31fd726460660ff73fd3a4643ede63ad358ce9cbebbc3de05

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ac2449ee-14da-42c5-9251-0c5511bbe615
content-length: 1468
last-modified: Tue, 12 Dec 2023 14:32:16 GMT
server: Cleversafe
etag: "2cff5a2fff232bd480476463ef4eabe1"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ac2449ee-14da-42c5-9251-0c5511bbe615
cache-control: max-age=37658
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:20:18 GMT

GET
H2 200 marked.umd.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 73 KB
25 KB 240ms
222ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/marked.umd.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

5f300ce5623ab42dd2e013b707265acb5fc74b76592b04a22bc21c512c36a564

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 4ac4b277-a5c8-48eb-a483-b92386c7f2d6
content-length: 25666
last-modified: Tue, 12 Dec 2023 14:32:03 GMT
server: Cleversafe
etag: "6fc2834aafb6c38fb38a0ac57f1200ff"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 4ac4b277-a5c8-48eb-a483-b92386c7f2d6
cache-control: max-age=45359
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 19:28:39 GMT

GET
H2 200 _commonjsHelpers.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 3 KB
1 KB 241ms
164ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/_commonjsHelpers.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

e8247375044496d06ad9447a156f1bbc1e2a50e2895041ae5552d5554d3d5d4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: e7a461e9-923f-46ba-84d4-9655738eefc9
content-length: 1106
last-modified: Tue, 12 Dec 2023 14:31:48 GMT
server: Cleversafe
etag: "e6a3b5009a4d6938b6d83889e55fedf3"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: e7a461e9-923f-46ba-84d4-9655738eefc9
cache-control: max-age=36799
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:05:59 GMT

GET
H2 200 striptags.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 5 KB
2 KB 242ms
165ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/striptags.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

6c725974f1982b5ec1aeff0f5546683467d3a6808c686f77448bb56a438d1498

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f03cff6a-a442-40e8-90e2-88143c5a4234
content-length: 1748
last-modified: Tue, 12 Dec 2023 14:32:17 GMT
server: Cleversafe
etag: "353ad170bca7e131804bd8a2f9346aee"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f03cff6a-a442-40e8-90e2-88143c5a4234
cache-control: max-age=36866
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:07:06 GMT

GET
H2 200 defs.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 3 KB
1 KB 242ms
165ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/defs.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

10c32fc3bd960b57290d4469a55b9c3a970f58f72f3b37455d44b1f4885878ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 63480eca-76c6-45a5-b765-4e55295be709
content-length: 1078
last-modified: Tue, 12 Dec 2023 14:31:56 GMT
server: Cleversafe
etag: "b525f7ce9c789c23e4990ea12812fe39"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 63480eca-76c6-45a5-b765-4e55295be709
cache-control: max-age=37505
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:17:45 GMT

GET
H2 200 card2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 204 KB
20 KB 243ms
166ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

05382ca2c2ab1254bdae63c9fd696e83b884f86bb55618949ecb0dea59a5df06

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 0a87015f-3faf-4da2-bfd4-545e9f5f5cd6
content-length: 20644
last-modified: Tue, 12 Dec 2023 14:31:52 GMT
server: Cleversafe
etag: "555bb02af27f869bad0168a95fb5cdd0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 0a87015f-3faf-4da2-bfd4-545e9f5f5cd6
cache-control: max-age=37981
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:25:41 GMT

GET
H2 200 link-with-icon.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 136 KB
17 KB 244ms
168ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/link-with-icon.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

14b7e944a6eda6ba9615565de04c802af737a984edff3d66a2e46b2eb1cdbb83

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 808083bc-e3d2-4d1d-915d-6b44ff001798
content-length: 16661
last-modified: Tue, 12 Dec 2023 14:32:02 GMT
server: Cleversafe
etag: "7bb666d5bf4cfb9c05ee45ab5ac8f74d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 808083bc-e3d2-4d1d-915d-6b44ff001798
cache-control: max-age=37504
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:17:44 GMT

GET
H2 200 image.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 132 KB
17 KB 249ms
166ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/image.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

0fc1ffd7c6b0b952f94e417532ede23e2f88ddea35dce894f03ed7e9ebfc9cf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 081bef0d-ee8e-4c43-8c05-652c743014b1
content-length: 17474
last-modified: Tue, 12 Dec 2023 14:31:59 GMT
server: Cleversafe
etag: "85f1b75de2ec26a288c7767457d4b11d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 081bef0d-ee8e-4c43-8c05-652c743014b1
cache-control: max-age=37959
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:25:19 GMT

GET
H2 200 host-listener.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 5 KB
2 KB 249ms
166ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/host-listener.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d0f02fdf609ea86efc0155d8b7964bfdc08250b3920043644f831e7c28b4a9d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: c6b807db-b9f6-402c-85e9-655ed077d28e
content-length: 2026
last-modified: Tue, 12 Dec 2023 14:31:58 GMT
server: Cleversafe
etag: "c009c868a2a0a9dd11f72f881df47279"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: c6b807db-b9f6-402c-85e9-655ed077d28e
cache-control: max-age=36871
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:07:11 GMT

GET
H2 200 expressive-modal.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 128 KB
17 KB 250ms
166ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/expressive-modal.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d9da5f743ccda2f1bc3c85cc1df42f8280feffc35dc75c38dc95b996b2369fa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 396fe957-c8d1-432f-b622-6c1dbaffe0f4
content-length: 17367
last-modified: Tue, 12 Dec 2023 14:31:56 GMT
server: Cleversafe
etag: "f2d9cd06c66367c29aaa235d19209a0c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 396fe957-c8d1-432f-b622-6c1dbaffe0f4
cache-control: max-age=37580
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:19:00 GMT

GET
H2 200 expressive-modal-close-button.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 11 KB
4 KB 250ms
167ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/expressive-modal-close-button.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c870aabc7adf8c354ea4a86cab2e1e6d254c829247988df9f26e6e78778d1d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: fa5cf59e-923a-4f3c-a540-b5694755629a
content-length: 3601
last-modified: Tue, 12 Dec 2023 14:31:56 GMT
server: Cleversafe
etag: "5add5ff68d4f62c4784c206b06f6ffb5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: fa5cf59e-923a-4f3c-a540-b5694755629a
cache-control: max-age=37492
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:17:32 GMT

GET
H2 200 modal-close-button.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 80 KB
9 KB 271ms
158ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/modal-close-button.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

40e39a2a1a1a5149a3303e38b732ac43b1c69edba7b42ab2d8688429a0fcd244

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:41 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d469fa94-252c-49ce-a3b4-a4916bd54d88
content-length: 9144
last-modified: Tue, 12 Dec 2023 14:32:06 GMT
server: Cleversafe
etag: "d7308d403b9417d7526cfae154932d4c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d469fa94-252c-49ce-a3b4-a4916bd54d88
cache-control: max-age=64255
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 30 Jul 2024 00:43:36 GMT

GET
H2 200 202.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
2 KB 245ms
167ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/202.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

588b5f84ecbbc7124ca8a9e90d2a80a3c8157db7898467e7b23a5d735c9e78fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 73d8e798-3f19-4280-b41f-ce2cbb4d222b
content-length: 1252
last-modified: Tue, 12 Dec 2023 14:31:47 GMT
server: Cleversafe
etag: "9f01516ec7d07c264e22f282a5584408"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 73d8e798-3f19-4280-b41f-ce2cbb4d222b
cache-control: max-age=37541
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:18:21 GMT

GET
H2 200 spread.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
2 KB 245ms
168ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/spread.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

64541d6d00c236d45a4b46b189a5adbd2336349ed8fbebee9e03a9e0b6e823fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 775fed3a-5601-4cdb-9a46-b3e41467b025
content-length: 1268
last-modified: Tue, 12 Dec 2023 14:32:17 GMT
server: Cleversafe
etag: "92191be29d1a12e0168221ffe8116f90"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 775fed3a-5601-4cdb-9a46-b3e41467b025
cache-control: max-age=37381
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:15:41 GMT

GET
H2 200 lightbox-image-viewer.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 134 KB
16 KB 246ms
169ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/lightbox-image-viewer.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

acc61f08e979d54268daa7615e1121c83687a2eece1a1de04ca00a6aad397e69

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 1f00dca3-8f92-48e5-b0c9-9d25461b6113
content-length: 16417
last-modified: Tue, 12 Dec 2023 14:32:01 GMT
server: Cleversafe
etag: "70f7892951d80b2fb318b6b4ed2ba148"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 1f00dca3-8f92-48e5-b0c9-9d25461b6113
cache-control: max-age=37888
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:24:08 GMT

GET
H2 200 button.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 81 KB
11 KB 270ms
164ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/button.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d86a381a8750a3e22956160bca45b26a41ae9068078382f7db7b59bca0962739

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:41 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 1c36a361-54aa-4657-bb99-d9d6030c58c8
content-length: 11105
last-modified: Tue, 12 Dec 2023 14:31:48 GMT
server: Cleversafe
etag: "1d4b014808262e448f4a508d01c3f4c2"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 1c36a361-54aa-4657-bb99-d9d6030c58c8
cache-control: max-age=38537
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:34:58 GMT

GET
H2 200 modal-render.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 5 KB
2 KB 252ms
147ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/modal-render.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

4051bad11cd51207e434739953716de9f70ca00012652b1178c449a9da6842ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b1f66122-df33-4d18-8715-d20f16ff376c
content-length: 1734
last-modified: Tue, 12 Dec 2023 14:32:06 GMT
server: Cleversafe
etag: "f2af730be191190497b8ac927191a861"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b1f66122-df33-4d18-8715-d20f16ff376c
cache-control: max-age=37634
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:19:54 GMT

GET
H2 200 settings2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 3 KB
1 KB 253ms
147ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/settings2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

58e96e00197e9b0750a7e98d02cb2f0aaa333de489c33ff02a72310dc361b6d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f8f892f0-3c62-4b53-b50b-1dd324d03523
content-length: 1025
last-modified: Tue, 12 Dec 2023 14:32:16 GMT
server: Cleversafe
etag: "94f5bab287781f6d2483ab613ed9eade"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f8f892f0-3c62-4b53-b50b-1dd324d03523
cache-control: max-age=37831
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:23:11 GMT

GET
H2 200 formatVideoCaption.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 3 KB
1 KB 253ms
148ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/formatVideoCaption.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

16302338afc2c7ecff024cad37c76d5ead033b25fcf4ba6354c6a31cffe8ae34

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 7600bb8d-1187-49ab-b408-3d588bdf4203
content-length: 1194
last-modified: Tue, 12 Dec 2023 14:31:57 GMT
server: Cleversafe
etag: "0cacbe5eb1d62af587312aa706ad92f7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 7600bb8d-1187-49ab-b408-3d588bdf4203
cache-control: max-age=36849
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:06:49 GMT

GET
H2 200 video.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 13 KB
4 KB 253ms
148ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/video.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

ab94e9181ccfa0fbd37d9523154d1b8e27825737b0228d14e2ef14396d1d9f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 6ad3f83e-6f6b-4b47-bb11-34d1faedfcf6
content-length: 3606
last-modified: Tue, 12 Dec 2023 14:32:19 GMT
server: Cleversafe
etag: "52eb19c9761145ed213e92d81970febf"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 6ad3f83e-6f6b-4b47-bb11-34d1faedfcf6
cache-control: max-age=36801
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:06:01 GMT

GET
H2 200 203.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
2 KB 254ms
170ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/203.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

04b235fb0434ba2996a7adad1f77b7044133f11d7a0fd1fbdde3c027d761a7e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b5fc08a4-23aa-4e6c-a3d3-cdb714dd56f2
content-length: 1241
last-modified: Tue, 12 Dec 2023 14:31:47 GMT
server: Cleversafe
etag: "77256b516144911d2a1db4d9bbbec384"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b5fc08a4-23aa-4e6c-a3d3-cdb714dd56f2
cache-control: max-age=36895
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:07:35 GMT

GET
H2 200 defs2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
2 KB 250ms
167ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/defs2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c0c68ee99978a72f6b30031323c8b4793e97e24ff03adb6edb22ffa7d5d6a24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 51a18773-2b35-4be3-87c0-ffd6afe61ab4
content-length: 1236
last-modified: Tue, 12 Dec 2023 14:31:56 GMT
server: Cleversafe
etag: "1f064723fd185b9ab855b837ea1d572a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 51a18773-2b35-4be3-87c0-ffd6afe61ab4
cache-control: max-age=37921
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:24:41 GMT

GET
H2 200 KalturaPlayer.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 8 KB
3 KB 245ms
167ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/KalturaPlayer.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

25db506c7e7a025930194b8b4653366c93eee617991a4eca157ba477386b9ea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 0816e55e-5e90-4ef9-ad2f-441ece4a00ca
content-length: 3201
last-modified: Tue, 12 Dec 2023 14:31:46 GMT
server: Cleversafe
etag: "44cfdea4c61e1c3fe3817d38842ddc65"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 0816e55e-5e90-4ef9-ad2f-441ece4a00ca
cache-control: max-age=36910
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:07:50 GMT

GET
H2 200 index3.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 12 KB
4 KB 245ms
167ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/index3.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c9787b0f5966042b61044d6bf6b50de04fe2e8bd595554f41df9d6e7ea533de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: cabe2af2-ee90-4a66-be67-77754aebf39f
content-length: 4081
last-modified: Tue, 12 Dec 2023 14:31:59 GMT
server: Cleversafe
etag: "640741e42da19281f039c8c2236150a4"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: cabe2af2-ee90-4a66-be67-77754aebf39f
cache-control: max-age=37538
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:18:18 GMT

GET
H2 200 Analytics.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 6 KB
2 KB 267ms
189ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/Analytics.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

27727943226d9adecce7b1378afd2eeb5e62a975975ffead5486615ed0f6c055

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:41 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 4605883a-713b-482e-8a12-afab26d49518
content-length: 1986
last-modified: Tue, 12 Dec 2023 14:31:46 GMT
server: Cleversafe
etag: "6d829b153b3b5a326cbf4a71d8100583"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 4605883a-713b-482e-8a12-afab26d49518
cache-control: max-age=37680
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:20:41 GMT

GET
H2 200 index.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 3 KB
1 KB 248ms
170ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/index.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

e94dea6a076445d2063bbe7101fa33c8fb6cdd723863eb5c25eeaa81e3736b16

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: cf24b52a-2b69-49b1-b91f-fedfe09aabd0
content-length: 1057
last-modified: Tue, 12 Dec 2023 14:31:59 GMT
server: Cleversafe
etag: "7452bc45639068c36eb711cd01030901"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: cf24b52a-2b69-49b1-b91f-fedfe09aabd0
cache-control: max-age=37407
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:16:07 GMT

GET
H2 200 cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 232 KB
23 KB 250ms
167ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

06f22cc39b965efddd2d8217790e7208ab61420129339a1dc960829719dd5137

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 01714a18-8ce2-4e40-96e8-72c4aa7b121b
content-length: 23505
last-modified: Tue, 12 Dec 2023 14:31:56 GMT
server: Cleversafe
etag: "3bc779eeb89c8bc8fe07beb66db73cde"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 01714a18-8ce2-4e40-96e8-72c4aa7b121b
cache-control: max-age=37921
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:24:41 GMT

GET
H2 200 index5.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 3 KB
1 KB 256ms
146ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/index5.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

27f02b94e79640b905bf25c89495d09fb0950faeea56a852e10f855f12c56d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 205eae76-0358-4bc8-a374-3d157f7b3377
content-length: 1113
last-modified: Tue, 12 Dec 2023 14:31:59 GMT
server: Cleversafe
etag: "afcae01440d8fa4cf6ef7fcaac6dbe49"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 205eae76-0358-4bc8-a374-3d157f7b3377
cache-control: max-age=37444
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:16:44 GMT

GET
H2 200 sameHeight.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 3 KB
1 KB 253ms
143ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/sameHeight.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7aa21b9b8893d784d946e1f07e965831823018cc6123fb0f97ec2c38cf7e0403

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 9fe4ffe8-3d78-46e7-91a6-0a4281621479
content-length: 1191
last-modified: Tue, 12 Dec 2023 14:32:16 GMT
server: Cleversafe
etag: "60d122e7d5ab2c5ca87b812286522f79"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 9fe4ffe8-3d78-46e7-91a6-0a4281621479
cache-control: max-age=36857
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:06:57 GMT

GET
H2 200 card-cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 23 KB
5 KB 253ms
144ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a6d5adaf3a68ff52fcdcf50861572525528e6dbb2199724333e23f7367f9fb16

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 04bb4771-b085-44d4-ada2-f4ce42f34cf5
content-length: 5049
last-modified: Tue, 12 Dec 2023 14:31:51 GMT
server: Cleversafe
etag: "42a703cd63d04acc52291a79b711f540"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 04bb4771-b085-44d4-ada2-f4ce42f34cf5
cache-control: max-age=38157
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:28:37 GMT

GET
H2 200 play-video.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 12 KB
5 KB 249ms
166ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/play-video.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7fea1aa753e5c23f4c56cfbd2707ea5a17b15b74ebd85c57128ff4499152379f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:40 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: a75d9b21-483a-4941-9894-0b88370dba3b
content-length: 4530
last-modified: Tue, 12 Dec 2023 14:32:06 GMT
server: Cleversafe
etag: "38b2dde046d224e001bce86b78085dfc"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: a75d9b21-483a-4941-9894-0b88370dba3b
cache-control: max-age=37922
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:24:42 GMT

GET
H2 200 spread2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
2 KB 266ms
183ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/spread2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

64541d6d00c236d45a4b46b189a5adbd2336349ed8fbebee9e03a9e0b6e823fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:41 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 90457e60-d31b-436d-8850-266908a26ec4
content-length: 1268
last-modified: Tue, 12 Dec 2023 14:32:17 GMT
server: Cleversafe
etag: "92191be29d1a12e0168221ffe8116f90"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 90457e60-d31b-436d-8850-266908a26ec4
cache-control: max-age=36863
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:07:04 GMT

GET
BLOB 200
OK 10eb13f5-c2c3-4989-9e1b-90a2366d6cfa
https://securityintelligence.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://securityintelligence.com/10eb13f5-c2c3-4989-9e1b-90a2366d6cfa
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 19 KB
19 KB 50ms
15ms Font
font/woff2 2607:f8b0:4004:c21::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 09:07:59 GMT
x-content-type-options: nosniff
age: 164688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19156
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:04:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Jul 2025 09:07:59 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012406131415000/v0/ 12 KB
4 KB 65ms
22ms Script
text/javascript 2607:f8b0:400d:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406131415000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 Jul 2024 21:23:58 GMT
age: 466129
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3935
x-xss-protection: 0
server: sffe
etag: "db107aa2d6068f23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Jul 2025 21:23:58 GMT

GET
H2 200 logo-white.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 8 KB
3 KB 71ms
63ms Image
image/svg+xml 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/logo-white.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 663a14b3fbb5e44ad939917a2f6f4d93f31a0a1d8ab6702fb0a66036141ddc8b

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "2136-60a227f62f002-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
cf-ray: 8aab302c2cd043bc-EWR
content-length: 3207

GET
H2 200 loading.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 564 B
457 B 71ms
64ms Image
image/svg+xml 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/loading.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/wp-content/themes/sapphire/minifications/single.css?v=1710357099
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44a55e68b0089ee691777917ed9bf22f764251c0a7f0253024a8b27c2278a8c7

Request headers

Referer: https://securityintelligence.com/wp-content/themes/sapphire/minifications/single.css?v=1710357099
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "234-60a227f62f002-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
cf-ray: 8aab302c2cd143bc-EWR
content-length: 377

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 20 KB
20 KB 38ms
32ms Font
font/woff2 2607:f8b0:4004:c21::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31535a91ce3f6b8ed3ddedadab1e49957e2220263a640df1a3f14f6fdfe15eb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 08:49:17 GMT
x-content-type-options: nosniff
age: 165810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20356
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:19:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Jul 2025 08:49:17 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 20 KB
20 KB 30ms
25ms Font
font/woff2 2607:f8b0:4004:c21::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd8cf80ac0e7f7fa126a0cbe0f16d568325a156ca744e8f1e6aef14a9f23e2b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 12:18:30 GMT
x-content-type-options: nosniff
age: 153257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20352
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:04:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Jul 2025 12:18:30 GMT

GET
DATA 200
OK truncated
/ 99 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78e33244322d156f751a6d3e37d60b1c434fbb261430662bd5602af5c0962181

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 83 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68bb1563ccfeac7c657c6400068333526d993c339749bc913cbcf9804f9161bd

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30e9d57b088481aa675ef8b9617c41a1ef51c539caaa924b5cdf018a848308a4

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 83 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f439b7231b604467428bcbc8aae87c634c0916524cb8a723609e80404edd2c67

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 98 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81989057917238a210966fc6b0395e8dd60b2bdef18ce0c2cdf996ce81224fd8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 99 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce736f8cb653a86475d1b91e2cb72df0a5ffc31c671d4fb50914d367278d498b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v14/ 20 KB
20 KB 18ms
16ms Font
font/woff2 2607:f8b0:4004:c21::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v14/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb18d4166211ffb4d0b77cd388bfbb4d89718a11ba413ee5fbca320fe0f2cc2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:07:44 GMT
x-content-type-options: nosniff
age: 150303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20004
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 23:29:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Jul 2025 13:07:44 GMT

GET
H2 200 search.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 951 B
617 B 71ms
65ms Image
image/svg+xml 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/search.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e82da81b591f6ffc35aa67bcd9e1c39aa5983f7f8baaf35892956e8b2dc004b

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "3b7-60a227f62f002-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
cf-ray: 8aab302c9d1143bc-EWR
content-length: 491

GET
H2 200 close.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 455 B
374 B 65ms
58ms Image
image/svg+xml 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/close.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e89cc85750cabe4a1352be2c824af05958b906fdf9ab9b9e99fdd15a4d798152

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "1c7-60a227f614a20-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
cf-ray: 8aab302c9d1243bc-EWR
content-length: 294

GET
H2 200 scroll-to-top.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 715 B
506 B 70ms
64ms Image
image/svg+xml 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/scroll-to-top.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d5997f11a9482db230a12a91801a5006294d0c68817607fb2d8efdc7ecf006a

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "2cb-60a227f62f002-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
cf-ray: 8aab302c9d1343bc-EWR
content-length: 424

GET
H2 200 Virus-warning-alert-on-computer-screen-detected-modish-cyber-threat.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2023/07/ 64 KB
64 KB 87ms
82ms Image
image/webp 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2023/07/Virus-warning-alert-on-computer-screen-detected-modish-cyber-threat.jpeg.webp
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91dbf40be3a4e334cf5fb8d205a4b8c52d441fdd0427e877932c39fd0d04431f

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: MISS
last-modified: Tue, 14 Nov 2023 20:19:57 GMT
server: cloudflare
etag: "ff38-60a2282a28e29"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8aab302c9d1443bc-EWR
content-length: 65336
expires: Mon, 29 Jul 2024 10:52:47 GMT

GET
H2 200 twitter.svg
securityintelligence.com/wp-content/themes/sapphire/images/social-icons/ 551 B
455 B 68ms
63ms Image
image/svg+xml 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/social-icons/twitter.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51b55d095033da97c0b57b7d02035cec0064e83018d9c04378e98fd72336ae0d

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "227-60a227f635d62-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
cf-ray: 8aab302c9d1543bc-EWR
content-length: 372

GET
H2 200 linkedin.svg
securityintelligence.com/wp-content/themes/sapphire/images/social-icons/ 693 B
490 B 66ms
61ms Image
image/svg+xml 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/social-icons/linkedin.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2f5cf75a63fc6050035c507c308b27f1298db9c178bf0a98e852041d3bf574d

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "2b5-60a227f635d62-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
cf-ray: 8aab302c9d1843bc-EWR
content-length: 410

GET
H2 200 facebook.svg
securityintelligence.com/wp-content/themes/sapphire/images/social-icons/ 822 B
520 B 61ms
56ms Image
image/svg+xml 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/social-icons/facebook.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d4cb2bdcedfe67851df0a0098e36c6fecb22a3832cb46e59f663e37169cdd14

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "336-60a227f635d62-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
cf-ray: 8aab302c9d1943bc-EWR
content-length: 439

GET
H2 200 link.svg
securityintelligence.com/wp-content/themes/sapphire/images/social-icons/ 3 KB
1 KB 77ms
72ms Image
image/svg+xml 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/social-icons/link.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a70b9635dd7cebe8634aa78201f5533e14c7521c46462f036fc82feaa0dfddb6

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "b22-60a227f635d62-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
cf-ray: 8aab302c9d1c43bc-EWR
content-length: 1339

GET
H2 200 Zz1mNGU0M2IyNjI1YWYxMWVlYjFjMjFlNjM5ZWZhZjY0Mw==
images-cdn.welcomesoftware.com/ 83 KB
83 KB 174ms
47ms Image
image/png 2600:9000:2510:8600:f:fcff:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-cdn.welcomesoftware.com/Zz1mNGU0M2IyNjI1YWYxMWVlYjFjMjFlNjM5ZWZhZjY0Mw==?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOlsiZjRlNDNiMjYyNWFmMTFlZWIxYzIxZTYzOWVmYWY2NDMiXSwiZXhwIjoxNjkwNTAzNTI5fQ.kbvi2o5yamLD0iJTP-_MSFYh7yKZebDrxEnxQIlOMX4
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:8600:f:fcff:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6f680dffeaa5da2fefd8d98a5d22ed8819ce58991910ac98838e8f4160d88d78

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 05:01:44 GMT
x-amz-version-id: iij0WuUsSIAOXMDfuXx277VED90_xc1D
via: 1.1 6ea9421ec132e3640100792ef9535494.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 438663
x-amz-server-side-encryption: AES256
x-cache-status: MISS
x-cache: Hit from cloudfront
content-length: 84880
last-modified: Tue, 18 Jul 2023 21:13:35 GMT
server: nginx
etag: "92afcf9945df2ea29e7cdec4379eebaa"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 6U7Osvx6HATdvzUdR0g-c7_x5u83WbicPOgREpjea0wDvLarGDYECg==

GET
DATA 200
OK truncated
/ 98 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cba6d3e5442896fad3797c89b8447069e7f6525b516b913ce49590cf56180456

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 98 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f15c7b59ac1c2fb55943990e2e99f693045b33026cf71c7892577a49df42823

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 99 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c498909c5a4dbb15b4e6440b66426a8c575d31974bf854689bee49fdde93045a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 99 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 086a30b2a9e6955f85fcd26e2105ffad85df2ba1e9649739296ad5f81d654784

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 98 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ee8aad0b453f6d6e266c862fa1315a3d89b1e092e8f94a78a8020c5898bf6ad

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b65bc85834d94fd0c0377c78aee34175f646ffb4e57b23f5a74b9d6a18aeaa5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 default-pic.jpg
securityintelligence.com/wp-content/themes/sapphire/images/ 76 KB
76 KB 72ms
70ms Image
image/jpeg 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/default-pic.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c9b0dd77d7e31d1d0d9e319a81b838f3641cbd982bb5c9ad45d68cda1ca4e99

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "12ea0-60a227f614a20"
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8aab302cbd3343bc-EWR
content-length: 77472

GET
H3 200 Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY4S7bvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v14/ 19 KB
19 KB 17ms
15ms Font
font/woff2 2607:f8b0:4004:c21::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v14/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY4S7bvspYY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e50fd20cc0430024ee9914d1b372f4d98d4490712ca7eb0cda9d786e3a2b07d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 15:39:21 GMT
x-content-type-options: nosniff
age: 141206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19428
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 23:28:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Jul 2025 15:39:21 GMT

GET
H3 200 Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v14/ 19 KB
20 KB 19ms
18ms Font
font/woff2 2607:f8b0:4004:c21::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v14/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdf398f0b57b04f7174b818d55ed5b1d0462802e2cd327aac8c11d2602ef39ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 10:05:13 GMT
x-content-type-options: nosniff
age: 161254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19944
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 23:34:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Jul 2025 10:05:13 GMT

GET
H3 200 Gg8lN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYapyK4.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v14/ 19 KB
19 KB 26ms
25ms Font
font/woff2 2607:f8b0:4004:c21::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v14/Gg8lN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYapyK4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

374c61fb8261a766c9a6d5d78a36047aa8f82ac86e5811008d3131de82795413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 12:19:09 GMT
x-content-type-options: nosniff
age: 153218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19828
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 23:35:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Jul 2025 12:19:09 GMT

GET
H3 200 zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 20 KB
20 KB 31ms
30ms Font
font/woff2 2607:f8b0:4004:c21::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 15:56:50 GMT
x-content-type-options: nosniff
age: 140157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20064
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:58:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Jul 2025 15:56:50 GMT

GET
H2 200 computer-security-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2024/07/ 10 KB
10 KB 22ms
20ms Image
image/webp 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2024/07/computer-security-630x330.jpeg.webp
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e02c0a01a563bb7401cb74ac4a3a64d4d0eaeb8f34c213291f28659f7dd70217

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Thu, 25 Jul 2024 13:00:05 GMT
server: cloudflare
age: 3346
etag: "284e-61e11f9404aaf"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8aab302ced7f43bc-EWR
content-length: 10318
expires: Mon, 29 Jul 2024 10:52:47 GMT

GET
H2 200 Diverse-Group-of-People-Talking-in-a-Casual-Modern-Meeting-Room-in-Office.-Group-of-Colleagues-From-Different-Ethnicities-Working-Together-as-a-Team-on-Crisis-Management.-Wide-Shot-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2024/07/ 19 KB
19 KB 24ms
22ms Image
image/webp 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2024/07/Diverse-Group-of-People-Talking-in-a-Casual-Modern-Meeting-Room-in-Office.-Group-of-Colleagues-From-Different-Ethnicities-Working-Together-as-a-Team-on-Crisis-Management.-Wide-Shot-630x330.jpeg.webp
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 469a7f454c8a97d967d2bdfb20fbd70a301871e24aefc80d187543827497c156

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2024 13:00:26 GMT
server: cloudflare
age: 2685
etag: "4c52-61d48d01fa018"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8aab302ced7c43bc-EWR
content-length: 19538
expires: Mon, 29 Jul 2024 10:52:47 GMT

GET
H2 200 Closeup-young-man-software-developers-using-computer-to-write-code-application-program-for-AI-technology-development-at-desk-with-multiple-screens-work-at-home-office.-Programmer-d-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2024/07/ 10 KB
10 KB 23ms
21ms Image
image/webp 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2024/07/Closeup-young-man-software-developers-using-computer-to-write-code-application-program-for-AI-technology-development-at-desk-with-multiple-screens-work-at-home-office.-Programmer-d-630x330.jpeg.webp
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87f273f2f0709e220d17af3aaa4fc31e299a358ac02a32e63ac8a622f5f04c73

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Mon, 01 Jul 2024 13:00:08 GMT
server: cloudflare
age: 2679
etag: "2894-61c2f2d41f265"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8aab302ced7e43bc-EWR
content-length: 10388
expires: Mon, 29 Jul 2024 10:52:47 GMT

GET
H2 200 SIB_TII_banners2024_rightrail-think_600x1200.png
securityintelligence.com/wp-content/uploads/2024/02/ 34 KB
34 KB 60ms
59ms Image
image/webp 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2024/02/SIB_TII_banners2024_rightrail-think_600x1200.png
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c5ebed114d1223ecf396c28ec1d6d2d34c709e312fe138a2331d7b55a97d004

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Wed, 21 Feb 2024 12:40:40 GMT
server: cloudflare
etag: "878a-611e3a2654b8d"
vary: Accept
content-type: image/webp
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 8aab302ced8143bc-EWR
content-length: 34698

GET
H3 200 zYX9KVElMYYaJe8bpLHnCwDKjR7_AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 20 KB
20 KB 16ms
16ms Font
font/woff2 2607:f8b0:4004:c21::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjR7_AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea7f53d0f3c0177b20a3604c7263e406013ea8def4fa82f7a09361a8ac6845c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 10:06:22 GMT
x-content-type-options: nosniff
age: 161185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20716
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:58:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Jul 2025 10:06:22 GMT

GET
H2 200 carbon-element.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 32 KB
8 KB 43ms
11ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/carbon-element.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a550027dbe16ae842d3f4e3632f8ade0c352c147330698f518c38f8f87555989

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 4f72ccbe-b2d0-4b4e-9250-caae5bdda0e8
content-length: 8381
last-modified: Tue, 18 Apr 2023 01:06:20 GMT
server: Cleversafe
etag: "d20c717042ca6e86e8b66167330a4379"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 4f72ccbe-b2d0-4b4e-9250-caae5bdda0e8
cache-control: max-age=1926498
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:01:05 GMT

GET
H2 200 settings.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 4 KB
1 KB 41ms
11ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/settings.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

1ce57fe09c3a2b9bb5703bfb387c57a91be0baae1d219771455dd3f8e1503dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: e11639d5-2ce1-499e-9993-0efef9fb2105
content-length: 1177
last-modified: Tue, 18 Apr 2023 01:06:40 GMT
server: Cleversafe
etag: "cde7729aaec872785f415e59f9d38a34"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: e11639d5-2ce1-499e-9993-0efef9fb2105
cache-control: max-age=1927550
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:18:37 GMT

GET
H2 200 stable-selector.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 5 KB
2 KB 43ms
12ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/stable-selector.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c23269df2b82f8486814488d21a8e6e1ed55afae34877a44fc2573a5914a3cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 4b970ac0-31df-42b8-a69a-7a62092376bc
content-length: 1732
last-modified: Tue, 18 Apr 2023 01:06:40 GMT
server: Cleversafe
etag: "7e746dbccd83d336d34387680087702f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 4b970ac0-31df-42b8-a69a-7a62092376bc
cache-control: max-age=1926431
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:58 GMT

GET
H2 200 content-section.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 12 KB
4 KB 43ms
13ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-section.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

1fad73efd1fa15b2d69d2ec0d65bf11d4d3bf5ed4681462c6ddf05b8259cfb5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ba802199-6f11-497f-a6d5-1993ba7f9644
content-length: 3936
last-modified: Tue, 18 Apr 2023 01:06:25 GMT
server: Cleversafe
etag: "db8e2dfc6a48cfdd3dd9d741f81a17cc"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ba802199-6f11-497f-a6d5-1993ba7f9644
cache-control: max-age=1926473
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:00:40 GMT

GET
H2 200 button-group.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 13 KB
4 KB 46ms
16ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/button-group.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

148f5bd38cf3b8e0aec0003782dfbba92df960a30944bbe2f9f977213c762a5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b3bfd4d2-c6b9-4db7-9c7e-aaddf235e212
content-length: 4096
last-modified: Tue, 18 Apr 2023 01:06:20 GMT
server: Cleversafe
etag: "da3a74018492d21a651bae65dd688d8e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b3bfd4d2-c6b9-4db7-9c7e-aaddf235e212
cache-control: max-age=1926469
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:00:36 GMT

GET
H2 200 button-group-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 127 KB
16 KB 42ms
12ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/button-group-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

70c35a3b3b36b2fc6bfa0561f148268064ecc7ccf10e336bf3b91540326a647a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: e4e63ef6-9123-4f3b-9a8e-21b3ba94bffc
content-length: 15815
last-modified: Tue, 18 Apr 2023 01:06:20 GMT
server: Cleversafe
etag: "df113add096d9452599f6378cbb29586"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: e4e63ef6-9123-4f3b-9a8e-21b3ba94bffc
cache-control: max-age=1927550
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:18:37 GMT

GET
H2 200 button-cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 12 KB
4 KB 43ms
13ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/button-cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7bb85c6b3eb442173f57214a267449e51548381a82fedb86428812815d0ec64c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 79b39c99-ac83-4343-9d05-1dad6f8b3966
content-length: 3973
last-modified: Tue, 18 Apr 2023 01:06:20 GMT
server: Cleversafe
etag: "035ecc3241fde544862020321e3e32b2"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 79b39c99-ac83-4343-9d05-1dad6f8b3966
cache-control: max-age=1926136
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:55:03 GMT

GET
H2 200 text-cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 13 KB
4 KB 46ms
17ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/text-cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

055242be429679afbdc44ca60d2060eff0d478b817102a347105adc5bbb6f90a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d4d93ba1-0c2f-40c9-912e-32dd5cd570c1
content-length: 4180
last-modified: Tue, 18 Apr 2023 01:06:41 GMT
server: Cleversafe
etag: "ff75975d2411b24d42ae5d3d6ce886c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d4d93ba1-0c2f-40c9-912e-32dd5cd570c1
cache-control: max-age=1926512
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:01:19 GMT

GET
H2 200 cta-block-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 283 KB
29 KB 47ms
17ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-block-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

bb91a3d6fa4ce291537aa3a50eccedf2fd8c79c98f89083a9fae9aad5b106f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 52d25ab4-91cf-4295-bced-0ca5eb34e3ae
content-length: 28922
last-modified: Tue, 18 Apr 2023 01:06:25 GMT
server: Cleversafe
etag: "fbcfcc78d5c6436ed00bff92f613ab38"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 52d25ab4-91cf-4295-bced-0ca5eb34e3ae
cache-control: max-age=1927098
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:11:05 GMT

GET
H2 200 content-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 13 KB
4 KB 46ms
17ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

cde8866183a768c3e0b93a8ff2efb0c999e65029ca02d853f5798bedb3a41095

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 67c9a646-db1e-4df6-ac85-454471180bbf
content-length: 4028
last-modified: Tue, 18 Apr 2023 01:06:24 GMT
server: Cleversafe
etag: "00741a023f3588933358211859a90162"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 67c9a646-db1e-4df6-ac85-454471180bbf
cache-control: max-age=1926470
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:00:37 GMT

GET
H2 200 content-item-copy.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 12 KB
4 KB 53ms
24ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-item-copy.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d6919a40101e75c8accad2e0e756dc04e61a582c3f33ccfd51dd2593418e11fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 5c09066a-ffdf-4a36-845c-77c041ded75c
content-length: 3863
last-modified: Tue, 18 Apr 2023 01:06:24 GMT
server: Cleversafe
etag: "8cfee48262c0020a5dbd8fdbe6d7c7be"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 5c09066a-ffdf-4a36-845c-77c041ded75c
cache-control: max-age=1926678
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:04:05 GMT

GET
H2 200 content-item-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 12 KB
4 KB 53ms
25ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-item-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a93ccf89475f83336712a14da8d52d2d4a8f1b93e62465507e5e74fec5857860

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 0245a30f-db42-4fe6-8d85-bb03c66c8483
content-length: 3869
last-modified: Tue, 18 Apr 2023 01:06:24 GMT
server: Cleversafe
etag: "19f5ae5a4d8ede510d5b62c0b90f5435"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 0245a30f-db42-4fe6-8d85-bb03c66c8483
cache-control: max-age=1926416
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:43 GMT

GET
H2 200 content-item-paragraph.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 11 KB
4 KB 53ms
25ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-item-paragraph.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

45725f6aba012413709dd5927c4af00fe05e56d69da79134e4f8fb747450d897

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: e6ea072a-6f86-4dca-be52-65e04a7fff01
content-length: 3592
last-modified: Tue, 18 Apr 2023 01:06:24 GMT
server: Cleversafe
etag: "554236d004b11bf9916c077dd44425c7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: e6ea072a-6f86-4dca-be52-65e04a7fff01
cache-control: max-age=1926416
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:43 GMT

GET
H2 200 content-block-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 12 KB
4 KB 53ms
25ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-block-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

3cc6d6cbbcb082f1536061bb5cd7387b729b62f147a461b7201156eb1d10c7a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 518cb349-4f60-468d-828b-fe44d8da0fb2
content-length: 3952
last-modified: Tue, 18 Apr 2023 01:06:23 GMT
server: Cleversafe
etag: "cebc609089e0485a433aa3ee264c29e8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 518cb349-4f60-468d-828b-fe44d8da0fb2
cache-control: max-age=1926436
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:00:03 GMT

GET
H2 200 content-block-copy.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 12 KB
4 KB 58ms
30ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-block-copy.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

061d68548d70b449039f082ba0e4d8b5931e37eb74f0c1a1784a0fa83369476f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 226e46d4-620b-4df3-be78-3c04be8dc8aa
content-length: 3926
last-modified: Tue, 18 Apr 2023 01:06:23 GMT
server: Cleversafe
etag: "4899367e48dea17d482254adfbb3a51f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 226e46d4-620b-4df3-be78-3c04be8dc8aa
cache-control: max-age=1926150
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:55:17 GMT

GET
H2 200 content-section2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 81 KB
9 KB 58ms
30ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-section2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

6be62c2f8d5edfd48f4d8de499432b74c846ad441c4edf63d0d4a68f14a3d368

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d2d89bd4-c422-48c9-8124-d0670864b472
content-length: 8977
last-modified: Tue, 18 Apr 2023 01:06:25 GMT
server: Cleversafe
etag: "cfe52852586fa6bff9274171763d3173"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d2d89bd4-c422-48c9-8124-d0670864b472
cache-control: max-age=1926155
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:55:22 GMT

GET
H2 200 defs3.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 4 KB
1 KB 58ms
30ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/defs3.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

687a057c92b4f6239167f336f96e053988db59f36e61c906ae61a85d0abe5896

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 240bd359-d932-4422-86bb-514bd4415b00
content-length: 1188
last-modified: Tue, 18 Apr 2023 01:06:25 GMT
server: Cleversafe
etag: "9a6e5108e0e1a3893faa94d34ea7053a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 240bd359-d932-4422-86bb-514bd4415b00
cache-control: max-age=1926590
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:02:37 GMT

GET
H2 200 settings3.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 3 KB
1 KB 58ms
30ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/settings3.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

1fb80047319fc7f35bf012bb331440197f1c7c9f4928a7d73e77f961985a5412

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: af26ebe4-1e1b-4c07-84a5-8835906d1413
content-length: 1026
last-modified: Tue, 18 Apr 2023 01:06:40 GMT
server: Cleversafe
etag: "5333197840d4b7a87e4f21ba3dfdf368"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: af26ebe4-1e1b-4c07-84a5-8835906d1413
cache-control: max-age=1928177
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:29:04 GMT

GET
H2 200 button.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 81 KB
11 KB 54ms
26ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/button.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

f42d85a1fbec8757d847b58ea0138e7c8a93e6769af086f4a1cf9dc46b5e6fa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ca98def0-a7d6-4b6e-bb5c-36f6f2f5523e
content-length: 11106
last-modified: Tue, 18 Apr 2023 01:06:20 GMT
server: Cleversafe
etag: "4141e1de4422846f393b225f03325a6e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ca98def0-a7d6-4b6e-bb5c-36f6f2f5523e
cache-control: max-age=1926041
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:53:28 GMT

GET
H2 200 class-map.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 5 KB
2 KB 60ms
33ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/class-map.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

68969bac2a1db27ac853c8c231e8031bbd53afc29379ab0e4ee68a20fb85bafc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: bdd7919f-d7be-46fc-a5ff-94722f307bd7
content-length: 1477
last-modified: Tue, 18 Apr 2023 01:06:22 GMT
server: Cleversafe
etag: "a8174435cbb707f6375d73df5ab7bdcb"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: bdd7919f-d7be-46fc-a5ff-94722f307bd7
cache-control: max-age=1926437
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:00:04 GMT

GET
H2 200 if-non-null.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 3 KB
1 KB 54ms
27ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/if-non-null.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

835de0b00f5d8ea56795085cefcaf53d6017c132e081129f100188e005d6f2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 47290782-4896-4c98-ad22-ceb892093b5b
content-length: 1040
last-modified: Tue, 18 Apr 2023 01:06:27 GMT
server: Cleversafe
etag: "572f7b1bb3ac9dd2a96bb37d30adf228"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 47290782-4896-4c98-ad22-ceb892093b5b
cache-control: max-age=1926429
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:56 GMT

GET
H2 200 if-defined.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 4 KB
1 KB 54ms
27ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/if-defined.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

438836179e58da34ffa952d54044cd6418887f212dcd9cbdbfb1e184f6d2d03b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: a0b9dafb-5cf5-46ef-bf4c-b1750bc03db3
content-length: 1149
last-modified: Tue, 18 Apr 2023 01:06:27 GMT
server: Cleversafe
etag: "88f65872495e7597e4e7b3fa0f38b002"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: a0b9dafb-5cf5-46ef-bf4c-b1750bc03db3
cache-control: max-age=1926518
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:01:25 GMT

GET
H2 200 focus.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 3 KB
1 KB 54ms
27ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/focus.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

65abc7b0e6de94afe1a08ad5ca902eae3e8ddca70f632cf80c304d39c5a4434e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ffff58f3-26dd-411f-8905-7bc386af109e
content-length: 1109
last-modified: Tue, 18 Apr 2023 01:06:26 GMT
server: Cleversafe
etag: "b72c1d6e4f4dbb16710847371cc20a35"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ffff58f3-26dd-411f-8905-7bc386af109e
cache-control: max-age=1926558
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:02:05 GMT

GET
H2 200 settings2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 5 KB
2 KB 54ms
27ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/settings2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d9df6451975419c0b0f7b076b048cf03e83262c6643940a0d6ab5f976028a353

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 0954a5ed-87e9-4199-a2a0-3a75a630bf14
content-length: 1469
last-modified: Tue, 18 Apr 2023 01:06:40 GMT
server: Cleversafe
etag: "acc037b12dbec89bd6f704cebe41430a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 0954a5ed-87e9-4199-a2a0-3a75a630bf14
cache-control: max-age=1926418
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:45 GMT

GET
H2 200 formatVideoCaption.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 3 KB
1 KB 54ms
28ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/formatVideoCaption.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

87aa7e8eecbcc64fcd6878351518a72c7e495269e206cb10472959d50d6c8f95

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 53078eed-42b9-4e40-a00b-09c73ee431c2
content-length: 1194
last-modified: Tue, 18 Apr 2023 01:06:26 GMT
server: Cleversafe
etag: "e92dfc66fbdcc126f98c0b3ad63ca8d1"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 53078eed-42b9-4e40-a00b-09c73ee431c2
cache-control: max-age=1926447
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:00:14 GMT

GET
H2 200 video.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 13 KB
4 KB 54ms
28ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/video.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7a3a1a24324b661e918681982552dba1b617b5f0313344dcce1bc39fd36f773f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 862e50c4-3180-41b5-ac54-eb9ed193201b
content-length: 3515
last-modified: Tue, 18 Apr 2023 01:06:41 GMT
server: Cleversafe
etag: "fff6c80a0f6118336d8c50b3bbcfefd1"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 862e50c4-3180-41b5-ac54-eb9ed193201b
cache-control: max-age=1927550
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:18:37 GMT

GET
H2 200 203.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 4 KB
2 KB 54ms
28ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/203.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

636c039cd55a93fd5f45174a3ad250ea24413e065b509bfed3b06d9644d0896c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b2854668-d4c1-4667-847d-bf0b5986a684
content-length: 1242
last-modified: Tue, 18 Apr 2023 01:06:20 GMT
server: Cleversafe
etag: "82591de9ad2c4449741055ef5df433e8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b2854668-d4c1-4667-847d-bf0b5986a684
cache-control: max-age=1927550
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:18:37 GMT

GET
H2 200 spread.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 4 KB
2 KB 84ms
59ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/spread.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a5468ad5750d7374997aefbfe093ae29c3ee7dfc8ec5f51702c40eb6b90f91ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 295ed196-b8d5-46db-92c7-fd789e636faa
content-length: 1268
last-modified: Tue, 18 Apr 2023 01:06:40 GMT
server: Cleversafe
etag: "04e35c4d36a747a803aea55b77299545"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 295ed196-b8d5-46db-92c7-fd789e636faa
cache-control: max-age=1926519
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:01:26 GMT

GET
H2 200 defs2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 4 KB
2 KB 54ms
29ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/defs2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

f059a5aa0a112fddeea0086027cdfb5c4c612a2e6d86e7e430213093b7425424

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: c4a4b51e-ef4f-4ca3-8326-551921ec457a
content-length: 1236
last-modified: Tue, 18 Apr 2023 01:06:25 GMT
server: Cleversafe
etag: "fdd56e1ed8819aea706b71fa428ff807"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: c4a4b51e-ef4f-4ca3-8326-551921ec457a
cache-control: max-age=1926431
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:58 GMT

GET
H2 200 cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 232 KB
23 KB 53ms
29ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

f976589b67405bbc6b9c773eaf742662f600465db7843d1e70100bb8f3c173cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 4bb86bdb-79d2-4733-9e3b-b70d681e9bbc
content-length: 23480
last-modified: Tue, 18 Apr 2023 01:06:25 GMT
server: Cleversafe
etag: "48fbd3dc2b37e763662be3628c26706d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 4bb86bdb-79d2-4733-9e3b-b70d681e9bbc
cache-control: max-age=1927550
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:18:37 GMT

GET
H2 200 link-with-icon.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 136 KB
17 KB 60ms
36ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/link-with-icon.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

480ee17ae9bd1943c860d3ca42f244b02462071cbf31bbf06e314f37bad84b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 9feea2af-5f06-414c-909d-c50f3371b3bc
content-length: 16637
last-modified: Tue, 18 Apr 2023 01:06:30 GMT
server: Cleversafe
etag: "c8f396f454f8c754b8aef2fe35fb23d4"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 9feea2af-5f06-414c-909d-c50f3371b3bc
cache-control: max-age=1926455
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:00:22 GMT

GET
H2 200 link.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 12 KB
4 KB 56ms
32ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/link.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

b6b223048d53962ba8887fa17fd057385058f87474cd247e974ec87c2df4d693

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f7b75005-fd8a-4468-a7aa-fba4c09bba8a
content-length: 3680
last-modified: Tue, 18 Apr 2023 01:06:30 GMT
server: Cleversafe
etag: "39f60bca545a4339b05602b1d50fc3ea"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f7b75005-fd8a-4468-a7aa-fba4c09bba8a
cache-control: max-age=1926422
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:49 GMT

GET
H2 200 decorate.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 10 KB
4 KB 56ms
32ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/decorate.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

591a6a94143a5b8cbdd7fe5551d441d899ddfb6448737be08941f7f4373222c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 945f577d-7d9f-41f5-8a74-a5cacc8e6fc0
content-length: 3294
last-modified: Tue, 18 Apr 2023 01:06:25 GMT
server: Cleversafe
etag: "2bb4ff5160fed9d028c8a8e7eebb3162"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 945f577d-7d9f-41f5-8a74-a5cacc8e6fc0
cache-control: max-age=1926411
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:59:38 GMT

GET
H2 200 toPropertyKey.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 4 KB
2 KB 56ms
33ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/toPropertyKey.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

73f701d7eed1b391a0387b4337cb71fd5ac4cae4cdd90baa4a8e30eab0ba413d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 14a3c75e-68f9-414a-9d4a-8a2b0af2f39a
content-length: 1242
last-modified: Tue, 18 Apr 2023 01:06:41 GMT
server: Cleversafe
etag: "1d42be3474c21a2f0f4ac6998a2f7528"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 14a3c75e-68f9-414a-9d4a-8a2b0af2f39a
cache-control: max-age=1927550
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:18:37 GMT

GET
H2 200 defs.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 3 KB
1 KB 56ms
34ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/defs.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

1c227006efb1fba0e36bb30543339fb562dca62f378baa11ec8b8ddfc8b97cd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 559fb130-0917-4e15-a224-a8dac5a9c3d1
content-length: 1077
last-modified: Tue, 18 Apr 2023 01:06:25 GMT
server: Cleversafe
etag: "3a22828140e3312aacb0df7057f0dbd4"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 559fb130-0917-4e15-a224-a8dac5a9c3d1
cache-control: max-age=1927550
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:18:37 GMT

GET
H2 200 content-block.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 14 KB
5 KB 57ms
34ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-block.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

ebd04a96b54329b8a1254bc7bd0e1479415c2f4b5e475216c7658a5874c1b071

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 89eac2a6-fede-4f31-aa62-c22d8332d203
content-length: 4356
last-modified: Tue, 18 Apr 2023 01:06:23 GMT
server: Cleversafe
etag: "ccc15c868cf5de9923b5df2de6b5bccd"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 89eac2a6-fede-4f31-aa62-c22d8332d203
cache-control: max-age=1926068
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:53:55 GMT

GET
H2 200 content-block2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 145 KB
16 KB 57ms
35ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-block2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

391dc528a428a16f90b7ba966a0ed85d1ada1fbcf828c24ad3eb9b02d91f33fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 01db76b3-75f5-4da7-bbdc-3f55857a6134
content-length: 16244
last-modified: Tue, 18 Apr 2023 01:06:23 GMT
server: Cleversafe
etag: "e87e4241d1d98146ad13d7347705c74a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 01db76b3-75f5-4da7-bbdc-3f55857a6134
cache-control: max-age=1927550
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:18:37 GMT

GET
H2 200 sameHeight.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 3 KB
1 KB 62ms
40ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/sameHeight.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

84d1bf4cd5b5fefe99357eac6db2f21c1e0e579112ffce60b2c69cd098f3ebeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: cf48012e-d5b9-4340-84e0-af6f7e527c31
content-length: 1191
last-modified: Tue, 18 Apr 2023 01:06:39 GMT
server: Cleversafe
etag: "3a2459c72ffe9fa4600a02bef9bc7d04"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: cf48012e-d5b9-4340-84e0-af6f7e527c31
cache-control: max-age=1926615
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:03:02 GMT

GET
H2 200 index4.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 3 KB
1 KB 62ms
40ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/index4.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

808e3f3b08cb517cabda3690db1ba2ba69c39f0a8b201aa7ad57114485d9181f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 33562a25-5061-4756-90bf-efa96f69fc46
content-length: 1113
last-modified: Tue, 18 Apr 2023 01:06:27 GMT
server: Cleversafe
etag: "90293045e674b60df4d205343c8a9d4b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 33562a25-5061-4756-90bf-efa96f69fc46
cache-control: max-age=1927550
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:18:37 GMT

GET
H2 200 parent-visibility.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 4 KB
2 KB 62ms
41ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/parent-visibility.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

60ed749d6f5cfc6cbaef111aeee9a3d3fc37807555bc3152210b1a7824fa8872

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: da216f6e-4eed-48fd-a8bb-bc306d254f97
content-length: 1280
last-modified: Tue, 18 Apr 2023 01:06:32 GMT
server: Cleversafe
etag: "04405a69245bbac18c5cbb9f0109f18d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: da216f6e-4eed-48fd-a8bb-bc306d254f97
cache-control: max-age=1927550
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:18:37 GMT

GET
H2 200 tab.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 448 KB
38 KB 60ms
39ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/tab.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

4e57cf766447c0f0f0473dd492b395ea0e401261811c8f8218faac081a107a8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b43d8742-95a3-429c-9838-aa1072fb746f
content-length: 38107
last-modified: Tue, 18 Apr 2023 01:06:40 GMT
server: Cleversafe
etag: "76b8d9ca7e5442d036bea6c77b4d5a36"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b43d8742-95a3-429c-9838-aa1072fb746f
cache-control: max-age=1926506
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:01:13 GMT

GET
H2 200 content-item2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 133 KB
15 KB 66ms
45ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-item2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

2474929d0b22a0b5083acba9ee9f6e50e0e68d0f8fe0001468af372ceb237a21

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f7ec5311-5066-45fe-8f4a-17c68fb9b42a
content-length: 14572
last-modified: Tue, 18 Apr 2023 01:06:24 GMT
server: Cleversafe
etag: "29f26189a194b440599996533d019fc9"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f7ec5311-5066-45fe-8f4a-17c68fb9b42a
cache-control: max-age=1926490
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:00:57 GMT

GET
H2 200 markdown.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 24 KB
7 KB 66ms
45ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/markdown.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

b2892b1c7e5dba9aa27ca9559244807f20538bd11574076962478a06cf08e0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: fff3bef6-aec9-41fb-bf5d-7ebccfd94ca3
content-length: 6818
last-modified: Tue, 18 Apr 2023 01:06:30 GMT
server: Cleversafe
etag: "6a5d889e73f8b5b5f7a696afc6bdc3e4"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: fff3bef6-aec9-41fb-bf5d-7ebccfd94ca3
cache-control: max-age=1924936
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:35:03 GMT

GET
H2 200 unsafe-html.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 4 KB
2 KB 67ms
47ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/unsafe-html.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

4676df23d89cb1eb3ccc4355ad76e8b03f913b27333d24fa9137d7902492f6d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: fafd8ca3-dc8b-4b10-8e5d-4eb46dd11786
content-length: 1230
last-modified: Tue, 18 Apr 2023 01:06:41 GMT
server: Cleversafe
etag: "cba06ca2f3cb0175773f14502ea9a0bb"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: fafd8ca3-dc8b-4b10-8e5d-4eb46dd11786
cache-control: max-age=1927550
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:18:37 GMT

GET
H2 200 get.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 4 KB
1 KB 69ms
49ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/get.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

5790f65182367ee37e03f746cb278c50d07f2224d9658c34b98c2d8f8f60dc61

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 90ed0e0a-b33e-4661-b291-1cd20d7e7018
content-length: 1214
last-modified: Tue, 18 Apr 2023 01:06:26 GMT
server: Cleversafe
etag: "1aff1c6dae84498454e38a819070dc22"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 90ed0e0a-b33e-4661-b291-1cd20d7e7018
cache-control: max-age=1927550
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:18:37 GMT

GET
H2 200 marked.umd.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 72 KB
25 KB 82ms
63ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/marked.umd.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

df5e72491de42d519d782711ffe4b0914a57585f13235927db42324c5c8b8154

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: e8e927f1-3887-40af-8d1a-24c2557521a9
content-length: 25350
last-modified: Tue, 18 Apr 2023 01:06:30 GMT
server: Cleversafe
etag: "1976addcda8f882f66fd3eb6cc68184b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: e8e927f1-3887-40af-8d1a-24c2557521a9
cache-control: max-age=1926729
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:04:56 GMT

GET
H2 200 _commonjsHelpers.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 3 KB
1 KB 69ms
49ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/_commonjsHelpers.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d566b0df5ed3c4e90da21a0ee58cce6cbd0d3259bb0f98bb31d524b00c0e9afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 3471cb94-97e1-4581-b035-efd4744c6d99
content-length: 1106
last-modified: Tue, 18 Apr 2023 01:06:18 GMT
server: Cleversafe
etag: "1a3b850c975b04227ccbdde9bacde7dc"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 3471cb94-97e1-4581-b035-efd4744c6d99
cache-control: max-age=1926173
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 13:55:40 GMT

GET
H2 200 striptags.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 5 KB
2 KB 69ms
49ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/striptags.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d8bc2fabd324a865fb6f11276bc6b7517f8c66e637f1b585b1a2a568a7065112

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 488d3039-4134-41bd-a92c-c5da9ac6c77d
content-length: 1749
last-modified: Tue, 18 Apr 2023 01:06:40 GMT
server: Cleversafe
etag: "03431af3cc4749dd205df026756a22c9"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 488d3039-4134-41bd-a92c-c5da9ac6c77d
cache-control: max-age=1926449
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:00:16 GMT

GET
H2 200 stripHTML.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 3 KB
1 KB 69ms
50ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/stripHTML.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

131637e802df8efe821db2e04e2d5fbf8156e8dfd21c86f7568e0ed55c5ffa6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 22425fdf-4565-4f4d-adcf-842ee89abc77
content-length: 1087
last-modified: Tue, 18 Apr 2023 01:06:40 GMT
server: Cleversafe
etag: "5cc450f0b54da43ffe3db40586321992"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 22425fdf-4565-4f4d-adcf-842ee89abc77
cache-control: max-age=1926462
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 20 Aug 2024 14:00:29 GMT

GET
H2 200 content-block-paragraph.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 11 KB
4 KB 69ms
50ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-block-paragraph.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

60a69b71ca37f27f48a3ddf5ed1fd31e0ce2669ef9638654c9f5aaea2d60de5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b31da57e-4e09-44a6-b7c6-21e313ab67fd
content-length: 3606
last-modified: Tue, 18 Apr 2023 01:06:23 GMT
server: Cleversafe
etag: "b8feb95690402e4bb84d8a8623a6a0dd"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b31da57e-4e09-44a6-b7c6-21e313ab67fd
cache-control: max-age=1842952
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 19 Aug 2024 14:48:39 GMT

GET
H2 200 button-group.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 13 KB
4 KB 69ms
51ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/button-group.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

17f7dec0e77938aac0a94d62a97ad70ed43d4365da5b8edd49376583d25b28bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 588b1109-bd46-41d1-b702-5b22da0831cf
content-length: 4095
last-modified: Tue, 12 Dec 2023 14:31:48 GMT
server: Cleversafe
etag: "8589b5a93d61e76181432c495a316cb0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 588b1109-bd46-41d1-b702-5b22da0831cf
cache-control: max-age=37836
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:23:23 GMT

GET
H2 200 button-group-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 127 KB
16 KB 70ms
51ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/button-group-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

e1a2ed0c708a2a9f8f96128e0f0ff4518dbf1af4e2f56276681273bb1659642f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ca0b2d34-f41d-48c6-aa0a-4c5c53756a1c
content-length: 15852
last-modified: Tue, 12 Dec 2023 14:31:48 GMT
server: Cleversafe
etag: "16b723cbc4d5e58a07e794079c47d537"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ca0b2d34-f41d-48c6-aa0a-4c5c53756a1c
cache-control: max-age=37951
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:25:18 GMT

GET
H2 200 button-cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 12 KB
4 KB 70ms
52ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/button-cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

fd553f6229e34abb458572766f7c5693c7fbe509dfb24558f5d9e99532d3d9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 16419f13-7be0-4839-80cb-31747e37fa6f
content-length: 3973
last-modified: Tue, 12 Dec 2023 14:31:48 GMT
server: Cleversafe
etag: "db3941c3712f56b7c3a843eeefb85afd"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 16419f13-7be0-4839-80cb-31747e37fa6f
cache-control: max-age=12859
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 10:27:06 GMT

GET
H2 200 text-cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 13 KB
4 KB 70ms
53ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/text-cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

9b6a8a47b2ee723329aaceb68a28e591c7da541832af19b6efda3310a46a8dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: abd67df9-5dd5-4c1e-bcf2-a6b56a57ea1c
content-length: 4178
last-modified: Tue, 12 Dec 2023 14:32:18 GMT
server: Cleversafe
etag: "a00b6482bdea326ccbbab8c048412454"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: abd67df9-5dd5-4c1e-bcf2-a6b56a57ea1c
cache-control: max-age=71225
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 30 Jul 2024 02:39:52 GMT

GET
H2 200 cta-block-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 283 KB
29 KB 70ms
53ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-block-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

2f22eeac4501bb24cd47630791adafd966bd0940d398def0c94b3f22767c7485

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ff9a6b67-93cb-433c-a64a-e2333c4e2b1f
content-length: 28938
last-modified: Tue, 12 Dec 2023 14:31:55 GMT
server: Cleversafe
etag: "26cf2e870e40a79c2ce6befa817c5683"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ff9a6b67-93cb-433c-a64a-e2333c4e2b1f
cache-control: max-age=37057
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:10:24 GMT

GET
H2 200 content-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 13 KB
4 KB 73ms
56ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

fb4529cc42ed4fdee59dfb30fec6d069634cb6b3211c2274505e556c8be0cf3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: e705fee0-4b61-447e-a588-b000f41b254b
content-length: 4028
last-modified: Tue, 12 Dec 2023 14:31:55 GMT
server: Cleversafe
etag: "3a2d5f4facf7a383384ed4e687575a02"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: e705fee0-4b61-447e-a588-b000f41b254b
cache-control: max-age=37036
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:10:03 GMT

GET
H2 200 content-item-copy.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 12 KB
4 KB 73ms
56ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-item-copy.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

8bfbc721b242454c04cd907419888ac023dc4c4f4986bd7b8cfa71194cde0821

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: e47d7784-0622-4871-9c42-d66d2072b0f8
content-length: 3865
last-modified: Tue, 12 Dec 2023 14:31:54 GMT
server: Cleversafe
etag: "c1e12d04c638288a9134cb5f6d251ee5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: e47d7784-0622-4871-9c42-d66d2072b0f8
cache-control: max-age=37099
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:11:06 GMT

GET
H2 200 content-item-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 12 KB
4 KB 74ms
58ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-item-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7f71745c11db1688fbefd3d72b7f748568b29fd2ca3ead276cdd08c95310b98c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 49b97bcf-7b2c-40f2-bb1b-a9106e579e6c
content-length: 3869
last-modified: Tue, 12 Dec 2023 14:31:55 GMT
server: Cleversafe
etag: "30c30dbc416790cd7eb21a582e8da147"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 49b97bcf-7b2c-40f2-bb1b-a9106e579e6c
cache-control: max-age=37087
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:10:54 GMT

GET
H2 200 content-item-paragraph.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 11 KB
4 KB 81ms
64ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-item-paragraph.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

426088c52a92325403e37c7799edcd262e67191849c6d4b564d82467c77097cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 4f343d4b-e49c-4056-b906-fd058fe8f6d5
content-length: 3592
last-modified: Tue, 12 Dec 2023 14:31:55 GMT
server: Cleversafe
etag: "c614994e77ad8dc3d58ce9e8c29b9b9a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 4f343d4b-e49c-4056-b906-fd058fe8f6d5
cache-control: max-age=37007
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:09:34 GMT

GET
H2 200 content-block-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 12 KB
4 KB 110ms
93ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-block-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

6eb1725148073b0d97917b373c481dd25c2d4c07fdf00f1377a2591cddde3b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 777ba1ae-ffaa-4d42-936a-c17cea3d1508
content-length: 3948
last-modified: Tue, 12 Dec 2023 14:31:53 GMT
server: Cleversafe
etag: "13cb349fec6b31dd9e11c8eb8158581d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 777ba1ae-ffaa-4d42-936a-c17cea3d1508
cache-control: max-age=38098
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:27:45 GMT

GET
H2 200 content-block-copy.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 12 KB
4 KB 83ms
67ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-block-copy.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a5bb5196d568ccc436e40919b0daaefdbbec711bfcfdbf3a82930bbb58a7bd20

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 2203c0ba-9842-4cac-95d8-cc18bdafacf9
content-length: 3926
last-modified: Tue, 12 Dec 2023 14:31:53 GMT
server: Cleversafe
etag: "59c86a8e58415a41a98df633f75e6f24"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 2203c0ba-9842-4cac-95d8-cc18bdafacf9
cache-control: max-age=30516
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 15:21:23 GMT

GET
H2 200 defs3.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
1 KB 80ms
65ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/defs3.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

f8f2ea1401819fe906dc24d499bec9d073c2f3757be8f5e3944432001b9556f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 477d53bd-e328-49e1-9598-69918366f0f7
content-length: 1188
last-modified: Tue, 12 Dec 2023 14:31:56 GMT
server: Cleversafe
etag: "d22f03d2654f63d18357561749b54036"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 477d53bd-e328-49e1-9598-69918366f0f7
cache-control: max-age=37884
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:24:11 GMT

GET
H2 200 content-block.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 14 KB
5 KB 80ms
65ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-block.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

212c50e5e49761927400c63fd6afa36d34cccfa0ed307d8d01a54bc1b1cf1af2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 6177695e-21b2-4d65-87a3-2be84b00d9a2
content-length: 4448
last-modified: Tue, 12 Dec 2023 14:31:54 GMT
server: Cleversafe
etag: "11b02631fee090ac99d6e9b11089e198"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 6177695e-21b2-4d65-87a3-2be84b00d9a2
cache-control: max-age=37792
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:22:39 GMT

GET
H2 200 content-block2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 324 KB
32 KB 97ms
82ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-block2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

5c18e13e16f8f31e2072cb42c3b9b351ae354b14348385be05e59dc767be32a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 27f338e0-39ca-4059-a7f2-4214a518a69c
content-length: 32615
last-modified: Tue, 12 Dec 2023 14:31:54 GMT
server: Cleversafe
etag: "0d3c2e854ea93c25f4ecb3af8ca5b538"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 27f338e0-39ca-4059-a7f2-4214a518a69c
cache-control: max-age=37883
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:24:10 GMT

GET
H2 200 parent-visibility.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
2 KB 80ms
65ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/parent-visibility.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

84470416d4c27fdaf829fb73d080038f38c4162b4fcf13453198af1080346520

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 177152fd-60b1-413e-8277-fdf5f3679ebb
content-length: 1278
last-modified: Tue, 12 Dec 2023 14:32:06 GMT
server: Cleversafe
etag: "a1709d5da5e9f41eb2044794bba5a45d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 177152fd-60b1-413e-8277-fdf5f3679ebb
cache-control: max-age=42712
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 18:44:39 GMT

GET
H2 200 tab.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 450 KB
38 KB 81ms
66ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/tab.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

dd5588c8432d8f1630319a4d3a12d7f77adcf1e01e315a649275dca5e5921198

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 329fd067-7fda-4fea-8a60-198da61f585c
content-length: 38831
last-modified: Tue, 12 Dec 2023 14:32:17 GMT
server: Cleversafe
etag: "fc95b1b41aeb9ac08b2bd6c559aadd5a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 329fd067-7fda-4fea-8a60-198da61f585c
cache-control: max-age=37939
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:25:06 GMT

GET
H2 200 media-query.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 5 KB
2 KB 81ms
67ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/media-query.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

bdd999dce9f8de3da1944d2ceb87bb7dfdd13cce89ccda787500b796a5251740

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: c5a1443c-526d-4444-8b0e-4f55d74f4b60
content-length: 1776
last-modified: Tue, 12 Dec 2023 14:32:03 GMT
server: Cleversafe
etag: "509f3d0a1cf1d750407affa563bd6190"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: c5a1443c-526d-4444-8b0e-4f55d74f4b60
cache-control: max-age=37430
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:16:37 GMT

GET
H2 200 content-item2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 133 KB
15 KB 108ms
94ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-item2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

15f0de6f72f96c642c24a05c883f7e6bec2c8ab4f9c165ebe7fb2e447cca3f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 624c02e2-3430-42c4-8adb-0682b97b2775
content-length: 14609
last-modified: Tue, 12 Dec 2023 14:31:55 GMT
server: Cleversafe
etag: "496be66775ff27f745804c23bec48fc8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 624c02e2-3430-42c4-8adb-0682b97b2775
cache-control: max-age=37028
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:09:55 GMT

GET
H2 200 markdown.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 24 KB
7 KB 91ms
77ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/markdown.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

1e02759d55df0cf6bfc3fae3f962a47c635693835441d8a83254d3a7600ddcbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 0b08f8b3-44b8-42f1-9fe8-d649cdaa00cb
content-length: 6827
last-modified: Tue, 12 Dec 2023 14:32:02 GMT
server: Cleversafe
etag: "5caca5681a764b111493506891378f99"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 0b08f8b3-44b8-42f1-9fe8-d649cdaa00cb
cache-control: max-age=38023
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:26:30 GMT

GET
H2 200 unsafe-html.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
2 KB 92ms
78ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/unsafe-html.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

48d3bcb4f8e3b1e50266dfe8bbf41815b4043c450d0042bbf5c057a0ba34512e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: cd43d448-29aa-4033-b008-46f46b03767e
content-length: 1230
last-modified: Tue, 12 Dec 2023 14:32:18 GMT
server: Cleversafe
etag: "3f9221a64dba8c0d199c9cb69d09b884"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: cd43d448-29aa-4033-b008-46f46b03767e
cache-control: max-age=36708
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:04:35 GMT

GET
H2 200 get.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
1 KB 88ms
74ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/get.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7ecbc1d3b6c0d537ea94cf1485a9a9ef2734fbc48fa977d911bc5ac499cda2fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 859e810d-5dd3-44ca-800e-ef67d4baf98e
content-length: 1214
last-modified: Tue, 12 Dec 2023 14:31:57 GMT
server: Cleversafe
etag: "c180ec8ad2db08c46cc6adee44ba8c4d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 859e810d-5dd3-44ca-800e-ef67d4baf98e
cache-control: max-age=37562
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:18:49 GMT

GET
H2 200 stripHTML.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 3 KB
1 KB 88ms
75ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/stripHTML.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7f09f7ed9350c681587c37e087601818e96a09bfccda3cf5f86daae2d9bab1a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f804c99e-1274-481e-a469-f87f07970247
content-length: 1087
last-modified: Tue, 12 Dec 2023 14:32:17 GMT
server: Cleversafe
etag: "764109a1a292a94add0bf80e8ef8593d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f804c99e-1274-481e-a469-f87f07970247
cache-control: max-age=38083
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:27:30 GMT

GET
H2 200 content-block-paragraph.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 11 KB
4 KB 88ms
75ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-block-paragraph.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

bd3c06907c8bae0fbe82d227181eb6aeb1f1e8c38b693e6bf403de980c2f2a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 8da53f73-4573-4bae-be7d-8e05ebe04f56
content-length: 3606
last-modified: Tue, 12 Dec 2023 14:31:53 GMT
server: Cleversafe
etag: "1ae717c4c8f4a5fbc229ef707ce4e0f8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 8da53f73-4573-4bae-be7d-8e05ebe04f56
cache-control: max-age=37887
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:24:14 GMT

GET
H2 200 button-group.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 13 KB
4 KB 88ms
75ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/button-group.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

466d120fa656f164b036e1f9de2cdd29faa8e43b37d847d1e7e675a2f2846343

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b5ad8a19-f4eb-4084-90b6-3086af3a1980
content-length: 4015
last-modified: Mon, 11 Dec 2023 21:21:50 GMT
server: Cleversafe
etag: "bd4c02e1b696c7e9d2dbbbddd5ec86c3"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b5ad8a19-f4eb-4084-90b6-3086af3a1980
cache-control: max-age=38233
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:30:00 GMT

GET
H2 200 button-group-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 116 KB
16 KB 89ms
76ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/button-group-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

35524a2b84d2688f84a3a9b19b3af5a56773d1e9c2f8d469cf4625e5c833a6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 5bcbb0dc-93da-4e2f-856d-98feae727513
content-length: 16172
last-modified: Mon, 11 Dec 2023 21:21:50 GMT
server: Cleversafe
etag: "c7baa7186d0f2d037369f1c6fb5eb886"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 5bcbb0dc-93da-4e2f-856d-98feae727513
cache-control: max-age=36894
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:07:41 GMT

GET
H2 200 button-cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 13 KB
4 KB 89ms
77ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/button-cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

46dc3b84e343393bc25e512a3466a68f2035647c1515ab3ce3b17e7beb52dc82

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 87e7b95f-ec4c-4d3f-a119-6747248c7faa
content-length: 4029
last-modified: Mon, 11 Dec 2023 21:21:49 GMT
server: Cleversafe
etag: "5364122c7f4ecb5354f58ed3cb21941c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 87e7b95f-ec4c-4d3f-a119-6747248c7faa
cache-control: max-age=36972
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:08:59 GMT

GET
H2 200 text-cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 13 KB
4 KB 95ms
82ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/text-cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

33d4cab117cef7685e20a4546688c0a5df5fb974fb596f26c1d276f84156e0aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 8481641c-a057-45b9-ad07-f8c60647fe32
content-length: 4233
last-modified: Mon, 11 Dec 2023 21:22:18 GMT
server: Cleversafe
etag: "01117154b1c367a241cd80e08c08b708"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 8481641c-a057-45b9-ad07-f8c60647fe32
cache-control: max-age=36922
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:08:09 GMT

GET
H2 200 cta-block-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 239 KB
28 KB 93ms
81ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-block-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

fed64fa7478ee94e0ed2e324e1b260be161b9f91b8ccf80c05724f88cac96109

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 00fafa53-b09a-4f94-9461-d4a5c987a00a
content-length: 28329
last-modified: Mon, 11 Dec 2023 21:21:55 GMT
server: Cleversafe
etag: "1b31588dcfe692e39e3ac6d4bbc098d8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 00fafa53-b09a-4f94-9461-d4a5c987a00a
cache-control: max-age=36985
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:09:12 GMT

GET
H2 200 content-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 13 KB
4 KB 97ms
85ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

9b7941b794961b6e08a51f63b7c7b2878740b5b6da37673a4e95618e13b0c495

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 0ebd4269-431f-4f8f-b93b-aa6ff929e20c
content-length: 4117
last-modified: Mon, 11 Dec 2023 21:21:55 GMT
server: Cleversafe
etag: "81d14ac475c42ac6776c14cef916be84"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 0ebd4269-431f-4f8f-b93b-aa6ff929e20c
cache-control: max-age=37018
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:09:45 GMT

GET
H2 200 content-item-copy.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 12 KB
4 KB 98ms
86ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-item-copy.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

9bba7bc380932c1423013444386143a21a3ec797e78f68c2bdf81350d4e79eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f31d1007-cc16-406b-803b-3649ff134ab6
content-length: 3848
last-modified: Mon, 11 Dec 2023 21:21:55 GMT
server: Cleversafe
etag: "c8a11b7fba5b58fd85e4d680a76bee03"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f31d1007-cc16-406b-803b-3649ff134ab6
cache-control: max-age=36858
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:07:05 GMT

GET
H2 200 content-item-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 12 KB
4 KB 97ms
86ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-item-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

ad16e16f52ee83e37132ca80f7f8b1f50286407656eab81fe73e45c1cbd164ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 87a45df3-ec0a-4589-9c56-8d22da424759
content-length: 3807
last-modified: Mon, 11 Dec 2023 21:21:55 GMT
server: Cleversafe
etag: "b6ef4955824738752bb4f0fd48726ffd"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 87a45df3-ec0a-4589-9c56-8d22da424759
cache-control: max-age=36904
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:07:51 GMT

GET
H2 200 content-block-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 12 KB
4 KB 98ms
87ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-block-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d2838a560ed590e2d2b0dfe28b0dfe664bf5ba55a675c6bd4195d77521b9a576

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 67539f1c-c6ca-4e2c-9019-6b040fe0f770
content-length: 3873
last-modified: Mon, 11 Dec 2023 21:21:53 GMT
server: Cleversafe
etag: "16b65cdc6fff0ebea33b09b219b7d776"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 67539f1c-c6ca-4e2c-9019-6b040fe0f770
cache-control: max-age=37009
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:09:36 GMT

GET
H2 200 content-block-copy.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 12 KB
4 KB 100ms
89ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-block-copy.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

1039b43b5737d01337792f0fbaca68989e7a4f14c8d29bf5e778a7d2c2a3182f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: c4169f06-8a4b-477c-841a-640ab66ee6ba
content-length: 3907
last-modified: Mon, 11 Dec 2023 21:21:53 GMT
server: Cleversafe
etag: "38468cf1744944d7e9a62d1992955a27"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: c4169f06-8a4b-477c-841a-640ab66ee6ba
cache-control: max-age=43905
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 19:04:32 GMT

GET
H2 200 content-block.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 15 KB
5 KB 101ms
90ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-block.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

0a3567cea782cf988632d67e366719a558655271771c40df1fdbb9a07c241157

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 40334636-4ae3-4cef-bd15-22f3c60ef774
content-length: 4395
last-modified: Mon, 11 Dec 2023 21:21:54 GMT
server: Cleversafe
etag: "66c8e62ecf7913daf5e8adc2e0b454d1"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 40334636-4ae3-4cef-bd15-22f3c60ef774
cache-control: max-age=37048
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:10:15 GMT

GET
H2 200 content-block2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 318 KB
33 KB 99ms
89ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-block2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a7c866af237441e1f47b0cf45fe22fce9f25d35671b0b0cf87a30157024394e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 1cd56011-1d35-4f9e-9700-ff646de1c9ac
content-length: 33254
last-modified: Mon, 11 Dec 2023 21:21:54 GMT
server: Cleversafe
etag: "4e1397fa3ee2e7e70aa091b69b2c3eea"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 1cd56011-1d35-4f9e-9700-ff646de1c9ac
cache-control: max-age=36927
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:08:14 GMT

GET
H2 200 parent-visibility.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
1 KB 105ms
94ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/parent-visibility.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

5cbf8fd3a1f019a086ebe036f6083d8762a9e1a6520702022ebb7e4dd07d22e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 24bb5fab-0edf-4344-8e2c-402444631960
content-length: 1209
last-modified: Mon, 11 Dec 2023 21:22:05 GMT
server: Cleversafe
etag: "41d7ba6e7ad2653b43eea7b305f3d7c8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 24bb5fab-0edf-4344-8e2c-402444631960
cache-control: max-age=36904
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:07:51 GMT

GET
H2 200 tab2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 11 KB
4 KB 105ms
95ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/tab2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

3bd1a494bf2c8c0506d01ba94fcfeb5c58e5b19a7555b29174355ed35a5b0955

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ce6d33a0-4d2f-419e-9425-12d0d24afa71
content-length: 3485
last-modified: Mon, 11 Dec 2023 21:22:17 GMT
server: Cleversafe
etag: "b3765e2f3098225909c7d630d8f96ebe"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ce6d33a0-4d2f-419e-9425-12d0d24afa71
cache-control: max-age=36904
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:07:51 GMT

GET
H2 200 tabs-extended.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 85 KB
10 KB 103ms
93ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/tabs-extended.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

e1c34f7ead90dea4877914b63dff670d5c62fd5837232d3a37896687af68ae9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 08e3a478-1d50-48ff-8076-6af7159b4568
content-length: 9774
last-modified: Mon, 11 Dec 2023 21:22:18 GMT
server: Cleversafe
etag: "404db4c9a1213d7b4439f87861db8125"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 08e3a478-1d50-48ff-8076-6af7159b4568
cache-control: max-age=38265
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:30:32 GMT

GET
H2 200 tab.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 7 KB
2 KB 103ms
93ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/tab.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a84d21bb9220d654c977c2329c6cdd8918a2be930816587babe6d7d302d03ef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: c3967ef3-1f0d-4edd-be1b-247920239ded
content-length: 2241
last-modified: Mon, 11 Dec 2023 21:22:17 GMT
server: Cleversafe
etag: "b088dca44ac9ce47c47fef322d56f229"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: c3967ef3-1f0d-4edd-be1b-247920239ded
cache-control: max-age=36904
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:07:51 GMT

GET
H2 200 get.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
1 KB 107ms
97ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/get.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a05993da80658bd5e341c5db65d4817f22db3f64722e336708fc188e8a16cf41

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: de4cfdd3-a35d-47ab-be36-4e6ea708f7f1
content-length: 1145
last-modified: Mon, 11 Dec 2023 21:21:57 GMT
server: Cleversafe
etag: "f998188fc3a16ce3ae882d03cd80bbc7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: de4cfdd3-a35d-47ab-be36-4e6ea708f7f1
cache-control: max-age=36904
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:07:51 GMT

GET
H2 200 tabs.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 135 KB
18 KB 107ms
98ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/tabs.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

cd182d7ea1f4904b9b9b092a9fe2ef0a3413656e9222ccd319632861784ffdb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 6ff28300-3449-494e-a152-3e0cb05bc8ce
content-length: 18461
last-modified: Mon, 11 Dec 2023 21:22:18 GMT
server: Cleversafe
etag: "2543a19c173f2ece660037bce3f8c39a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 6ff28300-3449-494e-a152-3e0cb05bc8ce
cache-control: max-age=36904
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:07:51 GMT

GET
H2 200 collection-helpers2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
1 KB 107ms
98ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/collection-helpers2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

de1324cf9615178ed5fd102bd4f7b793d0a27dfc5058470e896961be6adb1eca

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 92798747-8db8-4b29-9b7d-d62277f87170
content-length: 996
last-modified: Mon, 11 Dec 2023 21:21:53 GMT
server: Cleversafe
etag: "b2d6c2eb16ca3b593b9ac6a37f43f29d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 92798747-8db8-4b29-9b7d-d62277f87170
cache-control: max-age=36942
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:08:29 GMT

GET
H2 200 162.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
1 KB 108ms
99ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/162.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

f9cedf3e356ef50849d37fa9e132a137f91584334ee823fa61d2c881784c6d5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 5d012751-56df-499c-b5ad-bf69a568610c
content-length: 1167
last-modified: Mon, 11 Dec 2023 21:21:46 GMT
server: Cleversafe
etag: "105813b947576fadba5a6c0c572d68b4"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 5d012751-56df-499c-b5ad-bf69a568610c
cache-control: max-age=37005
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:09:32 GMT

GET
H2 200 content-item2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 124 KB
15 KB 108ms
100ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-item2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

e23fd7d9aaeb533a5fa226c21fd0cb510959b31351b638633eb3f6cd91287920

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 9792be4f-c9e6-4231-b69b-a86471a3e640
content-length: 15271
last-modified: Mon, 11 Dec 2023 21:21:55 GMT
server: Cleversafe
etag: "2f2cf514b5c6ec3e005152f5b04376f8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 9792be4f-c9e6-4231-b69b-a86471a3e640
cache-control: max-age=36812
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:06:19 GMT

GET
H2 200 markdown.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 20 KB
6 KB 110ms
101ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/markdown.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7f4c138819c28d666fe76c9649f73fc15234b3e0c012d1568a56471576981e01

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 5b0a9061-8ecf-49ad-a64b-71c543e4afb2
content-length: 5858
last-modified: Mon, 11 Dec 2023 21:22:02 GMT
server: Cleversafe
etag: "28fd12f7df4b4f4548ee055f96bea489"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 5b0a9061-8ecf-49ad-a64b-71c543e4afb2
cache-control: max-age=37045
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:10:12 GMT

GET
H2 200 unsafe-html.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
2 KB 114ms
106ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/unsafe-html.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

fe526d60c0f5076fbbc412b20ac31027669f546b9c8f974ae8cc0a051698877d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: bace909d-68e1-46d9-9c16-07584d08bf85
content-length: 1235
last-modified: Mon, 11 Dec 2023 21:22:18 GMT
server: Cleversafe
etag: "0ce575b2dcd1b570706fb9d493c4c00e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: bace909d-68e1-46d9-9c16-07584d08bf85
cache-control: max-age=37007
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:09:34 GMT

GET
H2 200 content-item-paragraph.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 11 KB
4 KB 112ms
104ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-item-paragraph.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

b9b7d6f4795baa46e5b6c84f52913aac15361608a2891ed985ffce99bf3f0486

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 701df5c8-e3f9-4163-a5ca-ec36e73322af
content-length: 3525
last-modified: Mon, 11 Dec 2023 21:21:55 GMT
server: Cleversafe
etag: "fbd85424074c20a83fac3f6df36544a7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 701df5c8-e3f9-4163-a5ca-ec36e73322af
cache-control: max-age=36927
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:08:14 GMT

GET
H2 200 stripHTML.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 3 KB
1 KB 113ms
105ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/stripHTML.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c1ff2dbeb7ec307f4c0c212bbddd5c0ebaab97ca20e3b47b41b3addf7bf75e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 1518d8fd-11f0-4ce7-b4d8-ebb2784b45fb
content-length: 1019
last-modified: Mon, 11 Dec 2023 21:22:17 GMT
server: Cleversafe
etag: "2d8857dd30d8fcd25e05b75d132d8521"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 1518d8fd-11f0-4ce7-b4d8-ebb2784b45fb
cache-control: max-age=37075
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:10:42 GMT

GET
H2 200 content-block-paragraph.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 11 KB
4 KB 113ms
106ms Script
text/javascript 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-block-paragraph.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7be74588981e0dae1ec0bb1bd26e6af2e4203b97176be92de475ab5a06bd2c8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: cd73a656-4d63-4022-b181-d6f3c7768c75
content-length: 3535
last-modified: Mon, 11 Dec 2023 21:21:54 GMT
server: Cleversafe
etag: "c9744c0cbdd60cc6f017a13de9ece3c0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: cd73a656-4d63-4022-b181-d6f3c7768c75
cache-control: max-age=37067
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:10:34 GMT

GET
H3 200 ww.js Show response
cdn.ampproject.org/rtv/012406131415000/ 51 KB
14 KB 34ms
27ms Fetch
text/javascript 2607:f8b0:400d:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406131415000/ww.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f7b02e0e4df9b624eb1272efd6bd6d70209798c2a498abd4c41e113498eea70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: text/plain
Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 24 Jul 2024 22:30:28 GMT
age: 375739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14443
x-xss-protection: 0
server: sffe
etag: "db4454252753be3a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 24 Jul 2025 22:30:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 248 KB
88 KB 74ms
30ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QE6TCR03B7

Requested by

Host: analytics.newscred.com
URL: https://analytics.newscred.com/analytics_c7caef17012f48e99285467c1b6d8423.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc3db8fe104a5d0e51cb7248faccd6314c47264a1664ca3f6152dc8ad7b8c233

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89844
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 Jul 2024 06:52:47 GMT

GET
H2 200 p_7245ee1dbf2957a551dd66cb6375d0b768e84c2ed6359cd44cddbc9ca0993669.js Show response
tags.tiqcdn.com/dle/ibm/web/ 3 B
413 B 118ms
25ms Script
application/javascript 2600:9000:2511:d800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/dle/ibm/web/p_7245ee1dbf2957a551dd66cb6375d0b768e84c2ed6359cd44cddbc9ca0993669.js
Requested by: Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ibm-common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: nLbQyMlglyGoXodCndLd0t6DmRceuaJH
date: Mon, 29 Jul 2024 05:37:12 GMT
via: 1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
last-modified: Thu, 02 Mar 2023 22:20:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 4536
x-amz-server-side-encryption: AES256
etag: "b519d08ef66fd54910edbedba6181ec2"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3
x-amz-cf-id: LoeU7g1YHm0ZL3ykjYLm4azp4enz8hddiW_NM6t4JIlXtS3QVvhcRg==

GET
H2 200 wp-emoji-release.min.js Show response
securityintelligence.com/wp-includes/js/ 18 KB
5 KB 69ms
68ms Script
application/x-javascript 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Wed, 10 Apr 2024 18:25:26 GMT
server: cloudflare
etag: "4926-615c2299d7f67-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 8aab30301f1143bc-EWR
content-length: 5062

GET
BLOB 200
OK 4f27fc34-2425-4d15-9b59-3c4d855ec817
https://securityintelligence.com/ 51 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://securityintelligence.com/4f27fc34-2425-4d15-9b59-3c4d855ec817
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2f2573588d39c2620beaf6ba62a24b1ce5ced73eca1ae6722882d8b8b6e558f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 52082
Content-Type: text/javascript

GET
H2 200 SI_primary_rgb-80x80.png
securityintelligence.com/wp-content/uploads/2016/04/ 2 KB
3 KB 65ms
64ms Other
image/webp 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-content/uploads/2016/04/SI_primary_rgb-80x80.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69926b96246d404d0ff12457196703cb2c0dfd63c76f85f5bc7d75594ff9060c

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:58 GMT
server: cloudflare
etag: "9b8-60a2282b877a1"
vary: Accept
content-type: image/webp
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 8aab30309f5243bc-EWR
content-length: 2488

GET
H2 200 favicon.ico
securityintelligence.com/wp-content/themes/sapphire/images/ 15 KB
2 KB 61ms
60ms Other
image/x-icon 2606:4700::6812:19f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22a20d772ae2efb4f5455ff81bd4bbbd04e6649ad28e9f946218ad74a2602f12

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "3aee-60a227f614a20-gzip"
vary: Accept-Encoding
content-type: image/x-icon
accept-ranges: bytes
cf-ray: 8aab30310f9e43bc-EWR
content-length: 2367

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/ibm/web/prod/ 358 KB
94 KB 9ms
9ms Script
application/javascript 2600:9000:2511:d800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Requested by: Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ibm-common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3063e10867bcc635f559cf61172db2a6b50830834730282e0dad947002380e74

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:50:40 GMT
x-amz-version-id: NXuFlNZgUzOArVQ4dj0iszcaukhLzrL7
content-encoding: br
last-modified: Wed, 24 Jul 2024 15:02:50 GMT
server: AmazonS3
via: 1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
etag: W/"8e1b288a7bb573f36c46c7b11f3ec5ee"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 129
cache-control: max-age=300
x-amz-cf-id: 90oKEYEjRfZuxbx-nnsHg6ZlSqfQiGMmlaVn6OcvnPmnad0edAxZrg==

GET
H2 200 bmaid Show response
cloud.ibm.com/analytics/ 48 B
2 KB 112ms
54ms XHR
application/json 23.207.151.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.ibm.com/analytics/bmaid

Requested by

Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ibm-common.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.151.54 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-151-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

406ee1752bbc28f64fef12400f9331d0af9187890e264de9730a8a2c7e3d6296

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Mon, 29 Jul 2024 06:52:48 GMT
x-content-type-options: nosniff
akamai-grn: 0.a6643017.1722235968.4a89305
x-envoy-upstream-service-time: 8
content-length: 48
x-xss-protection: 1; mode=block
x-request-id: undefined
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
etag: W/"30-mv+WA81e6MTyErAHQ0jJmkRng+A"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://securityintelligence.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 200 utag.28.js Show response
tags.tiqcdn.com/utag/ibm/web/prod/ 2 KB
1 KB 10ms
9ms Script
application/javascript 2600:9000:2511:d800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.28.js?utv=ut4.46.201803300231
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efd9406c9186c67be67a44c5c6d3899e979ad5ef9a63ed56b4535442dae31481

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: RaQpeFQf51opaE54Q6aKYyGNUCaaLtI8
content-encoding: br
via: 1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
date: Mon, 29 Jul 2024 06:50:02 GMT
last-modified: Wed, 24 Jul 2024 15:02:45 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 167
x-amz-server-side-encryption: AES256
etag: W/"b795462d061ffd513f5e2dbc250a5322"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: QnfKn_SGNacIGEFyd4EH2mEdsg3Oaxasi-OfS2LACK2YEYrX9K8VAw==

GET
H2 200 utag.162.js Show response
tags.tiqcdn.com/utag/ibm/web/prod/ 59 KB
13 KB 11ms
9ms Script
application/javascript 2600:9000:2511:d800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.162.js?utv=ut4.46.202312041527
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31a2d2e8de2520af395868ac3f7caa93574e6592b8154af7cb329b601c2486fd

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: LK5cYRH3vq83PAOXa0651QEwiIEpEOiU
content-encoding: br
via: 1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
date: Mon, 29 Jul 2024 06:50:20 GMT
last-modified: Wed, 24 Jul 2024 15:02:49 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 149
x-amz-server-side-encryption: AES256
etag: W/"4c082309f39a93f8a553120471ec6956"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 6fSBtyijQeSJcaqN_VFuGOn71CnisJJIWyS85iqzcSKBaapSOxkXyg==

GET
H2 200 utag.238.js Show response
tags.tiqcdn.com/utag/ibm/web/prod/ 79 KB
15 KB 12ms
11ms Script
application/javascript 2600:9000:2511:d800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.238.js?utv=ut4.46.202405221714
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66daa090251cfc4760f77e92dfc131442d1c37d915f490558f902e9d7e39974c

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: c_FMznZ_Y.6Sb1.hHv6Fn9iohZwrDyLR
content-encoding: br
via: 1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
date: Mon, 29 Jul 2024 06:50:42 GMT
last-modified: Wed, 24 Jul 2024 15:02:45 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 127
x-amz-server-side-encryption: AES256
etag: W/"fc4ee13cc509ddfa045ace16f0a2eff2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: C3XKqgxIVhE3okd4r5W_cEzIhykfHVK_4WHD8KNlgRMQINjcJcnOAQ==

GET
H2 200 utag.184.js Show response
tags.tiqcdn.com/utag/ibm/web/prod/ 16 KB
5 KB 12ms
11ms Script
application/javascript 2600:9000:2511:d800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.184.js?utv=ut4.46.202202020151
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d7220b5a06499886efec7db532e54f9e7462612e65012a7dfcee18422cb7ba6

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: rnnWJxkQkmGSpWZ33OlfLGCGYl4qwzZR
content-encoding: br
via: 1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
date: Mon, 29 Jul 2024 06:48:37 GMT
last-modified: Wed, 24 Jul 2024 15:02:43 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 252
x-amz-server-side-encryption: AES256
etag: W/"09e7db1cba019619da0a7eb536d7d736"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: vRW2AH-Y686RUxH9ELKMx_3ERqsK4AfMa1V7EoVqY4CnroTVAhgeiQ==

GET
H2 200 utag.233.js Show response
tags.tiqcdn.com/utag/ibm/web/prod/ 25 KB
5 KB 12ms
11ms Script
application/javascript 2600:9000:2511:d800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.233.js?utv=ut4.46.202209151740
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dcdadfb1f61149386d4f3f6838e7ec2832790b53624798ee9cedc21a67afcc20

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: RamdWT8Vz8hXLXMhk5LYlvIb4szYzUNL
content-encoding: br
via: 1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
date: Mon, 29 Jul 2024 06:48:37 GMT
last-modified: Wed, 24 Jul 2024 15:02:43 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 252
x-amz-server-side-encryption: AES256
etag: W/"586fcef81886717a7b7473c15b8a2b94"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: nmhP7N-6tuMrf73xUXZCWcw0Py67zMv24CLPetpSwoUoGkj0HHyS0Q==

GET
H2 200 utag.181.js Show response
tags.tiqcdn.com/utag/ibm/web/prod/ 2 KB
1 KB 74ms
73ms Script
application/javascript 2600:9000:2511:d800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.181.js?utv=ut4.46.202010301425
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41661a22fad5e0b7424c51a85b601935e6a4067cb9ecadef2c9f8736c7780e76

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:49 GMT
x-amz-version-id: aSDLBccQzmrh1f3Qf.ajWRdfR57EXtAt
content-encoding: br
last-modified: Wed, 24 Jul 2024 15:02:46 GMT
server: AmazonS3
via: 1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
etag: W/"e7d837c93ffd8ac2ad8f2c0fb9c65071"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 8-AZzlLUGiKJDtpQAdUXmhgnXJ7182IlCAja64gM_g3tLebAyNigxA==

GET
H2 200 utag.222.js Show response
tags.tiqcdn.com/utag/ibm/web/prod/ 4 KB
2 KB 12ms
12ms Script
application/javascript 2600:9000:2511:d800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.222.js?utv=ut4.46.202206270344
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 838ed491a7c249b002c2b9e6f4a6795481a4f61eeccfdff1b5dff8e219276c3d

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 30DrMbRFc8yTlPlqUGvY1hiLtH1PCKzC
content-encoding: br
via: 1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
date: Mon, 29 Jul 2024 06:51:41 GMT
last-modified: Wed, 24 Jul 2024 15:02:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 68
x-amz-server-side-encryption: AES256
etag: W/"d67affbf9fe6c678b58deab95fd5c1fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: JwZuv2UNhbt_9iDe1KgLWzR-Btv5ncZAmjRZl8qUAtGGMMuJUDxQgw==

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
432 B 10ms
10ms Script
application/javascript 2600:9000:2511:d800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=ibm/web/202407241500&cb=1722235968313
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Mon, 29 Jul 2024 06:46:51 GMT
via: 1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
age: 363
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: 8dWN2ugQw2AkZ29JaYk-x1Jb9SjKXWTs_4DpCF-xGJaoyDFi3OHOyw==

GET
H2 200 notice Show response
consent.trustarc.com/ 45 KB
14 KB 161ms
89ms Script
text/javascript 18.238.49.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?c=teconsent&domain=ibm.com&country=US&state=NJ&language=en-US&privacypolicylink=https%3A%2F%2Fwww.ibm.com%2Fprivacy&js=nj&noticeType=bb&text=true&pcookie&cdn=1&gtm=1

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-99.jfk52.r.cloudfront.net

Software

Resource Hash

08e2a2745fc7d71cadd593362de20f1d217ca9b59a9a20979ff0dc33c0dcbd8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
content-encoding: gzip
via: 1.1 38d213e81ab517fd857234c4eccd4632.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK52-P3
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600
x-amz-cf-id: 8De-ncQBQvGLraXlYjlYrebTbu8ynngJX_EbCTkr6_iBtOI3C23UWg==

GET
H2 200 ab057a07.min.js Show response
scripts.demandbase.com/ 88 KB
24 KB 78ms
8ms Script
application/javascript 52.85.61.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.demandbase.com/ab057a07.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-60.ewr53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

480f054aed52db7c62b5c767d207a93671353764e34bd4dff862260b9db7b333

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: .5MHbfR75uBlwbhxlofCubVtChKI9Y.k
content-encoding: gzip
via: 1.1 6a2d00c5c73022efc4bc2786f44b3cdc.cloudfront.net (CloudFront)
date: Mon, 29 Jul 2024 06:21:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: EWR53-P1
age: 1887
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 24 Jul 2024 21:06:41 GMT
server: AmazonS3
etag: W/"e9b3757c43c4c21798ba43ee296b584c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: QJp_qss1xTBycmG5ob-MVozUgAOpTssAEmNfzS3UH5SL4c8arYRucw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
71 KB 29ms
28ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-143580012-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QE6TCR03B7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4c6971d875782d91e741d2109a4ce00401355cc98bec086c8495eeecf2f14e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72240
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Jul 2024 06:52:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
71 KB 54ms
54ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-143580012-1

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e399c99fd1d6ff978542a405c2e4653ce10ca6a35f32787b84833896154b947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72258
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Jul 2024 06:52:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
92 KB 32ms
31ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FYECCCS21D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QE6TCR03B7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

81c7b4260dfb2719bb0a75fb4191597d196c3643637b6daa7ea0ec5065217d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94463
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 Jul 2024 06:52:48 GMT

POST
H2 200 i.gif Show response
collect.tealiumiq.com/ibm/main/2/ 43 B
751 B 86ms
29ms XHR
image/gif 18.209.203.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.tealiumiq.com/ibm/main/2/i.gif
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.184.js?utv=ut4.46.202202020151
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.203.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-203-94.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarywfQE3U2SdDzl5w3Q

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
x-serverid: uconnect_i-07fd1f80b0f3bc43f
x-tid: 0190fd435ada00a60a532918832005065006305d00b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: ibm:main:2:datacloud
x-region: us-east-1
content-length: 43
pragma: no-cache
x-did: 0190fd435ada00a60a532918832005065006305d00b08
vary: Origin
content-type: image/gif
access-control-allow-origin: https://securityintelligence.com
x-ulver: 3eceb7783fbb24d2be508d8dcf9d88586cb3cf30-SNAPSHOT
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-uuid: d9c21ef3-0e71-4b1f-ac2a-74e432a7fb92
expires: Mon, 29 Jul 2024 06:52:48 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 57ms
22ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 29 Jul 2024 06:52:47 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0395070598C4453CB78C5C553613961D Ref B: EWR311000107039 Ref C: 2024-07-29T06:52:48Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 61ms
16ms Script
application/javascript 2600:1408:8c00::172e:9631
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:8c00::172e:9631 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cb31bb53eefec5a74b7e7271abd4e97e0735174d7d0b0dec0f2217462573d1f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 28 Jul 2024 07:35:22 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=80171
accept-ranges: bytes
content-length: 14597

GET
H2 200 px.gif
pixel.newscred.com/ 43 B
427 B 253ms
9ms Image
image/gif 2600:9000:2511:c00:18:1662:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.newscred.com/px.gif?key=YXJ0aWNsZT01MDg3NmY4YzI1YWQxMWVlYmY0ZjFlNjM5ZWZhZjY0Mw==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:c00:18:1662:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 13:51:44 GMT
via: 1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified: Mon, 17 Jun 2024 16:11:00 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 320465
etag: "fb02f374b8f73825415db1bccd4bd76d"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, public, must-revalidate
accept-ranges: bytes
content-length: 43
x-amz-cf-id: xbHptuywTnbtsJEa_zcvS9esHaE8hvwdGGLVzA0m4uXMMOmJrRVLiA==

POST
H2 200 i.gif Show response
collect.tealiumiq.com/ibm/main/2/ 43 B
753 B 64ms
22ms XHR
image/gif 18.209.203.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.tealiumiq.com/ibm/main/2/i.gif
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.184.js?utv=ut4.46.202202020151
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.203.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-203-94.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary0huT3E4o2B07UYx7

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
x-serverid: uconnect_i-07d4f66b6dc35f0e4
x-tid: 0190fd435ada00a60a532918832005065006305d00b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: ibm:main:2:datacloud
x-region: us-east-1
content-length: 43
pragma: no-cache
x-did: 0190fd435ada00a60a532918832005065006305d00b08
vary: Origin
content-type: image/gif
access-control-allow-origin: https://securityintelligence.com
x-ulver: 3eceb7783fbb24d2be508d8dcf9d88586cb3cf30-SNAPSHOT
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-uuid: dfa07b34-74e0-42ae-9bc5-676268faf8f2
expires: Mon, 29 Jul 2024 06:52:48 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 86ms
42ms Fetch
text/plain 2607:f8b0:400d:c07::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-QE6TCR03B7&gtm=45je47o0v9188796028za200&_p=1722235967832&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&gdid=dYmQxMT&cid=1668112559.1722235968&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F&dt=The%20rise%20of%20malicious%20Chrome%20extensions%20targeting%20Latin%20America&sid=1722235968&sct=1&seg=0&dp=%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.ocmp_article_guid=50876f8c25ad11eebf4f1e639efaf643&ep.ocmp_last_article_guid=50876f8c25ad11eebf4f1e639efaf643&up.ocmp_account_id=c7caef17012f48e99285467c1b6d8423&up.ocmp_eloqua_guid=(not%20set)&up.ocmp_marketo_token=(not%20set)&up.ocmp_pardot_visitor_id=(not%20set)&up.ocmp_user_id=3505ab79-37b7-4571-9a08-fc92e89a62c7&tfd=11667
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QE6TCR03B7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c07::66 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jul 2024 06:52:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityintelligence.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 32ms
21ms Script
text/javascript 2607:f8b0:400d:c07::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-143580012-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 29 Jul 2024 06:22:32 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1816
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 29 Jul 2024 08:22:32 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 23ms
20ms Fetch
text/plain 2607:f8b0:400d:c07::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-FYECCCS21D&gtm=45je47o0v9103482433za200zb9188796028&_p=1722235967832&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&gdid=dYmQxMT&cid=1668112559.1722235968&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&dt=The%20rise%20of%20malicious%20Chrome%20extensions%20targeting%20Latin%20America&sid=1722235968&sct=1&seg=0&dl=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F&dp=%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F&tfd=11751
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FYECCCS21D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c07::66 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Jul 2024 06:52:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityintelligence.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0190fd435ada00a60a532918832005065006305d00b08 Show response
visitor-service-us-east-1.tealiumiq.com/ibm/main/ 1 KB
2 KB 66ms
15ms Script
application/javascript 3.232.45.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-us-east-1.tealiumiq.com/ibm/main/0190fd435ada00a60a532918832005065006305d00b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1722235968474

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.45.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-45-199.compute-1.amazonaws.com

Software

Resource Hash

ae22d26d0c1a40242b6cf9f80c35a73144ab9b651b92b8f0c992062d673f7608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-version: dae9644db1054a022b4a820c208e271256b90b0b-SNAPSHOT
date: Mon, 29 Jul 2024 06:52:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-region: us-east-1
content-length: 1470
x-nodeid: i-0be473897079eed33
content-type: application/javascript; charset=utf-8

GET
H2 200 146001191.js Show response
bat.bing.com/p/action/ 2 KB
961 B 23ms
23ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/146001191.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3db2b71a8f0bb0d43e210a87e0efa4060e748b39d634cb2b9bcbd8f4f758637b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 29 Jul 2024 06:52:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F764135D32E64EC0BDB9032A16B33AB5 Ref B: EWR311000107039 Ref C: 2024-07-29T06:52:48Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
763 B 57ms
36ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=9268&time=1722235968482&url=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
content-encoding: gzip
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 0E88C3D7D11A4D4189F1E74BA749C637 Ref B: EWR311000108017 Ref C: 2024-07-29T06:52:48Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lva1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYeXU8fbotcqQSM2ov3MQ==
x-fs-uuid: 00061e5d4f1f6e8b5ca9048cda8bf731

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9268&time=1722235968482&li_adsId=00cac42f-1019-4476-abbe-35db24e12e3a&url=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Frise-of-malicious-chrom...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9268&time=1722235968482&li_adsId=00cac42f-1019-4476-abbe-35db24e12e3a&url=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Frise-of-malicious-chrom...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D9268%26time%3D1722235968482%26li_adsId%3D00cac42f-1019-4476-abbe-35db24e12e3a%26u...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9268&time=1722235968482&li_adsId=00cac42f-1019-4476-abbe-35db24e12e3a&url=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Frise-of-malicious-chrom...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=9268&time=1722235968482&li_adsId=00cac42f-1019-4476-abbe-35db24e12e3a&url=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Frise-of-malicious-chro...

0
488 B

130ms
109ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=9268&time=1722235968482&li_adsId=00cac42f-1019-4476-abbe-35db24e12e3a&url=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F&cookiesTest=true&liSync=true&e_ipv6=AQKPsdPAUUKroQAAAZD9Q13Az8CohuJyhWE3mXJJmmBrLKjuCAGspB5Wa4quFVCkaRkQ3U-S-_MACNkMOQ-D_pYJem07-A
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 124820E730194657BBCA5A04E2EF7C32 Ref B: EWR311000108025 Ref C: 2024-07-29T06:52:49Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYeXU8oJTxwixN8aubcOQ==

Redirect headers

date: Mon, 29 Jul 2024 06:52:48 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: A828A1018D1940EDA24D1EF60B37B3BD Ref B: EWR30EDGE1006 Ref C: 2024-07-29T06:52:48Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=9268&time=1722235968482&li_adsId=00cac42f-1019-4476-abbe-35db24e12e3a&url=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F&cookiesTest=true&liSync=true&e_ipv6=AQKPsdPAUUKroQAAAZD9Q13Az8CohuJyhWE3mXJJmmBrLKjuCAGspB5Wa4quFVCkaRkQ3U-S-_MACNkMOQ-D_pYJem07-A
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYeXU8mFmuqzRgsfG5UJw==

GET
H2 200 sync
s.company-target.com/s/ Frame C251 0
0 120ms
15ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/ab057a07.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Mon, 29 Jul 2024 06:52:48 GMT
via: 1.1 google

GET
H/1.1

200
OK

log
segments.company-target.com/
Redirect Chain

https://id.rlcdn.com/464526.gif
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCMD4nLUGEgUI6AcQAEIASgA
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297uTmxyOA0TaSHZxAY0GabRZqOw0XyiEJmp_-ghOpJM4Y

26 B
348 B

88ms
16ms

Image
image/gif

13.225.63.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297uTmxyOA0TaSHZxAY0GabRZqOw0XyiEJmp_-ghOpJM4Y
Protocol: HTTP/1.1
Server: 13.225.63.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-27.ewr53.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 29 Jul 2024 06:52:48 GMT
Via: 1.1 6cf3377e93378c7e591abeecafea2e6a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR53-C1
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 26
X-Amz-Cf-Id: nhyRAnZOTdVXLrZ8fmkYeSuVKRMSRDcIPkrkgfXM0CGvlXHVfFJkyg==

Redirect headers

date: Mon, 29 Jul 2024 06:52:48 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297uTmxyOA0TaSHZxAY0GabRZqOw0XyiEJmp_-ghOpJM4Y
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 0190fd435ada00a60a532918832005065006305d00b08 Show response
visitor-service-us-east-1.tealiumiq.com/ibm/main/ 1 KB
2 KB 41ms
15ms Script
application/javascript 3.232.45.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-us-east-1.tealiumiq.com/ibm/main/0190fd435ada00a60a532918832005065006305d00b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1722235968499

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.45.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-45-199.compute-1.amazonaws.com

Software

Resource Hash

ae22d26d0c1a40242b6cf9f80c35a73144ab9b651b92b8f0c992062d673f7608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-version: dae9644db1054a022b4a820c208e271256b90b0b-SNAPSHOT
date: Mon, 29 Jul 2024 06:52:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-region: us-east-1
content-length: 1470
x-nodeid: i-04312b1afe635ee24
content-type: application/javascript; charset=utf-8

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 23ms
22ms XHR
text/plain 2607:f8b0:400d:c07::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1427964528&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F&dr=None&dp=%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F&ul=en-us&de=UTF-8&dt=The%20rise%20of%20malicious%20Chrome%20extensions%20targeting%20Latin%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDACUABBAAAACgDo~&jid=1441751644&gjid=1337530782&cid=1668112559.1722235968&tid=UA-143580012-1&_gid=577465613.1722235969&_r=1&gtm=457e47o0za200zb9188796028&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&cd6=implied&cd15=(undefined)&cd19=custom%20DELIVERY%3AWordPress%20AUTHORING%3AHand%20coded&cm54=1&cd1=0&cd2=SECURITYINTELLIGENCE&cd5=6d38fbc5-bdbc-4e8f-8dfa-098fa737eb35&cd12=securityintelligence.com%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america&cd13=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F&cd17=None&cd31=en-US&cd34=url-7245ee1dbf2957a551dd66cb6375d0b768e84c2ed6359cd44cddbc9ca0993669&cd35=1722235960722&cd37=securityintelligence.com%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america&cd39=Intelligence%20%26amp%3B%20Analytics&cd69=prod&did=dYmQxMT&gdid=dYmQxMT&z=577595272

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Jul 2024 06:52:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityintelligence.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
21ms Image
image/gif 2607:f8b0:400d:c07::66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1427964528&t=event&ni=1&_s=2&dl=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F&dr=None&dp=%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F&ul=en-us&de=UTF-8&dt=The%20rise%20of%20malicious%20Chrome%20extensions%20targeting%20Latin%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=USER_PROFILE&ea=USER_PROFILE&ev=0&_u=4CDACUABBAAAACgDoAC~&jid=&gjid=&cid=1668112559.1722235968&tid=UA-143580012-1&_gid=577465613.1722235969&gtm=457e47o0za200zb9188796028&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&cm54=0&cd1=0&cd2=SECURITYINTELLIGENCE&cd5=6d38fbc5-bdbc-4e8f-8dfa-098fa737eb35&cd12=securityintelligence.com%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america&cd13=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F&cd17=None&cd31=en-US&cd34=url-7245ee1dbf2957a551dd66cb6375d0b768e84c2ed6359cd44cddbc9ca0993669&cd35=1722235960722&cd37=securityintelligence.com%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america&cd39=Intelligence%20%26amp%3B%20Analytics&cd69=prod&did=dYmQxMT&gdid=dYmQxMT&cd40=identify&cd41=identify&cd46=39c70187-aa75-4734-9fd2-4a4eaf1d95c1&cd48=1722235968339&cd49=003d2fa5-1720-089c-fe70-2fa5171ffe70&cd60=false&cd68=false&cd3=39c70187-aa75-4734-9fd2-4a4eaf1d95c1&cd16=None&z=1351322139

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jul 2024 01:28:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19465
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ip.json Show response
api.company-target.com/api/v3/ 2 KB
2 KB 70ms
40ms XHR
application/json 13.226.34.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v3/ip.json?referrer=&page=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F&page_title=The%20rise%20of%20malicious%20Chrome%20extensions%20targeting%20Latin%20America
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/ab057a07.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-79.ewr53.r.cloudfront.net
Software: nginx /
Resource Hash: 13ba25f1831989b91c45069b716f046874021f64ddf386b64f8e31c085586a79

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront
request-id: 5f9d742d-b36a-4dab-8c73-adada4abab26
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://securityintelligence.com
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OG29sFeXPqzyc7TpJLx_y3EU3km5LQYZ7gbQ2ZRSu7ach_ZrH8W-UA==
expires: Sun, 28 Jul 2024 06:52:48 GMT

GET
H2 200 get
consent.trustarc.com/ Frame 498F 0
0 22ms
7ms Document
text/html 18.238.49.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=crossdomain.html&domain=ibm.com

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?c=teconsent&domain=ibm.com&country=US&state=NJ&language=en-US&privacypolicylink=https%3A%2F%2Fwww.ibm.com%2Fprivacy&js=nj&noticeType=bb&text=true&pcookie&cdn=1&gtm=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-62.jfk52.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 274
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html
date: Mon, 29 Jul 2024 06:48:14 GMT
pragma: public
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 9b2aa79b9573beef202ad020dc96008a.cloudfront.net (CloudFront)
x-amz-cf-id: ZysiC5Tlr1HJQxjTfgQ1i-3pwWLjQtxeRAzBEp5PQ_CWExEFRUf8hA==
x-amz-cf-pop: JFK52-P3
x-cache: Hit from cloudfront

GET
H2 200 v1.7-38 Show response
consent.trustarc.com/asset/notice.js/v/ 93 KB
27 KB 26ms
10ms Script
text/javascript 18.238.49.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-38

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-99.jfk52.r.cloudfront.net

Software

Resource Hash

8a320b10403db3f8cd73d4d42f11364bcd295c03df576c37adac8738fd902068

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: public
date: Mon, 29 Jul 2024 06:00:04 GMT
content-encoding: gzip
via: 1.1 d2b8f634cf8ac5ec77dee366297223bc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 29 Jul 2024 02:42:10 GMT
x-amz-cf-pop: JFK52-P3
age: 3165
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
x-amz-cf-id: TA2J1rlqP3cR51QxN0PL6f5nIGelK4JEX245oH9wwiZ6d0vL6qF7gA==

GET
H2 200 log
consent.trustarc.com/ 43 B
1 KB 88ms
87ms Image
image/gif 18.238.49.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=ibm.com&country=us&state=&behavior=implied&session=89df15fb-de0d-4fe8-8486-5d2e6d593b3d&userType=NEW&c=0fbe&referer=https://securityintelligence.com&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-99.jfk52.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; frame-ancestors https://.trustarc.com https://.prod.internal.trustarc.com https://.trustarc.eu https://.prod.internal.trustarc.eu https://.staging.internal.trustarc.com https://.trustarc-svc.net https://.truste-svc.net https://.qa.truste-svc.net https://.dev.truste-svc.net http://localhost: https://.nymity.com https://.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
content-security-policy: object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 38d213e81ab517fd857234c4eccd4632.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: JFK52-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cross-origin-opener-policy: cross-origin
expect-ct: enforce, max-age=60
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id: pdDHT5xY9s4hEa9l2w2vb3QEGMJz588w4YLl55ju57E5ye4HWQBUUQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 146001191 Show response
bat.bing.com/p/insights/t/ 712 B
885 B 27ms
26ms Script
application/x-javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/t/146001191

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/action/146001191.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aa5ce85c40190b4654cb0804d728deb08f6165e622726081b62b6661e7a154ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 29 Jul 2024 06:52:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 20DCAE09E06B40B092EDCF9500A23471 Ref B: EWR311000107039 Ref C: 2024-07-29T06:52:48Z
vary: Accept-Encoding
x-azure-ref: 20240729T065248Z-17f987cfdd7bpvrzf3zq99tbyc0000000540000000017ecm
content-type: application/x-javascript
x-cache: CONFIG_NOCACHE
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 603
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 204 0
bat.bing.com/action/ 0
362 B 22ms
22ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=146001191&Ver=2&mid=a825f583-64e3-425a-8bbd-333edf6c01bf&sid=2abc9ed04d7711efb38219caf92e0401&vid=2abcafa04d7711ef9862e77206aee3d6&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20rise%20of%20malicious%20Chrome%20extensions%20targeting%20Latin%20America&p=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F&r=&lt=11383&evt=pageLoad&sv=1&cdb=AQwT&rn=705914

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 29 Jul 2024 06:52:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A3095F1E2541480D9FF0A77F77A07C84 Ref B: EWR311000107039 Ref C: 2024-07-29T06:52:48Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0.7.41 Show response
bat.bing.com/p/insights/s/ 35 KB
15 KB 31ms
31ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/s/0.7.41

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/146001191

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8446f25870745be7ba067eb67f0a7ba7387230ef4e0673155c137f64eff3483e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 29 Jul 2024 06:52:47 GMT
x-cache: CONFIG_NOCACHE
x-fd-int-roxy-purgeid: 51562430
content-length: 15147
last-modified: Fri, 26 Jul 2024 23:49:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 063ACF77B5604A9F8B32E7A4F998F6A2 Ref B: EWR311000107039 Ref C: 2024-07-29T06:52:48Z
etag: W/"0x8DCADCD8D70FC73"
vary: Accept-Encoding
x-azure-ref: 20240729T065248Z-17f987cfdd7gbhc7mrpwsbunq8000000095000000000h2ag
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 4007d033-801e-0015-7d36-e03968000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28

GET
H2 200 sans-hebrew.css
1.www.s81c.com/common/carbon/plex/ 3 KB
658 B 15ms
14ms Stylesheet
text/css 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon/plex/sans-hebrew.css?family=IBM+Plex+Sans+Hebrew:wght@400;600&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

0cbf79af6d2132bca6eed80db08f55f84a564924f6946552221baa73baedd306

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 6cad330d-a46b-45e7-b133-3651288371f1
content-length: 348
last-modified: Fri, 17 May 2024 17:55:37 GMT
server: Cleversafe
etag: "0e3e8a821d64aa8bf9053545e9dc57e1"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-clv-request-id: 6cad330d-a46b-45e7-b133-3651288371f1
cache-control: max-age=37581
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:19:09 GMT

GET
H2 200 sans-arabic.css
1.www.s81c.com/common/carbon/plex/ 3 KB
659 B 16ms
15ms Stylesheet
text/css 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon/plex/sans-arabic.css?family=IBM+Plex+Sans+Arabic:wght@400;600&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

4cca4309ca87d494514c4ba3e5b75cd593306b2891891480f871970e3ad242d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 363411e3-4e98-4304-9dc1-c7fa503b7ec4
content-length: 348
last-modified: Fri, 17 May 2024 17:55:36 GMT
server: Cleversafe
etag: "42836eb9a71af2bbed2595f473d35be6"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-clv-request-id: 363411e3-4e98-4304-9dc1-c7fa503b7ec4
cache-control: max-age=37648
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:20:16 GMT

GET
H2 200 sans-jp.css
1.www.s81c.com/common/carbon/plex/ 675 KB
159 KB 17ms
17ms Stylesheet
text/css 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon/plex/sans-jp.css?family=IBM+Plex+Sans+JP:wght@400;600&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

46d5afa9b13dbd0bb7f5cb4a06880cb662782cfdd740e2f1db2c7fc92b8cc9a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 55cff794-6918-4fde-a6bc-8297dac1d9d5
content-length: 162198
last-modified: Fri, 17 May 2024 17:55:37 GMT
server: Cleversafe
etag: "03e30c28baffaa730907544eabaed604"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-clv-request-id: 55cff794-6918-4fde-a6bc-8297dac1d9d5
cache-control: max-age=37587
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 17:19:15 GMT

GET
H2 200 sans-kr.css
1.www.s81c.com/common/carbon/plex/ 404 KB
87 KB 16ms
15ms Stylesheet
text/css 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon/plex/sans-kr.css?family=IBM+Plex+Sans+KR:wght@400;600&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

43400012faefe705b9fe8f49a088c3037476e6de6f139e4ef7a54ffd1598776e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 8d1575aa-cf45-4b00-acc7-2eed68401b04
content-length: 88360
last-modified: Fri, 17 May 2024 17:55:38 GMT
server: Cleversafe
etag: "68e3eb466c17d539299d469b0f23235f"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-clv-request-id: 8d1575aa-cf45-4b00-acc7-2eed68401b04
cache-control: max-age=28110
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Mon, 29 Jul 2024 14:41:18 GMT

GET
H2 200 ibmplexsans-semibold.woff2
1.www.s81c.com/common/fonts/plex/v1/ 37 KB
37 KB 14ms
13ms Font
font/woff2 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/fonts/plex/v1/ibmplexsans-semibold.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

3df4c72b33d93f627a79f3ec0e4744d88f9478a3513a41ae0a2386abac4ef831

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://securityintelligence.com/
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
strict-transport-security: max-age=2592000
last-modified: Mon, 19 Jun 2017 20:17:05 GMT
server: AkamaiNetStorage
content-md5: z5UWknac7Z0FWhN2mXfHFw==
etag: "cf951692769ced9d055a13769977c717:1672864811.754472"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=242951
accept-ranges: bytes
content-length: 37416
expires: Thu, 01 Aug 2024 02:21:59 GMT

GET
H2 200 ibmplexsans-regular.woff2
1.www.s81c.com/common/fonts/plex/v1/ 34 KB
35 KB 15ms
15ms Font
font/woff2 104.86.85.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/fonts/plex/v1/ibmplexsans-regular.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.86.85.84 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-86-85-84.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

de80b2b0c32b938ed432b49c0f3dc09f8c6152fc6b090ac49294b891ad8933bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://securityintelligence.com/
Origin: https://securityintelligence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
strict-transport-security: max-age=2592000
last-modified: Mon, 19 Jun 2017 20:17:05 GMT
server: AkamaiNetStorage
content-md5: eSYTpp4e/tmcui3POb3b1A==
etag: "792613a69e1efed99cba2dcf39bddbd4:1672864811.711241"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=365056
accept-ranges: bytes
content-length: 35276
expires: Fri, 02 Aug 2024 12:17:04 GMT

GET
H2 200 get
consent.trustarc.com/ 679 B
998 B 8ms
8ms Image
image/svg+xml 18.238.49.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/get?name=ibm_close_icon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-99.jfk52.r.cloudfront.net

Software

Resource Hash

96509ae3806587a5029b14cfa9a0a4ebf0dddaf201bf34516f92edb593f20261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: public
date: Mon, 29 Jul 2024 06:06:07 GMT
via: 1.1 38d213e81ab517fd857234c4eccd4632.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK52-P3
age: 2801
vary: Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
content-length: 679
x-amz-cf-id: UYl79mmgugzFZ2NwNyJYupyGGaNY4nfqvnl_7SJZ-Yqj9FaTBuqLfQ==

GET
H2 200 bannermsg
consent.trustarc.com/ 43 B
1 KB 87ms
86ms Image
image/gif 18.238.49.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/bannermsg?action=views&domain=ibm.com&behavior=implied&country=us&language=en&rand=0.1294810100133328&session=89df15fb-de0d-4fe8-8486-5d2e6d593b3d&userType=NEW&referer=https://securityintelligence.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-99.jfk52.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; frame-ancestors https://.trustarc.com https://.prod.internal.trustarc.com https://.trustarc.eu https://.prod.internal.trustarc.eu https://.staging.internal.trustarc.com https://.trustarc-svc.net https://.truste-svc.net https://.qa.truste-svc.net https://.dev.truste-svc.net http://localhost: https://.nymity.com https://.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
content-security-policy: object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 38d213e81ab517fd857234c4eccd4632.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: JFK52-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cross-origin-opener-policy: cross-origin
expect-ct: enforce, max-age=60
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id: 6zuhLgI4k5POMqJhXdPHEuGeVsg1kwGUoYa2e8A5RqC10_OfFYyrYA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 i.gif Show response
collect.tealiumiq.com/ibm/main/2/ 43 B
752 B 20ms
16ms XHR
image/gif 18.209.203.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.tealiumiq.com/ibm/main/2/i.gif
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.184.js?utv=ut4.46.202202020151
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.203.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-203-94.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryLHE1HSANoHeKIgf6

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
x-serverid: uconnect_i-05a76f6ef94537ae7
x-tid: 0190fd435ada00a60a532918832005065006305d00b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: ibm:main:2:datacloud
x-region: us-east-1
content-length: 43
pragma: no-cache
x-did: 0190fd435ada00a60a532918832005065006305d00b08
vary: Origin
content-type: image/gif
access-control-allow-origin: https://securityintelligence.com
x-ulver: 3eceb7783fbb24d2be508d8dcf9d88586cb3cf30-SNAPSHOT
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-uuid: b69a3b93-c2ed-46ed-af3e-af288acddbad
expires: Mon, 29 Jul 2024 06:52:48 GMT

POST
H2 200 i.gif Show response
collect.tealiumiq.com/ibm/main/2/ 43 B
751 B 22ms
16ms XHR
image/gif 18.209.203.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.tealiumiq.com/ibm/main/2/i.gif
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.184.js?utv=ut4.46.202202020151
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.203.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-203-94.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryskIRvGhq83mXtBx3

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
x-serverid: uconnect_i-01217f193a08fe124
x-tid: 0190fd435ada00a60a532918832005065006305d00b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: ibm:main:2:datacloud
x-region: us-east-1
content-length: 43
pragma: no-cache
x-did: 0190fd435ada00a60a532918832005065006305d00b08
vary: Origin
content-type: image/gif
access-control-allow-origin: https://securityintelligence.com
x-ulver: 3eceb7783fbb24d2be508d8dcf9d88586cb3cf30-SNAPSHOT
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-uuid: a3d0f459-11d5-4f0a-b4e5-59461c8a9d65
expires: Mon, 29 Jul 2024 06:52:48 GMT

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
419 B 109ms
24ms XHR
text/html 2600:9000:2009:7600:1d:8d6d:3b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=OG29sFeXPqzyc7TpJLx_y3EU3km5LQYZ7gbQ2ZRSu7ach_ZrH8W-UA==&api-version=v3
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/ab057a07.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2009:7600:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
date: Sun, 28 Jul 2024 11:55:55 GMT
via: 1.1 91edf3d46098c7786cee1900c8e34990.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD66-C2
age: 68213
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: msprxcqQgdYFLCwmfCFc_cxOeiO--fPYnwc-AL5U5zaBh7VeFFIUmg==

GET
H2 200 0190fd435ada00a60a532918832005065006305d00b08 Show response
visitor-service-us-east-1.tealiumiq.com/ibm/main/ 2 KB
2 KB 15ms
15ms Script
application/javascript 3.232.45.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-us-east-1.tealiumiq.com/ibm/main/0190fd435ada00a60a532918832005065006305d00b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1722235968750

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.45.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-45-199.compute-1.amazonaws.com

Software

Resource Hash

82b9586ca9648b4e7b7c6b1883905c7fc8d712c761be1ce778fa6bfdee4f1aac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-version: dae9644db1054a022b4a820c208e271256b90b0b-SNAPSHOT
date: Mon, 29 Jul 2024 06:52:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-region: us-east-1
content-length: 2073
x-nodeid: i-02ed6d80306270b63
content-type: application/javascript; charset=utf-8

GET
H2 200 0190fd435ada00a60a532918832005065006305d00b08 Show response
visitor-service-us-east-1.tealiumiq.com/ibm/main/ 2 KB
2 KB 16ms
16ms Script
application/javascript 3.232.45.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-us-east-1.tealiumiq.com/ibm/main/0190fd435ada00a60a532918832005065006305d00b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1722235968767

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.45.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-45-199.compute-1.amazonaws.com

Software

Resource Hash

82b9586ca9648b4e7b7c6b1883905c7fc8d712c761be1ce778fa6bfdee4f1aac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-version: dae9644db1054a022b4a820c208e271256b90b0b-SNAPSHOT
date: Mon, 29 Jul 2024 06:52:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-region: us-east-1
content-length: 2073
x-nodeid: i-0b2dd9a62380634a3
content-type: application/javascript; charset=utf-8

POST
H2 204 q Show response
bat.bing.com/p/insights/c/ 0
217 B 30ms
29ms XHR
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/c/q

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/s/0.7.41

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/x-webinsights-gzip
Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 29 Jul 2024 06:52:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2962BD4685184A73806CC65FC23B842C Ref B: EWR311000107039 Ref C: 2024-07-29T06:52:48Z
vary: Origin
x-cache: CONFIG_NOCACHE
access-control-allow-origin: https://securityintelligence.com
access-control-allow-credentials: true
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
202 B 116ms
115ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 29 Jul 2024 06:52:48 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F54ABA720C514F6491DF0937A8C6A792 Ref B: EWR30EDGE1006 Ref C: 2024-07-29T06:52:49Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://securityintelligence.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYeXU8p+ueYREDzEn0eww==

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 23ms
23ms Fetch
text/plain 2607:f8b0:400d:c07::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-QE6TCR03B7&gtm=45je47o0v9188796028za200&_p=1722235967832&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&gdid=dYmQxMT&cid=1668112559.1722235968&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1722235968&sct=1&seg=0&dl=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F&dt=The%20rise%20of%20malicious%20Chrome%20extensions%20targeting%20Latin%20America&dp=%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F&en=ocmp_scroll&_ee=1&epn.ocmp_page_scroll_percentage=0&ep.ocmp_article_guid=50876f8c25ad11eebf4f1e639efaf643&ep.ocmp_last_article_guid=50876f8c25ad11eebf4f1e639efaf643&_et=4&tfd=16674
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QE6TCR03B7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c07::66 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jul 2024 06:52:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityintelligence.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 24ms
22ms Fetch
text/plain 2607:f8b0:400d:c07::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-FYECCCS21D&gtm=45je47o0v9103482433za200zb9188796028&_p=1722235967832&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&gdid=dYmQxMT&cid=1668112559.1722235968&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=2&dt=The%20rise%20of%20malicious%20Chrome%20extensions%20targeting%20Latin%20America&sid=1722235968&sct=1&seg=0&dl=https%3A%2F%2Fsecurityintelligence.com%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F&dp=%2Fposts%2Frise-of-malicious-chrome-extensions-targeting-latin-america%2F&tfd=16756
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FYECCCS21D&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c07::66 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Jul 2024 06:52:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityintelligence.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET Zz0xZWFlYjkyYzI1YjAxMWVlYmNmMjQ2OTQ3ZDFiMzgxZA==
images-cdn.welcomesoftware.com/ 0
0

GET
H2 200 Zz0zY2FkNTk3ZTI1YjAxMWVlYmRjMjQ2OTQ3ZDFiMzgxZA==
images-cdn.welcomesoftware.com/ 142 KB
143 KB 24ms
24ms Image
image/png 2600:9000:2510:8600:f:fcff:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-cdn.welcomesoftware.com/Zz0zY2FkNTk3ZTI1YjAxMWVlYmRjMjQ2OTQ3ZDFiMzgxZA==?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOlsiM2NhZDU5N2UyNWIwMTFlZWJkYzI0Njk0N2QxYjM4MWQiXSwiZXhwIjoxNjkwNTAzNTI5fQ.lsrXsGiiu2eVmrx0Ww0XVz39WAPVuk8CQZ0BK4z-6pU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:8600:f:fcff:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6cf9195360fe55adb4d64ff923a4ef070d16aa7a9cc67b7f0c9f4909bff77eb3

Request headers

Referer: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 05:01:44 GMT
x-amz-version-id: 3XsIrHERsKR__tFklAAU2jGKiON_1Uyo
via: 1.1 6ea9421ec132e3640100792ef9535494.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 438669
x-amz-server-side-encryption: AES256
x-cache-status: MISS
x-cache: Hit from cloudfront
content-length: 145815
last-modified: Tue, 18 Jul 2023 21:15:36 GMT
server: nginx
etag: "ee538927227bd680f0b5b57d1384cf20"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: pMrTZ2aTpPEEKMUE7elgS0PuYeTKj2diamb9uIPxBQQDJ00rEmnywg==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: images-cdn.welcomesoftware.com
URL: https://images-cdn.welcomesoftware.com/Zz0xZWFlYjkyYzI1YjAxMWVlYmNmMjQ2OTQ3ZDFiMzgxZA==?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOlsiMWVhZWI5MmMyNWIwMTFlZWJjZjI0Njk0N2QxYjM4MWQiXSwiZXhwIjoxNjkwNTAzNTI5fQ.WNhT7EPEJEMms1Bq7zvc6jRZ-sLK2bNWhTXb7Fkmj3c

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cloud.ibm.com/analytics	1970-01-21 07:59:55	Name: com.ibm.cloud.console.analytics.anonymousId Value: 39c70187-aa75-4734-9fd2-4a4eaf1d95c1
.ibm.com/analytics	1970-01-20 22:23:57	Name: BM_SESSION_ID Value: 1722235968301
.securityintelligence.com/	1969-12-31 23:59:59	Name: pageviewContext Value: 6d38fbc5-bdbc-4e8f-8dfa-098fa737eb35
www-api.ibm.com/	1970-01-21 07:54:10	Name: notice_preferences_master Value: {}
www-api.ibm.com/	1969-12-31 23:59:59	Name: 1816d7fd5563fd474b747d804593718b Value: a4f8684ec376c3e6d9fdcf73edea28a9
.securityintelligence.com/	1970-01-21 07:09:31	Name: __ncuid Value: 3505ab79-37b7-4571-9a08-fc92e89a62c7
.securityintelligence.com/	1970-01-21 07:09:31	Name: userContext Value: n/a\|0\|0\|0\|US\|NJ\|0\|n/a\|implied\|zz\|n/a\|n/a\|n/a\|n/a
.securityintelligence.com/	1970-01-21 07:09:31	Name: OPTOUTMULTI Value: 0:0%7Cc1:1%7Cc2:0%7Cc3:0
.cloud.ibm.com/	1970-01-20 22:25:22	Name: com.ibm.cloud.console.nEU Value: 1
.securityintelligence.com/	1970-01-21 00:33:31	Name: ga_visitor Value: Direct\|Organic\|0
.securityintelligence.com/	1970-01-21 07:09:31	Name: BMAID Value: 39c70187-aa75-4734-9fd2-4a4eaf1d95c1
.securityintelligence.com/	1970-01-20 22:25:22	Name: nc-previous-guid Value: 50876f8c25ad11eebf4f1e639efaf643
.securityintelligence.com/	1970-01-21 07:09:31	Name: _ga_QE6TCR03B7 Value: GS1.1.1722235968.1.0.1722235968.0.0.0
.tealiumiq.com/	1970-01-21 07:09:31	Name: TAPID Value: ibm/main>0190fd435ada00a60a532918832005065006305d00b08\|
.securityintelligence.com/	1970-01-21 07:09:31	Name: _ga_FYECCCS21D Value: GS1.1.1722235968.1.0.1722235968.0.0.0
.securityintelligence.com/	1970-01-21 07:09:31	Name: _ga Value: GA1.2.1668112559.1722235968
.securityintelligence.com/	1970-01-20 22:25:22	Name: _gid Value: GA1.2.577465613.1722235969
.securityintelligence.com/	1970-01-20 22:23:56	Name: _gat_gtag_UA_143580012_1 Value: 1
.securityintelligence.com/	1970-01-20 22:23:57	Name: TAsessionID Value: 89df15fb-de0d-4fe8-8486-5d2e6d593b3d\|NEW
.securityintelligence.com/	1969-12-31 23:59:59	Name: notice_behavior Value: implied\|eu
.bing.com/	1970-01-21 07:45:31	Name: MUID Value: 0BAD405895BD66D934FB549394BA6787
.bat.bing.com/	1970-01-20 22:34:00	Name: MR Value: 0
.rlcdn.com/	1970-01-21 07:09:31	Name: rlas3 Value: wWZlA9eTh9xru4NGKPxE5mD1ZF7WKZ+IUVyIR3POXYs=
.bat.bing.com/	1970-01-21 07:45:31	Name: MSPTC Value: C4VHq3xjP1a8uQRWYtukT2fPPfQEvedd_q_kzdvE_ZY
.linkedin.com/	1970-01-21 00:33:31	Name: li_sugr Value: e847214d-5c6f-4f3a-8c8a-be2e52ea5c58
.linkedin.com/	1970-01-21 07:09:31	Name: bcookie Value: "v=2&efc76ee3-48c3-4795-8491-f5a63e1b6492"
.linkedin.com/	1970-01-20 22:25:22	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=3259:u=1:x=1:i=1722235968:t=1722322368:v=2:sig=AQF10Slc1jXp81hy3dikvVLpgQ5R3elE"
.rlcdn.com/	1970-01-20 23:50:19	Name: pxrc Value: CMD4nLUGEgUI6AcQABIGCMrdKhAA
.company-target.com/	1970-01-21 07:59:55	Name: tuuid Value: f945bbd2-9879-43fc-a7a5-7931e2a5ac75
.company-target.com/	1970-01-21 07:59:55	Name: tuuid_lu Value: 1722235968\|ix:0\|mctv:0\|rp:0
.securityintelligence.com/	1970-01-21 07:09:31	Name: utag_main Value: v_id:0190fd435ada00a60a532918832005065006305d00b08$_sn:1$_se:4$_ss:0$_st:1722237768610$ses_id:1722235968218%3Bexp-session$_pn:1%3Bexp-session$is_country_requiring_explicit_consent:false$dc_visit:1$dc_event:4%3Bexp-session$dc_region:us-east-1%3Bexp-session
.casalemedia.com/	1970-01-21 07:09:31	Name: CMID Value: Zqc8QEt3uUMAABawAMCfkAAA
.casalemedia.com/	1970-01-21 00:33:31	Name: CMPS Value: 044
.casalemedia.com/	1970-01-21 00:33:31	Name: CMPRO Value: 044
.rubiconproject.com/	1970-01-21 07:09:31	Name: audit_p Value: 1\|V0mt5iMQ75LDncUG/oJFd3PRNbF5kSLFn59NtQrx6c1GXlzst0zOc4ZaGX9TqfgmNbhLztDknHTJ/a3zqNdXEoK4qPx88M0rRXG4t1rapc4Nl/G27LLHE+KZ6giC+qA9K4b2yu0JDxxMtXw2DpUCClQocXjBFyR9d1j8122vWMkfeUkiZJvSvg==
.rubiconproject.com/	1970-01-21 07:09:31	Name: khaos Value: LZ6MTUBD-1P-PBA
.rubiconproject.com/	1970-01-21 07:09:31	Name: khaos_p Value: LZ6MTUBD-1P-PBA
.rubiconproject.com/	1970-01-21 07:09:31	Name: audit Value: 1\|V0mt5iMQ75LDncUG/oJFd3PRNbF5kSLFn59NtQrx6c1GXlzst0zOc4ZaGX9TqfgmNbhLztDknHTJ/a3zqNdXEoK4qPx88M0rRXG4t1rapc4Nl/G27LLHE+KZ6giC+qA9K4b2yu0JDxxMtXw2DpUCClQocXjBFyR9d1j8122vWMkfeUkiZJvSvg==
.rubiconproject.com/	1970-01-21 00:33:31	Name: receive-cookie-deprecation Value: 1
.tremorhub.com/	1970-01-21 07:09:52	Name: tvid Value: 577e2a8998bf4cd09baae0877d646044
.tremorhub.com/	1970-01-21 07:59:55	Name: tv_UIDM Value: f945bbd2-9879-43fc-a7a5-7931e2a5ac75
.securityintelligence.com/	1970-01-20 22:25:22	Name: _uetsid Value: 2abc9ed04d7711efb38219caf92e0401\|k4915x\|2\|fnv\|0\|1671
.linkedin.com/	1970-01-20 23:07:07	Name: UserMatchHistory Value: AQL5T5RVOpAMMwAAAZD9Q1zISq6LzjJoZt8Vu4LZKwwXlhQM725rSNt1e0aBKCHaVtv-cr5JuuH0HA
.linkedin.com/	1970-01-20 23:07:07	Name: AnalyticsSyncHistory Value: AQJMktfJcrcfdwAAAZD9Q1zI3rB5-Tuf5aWakLM4QrS1iPi6oMK6mNs-qjMonjNW5wXQ_H84wxpmOqT3FTeqjg
.securityintelligence.com/	1970-01-21 07:09:31	Name: _uetvid Value: 2abcafa04d7711ef9862e77206aee3d6\|1cga0ih\|1722235968896\|1\|1\|bat.bing.com/p/insights/c/q
.www.linkedin.com/	1970-01-21 07:09:31	Name: bscookie Value: "v=1&20240729065248e70e9622-0c3b-49f2-8085-77fe9df83d37AQGyOpBvD4NkO0Zs2sZa3q0per9y6YPO"

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securityintelligence.com/posts/rise-of-malicious-chrome-extensions-targeting-latin-america/ Message: The resource https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2024/07/AI-on-digital-chip-with-neon-lights.jpeg.webp was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.www.s81c.com
analytics.newscred.com
api.company-target.com
bat.bing.com
cdn.ampproject.org
cloud.ibm.com
collect.tealiumiq.com
consent.trustarc.com
fonts.googleapis.com
fonts.gstatic.com
id.rlcdn.com
images-cdn.welcomesoftware.com
pixel.newscred.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.company-target.com
scripts.demandbase.com
securityintelligence.com
segments.company-target.com
snap.licdn.com
tag-logger.demandbase.com
tags.tiqcdn.com
unpkg.com
visitor-service-us-east-1.tealiumiq.com
www-api.ibm.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
images-cdn.welcomesoftware.com
104.17.246.203
104.86.85.84
13.107.42.14
13.225.63.27
13.226.34.79
142.250.31.132
173.194.207.95
18.160.41.25
18.209.203.94
18.238.49.62
18.238.49.99
23.207.151.54
2600:1408:8c00::172e:9631
2600:9000:2009:7600:1d:8d6d:3b40:93a1
2600:9000:2510:8600:f:fcff:7940:93a1
2600:9000:2511:c00:18:1662:bec0:93a1
2600:9000:2511:d800:7:2bfb:7c00:93a1
2606:4700::6812:19f1
2607:f8b0:4004:c21::5e
2607:f8b0:400d:c04::61
2607:f8b0:400d:c07::66
2607:f8b0:400d:c07::84
2620:1ec:21::14
2620:1ec:c11::237
3.232.45.199
34.96.71.22
35.244.154.8
52.85.61.60
0344be44426784aba6f7c22503f008280e7f375cb03671316e731e2a0a20e6b7
04b235fb0434ba2996a7adad1f77b7044133f11d7a0fd1fbdde3c027d761a7e5
05382ca2c2ab1254bdae63c9fd696e83b884f86bb55618949ecb0dea59a5df06
055242be429679afbdc44ca60d2060eff0d478b817102a347105adc5bbb6f90a
061d68548d70b449039f082ba0e4d8b5931e37eb74f0c1a1784a0fa83369476f
06f22cc39b965efddd2d8217790e7208ab61420129339a1dc960829719dd5137
07afe241f59a16aefebc10c2fa6721c17ae71811a6ba05adfe0ced9be1749caf
07ce80873f9653330b0888cd1174316bd53929f9ab3632fb66b36baca15da70c
086a30b2a9e6955f85fcd26e2105ffad85df2ba1e9649739296ad5f81d654784
08e2a2745fc7d71cadd593362de20f1d217ca9b59a9a20979ff0dc33c0dcbd8c
0a3567cea782cf988632d67e366719a558655271771c40df1fdbb9a07c241157
0ab7332898c1287857bc2f28648f42037bb3a4a5f61e5939976a272a9322dfb4
0cbe8f1a689365769f72815d900eea61be71b584dfee280af4dc88c21f9c2241
0cbf79af6d2132bca6eed80db08f55f84a564924f6946552221baa73baedd306
0e82da81b591f6ffc35aa67bcd9e1c39aa5983f7f8baaf35892956e8b2dc004b
0f7b02e0e4df9b624eb1272efd6bd6d70209798c2a498abd4c41e113498eea70
0fc1ffd7c6b0b952f94e417532ede23e2f88ddea35dce894f03ed7e9ebfc9cf4
0fd69e78d009137906a572580d329ad4dec672810b0eec8feb54ea4b511c3078
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
1039b43b5737d01337792f0fbaca68989e7a4f14c8d29bf5e778a7d2c2a3182f
108e3ea336fad8c51dca90cfd82f2dde7603282b773a9fa7b10a68fc5b3a3a30
10c32fc3bd960b57290d4469a55b9c3a970f58f72f3b37455d44b1f4885878ae
1168470362c9e25221d6b6657b18253250baf449c2b6c1f1fe9db13beb2f8c7f
131637e802df8efe821db2e04e2d5fbf8156e8dfd21c86f7568e0ed55c5ffa6a
13443ae5ca0734c899cfa3350a33befdf086e9a725fef1b01e6e60853221b0bc
13ba25f1831989b91c45069b716f046874021f64ddf386b64f8e31c085586a79
148f5bd38cf3b8e0aec0003782dfbba92df960a30944bbe2f9f977213c762a5f
14b7e944a6eda6ba9615565de04c802af737a984edff3d66a2e46b2eb1cdbb83
1590392832c5c7e5fcfa0e76a406b9f40aa3384fa6d1a392c06cfff47633a920
15bd17f46697a0c40344ca45bb526210294bdbd89f268c3f457a4d0f1956aef1
15f0de6f72f96c642c24a05c883f7e6bec2c8ab4f9c165ebe7fb2e447cca3f1b
16302338afc2c7ecff024cad37c76d5ead033b25fcf4ba6354c6a31cffe8ae34
17f7dec0e77938aac0a94d62a97ad70ed43d4365da5b8edd49376583d25b28bc
1b65bc85834d94fd0c0377c78aee34175f646ffb4e57b23f5a74b9d6a18aeaa5
1c227006efb1fba0e36bb30543339fb562dca62f378baa11ec8b8ddfc8b97cd4
1ce57fe09c3a2b9bb5703bfb387c57a91be0baae1d219771455dd3f8e1503dca
1e02759d55df0cf6bfc3fae3f962a47c635693835441d8a83254d3a7600ddcbc
1e399c99fd1d6ff978542a405c2e4653ce10ca6a35f32787b84833896154b947
1fad73efd1fa15b2d69d2ec0d65bf11d4d3bf5ed4681462c6ddf05b8259cfb5d
1fb80047319fc7f35bf012bb331440197f1c7c9f4928a7d73e77f961985a5412
1ff1e20ac21b988c7a5a11957d20b430e5881ab860cc7b7e6197346b4b418d6a
20e00dd4e268dc8a079f63839014b0180acb03489e694d5f67c7e8ca73b9610f
212c50e5e49761927400c63fd6afa36d34cccfa0ed307d8d01a54bc1b1cf1af2
22a20d772ae2efb4f5455ff81bd4bbbd04e6649ad28e9f946218ad74a2602f12
22eecbdf47f752eb7cec9586b3fec89b38704ed2eaab7cdb58a490552c61a437
2474929d0b22a0b5083acba9ee9f6e50e0e68d0f8fe0001468af372ceb237a21
24f0af9588d389ba730e1125fd766c1ccaf512d29d325d8cac2813d1e02ecebc
25db506c7e7a025930194b8b4653366c93eee617991a4eca157ba477386b9ea2
26691fb2a91c3fe21ac008c78b11c02853e79e82abd07fece9f7ab11b3764582
27727943226d9adecce7b1378afd2eeb5e62a975975ffead5486615ed0f6c055
277aa765c2c0fc1eceb225af5f16552f2753e531190b61a78e1ab23b600bb186
27f02b94e79640b905bf25c89495d09fb0950faeea56a852e10f855f12c56d85
2a2ccac78fe77258cb0dcf897f713930423d19a155831adb0d4692382c879169
2bea429dfcce30ae650c38ee5aa2957deed1b1f04bd81d24db0741044b025f46
2c5a8d602972048c36a43bc7204ccf206c50eb380fc209bf00b98833c26e7c68
2c9b0dd77d7e31d1d0d9e319a81b838f3641cbd982bb5c9ad45d68cda1ca4e99
2d7220b5a06499886efec7db532e54f9e7462612e65012a7dfcee18422cb7ba6
2dc14b2ebaa9d37bc6cb8ecda0da7588dd328660edb43a7c635d39f46a79d394
2e50fd20cc0430024ee9914d1b372f4d98d4490712ca7eb0cda9d786e3a2b07d
2f22eeac4501bb24cd47630791adafd966bd0940d398def0c94b3f22767c7485
3063e10867bcc635f559cf61172db2a6b50830834730282e0dad947002380e74
30e9d57b088481aa675ef8b9617c41a1ef51c539caaa924b5cdf018a848308a4
31535a91ce3f6b8ed3ddedadab1e49957e2220263a640df1a3f14f6fdfe15eb6
31a2d2e8de2520af395868ac3f7caa93574e6592b8154af7cb329b601c2486fd
3278027216d38249989e1cf39be055d632e774f68118d18a5282b8cfdee08b6e
3329f8744f63d73dc769e111107ab2e3fc688aadbbc5c26a4e64031a72ba2a41
33d4cab117cef7685e20a4546688c0a5df5fb974fb596f26c1d276f84156e0aa
35524a2b84d2688f84a3a9b19b3af5a56773d1e9c2f8d469cf4625e5c833a6e8
35748f7aa812c5ab5ad698c1f82e2001f667599b7e614106ecf6fbbff84f5983
36804111118e2ad330c9e26337ae8b46cf89ffdcae9eb9cd90269004a06d8e8a
374c61fb8261a766c9a6d5d78a36047aa8f82ac86e5811008d3131de82795413
391dc528a428a16f90b7ba966a0ed85d1ada1fbcf828c24ad3eb9b02d91f33fd
3a530c73051135e4e846ff802b0ac00681e252200643093bcb1f095a0409cba0
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bd1a494bf2c8c0506d01ba94fcfeb5c58e5b19a7555b29174355ed35a5b0955
3bdb4d576d4ad410916849e7c7d6e94f2bf3647e0fba1885b47a3b09fb262f1c
3be5f3576766c960983b315b072f6ca22578e2c34d97d54c27c2b44e565a8e16
3cc6d6cbbcb082f1536061bb5cd7387b729b62f147a461b7201156eb1d10c7a2
3d4168763cc7c89e4251a5b813bc96b2a2a1cfc6b78bd01e93eb0562a2bff69b
3dad2475c26b0269ff5725c68d74308f0f07271473f3a8828516b21d218e9d00
3db2b71a8f0bb0d43e210a87e0efa4060e748b39d634cb2b9bcbd8f4f758637b
3df4c72b33d93f627a79f3ec0e4744d88f9478a3513a41ae0a2386abac4ef831
3ee8aad0b453f6d6e266c862fa1315a3d89b1e092e8f94a78a8020c5898bf6ad
3f15c7b59ac1c2fb55943990e2e99f693045b33026cf71c7892577a49df42823
3fc2845d22c09928ba9dae73f657a21ede05bed89a42efafe1028bcbe4ee499b
4051bad11cd51207e434739953716de9f70ca00012652b1178c449a9da6842ca
406ee1752bbc28f64fef12400f9331d0af9187890e264de9730a8a2c7e3d6296
40e39a2a1a1a5149a3303e38b732ac43b1c69edba7b42ab2d8688429a0fcd244
416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d
41661a22fad5e0b7424c51a85b601935e6a4067cb9ecadef2c9f8736c7780e76
426088c52a92325403e37c7799edcd262e67191849c6d4b564d82467c77097cd
43400012faefe705b9fe8f49a088c3037476e6de6f139e4ef7a54ffd1598776e
438836179e58da34ffa952d54044cd6418887f212dcd9cbdbfb1e184f6d2d03b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4445c246bb44fad6c54a993d4b258c1802118fa85bbccd406662c8c5c95ac123
44593cf623a1ee35822978355705c9af11033841970d543c19ee548fef0f750f
44a14fefb8c37af73e740e0cd2c36051bf2136f4bf9e834e7237c6be19d66c68
44a55e68b0089ee691777917ed9bf22f764251c0a7f0253024a8b27c2278a8c7
44c9ebcdd27f2e42b1687408b43a9010aa0311a1ea4333ff589af21290e266e0
455fd63a5cee8e063c217befbf25b461788aa0e1385b2e8017422049aec2d017
45725f6aba012413709dd5927c4af00fe05e56d69da79134e4f8fb747450d897
45cf5e6406dc15cea5b9936a8cc17dfa66e525f541f58788ae196bd39fc59502
466d120fa656f164b036e1f9de2cdd29faa8e43b37d847d1e7e675a2f2846343
4676df23d89cb1eb3ccc4355ad76e8b03f913b27333d24fa9137d7902492f6d7
469a7f454c8a97d967d2bdfb20fbd70a301871e24aefc80d187543827497c156
46d5afa9b13dbd0bb7f5cb4a06880cb662782cfdd740e2f1db2c7fc92b8cc9a9
46dc3b84e343393bc25e512a3466a68f2035647c1515ab3ce3b17e7beb52dc82
480ee17ae9bd1943c860d3ca42f244b02462071cbf31bbf06e314f37bad84b99
480f054aed52db7c62b5c767d207a93671353764e34bd4dff862260b9db7b333
48d3bcb4f8e3b1e50266dfe8bbf41815b4043c450d0042bbf5c057a0ba34512e
4ad7d300b807f0923a45372fdd08592d6a85b8c17b51b9a730b82f137b700c8c
4b23563b01f795fd12489dd66e36f70b33556c517c4a47de7714dfeaed3b14cd
4c5eb6a7a557ccd9622cff8e53c9b95f543c97b5411a22b726fc56f078055af9
4cca4309ca87d494514c4ba3e5b75cd593306b2891891480f871970e3ad242d8
4cdd2c5e80b344731d46a78ab0effb8b8802340c5222131514d4d4bc1787bb9b
4d4cb2bdcedfe67851df0a0098e36c6fecb22a3832cb46e59f663e37169cdd14
4daf37c4400eb748090f8ef717a92b6c2ada74d4a27206996c1c001dc2360d72
4dd1908c6a8fd56a009de150a0d1b0c6c18a21543ff2f246a7108f385a22500e
4e57cf766447c0f0f0473dd492b395ea0e401261811c8f8218faac081a107a8b
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f1784ddd618453f60a7b05f4b9a28c732a42c008e2cc427babddbacd0dbbd95
512ad42436ff03797962addaf6aa6f3fefdda82e75fd58d30628739b49164748
51b55d095033da97c0b57b7d02035cec0064e83018d9c04378e98fd72336ae0d
520ce26b6197072574754f35e9234cdedc2ec12924558a291d6140fb39e0a8d3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
534a72d8cbdb7e793828deb405bead2f4c57e6e6c8e4bcb70c6c1d5508e09d02
545ef6ead6a9dc0d3d26407b68fe2249fc910d54a9657d5d32de0a856e892e13
546f45981d2584126d3157e7035c54b05115f3fe5b21b79faf6d00a6d9508b50
55202926a14875494185d7df9264a3e871153129368ced8fe904da4cbe51e3fa
555a116644043f85e66b58349cc49079be7192f717b8238c0ead571451c492d5
5790f65182367ee37e03f746cb278c50d07f2224d9658c34b98c2d8f8f60dc61
580410bce2b2067d7f22d95475dad5abf008a95ddb3561a2eef756c431e1f35f
588b5f84ecbbc7124ca8a9e90d2a80a3c8157db7898467e7b23a5d735c9e78fb
58e96e00197e9b0750a7e98d02cb2f0aaa333de489c33ff02a72310dc361b6d0
591a6a94143a5b8cbdd7fe5551d441d899ddfb6448737be08941f7f4373222c1
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5c18e13e16f8f31e2072cb42c3b9b351ae354b14348385be05e59dc767be32a8
5cbf8fd3a1f019a086ebe036f6083d8762a9e1a6520702022ebb7e4dd07d22e2
5d5997f11a9482db230a12a91801a5006294d0c68817607fb2d8efdc7ecf006a
5ecaa6823047993e686bc225c8d2de74227f68a9758818a8a2faf37c5ecbba63
5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37
5f300ce5623ab42dd2e013b707265acb5fc74b76592b04a22bc21c512c36a564
5f54db8a9fb067c11f77f277791ff8e8c27dc612a6eff881c233409b5e54964f
5f64379224831ca1f833fd877854e2b1532aad9f60d642e863678fd6d14d6aea
60a69b71ca37f27f48a3ddf5ed1fd31e0ce2669ef9638654c9f5aaea2d60de5e
60ed749d6f5cfc6cbaef111aeee9a3d3fc37807555bc3152210b1a7824fa8872
636c039cd55a93fd5f45174a3ad250ea24413e065b509bfed3b06d9644d0896c
64541d6d00c236d45a4b46b189a5adbd2336349ed8fbebee9e03a9e0b6e823fd
65abc7b0e6de94afe1a08ad5ca902eae3e8ddca70f632cf80c304d39c5a4434e
663a14b3fbb5e44ad939917a2f6f4d93f31a0a1d8ab6702fb0a66036141ddc8b
66daa090251cfc4760f77e92dfc131442d1c37d915f490558f902e9d7e39974c
687a057c92b4f6239167f336f96e053988db59f36e61c906ae61a85d0abe5896
68969bac2a1db27ac853c8c231e8031bbd53afc29379ab0e4ee68a20fb85bafc
68bb1563ccfeac7c657c6400068333526d993c339749bc913cbcf9804f9161bd
69926b96246d404d0ff12457196703cb2c0dfd63c76f85f5bc7d75594ff9060c
69e90c7e56645fc910589528888c00a914b1ec05cf00c77f7ddf9d99770e9142
6a342819ad55eb833b9d94923f4a3a790cbc67ffa1ec7fbc800f2682f3c2f4d7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be62c2f8d5edfd48f4d8de499432b74c846ad441c4edf63d0d4a68f14a3d368
6c725974f1982b5ec1aeff0f5546683467d3a6808c686f77448bb56a438d1498
6cf9195360fe55adb4d64ff923a4ef070d16aa7a9cc67b7f0c9f4909bff77eb3
6cfee30ce3e55ce3054f711f54ad7627185998b731aea71f58fc61a2b51fe84c
6eb1725148073b0d97917b373c481dd25c2d4c07fdf00f1377a2591cddde3b50
6f680dffeaa5da2fefd8d98a5d22ed8819ce58991910ac98838e8f4160d88d78
70c35a3b3b36b2fc6bfa0561f148268064ecc7ccf10e336bf3b91540326a647a
70e86f96c689b4d31fd726460660ff73fd3a4643ede63ad358ce9cbebbc3de05
73f701d7eed1b391a0387b4337cb71fd5ac4cae4cdd90baa4a8e30eab0ba413d
75526a1f79a580e2b1452091b385354c2ef225f0d230af14f21e194f13d47c6e
77f5d507b3bd2c7ed625d8291b3f9a91e4ee29839781d09c67cfbe1f0f4dec49
78e33244322d156f751a6d3e37d60b1c434fbb261430662bd5602af5c0962181
7a3a1a24324b661e918681982552dba1b617b5f0313344dcce1bc39fd36f773f
7aa21b9b8893d784d946e1f07e965831823018cc6123fb0f97ec2c38cf7e0403
7badf3f8d9de634e94a26ad4e6480afb424ace7b21992ecc724960c026347fe0
7bb85c6b3eb442173f57214a267449e51548381a82fedb86428812815d0ec64c
7be74588981e0dae1ec0bb1bd26e6af2e4203b97176be92de475ab5a06bd2c8b
7c4bfbdad82735e58dd96f775aa45d11c965d9967e638e048318fc56df7dd5b0
7cfa68c00b8e7e71feb75a06b2677316115bfc82646a631bf30d68055beac176
7ecbc1d3b6c0d537ea94cf1485a9a9ef2734fbc48fa977d911bc5ac499cda2fd
7f09f7ed9350c681587c37e087601818e96a09bfccda3cf5f86daae2d9bab1a6
7f2c690cc6175be879d93be0ebfc16fa2e31e09ba7a536fb73b1aa5d0e05f9ba
7f4c138819c28d666fe76c9649f73fc15234b3e0c012d1568a56471576981e01
7f71745c11db1688fbefd3d72b7f748568b29fd2ca3ead276cdd08c95310b98c
7fea1aa753e5c23f4c56cfbd2707ea5a17b15b74ebd85c57128ff4499152379f
801557f34e0712e2d4d8957a174f30cfc1b06f4a963e41ee46aa123c495ffabe
808e3f3b08cb517cabda3690db1ba2ba69c39f0a8b201aa7ad57114485d9181f
81989057917238a210966fc6b0395e8dd60b2bdef18ce0c2cdf996ce81224fd8
819f5f74ac359bce633d6b4f3c10981663492d901065198ca0d2df185a4a855b
81c7b4260dfb2719bb0a75fb4191597d196c3643637b6daa7ea0ec5065217d4b
82769b62d196eb232019812300ebae249a33a833797db0921447c429db379c21
82b9586ca9648b4e7b7c6b1883905c7fc8d712c761be1ce778fa6bfdee4f1aac
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835de0b00f5d8ea56795085cefcaf53d6017c132e081129f100188e005d6f2b3
838ed491a7c249b002c2b9e6f4a6795481a4f61eeccfdff1b5dff8e219276c3d
83d7d4ad5e4725bef1d746ddbf1fc16dd065c9950a344b5ac8eb8b4a66cca642
842f46a7d8ca0abc47026e28a709cb6cea557e64daad9eb91a8bff507945c92b
8446f25870745be7ba067eb67f0a7ba7387230ef4e0673155c137f64eff3483e
84470416d4c27fdaf829fb73d080038f38c4162b4fcf13453198af1080346520
84d1bf4cd5b5fefe99357eac6db2f21c1e0e579112ffce60b2c69cd098f3ebeb
8566c12e70a78fae249238e8e20989ede0f2ba0c5e54859b5a6cae6ed72a7095
879c800760e3d4c1180ae0a041efbeecc1420edfb13513d373e2d6c8327f5f69
87a2ae83fa4d6afce7a749def8ef96a4d1329f981f587296307c90869c580bde
87aa7e8eecbcc64fcd6878351518a72c7e495269e206cb10472959d50d6c8f95
87f273f2f0709e220d17af3aaa4fc31e299a358ac02a32e63ac8a622f5f04c73
8993b3ab7f762fa0645a1177e24547c2fdd729f34d1189b99e72e0c725d957cf
8a320b10403db3f8cd73d4d42f11364bcd295c03df576c37adac8738fd902068
8bfbc721b242454c04cd907419888ac023dc4c4f4986bd7b8cfa71194cde0821
8c0d06ba574de5682d0c5fce9a27ba5f0593ce31751c198b19d7bf83739a4e65
8c5ebed114d1223ecf396c28ec1d6d2d34c709e312fe138a2331d7b55a97d004
8d5dfa4004f79dd34fe59fff43b7fe46c095577d58745b6a66ff677b2bfe1553
8f19c6d6e152827203ecdde3583ef11e2f28ff0b8903beca54647f255949deaf
8f52e656ea443d8568ab27dd68776e39dc7ddc03af9fa234a93e7f537287cb0c
8f5846dedbc1a167297f4ea6714f75ba35da3d4049c707e3105568329b170a3a
8fa3336a40a94aa993e77e58243ee944bcec9084f71f4ed34399c96224c4e2eb
91dbf40be3a4e334cf5fb8d205a4b8c52d441fdd0427e877932c39fd0d04431f
96509ae3806587a5029b14cfa9a0a4ebf0dddaf201bf34516f92edb593f20261
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98e8a67bfc49b85d714f91c8d7fd1931c6269e2a7cb2c2e5fa554a775694abe4
9b6a8a47b2ee723329aaceb68a28e591c7da541832af19b6efda3310a46a8dbb
9b7941b794961b6e08a51f63b7c7b2878740b5b6da37673a4e95618e13b0c495
9bb19f369be6814be10d4cf49d4755e5925e49b872341aa8fb4ea1f4ac4b90fd
9bba7bc380932c1423013444386143a21a3ec797e78f68c2bdf81350d4e79eae
9c8f633e0bb1e0b5e8b24936fb875ff21e28f5db929bef360731ad0adafd1653
9e5c6ffc03c35b00ba073da7047038391eae135cd65088c7667519aa25af72af
9edc28759e1866c29cc73e8b388ac0b1b044e93cca651a8da39102e263b525a0
a05993da80658bd5e341c5db65d4817f22db3f64722e336708fc188e8a16cf41
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2678914f25ce6f77376659fd248aa0da2f36996f4d777dba0d2dd4fc6095803
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3d562dd7f27076647d2ee17526d676491ef9fe959edd2179d5538265d8e72cf
a43f650076aff5160d5199648cb8aba0c77431dc6118ab697006c7e677e63fa7
a5468ad5750d7374997aefbfe093ae29c3ee7dfc8ec5f51702c40eb6b90f91ae
a550027dbe16ae842d3f4e3632f8ade0c352c147330698f518c38f8f87555989
a5bb5196d568ccc436e40919b0daaefdbbec711bfcfdbf3a82930bbb58a7bd20
a6d5adaf3a68ff52fcdcf50861572525528e6dbb2199724333e23f7367f9fb16
a70b9635dd7cebe8634aa78201f5533e14c7521c46462f036fc82feaa0dfddb6
a70c2df9665defd3c6bcd1ecf9f29eb39f8c9ecd93e8ab522d30aa4ea25c3b89
a7c866af237441e1f47b0cf45fe22fce9f25d35671b0b0cf87a30157024394e3
a84d21bb9220d654c977c2329c6cdd8918a2be930816587babe6d7d302d03ef2
a93ccf89475f83336712a14da8d52d2d4a8f1b93e62465507e5e74fec5857860
aa5ce85c40190b4654cb0804d728deb08f6165e622726081b62b6661e7a154ab
aa8fb84a43802c369be5cc8ffb33bb3f7099cd6c29d8c998bc49bf12f6f25241
ab94e9181ccfa0fbd37d9523154d1b8e27825737b0228d14e2ef14396d1d9f2d
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
acc61f08e979d54268daa7615e1121c83687a2eece1a1de04ca00a6aad397e69
ace941f3e5f95397596ca7394eba3d53e79e7c717ba7fab29e857c4010b353b7
ad16e16f52ee83e37132ca80f7f8b1f50286407656eab81fe73e45c1cbd164ce
ae22d26d0c1a40242b6cf9f80c35a73144ab9b651b92b8f0c992062d673f7608
aec2a44eeea6df3fe0ddd88e4f2dd5b227ef678b89ce754251060fc5160f9ac9
af500480a770c61c159f2c95933c6b8f10f2dad5161667aaf3487cfc17a0d8a0
b054619e4845729c52a31708e871e23b327a53c26d7cc52309a30d1b858fe44e
b0f116b6070f8658986fd7db10d550321846965128feca7d1b5ae786dad708e3
b0fabb6cdca970485d787ab3aa2ad69ec7be6a7e1da3d1e702431ad88f513331
b11dee66c99d6b6e3444a2f66694d0f7de9a7c8d728d68690feb7b3a4d9f924d
b2892b1c7e5dba9aa27ca9559244807f20538bd11574076962478a06cf08e0d0
b2f2573588d39c2620beaf6ba62a24b1ce5ced73eca1ae6722882d8b8b6e558f
b31a3b2cb739733fdf9ee5f1dfdda95bf7831e50c7085d4472ecc0ff98633df8
b427f52a719026de868165a02f2bac2e8292e2b7a749e1f11fe14a71c0aed79d
b64a42cb2d4bb0497aa1bd9f04cbe3aaafdf5e40b62bec89004b1726f0f10b56
b6b223048d53962ba8887fa17fd057385058f87474cd247e974ec87c2df4d693
b96c34a986fbb68ebd9925414da39d0f0aa4e086c44c67bdb92f6e4299b6e5bc
b9b7d6f4795baa46e5b6c84f52913aac15361608a2891ed985ffce99bf3f0486
ba73ff4bde6333360947ed9d66ed173a7d217338d4a18a0b38a860e110e3d788
bad7b315a41d04900531b5a422181a07a5579df44ea80dc5219e297ff2cd6d76
bb18d4166211ffb4d0b77cd388bfbb4d89718a11ba413ee5fbca320fe0f2cc2f
bb91a3d6fa4ce291537aa3a50eccedf2fd8c79c98f89083a9fae9aad5b106f8d
bbc2a908d267ae71b9d9d50ea105b17c52835c0155ba62a40b4be067f4e71e85
bbc367f73bc831632abae23bd931a4b50ebabe6bb1a36a89e48c9e5ec3dfea8e
bd14d0b978a5aaa57bf28684442136fe2afdb7e4768a81a5365d75250b032321
bd3c06907c8bae0fbe82d227181eb6aeb1f1e8c38b693e6bf403de980c2f2a42
bd597b9019a5779af45853abf6ea477dec205d4b1b126ea80780ffa050570034
bd8cf80ac0e7f7fa126a0cbe0f16d568325a156ca744e8f1e6aef14a9f23e2b2
bdd999dce9f8de3da1944d2ceb87bb7dfdd13cce89ccda787500b796a5251740
be3244f18ec46e3495666e8f7a9163ffac8bc1b41ec08255609fa7ed27adc30c
bfad53aa5488b166229cc8470e7755b2ca60e6e4fa9e00de64bdbac5b564bb34
bffde2dc0f1de1372fcc64e33a129386adc36be643ed00ffeb188c06521ca2ea
c05bec41bceb98e3741eec5abe5ca5db721510c1e92afabc2a222d2dfefb558d
c0c68ee99978a72f6b30031323c8b4793e97e24ff03adb6edb22ffa7d5d6a24a
c0d3d87b8bd38c73c165621f789cb83413e1e5a023801d8be026b8ca0617a6d5
c1ff2dbeb7ec307f4c0c212bbddd5c0ebaab97ca20e3b47b41b3addf7bf75e9a
c23269df2b82f8486814488d21a8e6e1ed55afae34877a44fc2573a5914a3cb8
c498909c5a4dbb15b4e6440b66426a8c575d31974bf854689bee49fdde93045a
c61cb46c0622deb811081ad6416cd92036f89e68e1dce91e471d92e00b0faf08
c6c4aa2602e3356046f5d00ce1d6b56190e8e985618b8dc2d01e72d58ccb6492
c813bcb8b6f45b885a02fa0d03cc9b499ccda7623a3b7392c84c14f18e75c3af
c870aabc7adf8c354ea4a86cab2e1e6d254c829247988df9f26e6e78778d1d8a
c8d0dcf01dafd2c20f57fa2400fb0e95051ff11be6d9e75dcf154b9bf1e4da50
c8d124da4c83eab62cb6300dab7e1c6365430c42338d3c529760a9c15dcd46f4
c8f74c2211499eea2627b22479d04215a7bd43afe4c99ca3fcc0a00c7858da91
c9717bdf1a395d9b36792d842da11dc0f736587439691c013c651ce5acafb3c3
c9787b0f5966042b61044d6bf6b50de04fe2e8bd595554f41df9d6e7ea533de9
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb107bfd360d379e6de729ca91b805f47a6e0affe7f814743f998d70264a671e
cb31bb53eefec5a74b7e7271abd4e97e0735174d7d0b0dec0f2217462573d1f1
cb341d420886eb30d9643840bd2017e4f74c9bb86edbee866f7e3e518495ac69
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cba6d3e5442896fad3797c89b8447069e7f6525b516b913ce49590cf56180456
cd182d7ea1f4904b9b9b092a9fe2ef0a3413656e9222ccd319632861784ffdb2
cde8866183a768c3e0b93a8ff2efb0c999e65029ca02d853f5798bedb3a41095
cdeb355a9ffa6456ee2917eb1e985412af551ae8d30ff799e2d2249201d740cc
cdf398f0b57b04f7174b818d55ed5b1d0462802e2cd327aac8c11d2602ef39ff
ce736f8cb653a86475d1b91e2cb72df0a5ffc31c671d4fb50914d367278d498b
d0227033bd5c1308b7c468b078482f8a512d0c3554a90a16ac95910f4b058c6d
d0f02fdf609ea86efc0155d8b7964bfdc08250b3920043644f831e7c28b4a9d1
d17cb7e33b4982aa013bff4d3b9aca59b461d6bcb75c9d91a12288107c30ebe9
d1b5edc6ae60994126aa455fa391aab95e6d4c3c85356be0ce01e625cbac8ce2
d22151a8ab284610169dd85aef94ae8520ea2aff3a309b196a521fcc0619afc3
d2737b45406ac420fd0d05e0405a842a92dc64102ae9539385c4f5fd19df09d2
d2838a560ed590e2d2b0dfe28b0dfe664bf5ba55a675c6bd4195d77521b9a576
d2f5cf75a63fc6050035c507c308b27f1298db9c178bf0a98e852041d3bf574d
d4450a1b6d074ed92fd0ca384c6d7b58668212260ff936f5163e22167146c074
d552b712911c65689d6831f7b6b30d5227a88ac851c18e10259e365fe9c02582
d566b0df5ed3c4e90da21a0ee58cce6cbd0d3259bb0f98bb31d524b00c0e9afc
d65b089121a7205b05eb696462e9b58048326f236f4e010c6415673f2ac42db3
d6919a40101e75c8accad2e0e756dc04e61a582c3f33ccfd51dd2593418e11fe
d7082511522c4df5d87ddcabb64e2696b0b316cd7b208d2e8110089a3dc5f705
d86a381a8750a3e22956160bca45b26a41ae9068078382f7db7b59bca0962739
d8bc2fabd324a865fb6f11276bc6b7517f8c66e637f1b585b1a2a568a7065112
d8c05592597de267189f0f5b92e1cff66ff3131e9d51f56adb2d33663ed76e25
d913a95a44c9d6edff5f1b0c6ac6c004cd6ed5fa4e9659f6109ad2377df8db03
d9da5f743ccda2f1bc3c85cc1df42f8280feffc35dc75c38dc95b996b2369fa3
d9df6451975419c0b0f7b076b048cf03e83262c6643940a0d6ab5f976028a353
db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922
dc3db8fe104a5d0e51cb7248faccd6314c47264a1664ca3f6152dc8ad7b8c233
dcdadfb1f61149386d4f3f6838e7ec2832790b53624798ee9cedc21a67afcc20
dd5588c8432d8f1630319a4d3a12d7f77adcf1e01e315a649275dca5e5921198
de1324cf9615178ed5fd102bd4f7b793d0a27dfc5058470e896961be6adb1eca
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de80b2b0c32b938ed432b49c0f3dc09f8c6152fc6b090ac49294b891ad8933bc
df5e72491de42d519d782711ffe4b0914a57585f13235927db42324c5c8b8154
e02c0a01a563bb7401cb74ac4a3a64d4d0eaeb8f34c213291f28659f7dd70217
e0ae28c5a633fd1d7ca95e841dce0ee9614968e119122b05abe7d7bbac505558
e1a2ed0c708a2a9f8f96128e0f0ff4518dbf1af4e2f56276681273bb1659642f
e1c34f7ead90dea4877914b63dff670d5c62fd5837232d3a37896687af68ae9c
e23fd7d9aaeb533a5fa226c21fd0cb510959b31351b638633eb3f6cd91287920
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353
e4c6971d875782d91e741d2109a4ce00401355cc98bec086c8495eeecf2f14e1
e63a5f14e57733c2768ffe6a3f882f125df33487603a5a1a059daf7ccdf728f6
e748d41cd9cfe01dbb54a81879719cf10802004bdf822009e81e16673a9e0bce
e7cbc8627c6e593075352516c356c6789b7ae8d73a3f8f67d468529bbc94c4cb
e8247375044496d06ad9447a156f1bbc1e2a50e2895041ae5552d5554d3d5d4a
e82835d695b77ae15ecc4fff53c06aaf6d142f26c1b2f2816f8c496baf43d6c4
e878c84c5a5d323e7649bed33fee3829cbadb6ef0722d52a262099f7f906d8ac
e89cc85750cabe4a1352be2c824af05958b906fdf9ab9b9e99fdd15a4d798152
e8e8a692a3d205212b325961053e9fab1e3faadc837ff38fe709efc6a62261e4
e94dea6a076445d2063bbe7101fa33c8fb6cdd723863eb5c25eeaa81e3736b16
ea19d09e274ea490bbc49dd96de986b6826b466e9a4024c6e6e066652f151093
ea7f53d0f3c0177b20a3604c7263e406013ea8def4fa82f7a09361a8ac6845c2
eb16dcbcfed35fd40c5c61f3f7cb9661c7ca7608e9ad2cb9a81752fb195c76dc
ebd04a96b54329b8a1254bc7bd0e1479415c2f4b5e475216c7658a5874c1b071
ecdbd8d21ada7e09e601733e47c6451cc913b439cbea82ad83b93a96d9fa8cf8
edcb16fa396f7e60ad5d1796cf74ec7ba81cb86ab93878f23c09eec468dac6ec
efbaa31a58e8a666e4a16f95608bf41d683be39bb09d7e75c80d8ce0ce59b235
efd9406c9186c67be67a44c5c6d3899e979ad5ef9a63ed56b4535442dae31481
f059a5aa0a112fddeea0086027cdfb5c4c612a2e6d86e7e430213093b7425424
f09070396827145f8cb2728f9825de55826781572964ba3394a62c8234cdb06c
f1ec7fd994ef08be61d7826fab880f881e7655fe756ebbedabef076769246852
f20b790ced614a5e4547ad4269790666a6863a402be73fbb8ee837aa7f085987
f217256166bce9376568ac982825c272d71b252c8a8dc92458b5bd7ab4244121
f393eb2713d80f2e7cf87f9f094f4b524eedd64e3ad0fc0a9208bb348d3359d6
f42d85a1fbec8757d847b58ea0138e7c8a93e6769af086f4a1cf9dc46b5e6fa4
f439b7231b604467428bcbc8aae87c634c0916524cb8a723609e80404edd2c67
f6fc181079860f8a70036447d0b01c27ddde9705ad9b4a85cff86e5f8d6fe991
f8f2ea1401819fe906dc24d499bec9d073c2f3757be8f5e3944432001b9556f9
f92eb0255e0c85c8e9c0cefc183438851a8e4020008ce83ee24f874ce234f516
f976589b67405bbc6b9c773eaf742662f600465db7843d1e70100bb8f3c173cf
f9cedf3e356ef50849d37fa9e132a137f91584334ee823fa61d2c881784c6d5b
fb372a60a8b6705edbe2ab4c0d80b8418c5f1d26049433dd4d515c5eaa617e69
fb4529cc42ed4fdee59dfb30fec6d069634cb6b3211c2274505e556c8be0cf3b
fc9840876318b8c21fa8718b599a2942e6e23c9e302a37274a8b19be6a439864
fc9ad7df6018269998940126df5b35af77503a3b1aabc1bf7b0fa09f38b5b333
fd553f6229e34abb458572766f7c5693c7fbe509dfb24558f5d9e99532d3d9d0
fdb01d0c2c147dd308754fc4e19de4f20f4474110825eed804def2b1775c0440
fe526d60c0f5076fbbc412b20ac31027669f546b9c8f974ae8cc0a051698877d
fed64fa7478ee94e0ed2e324e1b260be161b9f91b8ccf80c05724f88cac96109
fee248102959ee652ab2c28d934bbce89200a51a5cdc9968ce90f977f6dc1dac
ff28d591b0707bfe7a8fc66020594a85ed5d4521f1a1671623a5770d336dad4c

securityintelligence.com Open in urlscan Pro 2606:4700::6812:19f1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

385 Requests

98 %HTTPS

43 %IPv6

20 Domains

28 Subdomains

28 IPs

2 Countries

4111 kBTransfer

17599 kBSize

46 Cookies

16 Outgoing links

Redirected requests

385 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

securityintelligence.com Open in urlscan Pro
2606:4700::6812:19f1 Public Scan

Screenshot
Live screenshot

Full Image

385
Requests

98 %
HTTPS

43 %
IPv6

20
Domains

28
Subdomains

28
IPs

2
Countries

4111 kB
Transfer

17599 kB
Size

46
Cookies

385 HTTP transactions
12 data transactions