spycloud.com Open in urlscan Pro
104.18.26.108 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email.spycloud.com/NzEzLVdJUC03MzcAAAGQ_91-lmBwbG9sQll5sIdCUsHZgGmqWJAsesXW873pa1oen1euiwEox__Y9IXWg9_zj6WsH00=
Effective URL:
https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo...
Submission: On January 31 via api (January 31st 2024, 8:41:30 pm UTC) from ES — Scanned from ES

Summary HTTP 156 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 12 domains to perform 156 HTTP transactions. The main IP is 104.18.26.108, located in and belongs to CLOUDFLARENET, US. The main domain is spycloud.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 6th 2023. Valid for: a year.

This is the only time spycloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.71.206 104.17.71.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
77	104.18.26.108 104.18.26.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.74 142.250.185.74	15169 (GOOGLE) (GOOGLE)
4	104.16.95.80 104.16.95.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.239.18.124 18.239.18.124	16509 (AMAZON-02) (AMAZON-02)
25	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
7	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
2	172.217.16.200 172.217.16.200	15169 (GOOGLE) (GOOGLE)
3	18.244.28.65 18.244.28.65	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
2 2	205.139.111.113 205.139.111.113	30031 (MIMECAST-) (MIMECAST-)
1	207.211.31.110 207.211.31.110	14135 (NAVISITE-...) (NAVISITE-EAST-2)
3	13.32.121.74 13.32.121.74	16509 (AMAZON-02) (AMAZON-02)
2	65.9.86.14 65.9.86.14	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
2	18.245.86.127 18.245.86.127	16509 (AMAZON-02) (AMAZON-02)
156	16

1 104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)

email.spycloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

77 104.18.26.108 (None, )

ASN13335 (CLOUDFLARENET, US)

spycloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.95.80 (None, )

ASN13335 (CLOUDFLARENET, US)

engage.spycloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.239.18.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-124.ams58.r.cloudfront.net

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 151.101.66.132 (United States)

ASN54113 (FASTLY, US)

fast.wistia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.244.28.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-28-65.cdg52.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.139.111.113 (United States) 2 redirects

ASN30031 (MIMECAST-, US)
PTR: us-api.mimecast.com

protect-us.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.211.31.110 (United States)

ASN14135 (NAVISITE-EAST-2, US)
PTR: service159-us.mimecast.com

security-us.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-74.fra60.r.cloudfront.net

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.86.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-14.ams1.r.cloudfront.net

embed-ssl.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (United States)

ASN54113 (FASTLY, US)

conversions-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.86.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-127.fra60.r.cloudfront.net

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
82	spycloud.com email.spycloud.com spycloud.com engage.spycloud.com	2 MB
23	wistia.net fast.wistia.net — Cisco Umbrella Rank: 7576	818 KB
9	wistia.com pipedream.wistia.com — Cisco Umbrella Rank: 6517 embed-ssl.wistia.com — Cisco Umbrella Rank: 8202 distillery.wistia.com — Cisco Umbrella Rank: 6443 fast.wistia.com	31 KB
7	gstatic.com fonts.gstatic.com	148 KB
4	osano.com cmp.osano.com — Cisco Umbrella Rank: 5210	64 KB
3	mimecast.com 2 redirects protect-us.mimecast.com — Cisco Umbrella Rank: 9574 security-us.mimecast.com — Cisco Umbrella Rank: 39188	3 KB
3	driftt.com js.driftt.com — Cisco Umbrella Rank: 5691	64 KB
2	reddit.com conversions-config.reddit.com — Cisco Umbrella Rank: 673835 alb.reddit.com — Cisco Umbrella Rank: 1450	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	186 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1335	9 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
0	Failed function sub() { [native code] }. Failed
156	12

	Domain	Requested by
77	spycloud.com	email.spycloud.com spycloud.com cmp.osano.com
23	fast.wistia.net	spycloud.com fast.wistia.net cmp.osano.com
7	fonts.gstatic.com	fonts.googleapis.com
4	cmp.osano.com	spycloud.com cmp.osano.com
4	engage.spycloud.com	spycloud.com cmp.osano.com
3	pipedream.wistia.com	fast.wistia.net
3	js.driftt.com	spycloud.com cmp.osano.com js.driftt.com
2	fast.wistia.com	fast.wistia.net
2	distillery.wistia.com	fast.wistia.net
2	embed-ssl.wistia.com	spycloud.com
2	protect-us.mimecast.com	2 redirects
2	www.googletagmanager.com	spycloud.com cmp.osano.com
1	alb.reddit.com	spycloud.com
1	conversions-config.reddit.com	www.redditstatic.com
1	security-us.mimecast.com	spycloud.com
1	www.redditstatic.com	cmp.osano.com
1	fonts.googleapis.com	spycloud.com
1	email.spycloud.com
0	416d16e7-7731-4fd5-9441-27938f5378e1 Failed	spycloud.com
156	19

This site contains links to these domains. Also see Links.

Domain
portal.spycloud.com
blog.sekoia.io
www.linkedin.com
www.youtube.com
www.g2.com
app.vanta.com
partners.spycloud.com

Subject Issuer	Validity	Valid
email.spycloud.com Cloudflare Inc ECC CA-3	`2023-06-27` - `2024-06-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-06` - `2024-05-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
engage.spycloud.com Cloudflare Inc ECC CA-3	`2023-06-09` - `2024-06-07`	a year	crt.sh
*.osano.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
fast.wistia.net GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-08` - `2024-07-06`	6 months	crt.sh
pipedream-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M03	`2023-09-11` - `2024-10-09`	a year	crt.sh
*.wistia.com Amazon RSA 2048 M02	`2024-01-01` - `2025-01-28`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-15` - `2024-07-13`	6 months	crt.sh
stats-tap-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M01	`2023-09-13` - `2024-10-11`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
Frame ID: B558472561708B1AD921848E7B8BAC41
Requests: 115 HTTP requests in this frame

Frame: https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true
Frame ID: 54EFDAED5A129D58C092499F02A18318
Requests: 16 HTTP requests in this frame

Frame: https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true
Frame ID: BF3686B01D2FAAF38C8FBE14A6B24602
Requests: 16 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=2fc20557-ff17-49b0-b7f2-113b3f49b8a8&sessionStarted=1706733687.348&campaignRefreshToken=25a5c322-408b-4524-96ca-5dda8da174ca&hideController=false&pageLoadStartTime=1706733667611&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Fblog%2Fbehind-the-scenes-of-a-successful-malware-traffer-team%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_campaign%3D2024-01-newsletter-prospects%26mkt_tok%3DNzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
Frame ID: 6D887A285637E4B85994B418CA74ED8C
Requests: 4 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1706733667611
Frame ID: 262CA565C0DB6F53C57F6213F3949BE6
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New Malware Research: Successful Traffer Team | SpyCloud Labs

Page URL History Show full URLs

https://email.spycloud.com/NzEzLVdJUC03MzcAAAGQ_91-lmBwbG9sQll5sIdCUsHZgGmqWJAsesXW873pa1oen1euiwEox__Y... Page URL
https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=emai... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^"']*elementor/assets

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/revslider/[/\w-]+/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

156
Requests

86 %
HTTPS

0 %
IPv6

12
Domains

19
Subdomains

16
IPs

2
Countries

2980 kB
Transfer

10812 kB
Size

2
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://portal.spycloud.com/login

Search URL Search Domain Scan URL

URL: https://blog.sekoia.io/traffers-a-deep-dive-into-the-information-stealer-ecosystem/
Title: Traffers

Search URL Search Domain Scan URL

URL: https://blog.sekoia.io/stealc-a-copycat-of-vidar-and-raccoon-infostealers-gaining-in-popularity-part-1/
Title: public reporting as a “copycat of Vidar and Raccoon”

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/spycloud/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@SpyCloudInc

Search URL Search Domain Scan URL

URL: https://www.g2.com/products/spycloud/reviews
Title: Read our reviews on G2

Search URL Search Domain Scan URL

URL: https://app.vanta.com/spycloud.com/trust/itvhddyqxnnf6gi6aatcx
Title: Trust Center

Search URL Search Domain Scan URL

URL: https://partners.spycloud.com/
Title: Partner portal

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email.spycloud.com/NzEzLVdJUC03MzcAAAGQ_91-lmBwbG9sQll5sIdCUsHZgGmqWJAsesXW873pa1oen1euiwEox__Y9IXWg9_zj6WsH00= Page URL
https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 117

https://protect-us.mimecast.com/s/Wq6qCn59qpcW4BoSJ1Bvc HTTP 307
https://protect-us.mimecast.com/r/2Kb4PrBKGje6E9l89FhhBPS2uK_6Fm-WxetHjKWVFVK4GGRsR8qtcT2Evgf3DO8xSOjJj7u9o_3R-Y2G5NPFQP_qT-Tw0TwoBA5bAcyHPSoAOO4NyhbyOnPSYD_1uCdxTE0MNrqB8kCz94UB8NB9Bqi5CYNSgExgt1bVatO7noHc-UBKoT_Pcc0LV4P4Ul0m6M_vO_au7tf2xjNWJn7-h9FUpZcW_XBmJY8p_MjIN2DX2Si2szk0Km2_meZD7i7oa_nXrapPc2KAiT259EeZOjZXsk1q0x19jdXVjk3Px-0IcMysEBroj3kIVz4bsbhFudtPdPIiJIwZUzYPWIjh6imzxU8eAeXzoXYGtI6_emoghXufZuSZsRkpPqzsyeCMNdTSZEyuheeWebM0n9rp-rfmEGvP_TDrFVExZ1quQc4yeKz7wzIuhOv6oOaiXdQ6gCLq5xvVl93-wXnPSsq0XRk0PYGNue4CdLUE78rzQ4bjcf8OonlmWzzBVqd6wxqeF96OVgZlF4sOHGTMxc5mIvcM5cVrn5wwimkPs7tZ7QnALDFWQ3WpFSoj0893L4vfIw_OnAWe30M4lXxQiY3M3SKS42uGBW7iIhP3V8oFIXmBEPE5SfUw9pljN0rRSgu0FYkENgmYcBmLhoTD7tcY8_jGn822QfwOsAgYICT8xgNItHra_1_LKfxX3Fib409Nji_1J10_tbeOJy7wqB0UOKNFfDQ5cAWNfkpgORQ58hdijJhkj_rar4D_OGQDjGFydrJuR9cUW96lis1EUGx3DjbDm5liwWvClbmAmcISB-SR7jJ-iFvWKpvENZOSQLX0wwlIWGoCnHawd1UyK0Y1J6Joj9Qnb0sbUE-u0SMzle-z4mshEj7JF-NXjT4tGPPpXT5TtYgwdnroJTijh2vaDKPqc5b5zIqOmdvPU7ng3TY-QxbZcp8eXlD-JwGaLL_8GM40-TyMGr_AJVsdAPT09Xrhnp3KbXqL8_koivrsUixOMVK2-MX-lR-LYRJWruuFX5ncYarQs2uJAbKWd1RFiG_e43AzVnzmKJqn1nF9U2j3arBL7xLDAAaqssiuQCQqSavXYb1gSvnWtn7EF59Za84NVk5giiNdMdVRVyrneh3MYirLElLf79p-NAzuffsthgif8EIDWZG-A09gSTpyuxK1L_cSRvx11MRGLHaZngb5mRfh5FFdIkjGQ2rwtcLH9grBFARDaiImwlbExswTCm9sqlmqXDFg0Ni6irYgZzxn478vJL8dQhgileDxfqAEvfUW2qK3IFYJBiqpTn_Kfzpw_-dbdxWnA8LzlFsPw2bUjNNnlH5QhkYETZ1LjA2Sc0MkRsfvrrVLqp2MGHYb5Tbccg-0tFrrO2mUtrH2u0genoye_tzlxlR6Ued280bhfqJAb6Ot1oO7FE9_2bhCttUg1XcIenm0cjubqBKy-uYJ5kK9MRLpPjHOqT5T2MbwJYAgb7YVxDL6kkDSSvZ47yQYSZgwyNL0crLL8XwzA4vgys-rgG4SA-I_p_1OH2z-L8PCUg6FcgO6qt-TMXLZeZnGPT-bXk8nYkPAiA9kxHDKwBu36p0sQnoQgPFm8nChYSYYq7rjgggENKopPDORrnrDz1ZevyG0BSVCunjtqPlZXSUtkMrUP5mZm8GFtAJpyBaAZD9Rgukm4TMlYrwzpo6OsqCLZgZTjb0eH4U6IpVFKXax8Z_2OcJ3yFE24zvuO5ooQbYk41pRA5B3iGd9UdwTZM4yL68_Z0blt9j65lmSeokkGJzUB97VoLslmgz7t48kaZAf4CYIumh9QFmrzVOVkya0lYm-Fsr4ogTXrrNoshgK32gQixb4XWrMA0TI1S_tsWNG8Sad8PlnX0bggRA3FxI5D1ZHnfXfG7-u5RCQGXkL4f0Z65DzdWGsF205QLEluHsArZr8v6jusfGMKyIDpytLbWjSDhBLfcQUHncFR9cSFpjBZUnnLK7uWR1nryTGyaihfO1xD-d2T3H2XD6pZ3r_YeAuUiRIU3UzaBkamgVzWE_Xee81Rsy_gJNTfqtNqpHpbxzCvToHWO2KWYXVNzG5d9fNauWmFZOCSfuCd3ZKP6RODLStDUBGwtZ2UWsThNMfSE_TxYg9ZhC-Fg HTTP 307
https://security-us.mimecast.com/ttpwp

156 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 302 NzEzLVdJUC03MzcAAAGQ_91-lmBwbG9sQll5sIdCUsHZgGmqWJAsesXW873pa1oen1euiwEox__Y9IXWg9_zj6WsH00=
email.spycloud.com/ 643 B
1 KB 430ms
314ms Document
text/html 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://email.spycloud.com/NzEzLVdJUC03MzcAAAGQ_91-lmBwbG9sQll5sIdCUsHZgGmqWJAsesXW873pa1oen1euiwEox__Y9IXWg9_zj6WsH00=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-PRJK7WItx+OBre7g396zPbmDr6nsHZbfek74gOTGqXI=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 84e4c605ceae5e58-MAD
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-PRJK7WItx+OBre7g396zPbmDr6nsHZbfek74gOTGqXI=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
content-type: text/html;charset=UTF-8
date: Wed, 31 Jan 2024 20:41:06 GMT
referrer-policy: strict-origin
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: efb1aa61937439ec

GET
H2 200 Primary Request / Show response
spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/ 714 KB
66 KB 898ms
476ms Document
text/html 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg

Requested by

Host: email.spycloud.com
URL: https://email.spycloud.com/NzEzLVdJUC03MzcAAAGQ_91-lmBwbG9sQll5sIdCUsHZgGmqWJAsesXW873pa1oen1euiwEox__Y9IXWg9_zj6WsH00=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

088e5ccaddd5ffecccab53a34c461bdb47aacfc39862c8f412643c3ce1e952b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://email.spycloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

cache-control: must-revalidate, max-age=0, s-maxage=86400
cf-cache-status: DYNAMIC
cf-ray: 84e4c60a7d4f2180-MAD
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 31 Jan 2024 20:41:07 GMT
last-modified: Wed, 31 Jan 2024 03:44:10 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 e4b8d81d5f13e1c05d52108e75ecf23c.cloudfront.net (CloudFront)
x-amz-cf-id: LU6dVvjZk4lWh_n9SRp7O0E6k5yZbws-uYhRBVpH70OqytY41yjkCA==
x-amz-cf-pop: MAD51-C2
x-amz-version-id: hRREvE20xlf5trDlh.ztzKjiuKGkDoPh
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-powered-by: Strattic

GET
H2 200 premium-addons.min.css
spycloud.com/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-css/ 356 KB
41 KB 93ms
81ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-css/premium-addons.min.css?ver=4.10.15

Requested by

Host: spycloud.com
URL: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

7347de6f1e66b2bf459be0c4db3ab837e2edb7a2fb42023b8286a80f65abc4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
x-amz-version-id: TRep8m.tJlqsrU8g9NkwWMKNGm_djbCi
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 b89214703c5c60a107a07c982809a482.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 1
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:35 GMT
server: cloudflare
etag: W/"51b810207009ae9ed96bf9adf4cc92aa"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60d8d132180-MAD
x-amz-cf-id: 0mGgkQfZsCeup5g96nWump0HqzxGYCmQ2muNm9G1361CM4_OC31nHA==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 premium-addons.min.css
spycloud.com/wp-content/plugins/premium-addons-pro/assets/frontend/min-css/ 202 KB
24 KB 85ms
73ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/premium-addons-pro/assets/frontend/min-css/premium-addons.min.css?ver=2.9.9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

d0ab86838239d0289d6b7f2f19ff3de1b59a015bfb4a18d87e549d6113774fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
x-amz-version-id: TYk0U.kc7CXtUExVBpE5Nq8_amXu32ld
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 dadbd3993b5303886df72c2fdce172ca.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 1
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:35 GMT
server: cloudflare
etag: W/"678f697fb3b71173a2e7545e3654bbce"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60d8d1d2180-MAD
x-amz-cf-id: yVp-HNYN_7WaDbK-W6odsfAJ18QSQIS9oPOb1K_z3DDY380pXPA2Hg==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 styles.css
spycloud.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 91ms
80ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

e2d4b7ac2cf724a064d15a4379ccca7a81c346dcb143f279d83a0e99f9563cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-version-id: r_KFAffm.an8R.LIQU3LobzKLPWWpM9L
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: MAD51-C2
age: 1
cf-polished: origSize=2894
x-powered-by: Strattic
content-encoding: gzip
x-cache: Miss from cloudfront
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 20:25:30 GMT
server: cloudflare
etag: W/"3fd2afa98866679439097f4ab102fe0a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60d8d1f2180-MAD
x-amz-cf-id: qaEAypPtenkNqK2uttY3WdX4TLt4MhRuk3D6Hu3n4T1ipTq2AnYQOQ==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 helper-parts.min.css
spycloud.com/wp-content/plugins/qi-addons-for-elementor-premium/assets/css/ 7 KB
1 KB 90ms
79ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/qi-addons-for-elementor-premium/assets/css/helper-parts.min.css?ver=6.4.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

033c7f8bb7aa0e1cc6a3ce3770097923aa30e1f13488b91d1592621d63dc6468

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
x-amz-version-id: xJxBMeTM09LItAQzL3k_seL6sJ4Ne4eP
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 5df5179e580bb3d7462fa47120e6435a.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 0
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:39 GMT
server: cloudflare
etag: W/"4606a23182cd93ca62a2b8b2ac80e31a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60d8d212180-MAD
x-amz-cf-id: hX2WWCXRZIm-O6sQljNkM7nW3ywfP_xj3cWGyIf6qz7NyScOG3K_qQ==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 main.min.css
spycloud.com/wp-content/plugins/qi-addons-for-elementor/assets/css/ 48 KB
6 KB 82ms
72ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/qi-addons-for-elementor/assets/css/main.min.css?ver=6.4.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

98f70ccb0a821ccc06949746669ae29505f35dc69e650151904a43ea3153117a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
x-amz-version-id: GgwJMgdHCm9vOgMbgKz7qgBpDo1ybBEa
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 71a0472adc0e71a3b21b29ba3bec35f2.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 0
x-cache: Hit from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:37 GMT
server: cloudflare
etag: W/"056c6fd34e9cdd1c3434cb688a5443ca"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60d8d252180-MAD
x-amz-cf-id: NmwmfaOJrM321nhSe0QFcCtuvufljEXNbXGEwudj70ZfTQYt_e3mKA==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 main.min.css
spycloud.com/wp-content/plugins/qi-addons-for-elementor-premium/assets/css/ 131 KB
15 KB 97ms
86ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/qi-addons-for-elementor-premium/assets/css/main.min.css?ver=6.4.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

d8b2613ceb59d7c1b21e995d7a39b0add818c676bf89e0fed4dccb8661f73664

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
x-amz-version-id: Zjo6R0pPXz8klbqSUMILJUnuH8RhYZ0h
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 b89214703c5c60a107a07c982809a482.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 0
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:36 GMT
server: cloudflare
etag: W/"f2e8f0fc5bae7356404584faec56a066"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60d8d282180-MAD
x-amz-cf-id: IlGyukPM27yA_PK_hVZCGkH2qbneLJpeHFLAs9akbHwJ2q7bXboFJQ==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 grid.min.css
spycloud.com/wp-content/plugins/qi-addons-for-elementor/assets/css/ 44 KB
2 KB 100ms
90ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/qi-addons-for-elementor/assets/css/grid.min.css?ver=6.4.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

86e3a02e65e8d41d632cbf626f0d824b20165bdf2a354013276105fd94607ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
x-amz-version-id: WkxHBgVxYeElDyUp8UeixYNiyw8C.3bD
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 5bbe14a8b2c5fa4323fe2881d040833c.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 0
x-cache: Hit from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:26 GMT
server: cloudflare
etag: W/"ffe1a7f04ced6b595fb66127118187fe"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60d8d2b2180-MAD
x-amz-cf-id: _QBr1S2EKsg9Gg56z_ZKBdXS6aYUdN5lm5vdMw0tBHEJwH8nt5Ti3A==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 helper-parts.min.css
spycloud.com/wp-content/plugins/qi-addons-for-elementor/assets/css/ 30 KB
3 KB 95ms
86ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/qi-addons-for-elementor/assets/css/helper-parts.min.css?ver=6.4.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

6efe352e9cbe2e9a8d4d6e4f1370a5ad66d26b493d85ed32d37e978a4d511941

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
x-amz-version-id: KyXeKkJ_LVA4mCIh6Hlq4FQAQKm7YXdw
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 71a0472adc0e71a3b21b29ba3bec35f2.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 0
x-cache: Hit from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:27 GMT
server: cloudflare
etag: W/"ba5d969d5af53ceffee54f203c905b87"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60d8d2f2180-MAD
x-amz-cf-id: OUWQ7zivqJ1y3UPg4BaA3HO2Txs7hv8I4XIMTyjLcyBdnHOllcyNFw==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 style.min.css
spycloud.com/wp-content/themes/hello-elementor/ 6 KB
2 KB 97ms
89ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/themes/hello-elementor/style.min.css?ver=2.9.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

3c3c0ebe37e4fd4187131a0a8d039064a9014215c4b83199d909e7e0b2d7f450

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
x-amz-version-id: .1aa6gJT5SztAYgswR_78iX0czHNjo3p
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 552a19732149a49fbfc2659a98c93d86.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 1
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:27 GMT
server: cloudflare
etag: W/"5be56bc9e617084e1cbb84c994912fc3"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60d8d312180-MAD
x-amz-cf-id: rV43AVAcPb1-6z0rgfU8mm_42RaNVYm3pp9UlFMuiSIaCwKZyvVJow==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 theme.min.css
spycloud.com/wp-content/themes/hello-elementor/ 12 KB
3 KB 104ms
96ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/themes/hello-elementor/theme.min.css?ver=2.9.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

5f9d3a91d5bbc09131900b7dc64ba4328bab03dc7221c5c2773397cb656bca18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
x-amz-version-id: M_iSWqlVMXJ_tGRUxK25ipdlik44ofCg
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 5df5179e580bb3d7462fa47120e6435a.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 1
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:38 GMT
server: cloudflare
etag: W/"89e436a24d959247c10bc8fac759e680"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60d9d372180-MAD
x-amz-cf-id: JbjnwgJjATZEm8fHp4e2MiyWG5tK0Q5Sp-qip8Iw5EXT8HCztPgaQw==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 elementor-icons.min.css
spycloud.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 98ms
90ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.25.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

d2f82e2e141c7a7f31f40ab9ed8c499bba09505bac8b806cf016d10550e2a6d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
x-amz-version-id: YC1rFnzn1IwEDtZOsGAjCnCAcv4CS5WY
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 9809ca806cde9d8f9a57379e55ece5b6.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 1
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:36 GMT
server: cloudflare
etag: W/"edcdb90e5161a1894daff5e6b1b35c3f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60d9d3d2180-MAD
x-amz-cf-id: 3v8dT-2J2YXlHwm-eZeG6K74zEU4cwyaTUjUWWn3Sh3d3f8qSKHQPw==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 frontend.min.css
spycloud.com/wp-content/plugins/elementor/assets/css/ 167 KB
20 KB 95ms
88ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.18.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

c7f6a84135245cce4edf2a5853cd9418569e94cb70aef9dc5ea873ae3bc0247f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
x-amz-version-id: YTd1ljFHhxL5wIDP8BIklRABOR77hBEY
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 1c301b860f1012db2b746c01d3e8617e.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 1
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:30 GMT
server: cloudflare
etag: W/"68557246c3863775c943c456e54db315"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60d9d402180-MAD
x-amz-cf-id: bWY9xVWEV3a_1MzdpBZJsAuPEU4oROKhVetJhsTW9oZ5frji4273EA==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
BLOB 200
OK af19ac31-2c8a-45b9-a0e2-ae5a07ddf684
https://spycloud.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://spycloud.com/af19ac31-2c8a-45b9-a0e2-ae5a07ddf684
Requested by: Host: spycloud.com
URL: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 swiper.min.css
spycloud.com/wp-content/plugins/elementor/assets/lib/swiper/css/ 13 KB
3 KB 111ms
104ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
x-amz-version-id: W96vCprAY259vVCoF.QyGxSUKpohuALd
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 711ccea18028f91fc25b0a23c716938c.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 0
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:25 GMT
server: cloudflare
etag: W/"bcad7781b3e74db2565b8424c45232cd"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60ecfe42180-MAD
x-amz-cf-id: CagINLHbjZ8JGgCbi-RvWtFDf5z0RVgRq6NfKde5FPocvouKm9V2Qg==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 style.min.css
spycloud.com/wp-content/plugins/stratum-pro/assets/css/ 139 KB
12 KB 88ms
81ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/stratum-pro/assets/css/style.min.css?ver=1.3.13

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

ac9267f6dcdbdd099bc4a6bc9ce5a17985485f6636fb8553445ebc6addadbbc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
x-amz-version-id: W88qNPOYQma8ZxEsRWZ_vVBUQGbS9m.9
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 ed24ed7fbec751651346c1accbcfe3e4.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 0
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:24 GMT
server: cloudflare
etag: W/"c40916248a44711b1d0b7b47203330ec"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60ecfe72180-MAD
x-amz-cf-id: RT2AJSALu5XKmgx4Mvo4QkdO0wu8GA7IBeCvQGLFm4iDsEMKdGgCmA==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 frontend.min.css
spycloud.com/wp-content/plugins/elementor-pro/assets/css/ 440 KB
42 KB 84ms
78ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.18.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

c0f77031e22b28fbe14e53d8c5629f14bc1bf74bb338384388b5113d8a698ccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
x-amz-version-id: beKm7Xn0DKmtwU9UuT4OQkWQxkeFfsYZ
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 b2ff803e9122fd0c248b789f729b835e.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 0
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:26 GMT
server: cloudflare
etag: W/"9d1e55d29a2d2d188b0bdf00233c0104"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60ecfe92180-MAD
x-amz-cf-id: 3R_5nfJCYWf9Z4hksS8zjOQAxxhf-CaiwGYaeuK83WG-FlDEDMwDNw==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 uael-frontend.min.css
spycloud.com/wp-content/plugins/ultimate-elementor/assets/min-css/ 617 KB
67 KB 89ms
83ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/ultimate-elementor/assets/min-css/uael-frontend.min.css?ver=1.36.26

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

f32bb6cf7a44a3340cb34dc07661030817f63d3df8783ccdbcd747ab9c669f9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
x-amz-version-id: aCE1rAOKJkd0FEnSpIJCnGAIKuBNm9gq
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 fc84dd3d81f101f017733b4720a09e8c.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 0
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:30 GMT
server: cloudflare
etag: W/"c47df6e3971417eb9d6640d0c8a05238"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60ecfea2180-MAD
x-amz-cf-id: cbN6L3sBgbAuS5aCanngZrGFspl0ma6klfzcKqVT0Cdz9UvJoRNZ7g==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 style_login_widget.min.css
spycloud.com/wp-content/plugins/miniorange-login-with-eve-online-google-facebook/css/ 2 KB
1 KB 88ms
82ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/miniorange-login-with-eve-online-google-facebook/css/style_login_widget.min.css?ver=6.25.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

241b75cd9c48834a0d84cbc9d02b0cbb03e3c009825531322798858bf63b8dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
x-amz-version-id: rDCmVqpJSVj2cgEwCnfs7IVl7RH34Yw0
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 5bbe14a8b2c5fa4323fe2881d040833c.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 0
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:31 GMT
server: cloudflare
etag: W/"75c7d3d8595daddcb11f561291834125"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60ecfed2180-MAD
x-amz-cf-id: yY0QWnMd5leOWtU9DaGmBvvIvHUlBQJpXutn4-6yWFFCzkIpGev4Sw==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 style.css
spycloud.com/wp-content/plugins/newsletter/ 4 KB
1 KB 93ms
88ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/newsletter/style.css?ver=8.0.6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

c0264cebfcf19eafd46af4b6bb5e3cf5ea00482eb3c1fd1601fe78661cc9cb09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 c1f1733266ff22358c2c3dd7a5454d9c.cloudfront.net (CloudFront)
x-amz-version-id: qFqIRibWHwSPBS3qzm8.c9rIx1wIZ4lx
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: MAD51-C2
age: 0
cf-polished: origSize=6411
x-powered-by: Strattic
content-encoding: gzip
x-cache: Miss from cloudfront
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 20:25:24 GMT
server: cloudflare
etag: W/"7d8764e74f313c662746d2a72bf9d14e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60ecfef2180-MAD
x-amz-cf-id: tvIu7BqnBht607S4Bz5e1R86r6Ctc3AIuR_-QUYHXOS0ULIuiZbV5A==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 style.css
spycloud.com/wp-content/themes/hello-theme-child-master/ 2 KB
814 B 109ms
105ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/themes/hello-theme-child-master/style.css?ver=1.0.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

d9017aa269b66b600b35d6c48e4368b94969480279ba09d22f5c01bbedefd372

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 09e594de40cb3eb83a4bc581fa48d9e2.cloudfront.net (CloudFront)
x-amz-version-id: T2hW0iYBsdKXqbuGyIvqBAD40hnezU4B
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: MAD51-C2
age: 0
cf-polished: origSize=2691
x-powered-by: Strattic
content-encoding: gzip
x-cache: Miss from cloudfront
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 20:25:25 GMT
server: cloudflare
etag: W/"28e527c423d6d75d407bcc43fd180b4b"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60ecff02180-MAD
x-amz-cf-id: 5FOXVPvDmPpIbaIt2z2wEZN9uoelLc0jfhkkEA91KJfgCji8nJ5VQQ==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 welcomebar-front.css
spycloud.com/wp-content/plugins/mystickymenu-pro/css/ 8 KB
2 KB 93ms
89ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/mystickymenu-pro/css/welcomebar-front.css?ver=2.6.6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

74bbf4b4c120009256b75530a2c4d7ebf932a720dde541f2a6e9aeadf321d49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 c81fed03bcdba8d8bb72a1d12196c83c.cloudfront.net (CloudFront)
x-amz-version-id: ko1zlKBfyVclgbs3hxuqKH5qiCiGYlWL
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: MAD51-C2
age: 0
cf-polished: origSize=10736
x-powered-by: Strattic
content-encoding: gzip
x-cache: Miss from cloudfront
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 20:25:34 GMT
server: cloudflare
etag: W/"db27cafc561421e37d15b828c2ae1882"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60ecff32180-MAD
x-amz-cf-id: gAvoVpFbu6k45JisrmHYfFt4wrUJibwt8ZavZ_jbNyhxbg4XSHOGWg==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 welcomebar-animate.css
spycloud.com/wp-content/plugins/mystickymenu-pro/css/ 6 KB
923 B 95ms
91ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/mystickymenu-pro/css/welcomebar-animate.css?ver=2.6.6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

e3b54467275809a673e4eafec04438046ea1f1d6e1c7da1806bf50df884d6c00

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 c0d1739fbc59ff80d4ec6a2a675c8aac.cloudfront.net (CloudFront)
x-amz-version-id: ayAgYN2wYqEptAng7l4Ml8EAlI7HUIAm
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: MAD51-C2
age: 0
cf-polished: origSize=7343
x-powered-by: Strattic
content-encoding: gzip
x-cache: Miss from cloudfront
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 20:25:36 GMT
server: cloudflare
etag: W/"59e73205136b01d5a3c4878371f7b0f4"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60ecff62180-MAD
x-amz-cf-id: _yGOHtXf3Jkczomw02Z4uxFzLVFhQIq5L-JJZEwk5ZIlwzadrqx5Pw==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 css
fonts.googleapis.com/ 99 KB
3 KB 1010ms
225ms Stylesheet
text/css 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMulish%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.4.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

0502e0199d71f6266fdf2508cf41bb91a22b707adc0ae0acb3b28f7a561d6be3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jan 2024 20:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 20:41:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jan 2024 20:41:08 GMT

GET
H2 200 fontawesome.min.css
spycloud.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
13 KB 103ms
100ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
x-amz-version-id: elwa0DBp9tBtChvfEBzrfXZGOoabljrC
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 1c301b860f1012db2b746c01d3e8617e.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 0
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:24 GMT
server: cloudflare
etag: W/"eeb705d0bdccfd645d3bbd46dd1fbab3"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60ecff72180-MAD
x-amz-cf-id: J8BRY_jpWB-xWMAy0uz0LEc1XXsYVHDdDJnnDqAtCaZn8PC4XqHFPQ==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 solid.min.css
spycloud.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 669 B
550 B 137ms
134ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
x-amz-version-id: 7o0RsS3TrLpY4lKtcvVdF.4U9lJR1xLa
via: 1.1 18d8826259eea2f8aa83b2a4ea085086.cloudfront.net (CloudFront)
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: MAD51-C2
age: 0
x-powered-by: Strattic
content-encoding: gzip
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:38 GMT
server: cloudflare
etag: W/"9eb2d3c87feb6bb2ffa63b70532b1477"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c60ecff92180-MAD
x-amz-cf-id: GTi3i2aaFwQLPbIiWrdRNnrtDpw4vHNxTldugSOLpSg-4HdwWYypGw==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 jquery.min.js Show response
spycloud.com/wp-includes/js/jquery/ 86 KB
30 KB 96ms
93ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
x-amz-version-id: .jQGE_FwXzE.hadXxNywnrOYHRWb2Cyf
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 c1f1733266ff22358c2c3dd7a5454d9c.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 0
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:39 GMT
server: cloudflare
etag: W/"826eb77e86b02ab7724fe3d0141ff87c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c60ecffa2180-MAD
x-amz-cf-id: P2qpQaWojxfq7K_hOHMfutefuuvv7Y_AwPHW1otDzHNAvQg2FX_DwA==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 jquery-migrate.min.js Show response
spycloud.com/wp-includes/js/jquery/ 13 KB
5 KB 94ms
92ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
x-amz-version-id: ANfemw5kzEwot6xYP9KnukzzdnThOW20
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 09e594de40cb3eb83a4bc581fa48d9e2.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 0
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:37 GMT
server: cloudflare
etag: W/"9ffeb32e2d9efbf8f70caabded242267"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c60ecffe2180-MAD
x-amz-cf-id: A_A46jmuTfw9ZvuFWm25oMv7xnBf4O3q6oXPzFnHwkJ47L4g_Fcavg==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET
H2 200 forms2.min.js Show response
engage.spycloud.com/js/forms2/js/ 199 KB
67 KB 681ms
483ms Script
application/x-javascript 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://engage.spycloud.com/js/forms2/js/forms2.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be64da47ffc5fc1e40ba8205a0974330a76815e151e84ba365a750a7c96f1d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 05 Jan 2024 00:21:30 GMT
server: cloudflare
age: 0
etag: "b80d86-31ad2-60e27d4627680"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 84e4c6100f571bbb-MAD
expires: Thu, 01 Feb 2024 00:41:07 GMT

GET
H2 200 osano.js Show response
cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/ 134 KB
37 KB 1371ms
587ms Script
application/javascript 18.239.18.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/osano.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.18.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-18-124.ams58.r.cloudfront.net

Software

CloudFront /

Resource Hash

a93fad25abecaf290429639c9ed9e7cf93fd0d29c766e3d818835de891e363cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:08 GMT
content-encoding: br
via: 1.1 45f8047ab98fa87807d2f5362a7fb75c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: AMS58-P6
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37549
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 06 Nov 2023 23:05:09 GMT
server: CloudFront
etag: "6de2b2500cf2d3bd50c3000f504ae1d7"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: T4diJ_7itGjewh6SzR8Hxngc2UEMfwgSGuk8KeNRqzSMM-huv3y_uQ==

GET
H2 200 E-v1.js Show response
fast.wistia.net/assets/external/ 753 KB
127 KB 2099ms
1160ms Script
text/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/E-v1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7031bcfcbce52de37f223e0e65445ca374fb4197f1a2a9183cb3c3ca64697dd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:11 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1708
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 129396
x-served-by: cache-iad-kcgs7200153-IAD, cache-mad2200124-MAD
x-browser-version: 120
last-modified: Wed, 31 Jan 2024 20:11:45 GMT
server: AmazonS3
x-timer: S1706733671.056431,VS0,VE2
etag: "397b068b4181b626eb5a1fb5122ea1e6"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: c442b31a8d1833634ccc10e3d722d8a476b63e1d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 77, 1

GET
H2 200 blog-img-convo-1-spycloud-labs-admin-4-dwarfs.png
spycloud.com/wp-content/uploads/2024/01/ 43 KB
43 KB 962ms
961ms Image
image/png 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/uploads/2024/01/blog-img-convo-1-spycloud-labs-admin-4-dwarfs.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

a49e3dd493f56e6c7e456cb9e7633d22cdc6d03c8911295c2d5b3705e017eed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:08 GMT
x-amz-version-id: 57jDcUGDeQoiKbksBMLIlcAELys91Sx4
via: 1.1 158bf65e81ba82d619c73dde6c7796a8.cloudfront.net (CloudFront)
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: EXPIRED
x-content-type-options: nosniff
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
x-cache: Miss from cloudfront
content-length: 43841
last-modified: Wed, 31 Jan 2024 09:34:33 GMT
server: cloudflare
etag: "14f798cd692c4d312b2bca00f5ad1759"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84e4c60ee83a2180-MAD
x-amz-cf-id: lvDF3KDJnZuaFLVy3ZeMYistvc2WOBZpuDRytWsTyiBSJws9rllSNQ==
expires: Thu, 30 Jan 2025 20:41:08 GMT

GET
H2 200 blog-img-spreadsheet-view-Grumpys-installs-1.jpg
spycloud.com/wp-content/uploads/2024/01/ 77 KB
78 KB 870ms
869ms Image
image/jpeg 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/uploads/2024/01/blog-img-spreadsheet-view-Grumpys-installs-1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

48cb4399c1ad700412b6552da6b97114ba57fa35cd90e0b8285c1c9d27db8887

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:08 GMT
x-amz-version-id: SEzSU67By5RsjwPAU8Lo2M8SmLlZsi4l
via: 1.1 71a0472adc0e71a3b21b29ba3bec35f2.cloudfront.net (CloudFront)
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: EXPIRED
x-content-type-options: nosniff
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
x-cache: Miss from cloudfront
content-length: 79115
last-modified: Wed, 31 Jan 2024 09:34:32 GMT
server: cloudflare
etag: "482f5373594fda36d08f6841e34cbb39"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84e4c60ee83d2180-MAD
x-amz-cf-id: Wjz72Olrh49bhduALWuAp4wAbvasMCJY9hrLO1DWQWA0lccjNGRFhQ==
expires: Thu, 30 Jan 2025 20:41:08 GMT

GET
H2 200 blog-img-Telegram-accounts-1.jpg
spycloud.com/wp-content/uploads/2024/01/ 62 KB
62 KB 683ms
682ms Image
image/jpeg 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/uploads/2024/01/blog-img-Telegram-accounts-1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

841582e2569a29cbf9128cace792e2fc8499ae6d395523ea7926a00d65c92cc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:07 GMT
x-amz-version-id: 5srBxg3cOlA_6hzEKE_TWVJxruRTqosf
via: 1.1 b57cfda43c76a33a7043dd5bcd943c1c.cloudfront.net (CloudFront)
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: EXPIRED
x-content-type-options: nosniff
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
x-cache: Miss from cloudfront
content-length: 63322
last-modified: Wed, 31 Jan 2024 09:34:35 GMT
server: cloudflare
etag: "a6a6ee0f576e8b54e5a1aa460798a540"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84e4c60ee8422180-MAD
x-amz-cf-id: cUPqwDaDW57Vvaahq32v3xBhNi0UvQYSKbTFBnE7RWAGPw2kjpuqUQ==
expires: Thu, 30 Jan 2025 20:41:07 GMT

GET upload_fileaccessapi.js
416d16e7-7731-4fd5-9441-27938f5378e1/ 0
0

GET upload_element_creation.js
416d16e7-7731-4fd5-9441-27938f5378e1/ 0
0

GET
H2 200 regular.min.css
spycloud.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 677 B
676 B 285ms
240ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

eea3d6ccda7f6503078cce9dc41176c1357af1c93a5b3625131ef7cf21c9d7c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:08 GMT
x-amz-version-id: 9cWW.u7ZX1WGR6sRKmoAUNUnUFI7Zwr1
via: 1.1 fc84dd3d81f101f017733b4720a09e8c.cloudfront.net (CloudFront)
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: MAD51-C2
age: 1
x-powered-by: Strattic
content-encoding: gzip
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 17:28:53 GMT
server: cloudflare
etag: W/"3eef8c9e589a6fd58292e79bbac4ba5d"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c613ab312180-MAD
x-amz-cf-id: uyKFZ_IdaVMKXE7LTpy8HD0Sx0pPyU_iT9hiW8nRLuUf7NoLBCi_ng==
expires: Thu, 30 Jan 2025 20:41:08 GMT

GET
H2 200 animations.min.css
spycloud.com/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 142ms
140ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.18.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:08 GMT
x-amz-version-id: ZvTTLPcppJW_b1W0TrZSLkpnrAGfHOOT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 f6fe5265462508690ff6e0d3e33b6068.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 1
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:25 GMT
server: cloudflare
etag: W/"4601ba55044413706c2022cb6c1c3d05"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c614cde72180-MAD
x-amz-cf-id: wzpBBOLGMYwwkbiQm7woSh9x6mMKMA0Hw1UErFbihmModcmdQVMGgw==
expires: Thu, 30 Jan 2025 20:41:08 GMT

GET
H2 200 rs6.css
spycloud.com/wp-content/plugins/revslider/public/assets/css/ 48 KB
9 KB 172ms
171ms Stylesheet
text/css 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.15

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

931729e0f35d5f9a8c077b47484b2180d05f74358293787e30cb0af30b9d87ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 0250a97a9fe8f37b6e3c4270db2dc8ae.cloudfront.net (CloudFront)
x-amz-version-id: cRfa6yMf.hKbrTV1wjhWl_RdXyow2d80
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: MAD51-C2
age: 1
cf-polished: origSize=59754
x-powered-by: Strattic
content-encoding: gzip
x-cache: Miss from cloudfront
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 20:25:23 GMT
server: cloudflare
etag: W/"c1a7048ae35d20d88ec46d8d82add160"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84e4c6151ea62180-MAD
x-amz-cf-id: ac6FBgf9FYOUrLLIaxeaxcWe-eiIOrvOZ1oSTEadAZVaj4bV9v8j4g==
expires: Thu, 30 Jan 2025 20:41:08 GMT

GET
H2 200 editor-panel.min.js Show response
spycloud.com/wp-content/plugins/stratum-pro/assets/js/ 12 KB
5 KB 492ms
492ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/stratum-pro/assets/js/editor-panel.min.js?ver=1.3.13

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

be0b56929195755bb3fe67aa4eb3a545ace43e008fd488e12914136e27f52463

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:08 GMT
x-amz-version-id: zl6awnd7to.3Z6.2BpRPBfMbsWGlDuY1
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 66709b7391664c627ccebe2d9c55dd7e.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 1
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:35 GMT
server: cloudflare
etag: W/"9302e110eeafadf50a55706765469e06"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c615e86d2180-MAD
x-amz-cf-id: rcgPwReCgvSh9hB9_tYWqiNIBuonb8Ts5yMCUSDl5ZmSGCbpMBnpzw==
expires: Thu, 30 Jan 2025 20:41:08 GMT

GET
H2 200 rbtools.min.js Show response
spycloud.com/wp-content/plugins/revslider/public/assets/js/ 162 KB
61 KB 2198ms
2187ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.15

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

52984e532d02a87a060764ff400626a1b81cc316284a8ba1feab5d94697119a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: VCbr8RVtpbJrIjNiENjbsb2mdaKNEvIK
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 e5bf2c9645151e78d8b35d4b366f79f6.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 3
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:28 GMT
server: cloudflare
etag: W/"7722baa787dec6f4e3831067d4cea8f8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61e1dd72180-MAD
x-amz-cf-id: AHYaf_vj-5qhvcC1NBMGUBedRzN8Zha1dlKDnMCYmH4H3Gy-Ys5Kqw==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 rs6.min.js Show response
spycloud.com/wp-content/plugins/revslider/public/assets/js/ 406 KB
106 KB 2773ms
2762ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.15

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

d83aec48544d062dde1996c25831b736a6262a98fc15a037ee5c72b1f9f0aeb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: meaW.JNZMJkYjQh4hA1CIIq4.l3El8Gp
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 e5bf2c9645151e78d8b35d4b366f79f6.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 3
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:29 GMT
server: cloudflare
etag: W/"0c66e2218aea88286463aa42d24e5532"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61e1dda2180-MAD
x-amz-cf-id: yio8-4U0X2FT6YxpsDQdc5ePgen-d4d_QwxO4OXJwBK2FdRPLvtkpw==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 main.min.js Show response
spycloud.com/wp-content/plugins/qi-addons-for-elementor/assets/js/ 61 KB
13 KB 415ms
414ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/qi-addons-for-elementor/assets/js/main.min.js?ver=6.4.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

3990f397c4b65e707eaa128f9c07ef2b00cb7582fba53be88a6fcdee75d67659

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:08 GMT
x-amz-version-id: gObHp9bKA7YOWfXDgkIUWOjwdn.DZOuA
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 ed24ed7fbec751651346c1accbcfe3e4.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 0
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:38 GMT
server: cloudflare
etag: W/"c0bdc68e75b5c2f3dd1bff3088e2e66c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61699e42180-MAD
x-amz-cf-id: HzaVLfeEvS46IPC4VWp5mEm1nw5AqlsRlPNz6Jsofmwpphn3ldJETg==
expires: Thu, 30 Jan 2025 20:41:08 GMT

GET
H2 200 main.min.js Show response
spycloud.com/wp-content/plugins/qi-addons-for-elementor-premium/assets/js/ 89 KB
20 KB 248ms
228ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/qi-addons-for-elementor-premium/assets/js/main.min.js?ver=6.4.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

98f747466719372e425ce161211246593aacdc0327da47b26369a07946b9c19f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:09 GMT
x-amz-version-id: nWmVkCgjq4lN9_XVrWvT84bqT.8tR8eM
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 fc84dd3d81f101f017733b4720a09e8c.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 2
x-cache: Hit from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:26 GMT
server: cloudflare
etag: W/"bcc2816a75b43962efbd422230ceafbc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61958f22180-MAD
x-amz-cf-id: SLyortw8QGb9s55VgvuVkw65fCA6qrhhJUl1Ln1rMQWduA0Z8f-LBw==
expires: Thu, 30 Jan 2025 20:41:09 GMT

GET
H2 200 core.min.js Show response
spycloud.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 281ms
281ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:09 GMT
x-amz-version-id: 1IBEHsqLabvX04mZda03X0yXZcIBRrrf
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 fc84dd3d81f101f017733b4720a09e8c.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 2
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:30 GMT
server: cloudflare
etag: W/"c4e68a0f3463c0bd3c39eab38815e881"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c619fa912180-MAD
x-amz-cf-id: 40h7x65s_bSdif2hRZOCf8j75psW66vZ_-aACsFyKyvAajIVoOiArw==
expires: Thu, 30 Jan 2025 20:41:09 GMT

GET
H2 200 new-tab.js Show response
spycloud.com/wp-content/plugins/page-links-to/dist/ 24 KB
9 KB 317ms
317ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:09 GMT
x-amz-version-id: MHPTvbUpdZlq6NO_4QHTgb3fMV.zhCi4
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 18d8826259eea2f8aa83b2a4ea085086.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 2
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:29 GMT
server: cloudflare
etag: W/"a1ade95e21102c15d71ee475ac3818f6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61adc9b2180-MAD
x-amz-cf-id: nHTAwSymmSDx2-g9a72uoYBsiUdDFwgTXr3-N62HvlKzt79MCAZkMA==
expires: Thu, 30 Jan 2025 20:41:09 GMT

GET
H2 200 morphext.min.js Show response
spycloud.com/wp-content/plugins/mystickymenu-pro/js/morphext/ 1 KB
858 B 2758ms
2748ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/mystickymenu-pro/js/morphext/morphext.min.js?ver=2.6.6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

6753b4b0cbc3c99e713bdc896de395bf1eb5246e2ff96555151fa515bda7cd78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: 7A.DXoyiUx11X5bVVqD4g56JpgV_UZxK
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 b89214703c5c60a107a07c982809a482.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 3
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:39 GMT
server: cloudflare
etag: W/"6c9239b1028e8d0640f2952cef801242"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61e1ddd2180-MAD
x-amz-cf-id: 8KrZiZbF4YtdY21azW3C4yYvETdAM3915E1ULcs5386BkYoLHDM-3w==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 welcomebar-front.js Show response
spycloud.com/wp-content/plugins/mystickymenu-pro/js/ 80 KB
9 KB 3724ms
3715ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/mystickymenu-pro/js/welcomebar-front.js?ver=2.6.6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

424d621f24b67f04b66742bab5e94c7a5279bca1184799322b64540337638902

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: rXIGQKtSw8j4zdbAb4RaW1uVE4mV6r.p
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 3a040ac81c3e03a31883d4bf85a17866.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 3
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:36 GMT
server: cloudflare
etag: W/"3d71d041a6db01266fe645de1eb07c09"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61e1ddf2180-MAD
x-amz-cf-id: vCPxxzXqrS6f902sUSnT4qvNurjivE5kh_I_g4Cyf7b-Ib8qyU0qEA==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 premium-wrapper-link.min.js Show response
spycloud.com/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/ 625 B
649 B 344ms
342ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/premium-wrapper-link.min.js?ver=4.10.15

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

20bea481b6a605764e7f16ab048e43586382ac7c9f0a43a8ded70e41a9b12696

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:09 GMT
x-amz-version-id: z8pQ9oibj_molP91Ywt4V36L6gb_u0vX
via: 1.1 552a19732149a49fbfc2659a98c93d86.cloudfront.net (CloudFront)
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: MAD51-C2
age: 2
x-powered-by: Strattic
content-encoding: gzip
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:34 GMT
server: cloudflare
etag: W/"f31e48c2bf200e8dafe2cbf1c2825ed5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61bff962180-MAD
x-amz-cf-id: 9JZ2Eb1zU6mkRfgfOzmBui2U_zc4E5usQ_Zhez1haENlIhKJbNzXuQ==
expires: Thu, 30 Jan 2025 20:41:09 GMT

GET
H2 200 imagesloaded.min.js Show response
spycloud.com/wp-includes/js/ 5 KB
2 KB 278ms
277ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:09 GMT
x-amz-version-id: 6x4Pafd2qLfppdXfzvaIGm_f.6CaOo_h
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 fe55d6b634c29e0dbde85630de5f2786.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 2
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:38 GMT
server: cloudflare
etag: W/"6823120876c9afc8929418c9a6f8e343"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61cd9822180-MAD
x-amz-cf-id: ZelsA8LxBAPzRuSEyK9CKHzk5rLhv-uOAUdyaK8APx9H1RFxTH4cBQ==
expires: Thu, 30 Jan 2025 20:41:09 GMT

GET
H2 200 webpack.runtime.min.js Show response
spycloud.com/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 224ms
205ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.18.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

95be599649eee4c01636ca5fd88180049e0970b936e99cc9be8208f05f696e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: J_WYhSQsKUUaOPY9.aluJKM8d_BPCP0S
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 5df5179e580bb3d7462fa47120e6435a.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 3
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:35 GMT
server: cloudflare
etag: W/"8de8645ec488db0544badcc9bc36549e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61e1d8a2180-MAD
x-amz-cf-id: _sCzw307iPkBh2oHXFVYR0D5RPEWmNBcsRdjzA1iZOckUdCr6DDtYg==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 frontend-modules.min.js Show response
spycloud.com/wp-content/plugins/elementor/assets/js/ 59 KB
17 KB 1779ms
1760ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.18.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

ffbc7ca1476a1b316bca7b7f14319dd5a94a19e8198c01f1d00953989e6b7c63

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: DUo2.OgCas66XW9UcT_36tQHS2MBZnf.
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 4ddf42f206fdf10afe67b89baac28c46.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 3
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:26 GMT
server: cloudflare
etag: W/"d3fdb41f9b7969bd4726e500035eb991"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61e1db02180-MAD
x-amz-cf-id: SRrlXvZkP30zojREHjiqilS8y6hZqxr4TmV18-cfxi9b7p8aUwUpzg==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 waypoints.min.js Show response
spycloud.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 3734ms
3716ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: .n5YksWagndETQeOAlf7Qn3Ln5qiIHrx
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 5df5179e580bb3d7462fa47120e6435a.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 3
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:29 GMT
server: cloudflare
etag: W/"3819c3569da71daec283a75483735f7e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61e1db32180-MAD
x-amz-cf-id: ytvVPe8rigROtMsl9G2gksG7ie1EWp37O2GIphIfFLr_Px3cP_PeSg==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 frontend.min.js Show response
spycloud.com/wp-content/plugins/elementor/assets/js/ 39 KB
12 KB 1411ms
1393ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.18.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

8418c0a3ed1f01df585330f8ee2c7dd76b81d1b9518d798f3afec991e33e1a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: rtwOmfJ9Rd2kkN33FpRL9lKEcvF6302h
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 3d4bc9f760d271ea8c82b4a4027b2f92.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 3
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:25 GMT
server: cloudflare
etag: W/"c73550ddd7a3fcd926fa431999aad30b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61e1db52180-MAD
x-amz-cf-id: WUyM_jTALr3EMAuLe0wvJq1A9Cul17qqhGmgMaGkEaFAl1CFpgX5BQ==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 elementor.js Show response
spycloud.com/wp-content/plugins/qi-addons-for-elementor-premium/inc/plugins/elementor/assets/js/ 2 KB
836 B 1778ms
1759ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/qi-addons-for-elementor-premium/inc/plugins/elementor/assets/js/elementor.js?ver=6.4.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

dd41ab4e69bf6dae1dc818a9b09ffdfaea6faf62cd9af2cff7bdfabc6e5f8e65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: sUlPJs6W3DRJV3dV1e5YwY7CSNFUPL5b
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 0250a97a9fe8f37b6e3c4270db2dc8ae.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 3
x-cache: Hit from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:24 GMT
server: cloudflare
etag: W/"c958f0eca87332ffea96ae52fdb03c17"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61e1db72180-MAD
x-amz-cf-id: w5qyeSDM6YCWgJtvBAi9uGuxgd55-5ZmzM9w6GUlW1RYJsNu7LyevA==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 wp-polyfill-inert.min.js Show response
spycloud.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 2762ms
2746ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: O3sCWKgbq5_QijFM8qOXBbfADgGGHTDx
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 552a19732149a49fbfc2659a98c93d86.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 3
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:35 GMT
server: cloudflare
etag: W/"dda652db133fddb9b80a05c6d1b5c540"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61e1dba2180-MAD
x-amz-cf-id: 6SE7X6twyy8AF9P3LgyI4gWShsUe5pCL-wsLOl9To8y7oMRGPxaVEw==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 regenerator-runtime.min.js Show response
spycloud.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 1774ms
1758ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: iKI9ZuZ_.c3mHjcjXE7Qfv4uTEnd.hoR
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 911151077fc74374130cb3f3f2d671e8.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 3
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:36 GMT
server: cloudflare
etag: W/"fd7ef2e4737acd74fd0dcdc3b515e304"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61e1dbb2180-MAD
x-amz-cf-id: h6xmTRM5B-9wLno6wR85UgQHe5RODq5tph8kz73ZR-NlY0KpnkKfYA==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 wp-polyfill.min.js Show response
spycloud.com/wp-includes/js/dist/vendor/ 112 KB
35 KB 1778ms
1763ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: PnQNTe6krduHnCFsI9R6vD4cCOe3Ahjr
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 83f9969abb9f43b17789799503ae532c.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 3
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:23 GMT
server: cloudflare
etag: W/"9a98016751e498c06d434cc022ca1a44"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61e1dbf2180-MAD
x-amz-cf-id: z1rpUWpymclWr-p1cZnNSZ8buvxC8vmDLJa3_mLmhRb_pByDlZ9UXA==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 hooks.min.js Show response
spycloud.com/wp-includes/js/dist/ 5 KB
2 KB 1776ms
1761ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: SVqGN_Nr3IQ8JCRgMdsPmekrcO8eLfD9
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 71a0472adc0e71a3b21b29ba3bec35f2.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 3
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:27 GMT
server: cloudflare
etag: W/"7bd48eb3bd568033e96caf0fb62e6690"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61e1dc12180-MAD
x-amz-cf-id: OwvPq8AzjOf1AdkVh_tbj6Cb8hQmGqSgg2TwEL6SEvLUKslSGqMjAA==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 i18n.min.js Show response
spycloud.com/wp-includes/js/dist/ 9 KB
4 KB 1772ms
1757ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: MjAhPcjuB3wcBZx6YtpTC8ZQPj2HzpB5
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 66709b7391664c627ccebe2d9c55dd7e.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 3
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:24 GMT
server: cloudflare
etag: W/"c2c4e2a562e06e1cb22293a5b920aca6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61e1dc42180-MAD
x-amz-cf-id: -Y6tkM-ahHkKkQDzkDj6nfyRunMn5nvf1FRG8V7pQfdAv_c_vNKUJA==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 elementor.js Show response
spycloud.com/wp-content/plugins/qi-addons-for-elementor/inc/plugins/elementor/assets/js/ 5 KB
2 KB 3728ms
3714ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/qi-addons-for-elementor/inc/plugins/elementor/assets/js/elementor.js?ver=6.4.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

d02058e489deb6ca066d9d7836125819c2d6d5d0149472c6165f039175303456

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: ChypGFFP_KhT4__M30e3RyJ7YvHNFTxu
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 c1f1733266ff22358c2c3dd7a5454d9c.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 3
x-cache: Hit from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:32 GMT
server: cloudflare
etag: W/"daf9eae9179f002388fb321ed4288679"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61e1dc52180-MAD
x-amz-cf-id: XtdlDIPfA_Q855VBC8whkeBXWUiftNrCuQI-HSvT_cRW-Bcxr4aG6Q==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 webpack-pro.runtime.min.js Show response
spycloud.com/wp-content/plugins/elementor-pro/assets/js/ 6 KB
3 KB 3726ms
3713ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.18.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

4b812fc324c6d53b4894d498952a9c8d6629e52404a357a6ff01dedadc86a032

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: DvRjsz_KxjffJ0rCcZJQj8z_RwWRsU8J
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 f8fe4f851984f096441277ce2c333732.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 3
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:37 GMT
server: cloudflare
etag: W/"2ca760b5d56363d1724bd520c0b4a62c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61e1dc82180-MAD
x-amz-cf-id: h30YVY0Ac_lrSsKS5N3QPiYPEvPH-M_WdTL51yftSx28K6BlWgTS4Q==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 frontend.min.js Show response
spycloud.com/wp-content/plugins/elementor-pro/assets/js/ 25 KB
7 KB 1775ms
1762ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.18.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

04055d9f6cd872709ef5bb10b270e4ab5176abeda27629e52da6569d5727c82b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: CHEzBklthzqmkCi0JkkqYN4F0ZsqwiXr
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 0250a97a9fe8f37b6e3c4270db2dc8ae.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 3
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:39 GMT
server: cloudflare
etag: W/"c250408d31d7d3b045f217f29e43bec1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61e1dcb2180-MAD
x-amz-cf-id: SI1Bg-98tli88kL-0K6VjMPcbYpvVi0p_z5U_mFD3mJVFJZfbe_Jaw==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 elements-handlers.min.js Show response
spycloud.com/wp-content/plugins/elementor-pro/assets/js/ 37 KB
9 KB 2760ms
2747ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.18.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

5e7015ac91edb803465bcfcd3001530ad97288415e56d51e09299b1097ba450e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: wXiag39Vkx..V7fbfcnbDlDJQzk8tf0C
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 711ccea18028f91fc25b0a23c716938c.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 3
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:37 GMT
server: cloudflare
etag: W/"5be2d4015ea2d58c02fb34ef9cfc53d1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61e1dcd2180-MAD
x-amz-cf-id: hWAWdwcRtzSF9dn1w1P2f6FIo2VrzJaWRHAqrLBih9rBsZ08iodCPQ==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 jquery.sticky.min.js Show response
spycloud.com/wp-content/plugins/elementor-pro/assets/lib/sticky/ 4 KB
2 KB 2759ms
2747ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.18.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: RMGUIy_SQcGa85o0rmWfMIyrpUKtajTb
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 552a19732149a49fbfc2659a98c93d86.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 3
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:37 GMT
server: cloudflare
etag: W/"3e31a0ddb1f910fc672d22e6435b95ed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61e1dd12180-MAD
x-amz-cf-id: 5zEXDKRgMQ3ow3wP23ngCJJ1q1AF3Uw9N4HNxkdaB6XZURaRX0M2bA==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 frontend.min.js Show response
spycloud.com/wp-content/plugins/stratum-pro/assets/js/ 54 KB
17 KB 2762ms
2749ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/stratum-pro/assets/js/frontend.min.js?ver=1.3.13

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

08f002722ce870a7070dfa5b13ee7ec2576e75890f5a3f446f6b15ff1045f6bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: vywUYISZV.h1OccLOPFNYwkTlIJHBuZa
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 7fdd77e84c03b9aa5af58d1d137b5cd0.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 3
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:37 GMT
server: cloudflare
etag: W/"d212e9e032f3ea7572708c5c1903b9b7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c61e1dd52180-MAD
x-amz-cf-id: 9AirRcot8VBY2Q3frsUCJBaRx8dj5dhxMQLa-aUUZQW26K4komnL2w==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 1284ms
301ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMulish%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://spycloud.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:50:12 GMT
x-content-type-options: nosniff
age: 93057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 18:50:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 280 KB
94 KB 2108ms
1165ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5WJDJZ6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6cf990cb9e2c045b8a5bba7136a9b243e1d12170ba42c3b776f18389c75498ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95330
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 19:55:38 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Jan 2024 20:41:11 GMT

GET
H2 200 i8ss4t6wz65v.js Show response
js.driftt.com/include/1706733900000/ 220 KB
62 KB 2057ms
1253ms Script
application/javascript 18.244.28.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1706733900000/i8ss4t6wz65v.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.28.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-28-65.cdg52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

52d87460560d706c4aa2b62216ad84345b4292322c818c69fd55bb234afd4c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:11 GMT
x-amz-version-id: HprHXY.99uyuv4UI_XMdF2xIfeEfDySD
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bcdbf1400b5b04e46f310591b86ea9b8.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Tue, 30 Jan 2024 20:20:44 GMT
server: istio-envoy
etag: W/"8bb3282387347ab14b7a49c1d4f4e79f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 37OE64NtseLhAk0c7abedRgfOzfBYlLwK4n06l6jn2cMcVhUOHHq9A==

GET
BLOB 200
OK e9d68ec0-b3de-4189-8a9b-f705083d87ab
https://spycloud.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://spycloud.com/e9d68ec0-b3de-4189-8a9b-f705083d87ab
Requested by: Host: spycloud.com
URL: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
30 KB 1222ms
1213ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://spycloud.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:27:31 GMT
x-content-type-options: nosniff
age: 508419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 23:27:31 GMT

GET
H2 200 fa-solid-900.woff2
spycloud.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 673ms
665ms Font
font/woff2 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

Requested by

Host: spycloud.com
URL: https://spycloud.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://spycloud.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Origin: https://spycloud.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: orBFkT._QJeBzl5GDxIu497QQghXqYPZ
via: 1.1 5bbe14a8b2c5fa4323fe2881d040833c.cloudfront.net (CloudFront)
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: MAD51-C2
age: 3
x-powered-by: Strattic
x-cache: Miss from cloudfront
content-length: 78196
last-modified: Wed, 13 Dec 2023 17:34:16 GMT
server: cloudflare
etag: "e8a427e15cc502bef99cfd722b37ea98"
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 84e4c61e1d822180-MAD
x-amz-cf-id: aYYb9nISJgHpsc1SvAVw7xjLxOetfGW1ut3_i5QgauekYOU2tRAOaw==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 91tnifpfr3 Show response
fast.wistia.net/embed/iframe/ Frame 54EF 14 KB
5 KB 1663ms
746ms Document
text/html 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5717f884b1343423b16c167eb361c1f552242e3eb3807e2be4491da6e792ae74

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://spycloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 71
cache-control: public, no-cache
content-encoding: br
content-length: 4089
content-type: text/html; charset=utf-8
date: Wed, 31 Jan 2024 20:41:11 GMT
etag: W/"5717f884b1343423b16c167eb361c1f5"
server: envoy
strict-transport-security: max-age=0
timing-allow-origin: *
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
via: 1.1 e685e9e08c2e4b105f4d86b35da50628.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-id: drb34vKjfmQOErsP93BpPkoQSHsRwHI-9rqq1Dfzw4hzWLX1bURxBA==
x-amz-cf-pop: IAD89-C3
x-browser: chrome
x-browser-version: 120
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 101, 1
x-content-type-options: nosniff
x-ecma-v: modern
x-envoy-upstream-service-time: 80
x-permitted-cross-domain-policies: none
x-request-id: 2be2a8b1-6cfe-44cb-ba22-0dab3630bb36
x-runtime: 0.077807
x-served-by: cache-iad-kcgs7200175-IAD, cache-mad2200124-MAD
x-timer: S1706733671.056426,VS0,VE2

GET
H2 200 SpyCloud-Logo-White.svg
spycloud.com/wp-content/uploads/2023/01/ 2 KB
1 KB 2729ms
2728ms Image
image/svg+xml 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/uploads/2023/01/SpyCloud-Logo-White.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

6ff4191ac1e5fd2aa051649f757283f1307d652f9ac46b4154c2fa35e89519c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: 1oqBmC0BU9tnJoueAlg905BdQwBqwhG7
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 0250a97a9fe8f37b6e3c4270db2dc8ae.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 3
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:25 GMT
server: cloudflare
etag: W/"c021c94e8398001fae3d967d31381c3b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 84e4c61e3e112180-MAD
x-amz-cf-id: ShyOyxiGWecxmC_uUMZGKoOnCiLwyHBU5vE9ZLRAPGQU8D3kRVLW9w==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 bg-img-security-02-1920x1080-1.jpg
spycloud.com/wp-content/uploads/2022/08/ 141 KB
142 KB 3674ms
3673ms Image
image/jpeg 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/uploads/2022/08/bg-img-security-02-1920x1080-1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

b154988867d7c21891da1cfb0117227f2dac46787aed31368f8fdc2a7aebd0c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 711ccea18028f91fc25b0a23c716938c.cloudfront.net (CloudFront)
x-amz-version-id: EaWo0.deLzr1xBHXdoafVv7g0AG0vqjF
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: MAD51-C2
age: 2
cf-polished: origSize=151596, status=webp_bigger
x-powered-by: Strattic
x-cache: Miss from cloudfront
content-length: 144745
cf-bgj: imgq:85,h2pri
last-modified: Wed, 31 Jan 2024 03:03:34 GMT
server: cloudflare
etag: "07735d09771ee8900f7e974ec63caced"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84e4c61e5e682180-MAD
x-amz-cf-id: y9L7kc7sB8N9c4duHk39W2Cj1YwghIdxwZslKyUBrxpKNlScZtEd3w==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 img-databse-800x500-1.jpg
spycloud.com/wp-content/uploads/2022/08/ 119 KB
119 KB 7285ms
7284ms Image
image/jpeg 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/uploads/2022/08/img-databse-800x500-1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

a5355390447fda0b8d5c75f56b7d388dcd74760a8f38bf27c09c52e74ef9afc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: r.PR5aASyCucn3XAozQdjuql2mDzWB6o
via: 1.1 158bf65e81ba82d619c73dde6c7796a8.cloudfront.net (CloudFront)
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: EXPIRED
x-content-type-options: nosniff
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
x-cache: Miss from cloudfront
content-length: 121748
last-modified: Wed, 31 Jan 2024 03:03:35 GMT
server: cloudflare
etag: "edb8bcbab36156917d030d967730b900"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84e4c61e7ead2180-MAD
x-amz-cf-id: AfTTtzwxrnIpJiLoDI4TED-t4RXbHKMNaq5C6ib_MyTlFKl6JDjJsQ==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 bg-img-01-1920x850-1.jpg
spycloud.com/wp-content/uploads/2024/01/ 68 KB
69 KB 7098ms
7096ms Image
image/jpeg 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/uploads/2024/01/bg-img-01-1920x850-1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

6bcedd402f632fa724b8fbdc72766f40dc90db50f30865543fb30cddb0ce60a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: kQjqJp6gz9omfgv6TVnrWCJvfHiz3cM9
via: 1.1 9809ca806cde9d8f9a57379e55ece5b6.cloudfront.net (CloudFront)
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: EXPIRED
x-content-type-options: nosniff
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
x-cache: Miss from cloudfront
content-length: 70072
last-modified: Mon, 29 Jan 2024 20:56:35 GMT
server: cloudflare
etag: "34fb200724ce649b85e4001f72c15236"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84e4c61e7eb12180-MAD
x-amz-cf-id: o7rowocFPaQvseRUVxKEEKxrnJN9gizgkP9JcpblNgjvmGsUgXCDug==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 4364ms
4362ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://spycloud.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:33:07 GMT
x-content-type-options: nosniff
age: 148083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 03:33:07 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 4352ms
4351ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://spycloud.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:50:28 GMT
x-content-type-options: nosniff
age: 93042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 18:50:28 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 4349ms
4348ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://spycloud.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 10:08:09 GMT
x-content-type-options: nosniff
age: 210781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jan 2025 10:08:09 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ 32 KB
32 KB 4355ms
4355ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://spycloud.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:53:31 GMT
x-content-type-options: nosniff
age: 92859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 18:53:31 GMT

GET
H2 200 blog-img-spycloud-labs-admin-and-the-4-dwarfs-800x500-v2.png
spycloud.com/wp-content/uploads/2024/01/ 78 KB
79 KB 4888ms
4887ms Image
image/webp 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/uploads/2024/01/blog-img-spycloud-labs-admin-and-the-4-dwarfs-800x500-v2.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

cf7961de00736a64acdcf580481200f60029a43b27d2a22a27da01f338122807

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 fc84dd3d81f101f017733b4720a09e8c.cloudfront.net (CloudFront)
x-amz-version-id: QzZ1nhO9WKI0gj3wdorZ15Dq8F.sLA50
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: MAD51-C2
cf-polished: origFmt=png, origSize=129166
x-powered-by: Strattic
x-cache: Miss from cloudfront
content-disposition: inline; filename="blog-img-spycloud-labs-admin-and-the-4-dwarfs-800x500-v2.webp"
content-length: 80022
cf-bgj: imgq:85,h2pri
last-modified: Wed, 31 Jan 2024 20:25:26 GMT
server: cloudflare
etag: "29c33d16d6d64d5a95715ae6cc27a992"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84e4c61eaf3a2180-MAD
x-amz-cf-id: VJPHBh7GWdfB1Xvj6f_7ulruZkSN7q7qAFdhe-WkhA9Rk1C7f3g43Q==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 blog-img-screenshot-of-the-actor-chizasvv.jpg
spycloud.com/wp-content/uploads/2024/01/ 88 KB
89 KB 5611ms
5610ms Image
image/jpeg 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/uploads/2024/01/blog-img-screenshot-of-the-actor-chizasvv.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

a0c9a905ac3e87bb7a045a2508821194e67e9bea7c6b0d71f954953ac41b02e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: EEHCDxfRp8gQXor6OWeyjI_NiOvuhF9X
via: 1.1 9809ca806cde9d8f9a57379e55ece5b6.cloudfront.net (CloudFront)
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: EXPIRED
x-content-type-options: nosniff
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
x-cache: Miss from cloudfront
content-length: 90473
last-modified: Wed, 31 Jan 2024 09:34:32 GMT
server: cloudflare
etag: "93c8da0ea7febef19aea3c4c47f468c7"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84e4c61eaf3e2180-MAD
x-amz-cf-id: Cz7m2kEWJaY3GPJ2bdm86mJYfTFXL2CbtAKNu94Er-xbxGLbxfjk0Q==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 blog-img-rage-installs.jpg
spycloud.com/wp-content/uploads/2024/01/ 54 KB
54 KB 7036ms
7035ms Image
image/jpeg 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/uploads/2024/01/blog-img-rage-installs.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

ed397aec6cb361311d1b5c6b1a731363b758e40a8573958db95567827e8e79b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: zEocsYuqCxvHivZAAXFlM0_abF_b52Zb
via: 1.1 e9c760453b6eccd1556a68a55a4a90c4.cloudfront.net (CloudFront)
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: EXPIRED
x-content-type-options: nosniff
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
x-cache: Miss from cloudfront
content-length: 55196
last-modified: Wed, 31 Jan 2024 09:34:33 GMT
server: cloudflare
etag: "3fc1308b513486893dec5f3740da3431"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84e4c61eaf402180-MAD
x-amz-cf-id: 2S19J_ScP94evlyK_tPdNOei7464unfpGHsQ5XWtSP3VsqN4GxE2KA==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 fa-regular-400.woff2
spycloud.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 13 KB
13 KB 5087ms
5086ms Font
font/woff2 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2

Requested by

Host: spycloud.com
URL: https://spycloud.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://spycloud.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
Origin: https://spycloud.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:10 GMT
x-amz-version-id: W6LJlDg__jydqH37kK88Sx01ROYUeGYu
via: 1.1 3a040ac81c3e03a31883d4bf85a17866.cloudfront.net (CloudFront)
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: MAD51-C2
age: 3
x-powered-by: Strattic
x-cache: Miss from cloudfront
content-length: 13276
last-modified: Wed, 13 Dec 2023 17:34:38 GMT
server: cloudflare
etag: "f0f8230116992e521526097a28f54066"
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 84e4c61f0fe52180-MAD
x-amz-cf-id: 8yWed5HW1MC9NiAgrUS0oE8DFGgu4HUzBMGqitpP-0nMuDR_M-cYdA==
expires: Thu, 30 Jan 2025 20:41:10 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
47 KB 4856ms
4856ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://spycloud.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:52:13 GMT
x-content-type-options: nosniff
age: 92937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 18:52:13 GMT

GET
H2 200 insideIframe.js Show response
fast.wistia.net/assets/external/ Frame 54EF 45 KB
12 KB 6072ms
6072ms Script
text/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/insideIframe.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fd63ae3c4d40439c3256053ca79e4c5e2ff7cc82c2a0e268e2907af6948fed38

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true
Origin: https://fast.wistia.net
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:11 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1709
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 12079
x-served-by: cache-iad-kcgs7200085-IAD, cache-mad2200124-MAD
x-browser-version: 120
last-modified: Wed, 31 Jan 2024 20:11:46 GMT
server: AmazonS3
x-timer: S1706733672.790731,VS0,VE0
etag: "375725d1e46234712497ec563ccd470b"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: c442b31a8d1833634ccc10e3d722d8a476b63e1d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 78, 12

GET
H2 200 E-v1.js Show response
fast.wistia.net/assets/external/ Frame 54EF 753 KB
127 KB 6078ms
6078ms Script
text/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/E-v1.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7031bcfcbce52de37f223e0e65445ca374fb4197f1a2a9183cb3c3ca64697dd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:11 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1709
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 129396
x-served-by: cache-iad-kcgs7200153-IAD, cache-mad2200124-MAD
x-browser-version: 120
last-modified: Wed, 31 Jan 2024 20:11:45 GMT
server: AmazonS3
x-timer: S1706733672.790723,VS0,VE0
etag: "397b068b4181b626eb5a1fb5122ea1e6"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: c442b31a8d1833634ccc10e3d722d8a476b63e1d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 77, 2

GET
H2 200 swatch
fast.wistia.net/embed/medias/91tnifpfr3/ Frame 54EF 4 KB
5 KB 6072ms
6072ms Image
image/jpeg 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/embed/medias/91tnifpfr3/swatch

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a5f5535997f6e28e8549419d3867dee3a7cc561be04e0fb1a70bad8da96dc6c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:11 GMT
access-control-request-method: *
via: 1.1 c3af1bb2028605770032345c7c19b7aa.cloudfront.net (CloudFront), 1.1 29cb8c298da4d2ced72495e99456ecc8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2, PHL50-C1
age: 1398687
edge-cache-tag: 977c45a148505e79b4b6e4e66bc9c5ec
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 34
content-disposition: inline
content-length: 4319
x-served-by: cache-iad-kjyo7100148-IAD, cache-mad2200124-MAD
x-browser-version: 120
last-modified: Thu, 30 Jun 2022 17:05:11 UTC
server: envoy
x-timer: S1706733672.790699,VS0,VE0
etag: DSnR9ZFDuWulV3trssRbJvVyGj8=
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, no-cache,max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: x5O9yakNnhPqLAy08fXV09wITfET8hr5gzmyE-Be4yMC_df0J1Xu3Q==
x-cache-hits: 204, 430

OPTIONS
H2 200 es.json
cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/ Frame 0
0 3387ms
1606ms Preflight 18.239.18.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/es.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.18.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-18-124.ams58.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://spycloud.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 31 Jan 2024 20:41:16 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 c2905f891f96a0ec9c7fab16916dbb46.cloudfront.net (CloudFront)
x-amz-cf-id: AWxBznv0ZTWTCEOdfNsMZ1wd_khOgkcbVmmeMAFEzXwVR1yGv2UFog==
x-amz-cf-pop: AMS58-P6
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 osano-ui.js Show response
cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/ 98 KB
24 KB 3004ms
3004ms Script
application/javascript 18.239.18.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/osano-ui.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.18.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-18-124.ams58.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d56b11dec738d63faa1c437d1d773f326a3b29857356f0330bf874511de170c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: KDDaIXpN4ZGkfsx3MwvmMfpe729j9vjp
content-encoding: br
via: 1.1 45f8047ab98fa87807d2f5362a7fb75c.cloudfront.net (CloudFront)
date: Wed, 31 Jan 2024 02:43:07 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: AMS58-P6
age: 64692
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 06 Nov 2023 23:05:01 GMT
server: AmazonS3
etag: W/"dc566dfd1a288c7fb674c74de3978081"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=86400, no-transform, public
x-amz-cf-id: uAlN2m3tVY0Q-XIBNcqqNvtTduVWAW1AOWCb30LtBTpqrJjDlMJtow==

GET
H2 200 es.json Show response
cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/ 5 KB
3 KB 681ms
670ms XHR
application/json 18.239.18.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/es.json

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.18.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-18-124.ams58.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bb967a219327bf858633a1d74ccf346ce35b038b96b2359b68b1c87262845889

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://spycloud.com/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Jan 2024 20:41:09 GMT
x-amz-version-id: m6wN07hCg6L_IaGhG0cwJPI4KmiIeBd3
content-encoding: br
x-content-type-options: nosniff
via: 1.1 c2905f891f96a0ec9c7fab16916dbb46.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: AMS58-P6
age: 8
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 06 Nov 2023 23:05:01 GMT
server: AmazonS3
etag: W/"bd1bf13c0f5bb64b7b224261d84481c9"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, no-transform, public
vary: Accept-Encoding
x-amz-cf-id: HpgytJuh_qlOmMfmJzeImwe8XyzXoWcA8nWylxytha964VrGkdonyQ==

GET
H2 200 wp-emoji-release.min.js Show response
spycloud.com/wp-includes/js/ 18 KB
5 KB 533ms
533ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:19 GMT
x-amz-version-id: QL8vzYhiBpnnsl8_TW4kXILWpO7WV29i
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 552a19732149a49fbfc2659a98c93d86.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 11
x-cache: Hit from cloudfront
last-modified: Sat, 12 Aug 2023 09:24:30 GMT
server: cloudflare
etag: W/"4cc444663c1e69cb8ac7b909e7192bca"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c6568ee02180-MAD
x-amz-cf-id: N-m-x_HUVodlvB15Mla7qFi-HKsTMjFE63pQLcQtRxS0yXmn31bsFw==
expires: Thu, 30 Jan 2025 20:41:19 GMT

GET
BLOB 200
OK 6963d57d-2adb-4a16-88b3-c5d0b1b6c2e0
https://spycloud.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://spycloud.com/6963d57d-2adb-4a16-88b3-c5d0b1b6c2e0
Requested by: Host: spycloud.com
URL: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 3c43349a-db7e-4627-93a5-5bcdf7a5aafb
https://spycloud.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://spycloud.com/3c43349a-db7e-4627-93a5-5bcdf7a5aafb
Requested by: Host: spycloud.com
URL: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 91tnifpfr3 Show response
fast.wistia.net/embed/iframe/ Frame BF36 14 KB
5 KB 5278ms
5277ms Document
text/html 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5717f884b1343423b16c167eb361c1f552242e3eb3807e2be4491da6e792ae74

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://spycloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 74
cache-control: public, no-cache
content-encoding: br
content-length: 4089
content-type: text/html; charset=utf-8
date: Wed, 31 Jan 2024 20:41:13 GMT
etag: W/"5717f884b1343423b16c167eb361c1f5"
server: envoy
strict-transport-security: max-age=0
timing-allow-origin: *
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
via: 1.1 e685e9e08c2e4b105f4d86b35da50628.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-id: drb34vKjfmQOErsP93BpPkoQSHsRwHI-9rqq1Dfzw4hzWLX1bURxBA==
x-amz-cf-pop: IAD89-C3
x-browser: chrome
x-browser-version: 120
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 101, 2
x-content-type-options: nosniff
x-ecma-v: modern
x-envoy-upstream-service-time: 80
x-permitted-cross-domain-policies: none
x-request-id: 2be2a8b1-6cfe-44cb-ba22-0dab3630bb36
x-runtime: 0.077807
x-served-by: cache-iad-kcgs7200175-IAD, cache-mad2200124-MAD
x-timer: S1706733674.950875,VS0,VE0

GET
H2 200 mega-menu.c110964c979ac8e65895.bundle.min.js Show response
spycloud.com/wp-content/plugins/elementor-pro/assets/js/ 20 KB
5 KB 1568ms
1567ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor-pro/assets/js/mega-menu.c110964c979ac8e65895.bundle.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

62a6867c90f9f0e02c71a9dd06569073000993db1c40bb1afda4b54fe698a6f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:19 GMT
x-amz-version-id: kCQpH_YF.kDax8v2yr8cgvlzRbrNOK5k
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 83f9969abb9f43b17789799503ae532c.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 11
x-cache: Miss from cloudfront
last-modified: Wed, 13 Dec 2023 17:34:25 GMT
server: cloudflare
etag: W/"75489ff4399e435c1db583ad6eee4751"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c6569efc2180-MAD
x-amz-cf-id: 5pJU_oKhV6xU5TgsUbsAC8UcDeWP8p8SEhsmxvRUT23PmRS_-PygBw==
expires: Thu, 30 Jan 2025 20:41:19 GMT

GET
H2 200 mega-menu-stretch-content.b203a97f096c18f3d1a2.bundle.min.js Show response
spycloud.com/wp-content/plugins/elementor-pro/assets/js/ 926 B
707 B 2947ms
2947ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor-pro/assets/js/mega-menu-stretch-content.b203a97f096c18f3d1a2.bundle.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

8b65e8917d5f40cba47788f502369891a2972c111e5ca7ca147bb3a72318cc10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:19 GMT
x-amz-version-id: ScSVcIn5LPab0xkmxkGOZ1_lyecX1xcM
via: 1.1 71a0472adc0e71a3b21b29ba3bec35f2.cloudfront.net (CloudFront)
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: MAD51-C2
age: 11
x-powered-by: Strattic
content-encoding: gzip
x-cache: Miss from cloudfront
last-modified: Wed, 13 Dec 2023 17:34:33 GMT
server: cloudflare
etag: W/"59afa0d19b4c5624d7a1e3a1faf9082e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c6569f012180-MAD
x-amz-cf-id: 8CDn6xND_aIbSCXwipQyKnOh4NoChqZe27C_ENz51vf6SUjxoXtplw==
expires: Thu, 30 Jan 2025 20:41:19 GMT

GET
H2 200 menu-title-keyboard-handler.e81e3b1492bbd9ba31f3.bundle.min.js Show response
spycloud.com/wp-content/plugins/elementor-pro/assets/js/ 3 KB
1 KB 2948ms
2948ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor-pro/assets/js/menu-title-keyboard-handler.e81e3b1492bbd9ba31f3.bundle.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

f25f4906c0e1825021c368f3bcf6be6bedbdb7adc57e70dd2fb8c929329ede94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:19 GMT
x-amz-version-id: B8CA9WkdTxy974cafxqyw2RN0PQIkxeg
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 ed24ed7fbec751651346c1accbcfe3e4.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 11
x-cache: Miss from cloudfront
last-modified: Wed, 13 Dec 2023 17:34:02 GMT
server: cloudflare
etag: W/"53d49581ea3c344bade5d94b85dfaee5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c6569f032180-MAD
x-amz-cf-id: mr_LZk2barVCvMFsKyrhkjZIk3ZAsiEQjDScLrcgTkKnMpIBt-RQ4g==
expires: Thu, 30 Jan 2025 20:41:19 GMT

GET
H2 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
spycloud.com/wp-content/plugins/elementor/assets/js/ 1 KB
1 KB 2506ms
2506ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

221bab2e5cfaeca91dab53c40d1ddd63a2c5e6c03113be05170ae5af57acf48a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:19 GMT
x-amz-version-id: aiLgy1LsBrUv7dzLzkmb.aLWFbqn2OYd
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 1c301b860f1012db2b746c01d3e8617e.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 11
x-cache: Miss from cloudfront
last-modified: Wed, 13 Dec 2023 17:33:54 GMT
server: cloudflare
etag: W/"2cc78a68e39466c42bd6517ff0a6fcc8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c6569f052180-MAD
x-amz-cf-id: FF-7q6w33UVCkS5ryFOeG224gmygIeMNllmQa2sXWbKxRGKvarVTww==
expires: Thu, 30 Jan 2025 20:41:19 GMT

GET
H2 200 SpyCloud-Logo-White.svg
spycloud.com/wp-content/uploads/2023/01/ 2 KB
1 KB 4608ms
4607ms Image
image/svg+xml 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/uploads/2023/01/SpyCloud-Logo-White.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

6ff4191ac1e5fd2aa051649f757283f1307d652f9ac46b4154c2fa35e89519c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:14 GMT
x-amz-version-id: 1oqBmC0BU9tnJoueAlg905BdQwBqwhG7
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 0250a97a9fe8f37b6e3c4270db2dc8ae.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 7
x-cache: Miss from cloudfront
last-modified: Wed, 31 Jan 2024 20:25:25 GMT
server: cloudflare
etag: W/"c021c94e8398001fae3d967d31381c3b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 84e4c639bbab2180-MAD
x-amz-cf-id: ShyOyxiGWecxmC_uUMZGKoOnCiLwyHBU5vE9ZLRAPGQU8D3kRVLW9w==
expires: Thu, 30 Jan 2025 20:41:14 GMT

GET
H2 200 search-form.a25a87283d08dad12f18.bundle.min.js Show response
spycloud.com/wp-content/plugins/elementor-pro/assets/js/ 2 KB
1 KB 3850ms
3849ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor-pro/assets/js/search-form.a25a87283d08dad12f18.bundle.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

5f70f398e3f34c36a6300d9d364813f6fe5804d9fd6b0ce816a9dfc077c9e0a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:19 GMT
x-amz-version-id: sG4P.PllNpr3SfpUq7JXzK7BegbiFhpo
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 4ff22507315b19a746baedf1b2177aa8.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 11
x-cache: Miss from cloudfront
last-modified: Wed, 13 Dec 2023 17:34:14 GMT
server: cloudflare
etag: W/"e3a1902a8ac6dbe5c8307b5445b778e0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c6569f092180-MAD
x-amz-cf-id: lRr4uWJv9K7z1GoVZLHXXwbM7WRtaVqoquZYGjS9TfIPRisonG8QBw==
expires: Thu, 30 Jan 2025 20:41:19 GMT

GET
H2 200 load-more.064e7e640e7ef9c3fc30.bundle.min.js Show response
spycloud.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 4216ms
4215ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor-pro/assets/js/load-more.064e7e640e7ef9c3fc30.bundle.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

68019d99312782fc0eb6b18bcb55662ace149bcb5db672ab6b0381a478adb1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:19 GMT
x-amz-version-id: E9TW3D4U03qoeqDCH8SVPS9f3uc.9LHe
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 fe55d6b634c29e0dbde85630de5f2786.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 11
x-cache: Miss from cloudfront
last-modified: Wed, 13 Dec 2023 17:34:06 GMT
server: cloudflare
etag: W/"34495e9f7f689bc0659d49b4755a95b0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c65768b22180-MAD
x-amz-cf-id: H2eUlZsrlK3F0sOtYFJZXsqF_fyn3VgRdhRh-l80vduKgrCe2ah8EA==
expires: Thu, 30 Jan 2025 20:41:19 GMT

GET
H2 200 posts.caaf3e27e57db8207afc.bundle.min.js Show response
spycloud.com/wp-content/plugins/elementor-pro/assets/js/ 3 KB
2 KB 3826ms
3826ms Script
application/javascript 104.18.26.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor-pro/assets/js/posts.caaf3e27e57db8207afc.bundle.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

8d3a1ac99ef0c825aea523bc468b0ea1f249703d53f36599397732254f1591b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:20 GMT
x-amz-version-id: JEQ1OqWLjCwRKFtdNNDLP.FzzsFUXA9q
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 e4b8d81d5f13e1c05d52108e75ecf23c.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD51-C2
x-powered-by: Strattic
age: 12
x-cache: Miss from cloudfront
last-modified: Wed, 13 Dec 2023 17:34:10 GMT
server: cloudflare
etag: W/"a8c149b994b19e3f3338d5838569d73a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84e4c65e9ad62180-MAD
x-amz-cf-id: oPcNmIF-hATHM_QoLTu1MJN0BxG68zu6rzYAte936lWEDE4x6hjMAg==
expires: Thu, 30 Jan 2025 20:41:20 GMT

GET
BLOB 200
OK 401223e6-afa4-4050-a3a1-a2d3f34df0a1
https://spycloud.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://spycloud.com/401223e6-afa4-4050-a3a1-a2d3f34df0a1
Requested by: Host: spycloud.com
URL: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 insideIframe.js Show response
fast.wistia.net/assets/external/ Frame BF36 45 KB
12 KB 1207ms
1206ms Script
text/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/insideIframe.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fd63ae3c4d40439c3256053ca79e4c5e2ff7cc82c2a0e268e2907af6948fed38

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true
Origin: https://fast.wistia.net
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:19 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1717
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 12079
x-served-by: cache-iad-kcgs7200085-IAD, cache-mad2200124-MAD
x-browser-version: 120
last-modified: Wed, 31 Jan 2024 20:11:46 GMT
server: AmazonS3
x-timer: S1706733679.216360,VS0,VE0
etag: "375725d1e46234712497ec563ccd470b"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: c442b31a8d1833634ccc10e3d722d8a476b63e1d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 78, 13

GET
H2 200 E-v1.js Show response
fast.wistia.net/assets/external/ Frame BF36 753 KB
127 KB 1710ms
1709ms Script
text/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/E-v1.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7031bcfcbce52de37f223e0e65445ca374fb4197f1a2a9183cb3c3ca64697dd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:19 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1716
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 129396
x-served-by: cache-iad-kcgs7200153-IAD, cache-mad2200124-MAD
x-browser-version: 120
last-modified: Wed, 31 Jan 2024 20:11:45 GMT
server: AmazonS3
x-timer: S1706733679.241188,VS0,VE0
etag: "397b068b4181b626eb5a1fb5122ea1e6"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: c442b31a8d1833634ccc10e3d722d8a476b63e1d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 77, 3

GET
H2 200 swatch
fast.wistia.net/embed/medias/91tnifpfr3/ Frame BF36 4 KB
5 KB 2146ms
2145ms Image
image/jpeg 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/embed/medias/91tnifpfr3/swatch

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a5f5535997f6e28e8549419d3867dee3a7cc561be04e0fb1a70bad8da96dc6c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:19 GMT
access-control-request-method: *
via: 1.1 c3af1bb2028605770032345c7c19b7aa.cloudfront.net (CloudFront), 1.1 29cb8c298da4d2ced72495e99456ecc8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2, PHL50-C1
age: 1398694
edge-cache-tag: 977c45a148505e79b4b6e4e66bc9c5ec
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 34
content-disposition: inline
content-length: 4319
x-served-by: cache-iad-kjyo7100148-IAD, cache-mad2200124-MAD
x-browser-version: 120
last-modified: Thu, 30 Jun 2022 17:05:11 UTC
server: envoy
x-timer: S1706733679.241186,VS0,VE0
etag: DSnR9ZFDuWulV3trssRbJvVyGj8=
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, no-cache,max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: x5O9yakNnhPqLAy08fXV09wITfET8hr5gzmyE-Be4yMC_df0J1Xu3Q==
x-cache-hits: 204, 435

GET
H2 200 captions.js Show response
fast.wistia.net/assets/external/ Frame 54EF 164 KB
34 KB 3382ms
3381ms Script
text/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/captions.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ed4948286e9f491f614b12925b26e34432f1fe1ab48f58bb1358325a1120cea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:19 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1716
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 34195
x-served-by: cache-iad-kiad7000043-IAD, cache-mad2200124-MAD
x-browser-version: 120
last-modified: Wed, 31 Jan 2024 20:11:45 GMT
server: AmazonS3
x-timer: S1706733679.397446,VS0,VE0
etag: "4d6211e5d2aa1e824255fd7081b57576"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: c442b31a8d1833634ccc10e3d722d8a476b63e1d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 74, 4

GET
BLOB 200
OK 3b8b499b-66ac-43c7-b2ad-5792af6c05ca
https://spycloud.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://spycloud.com/3b8b499b-66ac-43c7-b2ad-5792af6c05ca
Requested by: Host: spycloud.com
URL: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 84c12c3c-cef2-4f56-beff-8d254e21a8b7
https://spycloud.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://spycloud.com/84c12c3c-cef2-4f56-beff-8d254e21a8b7
Requested by: Host: spycloud.com
URL: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 825bab6a-1dfe-4e64-9bbe-9d030abb3352
https://spycloud.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://spycloud.com/825bab6a-1dfe-4e64-9bbe-9d030abb3352
Requested by: Host: spycloud.com
URL: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK e4a08064-7df9-4d4d-8acd-f0b334d5a3ee
https://spycloud.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://spycloud.com/e4a08064-7df9-4d4d-8acd-f0b334d5a3ee
Requested by: Host: spycloud.com
URL: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 4985c8a8-d2f5-4006-9bda-07e4f449d86d
https://spycloud.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://spycloud.com/4985c8a8-d2f5-4006-9bda-07e4f449d86d
Requested by: Host: spycloud.com
URL: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 34c1ec1a-4bb1-4d69-945b-059f90ed96d1
https://spycloud.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://spycloud.com/34c1ec1a-4bb1-4d69-945b-059f90ed96d1
Requested by: Host: spycloud.com
URL: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 28 KB
9 KB 2199ms
685ms Script
application/javascript 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: eec8fb654765dfbba9b783382bfc8ecda7db21a2e24ffde27d19624ae2287d9e

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:22 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 30 Jan 2024 22:08:33 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "cdb613b732483a878e5e73924ee9a02f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 8623

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
92 KB 223ms
223ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GJSB7W2DK5&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

966208189f2b397cdd09495dbf3ca3ba8aaa42904a7014da7732044bcdb82660

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94484
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 Jan 2024 20:41:21 GMT

GET
H/1.1

200
OK

ttpwp Show response
security-us.mimecast.com/
Redirect Chain

https://protect-us.mimecast.com/s/Wq6qCn59qpcW4BoSJ1Bvc
https://protect-us.mimecast.com/r/2Kb4PrBKGje6E9l89FhhBPS2uK_6Fm-WxetHjKWVFVK4GGRsR8qtcT2Evgf3DO8xSOjJj7u9o_3R-Y2G5NPFQP_qT-Tw0TwoBA5bAcyHPSoAOO4NyhbyOnPSYD_1uCdxTE0MNrqB8kCz94UB8NB9Bqi5CYNSgExgt1b...
https://security-us.mimecast.com/ttpwp

0
0

2695ms
1037ms

Script
text/html

207.211.31.110
NAVISITE-EAST-2

General

Check archive.org

Show headers Download Go to

Full URL: https://security-us.mimecast.com/ttpwp
Requested by: Host: spycloud.com
URL: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
Protocol: HTTP/1.1
Server: 207.211.31.110 , United States, ASN14135 (NAVISITE-EAST-2, US),
Reverse DNS: service159-us.mimecast.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Wed, 31 Jan 2024 20:41:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Location: https://security-us.mimecast.com/ttpwp#/checking?key=YaibLJz5C5re249MFUe25Q-ySEBrBnrwmHte-6PENl9UTi4eOxfQX7m4vX15ilzV2wi9NIP44WRbndvTR6D2H6BUhmvZ8f900rToI9oe7eP6JaPy9mWPQEEDxkvgwV_x
Cache-control: no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 0

POST
H2 200 mput Show response
pipedream.wistia.com/ Frame 54EF 2 B
328 B 3052ms
1369ms Fetch
text/plain 13.32.121.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-74.fra60.r.cloudfront.net
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://fast.wistia.net/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 31 Jan 2024 20:41:21 GMT
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 2
content-length: 2
x-amz-cf-id: tncxnrTILRVvMV1hqVQUSk09tZJFwOpDQ2Lhm8wo5F25Vk4u9Of3NQ==

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.net/assets/external/ Frame 54EF 80 KB
21 KB 771ms
770ms Script
text/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3c25dd38b7a4c67ac1844d3fe2a66b04241a624409142c27274c679335d1365f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/assets/external/E-v1.js
Origin: https://fast.wistia.net
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:22 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1720
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 21180
x-served-by: cache-iad-kjyo7100169-IAD, cache-mad2200124-MAD
x-browser-version: 120
last-modified: Wed, 31 Jan 2024 20:11:46 GMT
server: AmazonS3
x-timer: S1706733683.811604,VS0,VE0
etag: "6d38973c7831e0ee624acf8248d39146"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: c442b31a8d1833634ccc10e3d722d8a476b63e1d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 78, 15

GET
H2 200 91tnifpfr3.json Show response
fast.wistia.net/embed/captions/ Frame 54EF 6 KB
3 KB 3285ms
3283ms Fetch
application/json 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/captions/91tnifpfr3.json

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/captions.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

6dfdf6041947ed2b1d30dab0fda12a55d787665ce8b4b9c984223012e0662919

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 157ebd6865840045fc8b5ed1cce7e466.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD89-C3
age: 82
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 76
content-length: 2424
x-request-id: 1e6db5d6-56b2-4992-82e5-2431ad06d0f7
x-served-by: cache-iad-kcgs7200152-IAD, cache-mad2200124-MAD
x-runtime: 0.073933
x-browser-version: 120
server: envoy
x-timer: S1706733683.836013,VS0,VE2
etag: W/"6dfdf6041947ed2b1d30dab0fda12a55"
vary: Accept-Encoding,X-Forwarded-Proto
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: et5EWd5ejaurEfgK3NbDP0_RkznJANoSRi7KfMNm76nFlw23yYFEzw==
x-cache-hits: 133, 1

GET
H2 200 interFontFace.js Show response
fast.wistia.net/assets/external/ Frame 54EF 45 KB
18 KB 2110ms
2109ms Script
text/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/interFontFace.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/captions.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a8c2aeb517cf04a78bf6f7919f100e37c000562f2d1378854e10a3ef0f69794e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/assets/external/captions.js
Origin: https://fast.wistia.net
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:22 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1720
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 18286
x-served-by: cache-iad-kcgs7200114-IAD, cache-mad2200124-MAD
x-browser-version: 120
last-modified: Wed, 31 Jan 2024 20:11:46 GMT
server: AmazonS3
x-timer: S1706733683.836308,VS0,VE0
etag: "4697b07fac932c8f5757622821f87af6"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: c442b31a8d1833634ccc10e3d722d8a476b63e1d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 73, 10

GET
H2 200 swatch
fast.wistia.net/embed/medias/91tnifpfr3/ Frame 54EF 4 KB
5 KB 1701ms
1699ms Image
image/jpeg 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/embed/medias/91tnifpfr3/swatch

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a5f5535997f6e28e8549419d3867dee3a7cc561be04e0fb1a70bad8da96dc6c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:26 GMT
access-control-request-method: *
via: 1.1 c3af1bb2028605770032345c7c19b7aa.cloudfront.net (CloudFront), 1.1 29cb8c298da4d2ced72495e99456ecc8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2, PHL50-C1
age: 1398701
edge-cache-tag: 977c45a148505e79b4b6e4e66bc9c5ec
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 34
content-disposition: inline
content-length: 4319
x-served-by: cache-iad-kjyo7100148-IAD, cache-mad2200124-MAD
x-browser-version: 120
last-modified: Thu, 30 Jun 2022 17:05:11 UTC
server: envoy
x-timer: S1706733686.103795,VS0,VE0
etag: DSnR9ZFDuWulV3trssRbJvVyGj8=
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, no-cache,max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: x5O9yakNnhPqLAy08fXV09wITfET8hr5gzmyE-Be4yMC_df0J1Xu3Q==
x-cache-hits: 204, 437

GET
H2 200 977c45a148505e79b4b6e4e66bc9c5ec.webp
embed-ssl.wistia.com/deliveries/ Frame 54EF 6 KB
0 3036ms
1119ms Image
image/webp 65.9.86.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/977c45a148505e79b4b6e4e66bc9c5ec.webp?image_crop_resized=640x360
Requested by: Host: spycloud.com
URL: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-86-14.ams1.r.cloudfront.net
Software: envoy /
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 03:29:34 GMT
access-control-request-method: *
via: 1.1 8da78542dac6b4328eb443200c30bbfe.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: AMS1-C1
age: 407513
edge-cache-tag: 977c45a148505e79b4b6e4e66bc9c5ec
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 163
content-disposition: inline
surrogate-key: 977c45a148505e79b4b6e4e66bc9c5ec thumbnail-delivery
last-modified: Thu, 30 Jun 2022 17:05:11 UTC
server: envoy
etag: 9zQbj2Mm4Sb1-5yJlzGMj2ReCiY=
vary: Origin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: none
x-amz-cf-id: SdeRD3yexK9Wb4slEfMFrUtwK5NqQKXP5yzBLjenL32WMU8vqE1DnQ==

GET
H2 200 captions.js Show response
fast.wistia.net/assets/external/ Frame BF36 164 KB
34 KB 3185ms
3184ms Script
text/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/captions.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ed4948286e9f491f614b12925b26e34432f1fe1ab48f58bb1358325a1120cea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:22 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1720
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 34195
x-served-by: cache-iad-kiad7000043-IAD, cache-mad2200124-MAD
x-browser-version: 120
last-modified: Wed, 31 Jan 2024 20:11:45 GMT
server: AmazonS3
x-timer: S1706733683.928640,VS0,VE0
etag: "4d6211e5d2aa1e824255fd7081b57576"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: c442b31a8d1833634ccc10e3d722d8a476b63e1d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 74, 5

POST
H2 200 mput Show response
pipedream.wistia.com/ Frame BF36 2 B
328 B 341ms
340ms Fetch
text/plain 13.32.121.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-74.fra60.r.cloudfront.net
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://fast.wistia.net/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 31 Jan 2024 20:41:23 GMT
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 1
content-length: 2
x-amz-cf-id: h3iQfY2YWAUa4_Onj_H9YYVBTIQ-FB1VJ-TDW_myO_TBpOHlhiGIfQ==

GET
H2 200 hls_video.js Show response
fast.wistia.net/assets/external/engines/ Frame 54EF 474 KB
116 KB 2222ms
2222ms Script
text/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

02091aa39549dbde668309a0c7e6f03bd384e437bd761b7a3b26b8b926a16067

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/assets/external/E-v1.js
Origin: https://fast.wistia.net
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:23 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1721
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 118094
x-served-by: cache-iad-kjyo7100159-IAD, cache-mad2200124-MAD
x-browser-version: 120
last-modified: Wed, 31 Jan 2024 20:11:46 GMT
server: AmazonS3
x-timer: S1706733684.887418,VS0,VE0
etag: "478b0f55f6b4e9e779b15a97e4851be2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: c442b31a8d1833634ccc10e3d722d8a476b63e1d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 77, 11

GET
H2 200 t2_a928j2qo_telemetry Show response
conversions-config.reddit.com/v1/pixel/config/ 86 B
420 B 2140ms
1046ms XHR
application/json 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://conversions-config.reddit.com/v1/pixel/config/t2_a928j2qo_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:25 GMT
nel: {"report_to":"w3-reporting-nel","max_age":14400,"include_subdomains":false,"success_fraction":0.3,"failure_fraction":0.3}
report-to: {"group":"w3-reporting-nel","max_age":14400,"include_subdomains":false,"endpoints":[{"url":"https://w3-reporting-nel.reddit.com/reports"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
content-length: 86
x-served-by: cache-mad2200110-MAD

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 2140ms
1043ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1706733684138&id=t2_a928j2qo&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=9ebc24f5-6d5e-42ba-9687-dfb873e86724&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_26e8ea0f&dpm=&dpcc=&dprc=
Requested by: Host: spycloud.com
URL: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:25 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

POST
H2 204 x
distillery.wistia.com/ Frame 54EF 0
0 3142ms
1585ms Fetch 18.245.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-127.fra60.r.cloudfront.net
Software: envoy /
Resource Hash

Request headers

Referer: https://fast.wistia.net/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 20:41:25 GMT
via: 1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA60-P6
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
x-amz-cf-id: CtGLj4Kuo00962MLhLlrMvc_p2aCrHgCRyQL8DF_J_4hVSHYzL-5Ag==

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.net/assets/external/ Frame BF36 80 KB
21 KB 1690ms
1690ms Script
text/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3c25dd38b7a4c67ac1844d3fe2a66b04241a624409142c27274c679335d1365f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/assets/external/E-v1.js
Origin: https://fast.wistia.net
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:26 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1723
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 21180
x-served-by: cache-iad-kjyo7100169-IAD, cache-mad2200124-MAD
x-browser-version: 120
last-modified: Wed, 31 Jan 2024 20:11:46 GMT
server: AmazonS3
x-timer: S1706733686.128296,VS0,VE0
etag: "6d38973c7831e0ee624acf8248d39146"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: c442b31a8d1833634ccc10e3d722d8a476b63e1d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 78, 16

GET
H2 200 91tnifpfr3.json Show response
fast.wistia.net/embed/captions/ Frame BF36 6 KB
3 KB 1688ms
1688ms Fetch
application/json 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/captions/91tnifpfr3.json

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/captions.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

6dfdf6041947ed2b1d30dab0fda12a55d787665ce8b4b9c984223012e0662919

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 157ebd6865840045fc8b5ed1cce7e466.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD89-C3
age: 85
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 76
content-length: 2424
x-request-id: 1e6db5d6-56b2-4992-82e5-2431ad06d0f7
x-served-by: cache-iad-kcgs7200152-IAD, cache-mad2200124-MAD
x-runtime: 0.073933
x-browser-version: 120
server: envoy
x-timer: S1706733686.128290,VS0,VE0
etag: W/"6dfdf6041947ed2b1d30dab0fda12a55"
vary: Accept-Encoding,X-Forwarded-Proto
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: et5EWd5ejaurEfgK3NbDP0_RkznJANoSRi7KfMNm76nFlw23yYFEzw==
x-cache-hits: 133, 2

GET
H2 200 interFontFace.js Show response
fast.wistia.net/assets/external/ Frame BF36 45 KB
18 KB 1683ms
1682ms Script
text/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/interFontFace.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/captions.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a8c2aeb517cf04a78bf6f7919f100e37c000562f2d1378854e10a3ef0f69794e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/assets/external/captions.js
Origin: https://fast.wistia.net
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:26 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1723
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 18286
x-served-by: cache-iad-kcgs7200114-IAD, cache-mad2200124-MAD
x-browser-version: 120
last-modified: Wed, 31 Jan 2024 20:11:46 GMT
server: AmazonS3
x-timer: S1706733686.128252,VS0,VE0
etag: "4697b07fac932c8f5757622821f87af6"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: c442b31a8d1833634ccc10e3d722d8a476b63e1d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 73, 11

GET
H2 200 swatch
fast.wistia.net/embed/medias/91tnifpfr3/ Frame BF36 4 KB
5 KB 2225ms
2224ms Image
image/jpeg 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/embed/medias/91tnifpfr3/swatch

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a5f5535997f6e28e8549419d3867dee3a7cc561be04e0fb1a70bad8da96dc6c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:27 GMT
access-control-request-method: *
via: 1.1 c3af1bb2028605770032345c7c19b7aa.cloudfront.net (CloudFront), 1.1 29cb8c298da4d2ced72495e99456ecc8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2, PHL50-C1
age: 1398703
edge-cache-tag: 977c45a148505e79b4b6e4e66bc9c5ec
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 34
content-disposition: inline
content-length: 4319
x-served-by: cache-iad-kjyo7100148-IAD, cache-mad2200124-MAD
x-browser-version: 120
last-modified: Thu, 30 Jun 2022 17:05:11 UTC
server: envoy
x-timer: S1706733688.812349,VS0,VE0
etag: DSnR9ZFDuWulV3trssRbJvVyGj8=
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, no-cache,max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: x5O9yakNnhPqLAy08fXV09wITfET8hr5gzmyE-Be4yMC_df0J1Xu3Q==
x-cache-hits: 204, 438

GET
H2 200 977c45a148505e79b4b6e4e66bc9c5ec.webp
embed-ssl.wistia.com/deliveries/ Frame BF36 26 KB
26 KB 1330ms
1118ms Image
image/webp 65.9.86.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/977c45a148505e79b4b6e4e66bc9c5ec.webp?image_crop_resized=640x360
Requested by: Host: spycloud.com
URL: https://spycloud.com/blog/behind-the-scenes-of-a-successful-malware-traffer-team/?utm_medium=email&utm_source=marketo&utm_campaign=2024-01-newsletter-prospects&mkt_tok=NzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-86-14.ams1.r.cloudfront.net
Software: envoy /
Resource Hash: aee6f16de6be62641570253775099a49544d9e696c373648ee4b4694e429e709

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 03:29:34 GMT
access-control-request-method: *
via: 1.1 8da78542dac6b4328eb443200c30bbfe.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: AMS1-C1
age: 407513
edge-cache-tag: 977c45a148505e79b4b6e4e66bc9c5ec
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 163
content-disposition: inline
surrogate-key: 977c45a148505e79b4b6e4e66bc9c5ec thumbnail-delivery
last-modified: Thu, 30 Jun 2022 17:05:11 UTC
server: envoy
etag: 9zQbj2Mm4Sb1-5yJlzGMj2ReCiY=
vary: Origin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: none
x-amz-cf-id: HpI62oOjUz36gEpGeoSJ4nPwGp90NCB3RBdbVzoQxPPRjxcMn2SUNw==

GET
H2 200 hls_video.js Show response
fast.wistia.net/assets/external/engines/ Frame BF36 474 KB
116 KB 1168ms
1167ms Script
text/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

02091aa39549dbde668309a0c7e6f03bd384e437bd761b7a3b26b8b926a16067

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/assets/external/E-v1.js
Origin: https://fast.wistia.net
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:27 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1724
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 118094
x-served-by: cache-iad-kjyo7100159-IAD, cache-mad2200124-MAD
x-browser-version: 120
last-modified: Wed, 31 Jan 2024 20:11:46 GMT
server: AmazonS3
x-timer: S1706733687.159094,VS0,VE0
etag: "478b0f55f6b4e9e779b15a97e4851be2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: c442b31a8d1833634ccc10e3d722d8a476b63e1d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 77, 12

GET
H2 200 91tnifpfr3.m3u8 Show response
fast.wistia.com/embed/medias/ Frame 54EF 1 KB
2 KB 2564ms
1186ms XHR
application/x-mpegurl 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/91tnifpfr3.m3u8

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

499fb8738edf82ade411d5a904da39b0acb8990f2cc299f41d3fa1718b5562c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:28 GMT
via: 1.1 20579d8c7e6a7d159f211e9ee1d4003c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD89-C3
age: 86
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 33
content-length: 1354
x-request-id: 1ae92257-4093-49b4-9c98-ea69d12959e9
x-served-by: cache-iad-kjyo7100092-IAD, cache-mad2200144-MAD
x-runtime: 0.031859
x-browser-version: 120
server: envoy
x-timer: S1706733689.599776,VS0,VE2
etag: W/"499fb8738edf82ade411d5a904da39b0"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: _MGnKSFxEhfyog0G0C1dmAufC6h4pcx9uLb1QWyoyZaSG7BjuPDO-Q==
x-cache-hits: 1043, 1

GET
H2 200 blank.gif
fast.wistia.net/assets/images/ Frame 54EF 1 KB
1 KB 2662ms
2661ms Image
image/gif 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/assets/images/blank.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true
Origin: https://fast.wistia.net
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:27 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 467
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kjyo7100102-IAD, cache-mad2200124-MAD
x-browser-version: 120
last-modified: Wed, 10 May 2023 19:48:54 GMT
server: AmazonS3
x-timer: S1706733687.372248,VS0,VE1
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5488614, 1

GET
H2 200 core Show response
js.driftt.com/ Frame 6D88 2 KB
1 KB 922ms
921ms Document
text/html 18.244.28.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=2fc20557-ff17-49b0-b7f2-113b3f49b8a8&sessionStarted=1706733687.348&campaignRefreshToken=25a5c322-408b-4524-96ca-5dda8da174ca&hideController=false&pageLoadStartTime=1706733667611&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Fblog%2Fbehind-the-scenes-of-a-successful-malware-traffer-team%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_campaign%3D2024-01-newsletter-prospects%26mkt_tok%3DNzEzLVdJUC03MzcAAAGQ_91-llirtpjIqTRVC18PheCIkEFuZjd00iKNURcm_X44CusAlx3_5oruWxAEbjoWZmxoJUMtYh2BYya9cZ_PhDRmAOVBov6mOPUyRg

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.28.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-28-65.cdg52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

69dd333c29a4b5e4af6ba9979f292b4d48639a55d21b5a9c518c0338644aedcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://spycloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 31 Jan 2024 20:41:27 GMT
etag: W/"709e1d949c69eada7a0ca9ed0b6ce540"
last-modified: Tue, 30 Jan 2024 20:20:36 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 bcdbf1400b5b04e46f310591b86ea9b8.cloudfront.net (CloudFront)
x-amz-cf-id: zEMAzzfnccDK6KyEcsBd4qVC2HLPdlDfIjDqQ2D-gq9eeoDknaSISQ==
x-amz-cf-pop: CDG52-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: xfIQAhP0Z7mzs2zkjcB.GGaWG5RrIbK2
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 16

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 262C 2 KB
1 KB 2026ms
2025ms Document
text/html 18.244.28.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1706733667611

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.28.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-28-65.cdg52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

69dd333c29a4b5e4af6ba9979f292b4d48639a55d21b5a9c518c0338644aedcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://spycloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 31 Jan 2024 20:41:27 GMT
etag: W/"709e1d949c69eada7a0ca9ed0b6ce540"
last-modified: Tue, 30 Jan 2024 20:20:36 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 bcdbf1400b5b04e46f310591b86ea9b8.cloudfront.net (CloudFront)
x-amz-cf-id: ZetKlMsANldz1qQxO4Kl0LKn4SdF1ayM3PDWzav7UqcUxqpcq3g3mQ==
x-amz-cf-pop: CDG52-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: xfIQAhP0Z7mzs2zkjcB.GGaWG5RrIbK2
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 18

GET
H2 200 getForm Show response
engage.spycloud.com/index.php/form/ 6 KB
2 KB 847ms
847ms Script
application/javascript 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://engage.spycloud.com/index.php/form/getForm?munchkinId=713-WIP-737&form=1003&url=https%3A%2F%2Fspycloud.com%2Fblog%2Fbehind-the-scenes-of-a-successful-malware-traffer-team%2F&callback=jQuery371012208478114748256_1706733668806&_=1706733668807
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d06b325bcd30bac5e00e11f53845feffaab208f1c6f7e75d5616fbac3650499d

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:27 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 84e4c68a2fdc1bbb-MAD
cached: true
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
BLOB 200
OK 2bac4e03-52bc-427b-8f6e-a0598589a9de
https://spycloud.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://spycloud.com/2bac4e03-52bc-427b-8f6e-a0598589a9de
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

POST
H2 204 x
distillery.wistia.com/ Frame BF36 0
0 512ms
512ms Fetch 18.245.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-127.fra60.r.cloudfront.net
Software: envoy /
Resource Hash

Request headers

Referer: https://fast.wistia.net/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 20:41:27 GMT
via: 1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA60-P6
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
x-amz-cf-id: AmcK7mRIkqlV1gKGC_zt_C0Pqhe7pIefM1g8sLXxh-bUaIEfB8vS3Q==

POST
H2 200 mput Show response
pipedream.wistia.com/ Frame 54EF 2 B
327 B 171ms
171ms Fetch
text/plain 13.32.121.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-74.fra60.r.cloudfront.net
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://fast.wistia.net/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 31 Jan 2024 20:41:27 GMT
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 1
content-length: 2
x-amz-cf-id: ZZt3uegjdQyAwTA3DVP1SFYP2XpmN4hIaDgCrUIsZc6GMttdBLMa_Q==

GET
H2 200 forms2.css
engage.spycloud.com/js/forms2/css/ 13 KB
3 KB 1679ms
1678ms Stylesheet
text/css 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://engage.spycloud.com/js/forms2/css/forms2.css

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/osano.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 05 Jan 2024 00:21:30 GMT
server: cloudflare
age: 15
etag: "b80d7e-3437-60e27d4627680"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84e4c68fca391bbb-MAD
content-length: 2623
expires: Thu, 01 Feb 2024 00:41:28 GMT

GET
H2 200 forms2-theme-simple.css
engage.spycloud.com/js/forms2/css/ 826 B
387 B 535ms
534ms Stylesheet
text/css 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://engage.spycloud.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169m4FTnIOxju2VXg/7e7f9e03-9393-4296-9002-c4326eab2f9d/osano.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 05 Jan 2024 00:21:30 GMT
server: cloudflare
age: 15
etag: "b80d7c-33a-60e27d4627680"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84e4c68fca3a1bbb-MAD
content-length: 242
expires: Thu, 01 Feb 2024 00:41:28 GMT

GET runtime~main.be089384.js
js.driftt.com/core/assets/js/ Frame 6D88 0
0

GET 9.4a3e9801.chunk.js
js.driftt.com/core/assets/js/ Frame 6D88 0
0

GET main~493df0b3.d2a43907.chunk.js
js.driftt.com/core/assets/js/ Frame 6D88 0
0

GET runtime~main.be089384.js
js.driftt.com/core/assets/js/ Frame 262C 0
0

GET 9.4a3e9801.chunk.js
js.driftt.com/core/assets/js/ Frame 262C 0
0

GET main~493df0b3.d2a43907.chunk.js
js.driftt.com/core/assets/js/ Frame 262C 0
0

GET
H2 200 blank.gif
fast.wistia.net/assets/images/ Frame BF36 1 KB
2 KB 510ms
510ms Image
image/gif 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/assets/images/blank.gif

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/91tnifpfr3?seo=false&videoFoam=true
Origin: https://fast.wistia.net
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:30 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 470
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kjyo7100102-IAD, cache-mad2200124-MAD
x-browser-version: 120
last-modified: Wed, 10 May 2023 19:48:54 GMT
server: AmazonS3
x-timer: S1706733690.049583,VS0,VE0
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5488614, 2

GET
H2 200 91tnifpfr3.m3u8 Show response
fast.wistia.com/embed/medias/ Frame BF36 1 KB
1 KB 474ms
474ms XHR
application/x-mpegurl 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/91tnifpfr3.m3u8

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

499fb8738edf82ade411d5a904da39b0acb8990f2cc299f41d3fa1718b5562c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:41:30 GMT
via: 1.1 20579d8c7e6a7d159f211e9ee1d4003c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD89-C3
age: 87
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 33
content-length: 1354
x-request-id: 1ae92257-4093-49b4-9c98-ea69d12959e9
x-served-by: cache-iad-kjyo7100092-IAD, cache-mad2200144-MAD
x-runtime: 0.031859
x-browser-version: 120
server: envoy
x-timer: S1706733690.058993,VS0,VE0
etag: W/"499fb8738edf82ade411d5a904da39b0"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: _MGnKSFxEhfyog0G0C1dmAufC6h4pcx9uLb1QWyoyZaSG7BjuPDO-Q==
x-cache-hits: 1043, 2

POST mput
pipedream.wistia.com/ Frame BF36 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 416d16e7-7731-4fd5-9441-27938f5378e1
URL: moz-extension://416d16e7-7731-4fd5-9441-27938f5378e1/upload_fileaccessapi.js

Domain: 416d16e7-7731-4fd5-9441-27938f5378e1
URL: moz-extension://416d16e7-7731-4fd5-9441-27938f5378e1/upload_element_creation.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.be089384.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.be089384.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js

Domain: pipedream.wistia.com
URL: https://pipedream.wistia.com/mput?topic=metrics

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.email.spycloud.com/	1970-01-20 18:05:35	Name: __cf_bm Value: UCtaKBxqot.j2yPBzp9gWqieh1WzHzBfp4LuRFBzXvs-1706733666-1-AQHWSns86PiDkZ4KShImbQqnRAeu1i/f+c0vFPetNi66ylsx1MBzoTtlnSKQnkm0IOfMLQz7uH/Ttehg2RZux7s=
			.engage.spycloud.com/	1970-01-20 18:05:35	Name: __cf_bm Value: eo3_FBFEfkYHNIcA2JUvtfw1fJk.I_MHjB3IWUKnzJI-1706733667-1-AeIsWWq5XTXNupp4Vrx1Qq5QIuKT+UTNUhAzaZySzxs5ZY9SoXaxHTOPMqheqObfmbcm7mVCFGc9YszBhyEZfwE=

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: moz-extension://416d16e7-7731-4fd5-9441-27938f5378e1/upload_fileaccessapi.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: moz-extension://416d16e7-7731-4fd5-9441-27938f5378e1/upload_element_creation.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
other	warning	URL: https://js.driftt.com/include/1706733900000/i8ss4t6wz65v.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-PRJK7WItx+OBre7g396zPbmDr6nsHZbfek74gOTGqXI=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

416d16e7-7731-4fd5-9441-27938f5378e1
alb.reddit.com
cmp.osano.com
conversions-config.reddit.com
distillery.wistia.com
email.spycloud.com
embed-ssl.wistia.com
engage.spycloud.com
fast.wistia.com
fast.wistia.net
fonts.googleapis.com
fonts.gstatic.com
js.driftt.com
pipedream.wistia.com
protect-us.mimecast.com
security-us.mimecast.com
spycloud.com
www.googletagmanager.com
www.redditstatic.com
416d16e7-7731-4fd5-9441-27938f5378e1
js.driftt.com
pipedream.wistia.com
104.16.95.80
104.17.71.206
104.18.26.108
13.32.121.74
142.250.185.74
151.101.193.140
151.101.65.140
151.101.66.132
172.217.16.200
18.239.18.124
18.244.28.65
18.245.86.127
205.139.111.113
207.211.31.110
216.58.206.35
65.9.86.14
02091aa39549dbde668309a0c7e6f03bd384e437bd761b7a3b26b8b926a16067
033c7f8bb7aa0e1cc6a3ce3770097923aa30e1f13488b91d1592621d63dc6468
04055d9f6cd872709ef5bb10b270e4ab5176abeda27629e52da6569d5727c82b
0502e0199d71f6266fdf2508cf41bb91a22b707adc0ae0acb3b28f7a561d6be3
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd
088e5ccaddd5ffecccab53a34c461bdb47aacfc39862c8f412643c3ce1e952b3
08f002722ce870a7070dfa5b13ee7ec2576e75890f5a3f446f6b15ff1045f6bf
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
20bea481b6a605764e7f16ab048e43586382ac7c9f0a43a8ded70e41a9b12696
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
221bab2e5cfaeca91dab53c40d1ddd63a2c5e6c03113be05170ae5af57acf48a
241b75cd9c48834a0d84cbc9d02b0cbb03e3c009825531322798858bf63b8dbb
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
3990f397c4b65e707eaa128f9c07ef2b00cb7582fba53be88a6fcdee75d67659
3c25dd38b7a4c67ac1844d3fe2a66b04241a624409142c27274c679335d1365f
3c3c0ebe37e4fd4187131a0a8d039064a9014215c4b83199d909e7e0b2d7f450
424d621f24b67f04b66742bab5e94c7a5279bca1184799322b64540337638902
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
48cb4399c1ad700412b6552da6b97114ba57fa35cd90e0b8285c1c9d27db8887
499fb8738edf82ade411d5a904da39b0acb8990f2cc299f41d3fa1718b5562c4
4b812fc324c6d53b4894d498952a9c8d6629e52404a357a6ff01dedadc86a032
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52984e532d02a87a060764ff400626a1b81cc316284a8ba1feab5d94697119a0
52d87460560d706c4aa2b62216ad84345b4292322c818c69fd55bb234afd4c83
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5717f884b1343423b16c167eb361c1f552242e3eb3807e2be4491da6e792ae74
5e7015ac91edb803465bcfcd3001530ad97288415e56d51e09299b1097ba450e
5f70f398e3f34c36a6300d9d364813f6fe5804d9fd6b0ce816a9dfc077c9e0a4
5f9d3a91d5bbc09131900b7dc64ba4328bab03dc7221c5c2773397cb656bca18
62a6867c90f9f0e02c71a9dd06569073000993db1c40bb1afda4b54fe698a6f0
6753b4b0cbc3c99e713bdc896de395bf1eb5246e2ff96555151fa515bda7cd78
68019d99312782fc0eb6b18bcb55662ace149bcb5db672ab6b0381a478adb1fd
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
69dd333c29a4b5e4af6ba9979f292b4d48639a55d21b5a9c518c0338644aedcf
6bcedd402f632fa724b8fbdc72766f40dc90db50f30865543fb30cddb0ce60a6
6cf990cb9e2c045b8a5bba7136a9b243e1d12170ba42c3b776f18389c75498ec
6dfdf6041947ed2b1d30dab0fda12a55d787665ce8b4b9c984223012e0662919
6efe352e9cbe2e9a8d4d6e4f1370a5ad66d26b493d85ed32d37e978a4d511941
6ff4191ac1e5fd2aa051649f757283f1307d652f9ac46b4154c2fa35e89519c0
7031bcfcbce52de37f223e0e65445ca374fb4197f1a2a9183cb3c3ca64697dd6
7347de6f1e66b2bf459be0c4db3ab837e2edb7a2fb42023b8286a80f65abc4d7
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
74bbf4b4c120009256b75530a2c4d7ebf932a720dde541f2a6e9aeadf321d49f
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
841582e2569a29cbf9128cace792e2fc8499ae6d395523ea7926a00d65c92cc8
8418c0a3ed1f01df585330f8ee2c7dd76b81d1b9518d798f3afec991e33e1a6a
86e3a02e65e8d41d632cbf626f0d824b20165bdf2a354013276105fd94607ecf
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407
8b65e8917d5f40cba47788f502369891a2972c111e5ca7ca147bb3a72318cc10
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8d3a1ac99ef0c825aea523bc468b0ea1f249703d53f36599397732254f1591b4
931729e0f35d5f9a8c077b47484b2180d05f74358293787e30cb0af30b9d87ff
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
95be599649eee4c01636ca5fd88180049e0970b936e99cc9be8208f05f696e57
966208189f2b397cdd09495dbf3ca3ba8aaa42904a7014da7732044bcdb82660
98f70ccb0a821ccc06949746669ae29505f35dc69e650151904a43ea3153117a
98f747466719372e425ce161211246593aacdc0327da47b26369a07946b9c19f
a0c9a905ac3e87bb7a045a2508821194e67e9bea7c6b0d71f954953ac41b02e9
a49e3dd493f56e6c7e456cb9e7633d22cdc6d03c8911295c2d5b3705e017eed6
a5355390447fda0b8d5c75f56b7d388dcd74760a8f38bf27c09c52e74ef9afc9
a5f5535997f6e28e8549419d3867dee3a7cc561be04e0fb1a70bad8da96dc6c8
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a8c2aeb517cf04a78bf6f7919f100e37c000562f2d1378854e10a3ef0f69794e
a93fad25abecaf290429639c9ed9e7cf93fd0d29c766e3d818835de891e363cd
ac9267f6dcdbdd099bc4a6bc9ce5a17985485f6636fb8553445ebc6addadbbc2
aee6f16de6be62641570253775099a49544d9e696c373648ee4b4694e429e709
b154988867d7c21891da1cfb0117227f2dac46787aed31368f8fdc2a7aebd0c8
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
bb967a219327bf858633a1d74ccf346ce35b038b96b2359b68b1c87262845889
be0b56929195755bb3fe67aa4eb3a545ace43e008fd488e12914136e27f52463
be64da47ffc5fc1e40ba8205a0974330a76815e151e84ba365a750a7c96f1d1d
c0264cebfcf19eafd46af4b6bb5e3cf5ea00482eb3c1fd1601fe78661cc9cb09
c0f77031e22b28fbe14e53d8c5629f14bc1bf74bb338384388b5113d8a698ccc
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c7f6a84135245cce4edf2a5853cd9418569e94cb70aef9dc5ea873ae3bc0247f
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf7961de00736a64acdcf580481200f60029a43b27d2a22a27da01f338122807
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d02058e489deb6ca066d9d7836125819c2d6d5d0149472c6165f039175303456
d06b325bcd30bac5e00e11f53845feffaab208f1c6f7e75d5616fbac3650499d
d0ab86838239d0289d6b7f2f19ff3de1b59a015bfb4a18d87e549d6113774fd0
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d2f82e2e141c7a7f31f40ab9ed8c499bba09505bac8b806cf016d10550e2a6d7
d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969
d56b11dec738d63faa1c437d1d773f326a3b29857356f0330bf874511de170c7
d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f
d83aec48544d062dde1996c25831b736a6262a98fc15a037ee5c72b1f9f0aeb2
d8b2613ceb59d7c1b21e995d7a39b0add818c676bf89e0fed4dccb8661f73664
d9017aa269b66b600b35d6c48e4368b94969480279ba09d22f5c01bbedefd372
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
dd41ab4e69bf6dae1dc818a9b09ffdfaea6faf62cd9af2cff7bdfabc6e5f8e65
e2d4b7ac2cf724a064d15a4379ccca7a81c346dcb143f279d83a0e99f9563cc7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b54467275809a673e4eafec04438046ea1f1d6e1c7da1806bf50df884d6c00
ed397aec6cb361311d1b5c6b1a731363b758e40a8573958db95567827e8e79b7
ed4948286e9f491f614b12925b26e34432f1fe1ab48f58bb1358325a1120cea6
eea3d6ccda7f6503078cce9dc41176c1357af1c93a5b3625131ef7cf21c9d7c4
eec8fb654765dfbba9b783382bfc8ecda7db21a2e24ffde27d19624ae2287d9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f25f4906c0e1825021c368f3bcf6be6bedbdb7adc57e70dd2fb8c929329ede94
f32bb6cf7a44a3340cb34dc07661030817f63d3df8783ccdbcd747ab9c669f9e
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fd63ae3c4d40439c3256053ca79e4c5e2ff7cc82c2a0e268e2907af6948fed38
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
ffbc7ca1476a1b316bca7b7f14319dd5a94a19e8198c01f1d00953989e6b7c63

spycloud.com Open in urlscan Pro 104.18.26.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

156 Requests

86 %HTTPS

0 %IPv6

12 Domains

19 Subdomains

16 IPs

2 Countries

2980 kBTransfer

10812 kBSize

2 Cookies

8 Outgoing links

Page URL History

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

spycloud.com Open in urlscan Pro
104.18.26.108 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

86 %
HTTPS

0 %
IPv6

12
Domains

19
Subdomains

16
IPs

2
Countries

2980 kB
Transfer

10812 kB
Size

2
Cookies

156 HTTP transactions
0 data transactions