www.netskope.com Open in urlscan Pro
141.193.213.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-an...
Submission: On December 28 via api (December 28th 2024, 8:01:46 am UTC) from BY — Scanned from CA

Summary HTTP 66 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 10 domains to perform 66 HTTP transactions. The main IP is 141.193.213.21, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare London, LLC, US. The main domain is www.netskope.com. The Cisco Umbrella rank of the primary domain is 938517.
TLS certificate: Issued by GlobalSign Extended Validation CA - S... on September 27th 2024. Valid for: a year.

This is the only time www.netskope.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	141.193.213.21 141.193.213.21	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare London)
1	151.101.193.91 151.101.193.91	54113 (FASTLY) (FASTLY)
2	2600:1408:ec0... 2600:1408:ec00:2e::1735:ba8	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	104.18.17.5 104.18.17.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::644	54113 (FASTLY) (FASTLY)
1	2600:1408:c40... 2600:1408:c400:389::f09	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
3	104.18.37.212 104.18.37.212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.17.74.206 104.17.74.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1408:ec0... 2600:1408:ec00:286::f09	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
3	104.18.16.5 104.18.16.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.253.115.103 172.253.115.103	15169 (GOOGLE) (GOOGLE)
5	104.16.117.43 104.16.117.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c1f::5e	15169 (GOOGLE) (GOOGLE)
1	104.16.92.80 104.16.92.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
66	15

38 141.193.213.21 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)

www.netskope.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

client-registry.mutinycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:ec00:2e::1735:ba8 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.17.5 (None, )

ASN13335 (CLOUDFLARENET, US)

js.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:389::f09 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.37.212 (None, )

ASN13335 (CLOUDFLARENET, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.74.206 (None, )

ASN13335 (CLOUDFLARENET, US)

go.netskope.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:ec00:286::f09 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

imgsct.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.16.5 (None, )

ASN13335 (CLOUDFLARENET, US)

app.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.103 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.117.43 (None, )

ASN13335 (CLOUDFLARENET, US)

ws-assets.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1f::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.92.80 (None, )

ASN13335 (CLOUDFLARENET, US)

app-sj09.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	netskope.com www.netskope.com — Cisco Umbrella Rank: 938517 go.netskope.com	1 MB
5	zoominfo.com ws-assets.zoominfo.com — Cisco Umbrella Rank: 11137 ws.zoominfo.com — Cisco Umbrella Rank: 4514	17 KB
4	qualified.com js.qualified.com — Cisco Umbrella Rank: 17504 app.qualified.com — Cisco Umbrella Rank: 17538	251 KB
4	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4433 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5051 imgsct.cookiebot.com — Cisco Umbrella Rank: 5232	135 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 5643	4 KB
1	marketo.com app-sj09.marketo.com	67 KB
1	gstatic.com www.gstatic.com	216 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3	968 B
1	wistia.net fast.wistia.net — Cisco Umbrella Rank: 9224	145 KB
1	mutinycdn.com client-registry.mutinycdn.com — Cisco Umbrella Rank: 18070	21 KB
66	10

	Domain	Requested by
38	www.netskope.com	www.netskope.com
6	go.netskope.com	www.netskope.com app-sj09.marketo.com go.netskope.com
4	ws.zoominfo.com	js.zi-scripts.com ws-assets.zoominfo.com
3	app.qualified.com	js.qualified.com
3	js.zi-scripts.com	www.netskope.com js.zi-scripts.com
2	consent.cookiebot.com	www.netskope.com consent.cookiebot.com
1	app-sj09.marketo.com	www.netskope.com
1	www.gstatic.com	www.google.com
1	ws-assets.zoominfo.com	js.zi-scripts.com
1	www.google.com	www.netskope.com
1	imgsct.cookiebot.com
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	fast.wistia.net	www.netskope.com
1	js.qualified.com	www.netskope.com
1	client-registry.mutinycdn.com	www.netskope.com
66	15

This site contains links to these domains. Also see Links.

Domain
www.cookiebot.com
www.beeswax.com
www.crazyegg.com
business.safety.google
www.linkedin.com
www.appnexus.com
twitter.com
www.facebook.com
documents.marketo.com
privacy.microsoft.com
www.stackadapt.com
www.thetradedesk.com
netskopestage.wpengine.com
go.netskope.com
netskope.com
partners.netskope.com
resources.netskope.com
docs.netskope.com
community.netskope.com
support.netskope.com
trust.netskope.com
engineering.fb.com
www.instagram.com

Subject Issuer	Validity	Valid
netskope.com GlobalSign Extended Validation CA - SHA256 - G3	`2024-09-27` - `2025-10-29`	a year	crt.sh
client-registry.mutinycdn.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-06` - `2025-04-07`	a year	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-28` - `2025-02-27`	a year	crt.sh
qualified.com WE1	`2024-11-02` - `2025-01-31`	3 months	crt.sh
fast.wistia.net GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2025-02-26`	a year	crt.sh
zi-scripts.com WE1	`2024-11-20` - `2025-02-18`	3 months	crt.sh
go.netskope.com WE1	`2024-11-21` - `2025-02-19`	3 months	crt.sh
*.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
zoominfo.com E5	`2024-12-10` - `2025-03-10`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
app-sj09.marketo.com WE1	`2024-11-21` - `2025-02-19`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials
Frame ID: F07E3E8F66A3B2566F0CA4DC21DD1BC9
Requests: 60 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: C87B2970C6B4B5AA26AE98AB07C225EF
Requests: 1 HTTP requests in this frame

Frame: https://app.qualified.com/w/1/n7t9Zf7nr8m6n2fF/messenger?uuid=bbd554d4-4719-4446-a671-67487a6d9ab1
Frame ID: F69C82E52422EB6A87A14D9C2AEC9B7B
Requests: 1 HTTP requests in this frame

Frame: https://go.netskope.com/index.php/form/XDFrame
Frame ID: F98301BE8A96CB0EF25CE84A5AB13559
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New Python NodeStealer Goes Beyond Facebook Credentials, Now Stealing All Browser Cookies and Login Credentials - Netskope

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Marketo Forms (Widgets) Expand

Overall confidence: 100%
Detected patterns

marketo\.\w+/js/forms(?:[\d.]+)/js/forms([\d.]+)\.min\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

66
Requests

98 %
HTTPS

36 %
IPv6

10
Domains

15
Subdomains

15
IPs

2
Countries

2336 kB
Transfer

6886 kB
Size

7
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiebot.com/en/what-is-behind-powered-by-cookiebot/

Search URL Search Domain Scan URL

URL: https://www.beeswax.com/cookies/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.crazyegg.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://business.safety.google/privacy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/legal/privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.appnexus.com/corporate-privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://twitter.com/en/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policy.php/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://documents.marketo.com/legal/cookies/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-US/privacystatement
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.stackadapt.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.thetradedesk.com/general/website-privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://netskopestage.wpengine.com/
Title: netskopestage.wpengine.com

Search URL Search Domain Scan URL

URL: https://go.netskope.com/
Title: go.netskope.com

Search URL Search Domain Scan URL

URL: https://netskope.com/
Title: netskope.com

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://partners.netskope.com/
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://resources.netskope.com/ebooks/sase-architecture-for-dummies
Title: Get the eBook

Search URL Search Domain Scan URL

URL: https://docs.netskope.com/
Title: Product Documentation

Search URL Search Domain Scan URL

URL: https://community.netskope.com/
Title: Customer Community

Search URL Search Domain Scan URL

URL: https://support.netskope.com/
Title: Support Portal

Search URL Search Domain Scan URL

URL: https://trust.netskope.com/
Title: Trust Portal

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials%27

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=%20New%20Python%20NodeStealer%20Goes%20Beyond%20Facebook%20Credentials,%20Now%20Stealing%20All%20Browser%20Cookies%20and%20Login%20Credentials%20@Netskope&url=https%3A%2F%2Fwww.netskope.com%2Fblog%2Fnew-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials%27

Search URL Search Domain Scan URL

URL: https://engineering.fb.com/2023/05/03/security/malware-nodestealer-ducktail/
Title: identified

Search URL Search Domain Scan URL

URL: https://partners.netskope.com/English/
Title: Partner portal

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/netskope

Search URL Search Domain Scan URL

URL: https://twitter.com/netskope

Search URL Search Domain Scan URL

URL: https://www.instagram.com/netskope/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials Show response
www.netskope.com/blog/ 1 MB
143 KB 245ms
133ms Document
text/html 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

7a524bf3e591054741b359e0509d68c7faf2a846819c29653a8280ed72c07974

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://www.netskope.com
alt-svc: h3=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8f90060e0d0baba8-YYZ
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 28 Dec 2024 08:01:39 GMT
link: <https://www.netskope.com/wp-json/>; rel="https://api.w.org/" <https://www.netskope.com/wp-json/wp/v2/posts/53393>; rel="alternate"; title="JSON"; type="application/json" <https://www.netskope.com/?p=53393>; rel=shortlink
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: SHORT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-powered-by: WP Engine

GET
H2 200 29745d69a30aec94.js Show response
client-registry.mutinycdn.com/personalize/client/ 66 KB
21 KB 109ms
17ms Script
application/javascript 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://client-registry.mutinycdn.com/personalize/client/29745d69a30aec94.js
Requested by: Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8f83f6d5318610f7bb8b6e63971b0bbf886e673bf3b93e74ebb3f080e9c2cc5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "12399dac6410f0698bcffe991f79dea9"
x-amz-version-id: TOG7I6FkZpksfA2iRGOn1HYWp3LuVyzk
age: 2974
access-control-allow-methods: GET, HEAD
x-cache: HIT
x-country-code: CA
date: Sat, 28 Dec 2024 08:01:39 GMT
last-modified: Thu, 31 Oct 2024 14:42:51 GMT
content-type: application/javascript
x-served-by: cache-yul1970024-YUL
x-cache-hits: 0
x-amz-id-2: Stgtqrohe5Qth8tOIEMpVGy0UeFSoy60GhNJeDNKGCzDvqvrlQ7gfdee/sxYKMhhEXKzXaMpimc=
x-edge-datacenter: YUL
vary: X-Continent-Code, Accept-Encoding
cache-control: s-maxage=3600, max-age=0
x-continent-code: NA
x-connection-speed: broadband
via: 1.1 varnish
x-amz-request-id: 7KF50VB354VP7TSG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20518
x-edge-region: North-America
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 111 KB
34 KB 138ms
34ms Script
application/javascript 2600:1408:ec00:2e::1735:ba8
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:ec00:2e::1735:ba8 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: 39d5774e35f5214dd8567d4d6774865350b9600504cceb8b8f8bb5c3b9fffeea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/

Response headers

access-control-expose-headers: Request-Context
cache-control: public, max-age=492
content-encoding: gzip
etag: "223be2d7f94adb1:0"
cross-origin-resource-policy: cross-origin
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
expires: Sat, 28 Dec 2024 08:09:51 GMT
accept-ranges: bytes
content-length: 34602
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 11:51:26 GMT
vary: Accept-Encoding

GET
H2 200 qualified.js Show response
js.qualified.com/ 1 MB
251 KB 150ms
54ms Script
text/javascript 104.18.17.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.qualified.com/qualified.js?token=n7t9Zf7nr8m6n2fF

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.17.5 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

845220a8bdc57f9db95345e02866972c104636e1ffba62226cf4e2fc18ecf359

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/

Response headers

x-request-id: 577bc7af-4b2e-47c0-a033-66c4f9cc5b3f
content-encoding: gzip
cf-cache-status: HIT
etag: W/"7edae3bd92cb405ccd1d131849cac01d"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: miss
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: text/javascript; charset=utf-8
vary: Accept,Accept-Encoding
x-runtime: 0.034001
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: max-age=60, public, stale-while-revalidate=60, stale-if-error=300, s-maxage=86400
x-envoy-upstream-service-time: 60
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8f9006108b19ac39-YYZ
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 close-icon-dark-over-light.svg
www.netskope.com/wp-content/themes/netskope/images/svg/ 504 B
428 B 42ms
40ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/themes/netskope/images/svg/close-icon-dark-over-light.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6368b91686e9cdfa1ea54256c125a4e768173ae5c4d5d70ae6a3a92a8653190

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65934c3b-1f8"
age: 641357
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 01 Jan 2024 23:35:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060f3d9caba8-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H2 200 netskope-logo-reverse.svg
www.netskope.com/wp-content/themes/netskope/images/v3/ 8 KB
3 KB 44ms
44ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/themes/netskope/images/v3/netskope-logo-reverse.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e0686135ec7cb7d0771d4e9374afc05027d7f466a2b37581f44ee2a4a8aaab8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6577f98f-204a"
age: 344085
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 12 Dec 2023 06:11:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060f3d9daba8-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 logo.svg
www.netskope.com/wp-content/themes/netskope/images/v3/ 8 KB
3 KB 45ms
45ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/themes/netskope/images/v3/logo.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f14e99a3ff851e017534967b4b9d140802c549c9454179e78a553f0375b116f8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6577f98e-2089"
age: 641357
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 12 Dec 2023 06:11:26 GMT
priority: u=2,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060f7d39ab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 magnifying-glass-dark-over-light-default.svg
www.netskope.com/wp-content/themes/netskope/images/svg/ 409 B
616 B 40ms
40ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/themes/netskope/images/svg/magnifying-glass-dark-over-light-default.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dec46e3057bb9ae36cd2fa9c9d3b2f7469ba22aa97a025102f052b35de33eeb9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65934c3b-199"
age: 641357
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 01 Jan 2024 23:35:23 GMT
priority: u=2,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060f7d4bab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 language-chevron-down-dark-over-light.svg
www.netskope.com/wp-content/themes/netskope/images/svg/ 397 B
567 B 45ms
40ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/themes/netskope/images/svg/language-chevron-down-dark-over-light.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e440f379db04ed37fbacb7acb173978202bdfcb4c0ea7bbf9a6f13f4ec8acbf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65934c3b-18d"
age: 641357
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 01 Jan 2024 23:35:23 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060ffdb9ab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 menu-dark-over-light-default.svg
www.netskope.com/wp-content/themes/netskope/images/svg/ 391 B
529 B 43ms
38ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/themes/netskope/images/svg/menu-dark-over-light-default.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71a467e05943081c22e179f73b80ddabbf358c23f34220f52c4099c1844395c9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65934c3b-187"
age: 641357
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 01 Jan 2024 23:35:23 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060ffdbaab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 language-chevron-down-light-over-dark.svg
www.netskope.com/wp-content/themes/netskope/images/svg/ 394 B
566 B 52ms
48ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/themes/netskope/images/svg/language-chevron-down-light-over-dark.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6404635f1e5245f1ed344d0a9a06bd42ea764c505c7d928ded598c549867c327

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65934c3b-18a"
age: 641356
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 01 Jan 2024 23:35:23 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060ffdbbab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 close-icon-light-over-dark.svg
www.netskope.com/wp-content/themes/netskope/images/svg/ 434 B
578 B 69ms
64ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/themes/netskope/images/svg/close-icon-light-over-dark.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936eafa953d2486f6bb2022af7c4e7c814132ec5d8974178521ed7d7d9fc7c3f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65934c3b-1b2"
age: 641356
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 01 Jan 2024 23:35:23 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060ffdbdab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 icon-facebook-40x40-1.svg
www.netskope.com/wp-content/uploads/2023/12/ 607 B
702 B 52ms
47ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/uploads/2023/12/icon-facebook-40x40-1.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b0f827622efb7915d4a67230acf13cc60d72414d25293de918257b6a1323ee6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"658dbbc7-25f"
age: 641356
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 28 Dec 2023 18:17:43 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060ffdbeab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 icon-facebook-hover-40x40-1.svg
www.netskope.com/wp-content/uploads/2023/12/ 512 B
647 B 43ms
39ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/uploads/2023/12/icon-facebook-hover-40x40-1.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d606ddb5bc01e534364c40a559c9c6b60b77bc6763ffc71cf3e3caef95d0a49

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"658dbbcb-200"
age: 78202
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 28 Dec 2023 18:17:47 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060ffdbfab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 icon-x-40x40-1.svg
www.netskope.com/wp-content/uploads/2023/12/ 569 B
688 B 54ms
50ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/uploads/2023/12/icon-x-40x40-1.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d75c66c8f0a1c35348b6e2c24074824e3b0468bd338f65ff8f27dc884d2dbd38

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"658dbbc3-239"
age: 641356
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 28 Dec 2023 18:17:39 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060ffdc0ab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 icon-x-hover-40x40-1.svg
www.netskope.com/wp-content/uploads/2023/12/ 558 B
667 B 51ms
46ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/uploads/2023/12/icon-x-hover-40x40-1.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

268f77e3e45b55537a86e34225383555cfb5af4e8b7639a6fdc1f071344ddfee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"658dbbc0-22e"
age: 641356
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 28 Dec 2023 18:17:36 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060ffdc2ab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 icon-linkedin-40x40-1.svg
www.netskope.com/wp-content/uploads/2023/12/ 627 B
721 B 44ms
40ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/uploads/2023/12/icon-linkedin-40x40-1.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b11ec7bc748f957b2327cfaf28b0e98a746a483d2d9474ecd9a7747264a3f8cc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"658dbbcd-273"
age: 641356
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 28 Dec 2023 18:17:49 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060ffdc3ab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 icon-linkedin-hover-40x40-1.svg
www.netskope.com/wp-content/uploads/2023/12/ 514 B
649 B 212ms
208ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/uploads/2023/12/icon-linkedin-hover-40x40-1.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ac74ddc84de6833afcfc6ca80844c79c27c44f1b5a8b423c3bfd976410c7b95

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"658dbbd0-202"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 28 Dec 2023 18:17:52 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060ffdc4ab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H2 200 Python-based-NodeStealer-1-768x237.png
www.netskope.com/wp-content/uploads/2023/09/ 32 KB
33 KB 73ms
73ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/uploads/2023/09/Python-based-NodeStealer-1-768x237.png

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c9a7f4edb94ba3b3a840aa0b75c5c6c076877e3c365b25a621321f16725530c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

cf-cache-status: HIT
etag: "657721ee-81b0"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/webp
last-modified: Mon, 11 Dec 2023 14:51:26 GMT
vary: Accept, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=315360000
cf-ray: 8f90060f3da2aba8-YYZ
accept-ranges: bytes
content-length: 33200
server: cloudflare

GET
H3 200 resources-list.svg
www.netskope.com/wp-content/themes/netskope/images/svg/ 647 B
636 B 67ms
63ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/themes/netskope/images/svg/resources-list.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

479ed9cff91324f56cea70c1737c725c29865d0b6c3acd8ae60f437e9924e48e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65934c3b-287"
age: 638457
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 01 Jan 2024 23:35:23 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060ffdc6ab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 resources-grid.svg
www.netskope.com/wp-content/themes/netskope/images/svg/ 645 B
653 B 51ms
47ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/themes/netskope/images/svg/resources-grid.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

526ca03d0ffef7dd9b4f1d4769eb6dd902a92f5a44b668aa507f2528935b113a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65934c3b-285"
age: 638457
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 01 Jan 2024 23:35:23 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060ffdc7ab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 card-shape5.svg
www.netskope.com/wp-content/themes/netskope/dist/assets/images/ 3 KB
2 KB 54ms
50ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/themes/netskope/dist/assets/images/card-shape5.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a53f42b1a16d810c64140b8e704850bc798a12ffaf7ed158643517846fb1fa6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6577f98a-d2e"
age: 638457
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 12 Dec 2023 06:11:22 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060ffdc9ab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 round_chevron_blue.png
www.netskope.com/wp-content/themes/netskope/images/v3/ 518 B
861 B 51ms
47ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/themes/netskope/images/v3/round_chevron_blue.png

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54979920508ec495f931223fc5d02c4b61a6808e5793f30dc6cb6eb4144fdb68

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

cf-bgj: imgq:100,h2pri
etag: "6577f98f-510"
age: 638457
cf-cache-status: HIT
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=1296
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/webp
content-disposition: inline; filename="round_chevron_blue.webp"
vary: Accept
last-modified: Tue, 12 Dec 2023 06:11:27 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060ffdcaab96-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 518
server: cloudflare

GET
H2 200 E-v1.js Show response
fast.wistia.net/assets/external/ 851 KB
145 KB 106ms
16ms Script
text/javascript 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/E-v1.js

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5c1fe57929a1874ecde1d1dc9e306ca3a8b4c188b2db1e324fce9e587a399ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/

Response headers

content-encoding: br
etag: "bc30ab80e00e31ee2165c097e5cbf5df"
age: 3184
x-cache: HIT, HIT
date: Sat, 28 Dec 2024 08:01:39 GMT
last-modified: Fri, 20 Dec 2024 20:11:38 GMT
x-served-by: cache-iad-kcgs7200112-IAD, cache-yul1970049-YUL
x-cache-hits: 32, 8
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=0
cache-control: public, max-age=3600
timing-allow-origin: *
x-timer: S1735372900.915778,VS0,VE0
via: 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 131
accept-ranges: bytes
access-control-allow-origin: *
content-length: 147471
asset-version: ea49143d3ad772007b2d472dbbb9c363df7c98a6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 icon-linkedin-56x56-1.svg
www.netskope.com/wp-content/uploads/2023/12/ 564 B
688 B 67ms
63ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/uploads/2023/12/icon-linkedin-56x56-1.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

657493dcde82fd4f369f5b80e272de6cdeec5eb68d44738634816d20c8e41afa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6584bbc5-234"
age: 641356
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 21 Dec 2023 22:27:17 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060ffdcbab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 icon-linkedin-hover-56x56-1.svg
www.netskope.com/wp-content/uploads/2023/12/ 502 B
638 B 52ms
48ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/uploads/2023/12/icon-linkedin-hover-56x56-1.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03165c2a9725cdb822cfe4412cbf6ca0b547212758a9a3d32fca04deba5b1876

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6584bc4c-1f6"
age: 641356
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 21 Dec 2023 22:29:32 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060ffdccab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 icon-x-56x56-1.svg
www.netskope.com/wp-content/uploads/2023/12/ 466 B
636 B 52ms
49ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/uploads/2023/12/icon-x-56x56-1.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5d4c3b4a76871754fb3f47fdbe125bc12dca9933139a06c806e9d91b0ba69bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6584bc7e-1d2"
age: 641356
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 21 Dec 2023 22:30:22 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060ffdcdab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 icon-x-hover-56x56-1.svg
www.netskope.com/wp-content/uploads/2023/12/ 485 B
628 B 70ms
67ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/uploads/2023/12/icon-x-hover-56x56-1.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

126eaa53ccf333133b8bce6072a653df6c67061087a6ff50ae19b1135b477f53

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6584bcae-1e5"
age: 641356
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 21 Dec 2023 22:31:10 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060ffdceab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 icon-instagram-56x56-1.svg
www.netskope.com/wp-content/uploads/2024/01/ 2 KB
1 KB 50ms
47ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/uploads/2024/01/icon-instagram-56x56-1.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0d93d104b98be6a8824a435ff8d3065efd6e114be96b8e82368857f28657c34

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65b71518-6ea"
age: 641356
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 29 Jan 2024 03:01:44 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060ffdcfab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 icon-instagram-hover-56x56-1.svg
www.netskope.com/wp-content/uploads/2024/01/ 2 KB
1 KB 49ms
46ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/uploads/2024/01/icon-instagram-hover-56x56-1.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33cf789ab1c5ecaf28b73e0c10b2e9eb2c33028fd4753f236c048603375b7e94

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65b7151a-71f"
age: 641356
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 29 Jan 2024 03:01:46 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060ffdd0ab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 autoptimize_35cf69f973d86ed7eb461a0be785d495.js Show response
www.netskope.com/wp-content/cache/autoptimize/js/ 1 MB
348 KB 63ms
60ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netskope.com/wp-content/cache/autoptimize/js/autoptimize_35cf69f973d86ed7eb461a0be785d495.js

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9faddd9bb0775e083955772d4c5aefdc44526101e7b011ee8e36b19c8729f1cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6765d51f-15083c"
age: 641356
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 20 Dec 2024 20:35:43 GMT
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f90060ffdd1ab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H3 200 1920-White-Hero-Background.jpg
www.netskope.com/wp-content/uploads/2020/04/ 91 KB
91 KB 39ms
38ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/uploads/2020/04/1920-White-Hero-Background.jpg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91b7142b73692775e2abfa27f125de3e8c61b9c7e73887da7276a15bf367da88

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

cf-bgj: imgq:100,h2pri
etag: "657720cf-20e23"
age: 641356
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: origSize=134691, status=vary_header_present
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/jpeg
last-modified: Mon, 11 Dec 2023 14:46:39 GMT
vary: Accept, Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=315360000
cf-ray: 8f9006102df0ab96-YYZ
accept-ranges: bytes
content-length: 92900
server: cloudflare

GET
H3 200 dark-breadcrumbs-chevron.svg
www.netskope.com/wp-content/themes/netskope/images/svg/ 419 B
564 B 179ms
179ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/themes/netskope/images/svg/dark-breadcrumbs-chevron.svg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

356a0eb9e781db945428e35f6262936f8ff27dcebdec78414ec43da9b728d5d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65934c3b-1a3"
age: 640570
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 01 Jan 2024 23:35:23 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f9006102df1ab96-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 1920-cta-background.jpg
www.netskope.com/wp-content/uploads/2022/05/ 5 KB
6 KB 178ms
178ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/uploads/2022/05/1920-cta-background.jpg

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3570163585bac938916c6534b08bf93c4b1af8bfdacdac060ad7aa3884fb8cf8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

cf-cache-status: HIT
etag: "657722d4-1578"
age: 638475
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: image/webp
last-modified: Mon, 11 Dec 2023 14:55:16 GMT
vary: Accept, Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=315360000
cf-ray: 8f9006102df2ab96-YYZ
accept-ranges: bytes
content-length: 5496
server: cloudflare

GET
H3 200 Graphik-Regular.otf
www.netskope.com/wp-content/themes/netskope/dist/fonts/ 121 KB
121 KB 51ms
50ms Font
application/octet-stream 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netskope.com/wp-content/themes/netskope/dist/fonts/Graphik-Regular.otf

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2d97ceaa48cf6574b5c9f91d3b43d7b4c3dcc0ab52379143c1e28144593e2f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.netskope.com
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

cf-cache-status: HIT
etag: "6577f98b-1e318"
age: 641356
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: application/octet-stream
last-modified: Tue, 12 Dec 2023 06:11:23 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f9006105e07ab96-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 123672
server: cloudflare

GET
H3 200 Graphik-Medium-Web.woff2
www.netskope.com/wp-content/themes/netskope/dist/fonts/ 33 KB
33 KB 51ms
50ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netskope.com/wp-content/themes/netskope/dist/fonts/Graphik-Medium-Web.woff2

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b40e2981d50f54f5ec3df6fbacf3b328ed9b5f653485e4980dfefae02fb7b80

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.netskope.com
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

cf-cache-status: HIT
etag: "6577f98b-8279"
age: 639330
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: font/woff2
last-modified: Tue, 12 Dec 2023 06:11:23 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f9006105e08ab96-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33401
server: cloudflare

GET
H3 200 Graphik-Bold.otf
www.netskope.com/wp-content/themes/netskope/dist/fonts/ 128 KB
129 KB 79ms
78ms Font
application/octet-stream 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netskope.com/wp-content/themes/netskope/dist/fonts/Graphik-Bold.otf

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4a9fd00f61dfc85e1e200efc6c3aa2d0e624be65aa5e7bd26b8e7fa2a28a12c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.netskope.com
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

cf-cache-status: HIT
etag: "6577f98b-201d8"
age: 641356
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: application/octet-stream
last-modified: Tue, 12 Dec 2023 06:11:23 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f9006105e09ab96-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 131544
server: cloudflare

GET
H3 200 Graphik-Semibold.otf
www.netskope.com/wp-content/themes/netskope/dist/fonts/ 127 KB
128 KB 95ms
95ms Font
application/octet-stream 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netskope.com/wp-content/themes/netskope/dist/fonts/Graphik-Semibold.otf

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da4a5e89a01b2570a9a81157bec8661348bfd80f3048f474354bf11f4ea2640e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.netskope.com
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

cf-cache-status: HIT
etag: "6577f98b-1fdd4"
age: 641356
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:39 GMT
content-type: application/octet-stream
last-modified: Tue, 12 Dec 2023 06:11:23 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
cf-ray: 8f9006105e0aab96-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 130516
server: cloudflare

GET
H2 200 bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame C87B 0
0 130ms
30ms Document
text/html 2600:1408:c400:389::f09
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:389::f09 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://www.netskope.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 28 Dec 2024 08:01:40 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Sun, 28 Dec 2025 08:01:40 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1735372900391_400219288_440883747_22_794_28_32_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 cc.js Show response
consent.cookiebot.com/4b140262-ec1c-4bad-9de3-68c17c1566cb/ 358 KB
100 KB 198ms
197ms Script
application/x-javascript 2600:1408:ec00:2e::1735:ba8
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/4b140262-ec1c-4bad-9de3-68c17c1566cb/cc.js?renew=false&referer=www.netskope.com&dnt=false&init=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:ec00:2e::1735:ba8 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: 1ee147f88494132799dc7944197cd7a6ed372d3f3fb22e3508d8c94294b419d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/

Response headers

cache-control: private, max-age=1200
access-control-expose-headers: Request-Context
content-encoding: gzip
cross-origin-resource-policy: cross-origin
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date: Sat, 28 Dec 2024 08:01:40 GMT
content-type: application/x-javascript; charset=utf-8
last-modified: Sat, 28 Dec 2024 08:01:40 GMT
vary: Accept-Encoding

GET
H3 200 Python-based-NodeStealer-2-768x261.png
www.netskope.com/wp-content/uploads/2023/09/ 115 KB
115 KB 75ms
74ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/uploads/2023/09/Python-based-NodeStealer-2-768x261.png

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f26b0a10112141d11adb1df87c975d0394960377b98eb6b12b4e2882dd32c1e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

cf-cache-status: HIT
etag: "657721ef-1ca66"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:40 GMT
content-type: image/webp
last-modified: Mon, 11 Dec 2023 14:51:27 GMT
vary: Accept, Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=315360000
cf-ray: 8f900613efc0ab96-YYZ
accept-ranges: bytes
content-length: 117350
server: cloudflare

GET
DATA 200
OK truncated
/ 293 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 zi-tag.js Show response
js.zi-scripts.com/ 9 KB
3 KB 141ms
73ms Script
application/javascript 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: www.netskope.com
URL: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2316eedc39d2ae71b2098be3e91ad3662cb1b70d42f6c61ebb6ab5beefd919b6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-amz-version-id: Q8AFTvKb8EtoOgGtrVmzLCMTAh5swpvC
etag: W/"5b11ce08c51a9e4b3f4bbe37deea19c1"
age: 70064
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Tu5dE2x_p7lwibaafEobQwoL0t5nJnO3HOSjYxplV8_TIpLTlCHBCw==
date: Sat, 28 Dec 2024 08:01:40 GMT
content-type: application/javascript
last-modified: Fri, 13 Dec 2024 14:58:23 GMT
vary: Accept-Encoding
priority: u=3,i=?0
server-timing: cfExtPri
via: 1.1 78c6ca04205eb9747f6c35cdc0a56d02.cloudfront.net (CloudFront)
cf-ray: 8f900614eb5736d3-YYZ
x-amz-cf-pop: ORD56-P2
server: cloudflare

GET
H2 200 teknkl-formsplus-1.0.5.js Show response
go.netskope.com/rs/665-KFP-612/images/ 41 KB
11 KB 366ms
106ms Script
application/x-javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.netskope.com/rs/665-KFP-612/images/teknkl-formsplus-1.0.5.js?_=1735372900202

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/wp-content/cache/autoptimize/js/autoptimize_35cf69f973d86ed7eb461a0be785d495.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

731fcb30d45f2e35aaa139a7a964410a7c2bcdbfbb48a837c9d56dec7cc3732f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "461d58-a291-623b137bdd255"
x-content-type-options: nosniff
cf-ray: 8f9006161c9dab04-YYZ
accept-ranges: bytes
content-length: 11024
date: Sat, 28 Dec 2024 08:01:40 GMT
content-type: application/x-javascript
last-modified: Sat, 05 Oct 2024 02:05:11 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK 1.gif
imgsct.cookiebot.com/ 35 B
785 B 169ms
33ms Image
image/gif 2600:1408:ec00:286::f09
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgsct.cookiebot.com/1.gif?dgi=4b140262-ec1c-4bad-9de3-68c17c1566cb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:ec00:286::f09 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/

Response headers

x-goog-metageneration: 1
Access-Control-Expose-Headers: *
x-goog-hash: crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
ETag: "c2196de8ba412c60c22ab491af7b1409"
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 35
Date: Sat, 28 Dec 2024 08:01:40 GMT
Last-Modified: Mon, 23 Oct 2023 11:39:32 GMT
Content-Type: image/gif
X-GUploader-UploadID: AFiumC7JIuyGzVHsRCrjZWn3fKPwe_E6RpvBLwDpqg-0CulXudGQOn8xtTWI3Mauilt_7C8HlgjCHi0
Cache-Control: public,max-age=1800
x-goog-storage-class: STANDARD
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
x-goog-generation: 1698061172769999
Content-Length: 35
Server: UploadServer

POST
H3 200 admin-ajax.php Show response
www.netskope.com/wp-admin/ 30 B
495 B 319ms
317ms XHR
text/html 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netskope.com/wp-admin/admin-ajax.php

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/wp-content/cache/autoptimize/js/autoptimize_35cf69f973d86ed7eb461a0be785d495.js

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

6ed7a7ba9c05d5e8473d746272b7a39457b788f0b578cf6e7447d6afeedf36f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-robots-tag: noindex
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff, nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f9006147814ab96-YYZ
access-control-allow-origin: https://www.netskope.com, https://www.netskope.com
x-powered-by: WP Engine
server: cloudflare

GET
H3 200 cropped-favicon-32x32.png
www.netskope.com/wp-content/uploads/2019/04/ 623 B
987 B 40ms
40ms Other
image/png 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netskope.com/wp-content/uploads/2019/04/cropped-favicon-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b760d5b61f04778ea1c4cdc11eb52329690482c6decab257be0e1f2c5465037

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

cf-bgj: imgq:100,h2pri
etag: "65772116-28a"
age: 641356
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: origSize=650, status=vary_header_present
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:40 GMT
content-type: image/png
last-modified: Mon, 11 Dec 2023 14:47:50 GMT
vary: Accept, Accept-Encoding
priority: u=1,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=315360000
cf-ray: 8f9006149820ab96-YYZ
accept-ranges: bytes
content-length: 623
server: cloudflare

GET
H2 200 messenger
app.qualified.com/w/1/n7t9Zf7nr8m6n2fF/ Frame F69C 0
0 191ms
122ms Document
text/html 104.18.16.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.qualified.com/w/1/n7t9Zf7nr8m6n2fF/messenger?uuid=bbd554d4-4719-4446-a671-67487a6d9ab1

Requested by

Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=n7t9Zf7nr8m6n2fF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.5 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.netskope.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8f9006155874ab2d-YYZ
content-encoding: gzip
content-security-policy
content-type: text/html; charset=utf-8
date: Sat, 28 Dec 2024 08:01:40 GMT
link: <https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-73e3bbe0.chunk.css>; rel=preload; as=style; nopush,<https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css>; rel=preload; as=style; nopush
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-cache: miss
x-content-type-options: nosniff
x-download-options: noopen
x-envoy-upstream-service-time: 36
x-permitted-cross-domain-policies: none
x-request-id: dfa830d1-bdba-4563-aa23-ad425488b780
x-runtime: 0.031431
x-xss-protection: 1; mode=block

GET
H3 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 203 B
614 B 114ms
114ms Fetch
application/json 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f1d63dd19a06fa3d0573db3d04ec044f0190835254edb998acf3c202cfc2d23d

Request headers

Authorization: Bearer 1cb11319901679913435
Referer: https://www.netskope.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
visited_url: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"cb-5vkeVEuXcJDCGjwDwmxaUZkq4Fs"
apigw-requestid: Dfh_2gZhvHcEPDw=
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: XIH2cSHRasQltEybGqZuE1zeBgfjrd2UA91AAF0g1kqW4Zeq0otJJw==
date: Sat, 28 Dec 2024 08:01:41 GMT
content-type: application/json; charset=utf-8
vary: Origin
priority: u=1,i
server-timing: cfExtPri
via: 1.1 8628ab00b77c57209ad876418b745f6e.cloudfront.net (CloudFront)
cf-ray: 8f9006170a40ab21-YYZ
access-control-allow-origin: https://www.netskope.com
x-amz-cf-pop: YUL62-C2
x-powered-by: Express
server: cloudflare

OPTIONS
H3 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 262ms
237ms Preflight 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://www.netskope.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,X-Amp-Device-Id,X-Amp-Session-Id,visited_url,_zitok,forwarded,x-ziaccesstoken
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE, PUT
access-control-allow-origin: https://www.netskope.com
alt-svc: h3=":443"; ma=86400
apigw-requestid: Dfh_0jYBvHcEPuQ=
cf-cache-status: DYNAMIC
cf-ray: 8f90061588b1ab21-YYZ
date: Sat, 28 Dec 2024 08:01:40 GMT
priority: u=1,i
server: cloudflare
server-timing: cfExtPri
vary: Origin
via: 1.1 8628ab00b77c57209ad876418b745f6e.cloudfront.net (CloudFront)
x-amz-cf-id: U6dfRQr2T0JXegaxAapub9ETtbrceW9uBB_oMlFe0wPUDNtQR0rHag==
x-amz-cf-pop: YUL62-C2
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
968 B 116ms
47ms Script
text/javascript 172.253.115.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?_=1735372900203

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/wp-content/cache/autoptimize/js/autoptimize_35cf69f973d86ed7eb461a0be785d495.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f103.1e100.net

Software

ESF /

Resource Hash

652e8677aec33767d2a5f229384f79b4f526104bf7e94d7d258070f94743c3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 08:01:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Sat, 28 Dec 2024 08:01:41 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 formcomplete.js Show response
ws-assets.zoominfo.com/ 49 KB
14 KB 123ms
46ms Script
application/javascript 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-assets.zoominfo.com/formcomplete.js
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcb09186a3d016b8ae56ecd0cb76f787254388177fc8318061d619b56a7d81b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=A2aW0Q==, md5=JRurSHzL3UB0yE1Wjm0Zqg==
cf-cache-status: DYNAMIC
etag: W/"251bab487ccbdd4074c84d568e6d19aa"
age: 3396
content-encoding: gzip
x-goog-stored-content-encoding: identity
expires: Sat, 28 Dec 2024 08:05:05 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 50634
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:41 GMT
content-type: application/javascript
last-modified: Wed, 06 Nov 2024 05:44:23 GMT
priority: u=3,i=?0
x-guploader-uploadid: AFiumC4I6NRUFuBVoWwuwUGDCesaPX2STMLPbk1ZuX5BpO8L5kUW_KJ82SUNwM6Txd7F3WybhQhxnQQ
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
cf-ray: 8f9006183b9736bc-YYZ
x-goog-generation: 1730871862939881
server: cloudflare

GET
H3 200 / Show response
ws.zoominfo.com/pixel/6305c056271287009012561a/ 3 KB
2 KB 325ms
299ms Fetch
text/javascript 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6305c056271287009012561a/?iszitag=true

Requested by

Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

aa583f7c84b3d55ca341ac901ab78d15ec4e59ea05ccfaac7932ac3ca5a53e64

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

_zitok: 7bfa525e819dc354d4241735372901
_vtok: MTY3LjExNC4yMDkuMTAz
visited-url: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/javascript

Response headers

x-robots-tag: noindex, nofollow
content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:41 GMT
content-type: text/javascript
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url,page-url
access-control-allow-credentials: true
via: 1.1 google
cf-ray: 8f900618a9bcab36-YYZ
access-control-allow-origin: https://www.netskope.com
x-powered-by: Express
server: cloudflare

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/ 547 KB
216 KB 99ms
32ms Script
text/javascript 2607:f8b0:4004:c1f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?_=1735372900203

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b261530f05e272e18b5b5c86d860c4979c82b5b6c538e1643b3c94fc9ba76dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.netskope.com
Referer: https://www.netskope.com/

Response headers

content-encoding: gzip
age: 47712
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Sat, 27 Dec 2025 18:46:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Dec 2024 18:46:29 GMT
last-modified: Tue, 10 Dec 2024 23:05:10 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220882
x-xss-protection: 0
server: sffe

GET
H2 200 forms2.min.js Show response
app-sj09.marketo.com/js/forms2/js/ 199 KB
67 KB 611ms
221ms Script
application/x-javascript 104.16.92.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj09.marketo.com/js/forms2/js/forms2.min.js?_=1735372900204

Requested by

Host: www.netskope.com
URL: https://www.netskope.com/wp-content/cache/autoptimize/js/autoptimize_35cf69f973d86ed7eb461a0be785d495.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.92.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e1bfe53260b5fa35318df2850a20f74c97d41af88b7d233d331811d842f26d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/

Response headers

strict-transport-security: max-age=63113904
cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: MISS
etag: "1a5948-31b73-6265f4e077445"
x-content-type-options: nosniff
cf-ray: 8f90061a3b0836a6-YYZ
expires: Sat, 28 Dec 2024 12:01:41 GMT
date: Sat, 28 Dec 2024 08:01:41 GMT
content-type: application/x-javascript; charset=utf-8
last-modified: Fri, 08 Nov 2024 04:37:13 GMT
vary: Accept-Encoding
server: cloudflare

OPTIONS
H3 200 /
ws.zoominfo.com/pixel/6305c056271287009012561a/ Frame 0
0 114ms
83ms Preflight
text/html 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6305c056271287009012561a/?iszitag=true

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _vtok,_zitok,content-type,visited-url
Access-Control-Request-Method: GET
Origin: https://www.netskope.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url,page-url
access-control-allow-origin: https://www.netskope.com
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f900617fd05ac00-YYZ
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 28 Dec 2024 08:01:41 GMT
priority: u=1,i
server: cloudflare
server-timing: cfExtPri
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

OPTIONS
H3 200 forms
ws.zoominfo.com/formcomplete-v2/ Frame 0
0 76ms
75ms Preflight
text/html 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.netskope.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin: https://www.netskope.com
allow: POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f900618bd63ac00-YYZ
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 28 Dec 2024 08:01:41 GMT
priority: u=1,i
server: cloudflare
server-timing: cfExtPri
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

POST
H3 200 forms Show response
ws.zoominfo.com/formcomplete-v2/ 983 B
858 B 85ms
84ms Fetch
application/json 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Requested by

Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

07fa836e667bf7d23f80aff53a24ed72aceea5a08dc62c2ce23312bae8123a49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Authorization: bearer 4de40d9f79dd73452dd62e3e5a3f1d
Referer: https://www.netskope.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-robots-tag: noindex, nofollow
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"3d7-Aj01/ZBuP5qthcAIJ+i6VimADno"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:41 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
access-control-allow-credentials: true
via: 1.1 google
cf-ray: 8f9006192a03ab36-YYZ
access-control-allow-origin: https://www.netskope.com
x-powered-by: Express
server: cloudflare

GET
BLOB 200
OK 31301430-0ab7-439e-bdd0-cdd1ffe06aa6 Show response
https://www.netskope.com/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.netskope.com/31301430-0ab7-439e-bdd0-cdd1ffe06aa6
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa583f7c84b3d55ca341ac901ab78d15ec4e59ea05ccfaac7932ac3ca5a53e64

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript
Content-Length: 3056

GET
H2 200 getForm Show response
go.netskope.com/index.php/form/ 17 KB
4 KB 108ms
107ms Script
application/javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.netskope.com/index.php/form/getForm?munchkinId=665-KFP-612&form=1953&url=https%3A%2F%2Fwww.netskope.com%2Fblog%2Fnew-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials&callback=jQuery37104672201382530401_1735372901712&_=1735372901713
Requested by: Host: app-sj09.marketo.com
URL: https://app-sj09.marketo.com/js/forms2/js/forms2.min.js?_=1735372900204
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a935651a8a13d1d1d84e5308a5fda49cb59d96a6b83b0130f54427ed3736b96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/

Response headers

cf-ray: 8f90061bdef0ab04-YYZ
cached: true
content-encoding: gzip
date: Sat, 28 Dec 2024 08:01:41 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Python-based-NodeStealer-3-1024x528.png
www.netskope.com/wp-content/uploads/2023/09/ 224 KB
225 KB 76ms
75ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netskope.com/wp-content/uploads/2023/09/Python-based-NodeStealer-3-1024x528.png

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

173fea8d07571c6fc583fa91d02c0a4b608fe171891501bacc4bcb6d61fd8e91

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/blog/new-python-nodestealer-goes-beyond-facebook-credentials-now-stealing-all-browser-cookies-and-login-credentials

Response headers

cf-cache-status: HIT
etag: "657721ef-380ac"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 28 Dec 2024 08:01:41 GMT
content-type: image/webp
last-modified: Mon, 11 Dec 2023 14:51:27 GMT
vary: Accept, Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=315360000
cf-ray: 8f90061c7c2cab96-YYZ
accept-ranges: bytes
content-length: 229548
server: cloudflare

GET
H2 200 forms2.css
go.netskope.com/js/forms2/css/ 13 KB
3 KB 63ms
62ms Stylesheet
text/css 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.netskope.com/js/forms2/css/forms2.css

Requested by

Host: app-sj09.marketo.com
URL: https://app-sj09.marketo.com/js/forms2/js/forms2.min.js?_=1735372900204

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: "14e8-3437-62370c030d900"
x-content-type-options: nosniff
cf-ray: 8f90061c9f31ab04-YYZ
expires: Sat, 28 Dec 2024 12:01:41 GMT
accept-ranges: bytes
content-length: 2623
date: Sat, 28 Dec 2024 08:01:41 GMT
content-type: text/css
last-modified: Tue, 01 Oct 2024 21:10:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 forms2-theme-simple.css
go.netskope.com/js/forms2/css/ 826 B
399 B 61ms
60ms Stylesheet
text/css 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.netskope.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: app-sj09.marketo.com
URL: https://app-sj09.marketo.com/js/forms2/js/forms2.min.js?_=1735372900204

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.netskope.com/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: "1a292e-33a-62370c030d900"
x-content-type-options: nosniff
cf-ray: 8f90061c9f32ab04-YYZ
expires: Sat, 28 Dec 2024 12:01:41 GMT
accept-ranges: bytes
content-length: 242
date: Sat, 28 Dec 2024 08:01:41 GMT
content-type: text/css
last-modified: Tue, 01 Oct 2024 21:10:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 XDFrame Show response
go.netskope.com/index.php/form/ Frame F983 2 KB
766 B 111ms
110ms Document
text/html 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.netskope.com/index.php/form/XDFrame

Requested by

Host: app-sj09.marketo.com
URL: https://app-sj09.marketo.com/js/forms2/js/forms2.min.js?_=1735372900204

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37bddfc987ea51699d719251711334a03045ef0691faf81c225e6c208cbd5f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.netskope.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 8f90061d8f91ab04-YYZ
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 28 Dec 2024 08:01:42 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 forms2.min.js Show response
go.netskope.com/js/forms2/js/ Frame F983 199 KB
66 KB 60ms
59ms Script
application/x-javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.netskope.com/js/forms2/js/forms2.min.js

Requested by

Host: go.netskope.com
URL: https://go.netskope.com/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e1bfe53260b5fa35318df2850a20f74c97d41af88b7d233d331811d842f26d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://go.netskope.com/index.php/form/XDFrame

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: "1a5948-31b73-6265f4e077445"
x-content-type-options: nosniff
cf-ray: 8f90061e4807ab04-YYZ
expires: Sat, 28 Dec 2024 12:01:42 GMT
date: Sat, 28 Dec 2024 08:01:42 GMT
content-type: application/x-javascript
last-modified: Fri, 08 Nov 2024 04:37:13 GMT
vary: Accept-Encoding
server: cloudflare

OPTIONS
H2 200 trace
app.qualified.com/w/1/n7t9Zf7nr8m6n2fF/events/ Frame 0
0 135ms
84ms Preflight
text/plain 104.18.16.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualified.com/w/1/n7t9Zf7nr8m6n2fF/events/trace
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.netskope.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 8f900625cdf8711b-YYZ
content-length: 0
content-type: text/plain; charset=utf-8
date: Sat, 28 Dec 2024 08:01:43 GMT
server: cloudflare
vary: Accept-Encoding
x-cache: bypass
x-envoy-upstream-service-time: 1

POST
H2 204 trace
app.qualified.com/w/1/n7t9Zf7nr8m6n2fF/events/ 0
0 88ms
86ms Fetch
text/plain 104.18.16.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.qualified.com/w/1/n7t9Zf7nr8m6n2fF/events/trace

Requested by

Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=n7t9Zf7nr8m6n2fF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.5 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8
Referer: https://www.netskope.com/

Response headers

access-control-max-age: 7200
x-request-id: c3717a6c-c956-4439-bc45-2e7fde023678
access-control-expose-headers
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
access-control-allow-methods: POST, OPTIONS
x-content-type-options: nosniff
x-cache: bypass
date: Sat, 28 Dec 2024 08:01:43 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding,Origin
x-runtime: 0.035513
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: no-cache
x-envoy-upstream-service-time: 37
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8f9006265e62711b-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.netskope.com/	1970-01-21 02:02:54	Name: __cf_bm Value: v8qdvdvR2KMM.OyN5r3RN3ocGozbcOiiVkmm4VYGB4Y-1735372899-1.0.1.1-.P3DzcexgdR.cePtNJITRwlL6TIOOLYp7xk9jFSvo8ikzAJL.kuuxtHw.oLQeR5xeSVZL4EZgCLGrqdHDZR0tA
go.netskope.com/	1969-12-31 23:59:59	Name: BIGipServersj09web-nginx-app_https Value: !lHpkq2IPcQOxKuKu/iht9W3PGpXZcnRToEP0hDMmsPApUcEu51QKXbvVYHDaGn6xblD3fVEZcGsJJw==
.go.netskope.com/	1970-01-21 02:02:54	Name: __cf_bm Value: fxvY9BpjlDTrmb5tBPDMCsTPXPqxnQFEJEk6dmHZ.14-1735372900-1.0.1.1-FXet9ogS35FCMSfRuprHhErAmbzlWsHnOohjALYqyN7SB5FmiBTBWGzM9.bmbMnuNf9LTxfn3NANOOJTjMAVpQ
.www.netskope.com/	1970-01-21 10:48:28	Name: _zitok Value: 7bfa525e819dc354d4241735372901
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Z9TX58fW0sypt9lVtlYA44qZTZk.qwuH.YrGYDK7dpw-1735372901495-0.0.1.1-604800000
.app-sj09.marketo.com/	1970-01-21 02:02:54	Name: __cf_bm Value: KJjzZTpAiZDDNMbkxzirjs8BFFUBmsqBRnWjhnKC_gI-1735372901-1.0.1.1-_swLElq19CyE4_fP2vYM3SVir5Vgbi2mYJBmQ7rYTnfSu864h9aLDY0fqtoQ_wyrJScq0YqXdQ4QFzskE.FG0A
.netskope.com/	1970-01-21 11:38:52	Name: __q_state_n7t9Zf7nr8m6n2fF Value: eyJ1dWlkIjoiYmJkNTU0ZDQtNDcxOS00NDQ2LWE2NzEtNjc0ODdhNmQ5YWIxIiwiY29va2llRG9tYWluIjoibmV0c2tvcGUuY29tIiwiYWN0aXZlU2Vzc2lvbklkIjpudWxsLCJzY3JpcHRJZCI6IjEzNzczNzExMTM1NzA5NjgyMDciLCJzdGF0ZUJ5U2NyaXB0SWQiOnsiMTM3NzM3MTExMzU3MDk2ODIwNyI6eyJkaXNtaXNzZWQiOmZhbHNlLCJzZXNzaW9uSWQiOm51bGx9fSwibWVzc2VuZ2VyRXhwYW5kZWQiOmZhbHNlLCJwcm9tcHREaXNtaXNzZWQiOmZhbHNlLCJjb252ZXJzYXRpb25JZCI6IjE1NTczNzIxMzAwODgwNTEzMzQifQ==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-sj09.marketo.com
app.qualified.com
client-registry.mutinycdn.com
consent.cookiebot.com
consentcdn.cookiebot.com
fast.wistia.net
go.netskope.com
imgsct.cookiebot.com
js.qualified.com
js.zi-scripts.com
ws-assets.zoominfo.com
ws.zoominfo.com
www.google.com
www.gstatic.com
www.netskope.com
104.16.117.43
104.16.92.80
104.17.74.206
104.18.16.5
104.18.17.5
104.18.37.212
141.193.213.21
151.101.193.91
172.253.115.103
2600:1408:c400:389::f09
2600:1408:ec00:286::f09
2600:1408:ec00:2e::1735:ba8
2607:f8b0:4004:c1f::5e
2a04:4e42:600::644
03165c2a9725cdb822cfe4412cbf6ca0b547212758a9a3d32fca04deba5b1876
07fa836e667bf7d23f80aff53a24ed72aceea5a08dc62c2ce23312bae8123a49
0b760d5b61f04778ea1c4cdc11eb52329690482c6decab257be0e1f2c5465037
0e1bfe53260b5fa35318df2850a20f74c97d41af88b7d233d331811d842f26d3
126eaa53ccf333133b8bce6072a653df6c67061087a6ff50ae19b1135b477f53
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
173fea8d07571c6fc583fa91d02c0a4b608fe171891501bacc4bcb6d61fd8e91
1c9a7f4edb94ba3b3a840aa0b75c5c6c076877e3c365b25a621321f16725530c
1ee147f88494132799dc7944197cd7a6ed372d3f3fb22e3508d8c94294b419d2
2316eedc39d2ae71b2098be3e91ad3662cb1b70d42f6c61ebb6ab5beefd919b6
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
268f77e3e45b55537a86e34225383555cfb5af4e8b7639a6fdc1f071344ddfee
33cf789ab1c5ecaf28b73e0c10b2e9eb2c33028fd4753f236c048603375b7e94
356a0eb9e781db945428e35f6262936f8ff27dcebdec78414ec43da9b728d5d7
3570163585bac938916c6534b08bf93c4b1af8bfdacdac060ad7aa3884fb8cf8
37bddfc987ea51699d719251711334a03045ef0691faf81c225e6c208cbd5f21
39d5774e35f5214dd8567d4d6774865350b9600504cceb8b8f8bb5c3b9fffeea
479ed9cff91324f56cea70c1737c725c29865d0b6c3acd8ae60f437e9924e48e
4a935651a8a13d1d1d84e5308a5fda49cb59d96a6b83b0130f54427ed3736b96
4ac74ddc84de6833afcfc6ca80844c79c27c44f1b5a8b423c3bfd976410c7b95
4b40e2981d50f54f5ec3df6fbacf3b328ed9b5f653485e4980dfefae02fb7b80
4e440f379db04ed37fbacb7acb173978202bdfcb4c0ea7bbf9a6f13f4ec8acbf
526ca03d0ffef7dd9b4f1d4769eb6dd902a92f5a44b668aa507f2528935b113a
54979920508ec495f931223fc5d02c4b61a6808e5793f30dc6cb6eb4144fdb68
5c1fe57929a1874ecde1d1dc9e306ca3a8b4c188b2db1e324fce9e587a399ef5
5d606ddb5bc01e534364c40a559c9c6b60b77bc6763ffc71cf3e3caef95d0a49
5f26b0a10112141d11adb1df87c975d0394960377b98eb6b12b4e2882dd32c1e
6404635f1e5245f1ed344d0a9a06bd42ea764c505c7d928ded598c549867c327
652e8677aec33767d2a5f229384f79b4f526104bf7e94d7d258070f94743c3cc
657493dcde82fd4f369f5b80e272de6cdeec5eb68d44738634816d20c8e41afa
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ed7a7ba9c05d5e8473d746272b7a39457b788f0b578cf6e7447d6afeedf36f4
71a467e05943081c22e179f73b80ddabbf358c23f34220f52c4099c1844395c9
731fcb30d45f2e35aaa139a7a964410a7c2bcdbfbb48a837c9d56dec7cc3732f
7a524bf3e591054741b359e0509d68c7faf2a846819c29653a8280ed72c07974
7a53f42b1a16d810c64140b8e704850bc798a12ffaf7ed158643517846fb1fa6
7b0f827622efb7915d4a67230acf13cc60d72414d25293de918257b6a1323ee6
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
845220a8bdc57f9db95345e02866972c104636e1ffba62226cf4e2fc18ecf359
8e0686135ec7cb7d0771d4e9374afc05027d7f466a2b37581f44ee2a4a8aaab8
91b7142b73692775e2abfa27f125de3e8c61b9c7e73887da7276a15bf367da88
936eafa953d2486f6bb2022af7c4e7c814132ec5d8974178521ed7d7d9fc7c3f
9faddd9bb0775e083955772d4c5aefdc44526101e7b011ee8e36b19c8729f1cd
a0d93d104b98be6a8824a435ff8d3065efd6e114be96b8e82368857f28657c34
aa583f7c84b3d55ca341ac901ab78d15ec4e59ea05ccfaac7932ac3ca5a53e64
b11ec7bc748f957b2327cfaf28b0e98a746a483d2d9474ecd9a7747264a3f8cc
b261530f05e272e18b5b5c86d860c4979c82b5b6c538e1643b3c94fc9ba76dd6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c5d4c3b4a76871754fb3f47fdbe125bc12dca9933139a06c806e9d91b0ba69bd
d75c66c8f0a1c35348b6e2c24074824e3b0468bd338f65ff8f27dc884d2dbd38
da4a5e89a01b2570a9a81157bec8661348bfd80f3048f474354bf11f4ea2640e
dcb09186a3d016b8ae56ecd0cb76f787254388177fc8318061d619b56a7d81b2
dec46e3057bb9ae36cd2fa9c9d3b2f7469ba22aa97a025102f052b35de33eeb9
e4a9fd00f61dfc85e1e200efc6c3aa2d0e624be65aa5e7bd26b8e7fa2a28a12c
e6368b91686e9cdfa1ea54256c125a4e768173ae5c4d5d70ae6a3a92a8653190
e8f83f6d5318610f7bb8b6e63971b0bbf886e673bf3b93e74ebb3f080e9c2cc5
f14e99a3ff851e017534967b4b9d140802c549c9454179e78a553f0375b116f8
f1d63dd19a06fa3d0573db3d04ec044f0190835254edb998acf3c202cfc2d23d
f2d97ceaa48cf6574b5c9f91d3b43d7b4c3dcc0ab52379143c1e28144593e2f1

www.netskope.com Open in urlscan Pro 141.193.213.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

66 Requests

98 %HTTPS

36 %IPv6

10 Domains

15 Subdomains

15 IPs

2 Countries

2336 kBTransfer

6886 kBSize

7 Cookies

31 Outgoing links

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.netskope.com Open in urlscan Pro
141.193.213.21 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

98 %
HTTPS

36 %
IPv6

10
Domains

15
Subdomains

15
IPs

2
Countries

2336 kB
Transfer

6886 kB
Size

7
Cookies

66 HTTP transactions
2 data transactions