www.keepnetlabs.com Open in urlscan Pro
2606:4700:20::681a:ea5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Submission: On February 25 via api (February 25th 2021, 6:57:52 pm UTC) from US

Summary HTTP 142 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 15 domains to perform 142 HTTP transactions. The main IP is 2606:4700:20::681a:ea5, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.keepnetlabs.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 30th 2020. Valid for: a year.

This is the only time www.keepnetlabs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
107	2606:4700:20:... 2606:4700:20::681a:ea5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
142	18

107 2606:4700:20::681a:ea5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.keepnetlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28c::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
107	keepnetlabs.com www.keepnetlabs.com	4 MB
9	gstatic.com fonts.gstatic.com www.gstatic.com	345 KB
7	google.com 1 redirects www.google.com	25 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	facebook.net connect.facebook.net	98 KB
2	google.de www.google.de	215 B
2	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	713 B
2	facebook.com www.facebook.com	497 B
2	google-analytics.com www.google-analytics.com	19 KB
2	googleadservices.com www.googleadservices.com	17 KB
2	hs-scripts.com js.hs-scripts.com
2	googleapis.com fonts.googleapis.com	2 KB
1	licdn.com snap.licdn.com	2 KB
1	googletagmanager.com www.googletagmanager.com	41 KB
1	cloudflare.com cdnjs.cloudflare.com	3 KB
142	15

	Domain	Requested by
107	www.keepnetlabs.com	www.keepnetlabs.com
7	www.google.com	1 redirects www.keepnetlabs.com www.gstatic.com www.google.com
5	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	connect.facebook.net	www.keepnetlabs.com connect.facebook.net
2	px.ads.linkedin.com	1 redirects www.keepnetlabs.com
2	www.google.de	www.keepnetlabs.com
2	www.facebook.com	www.keepnetlabs.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.keepnetlabs.com
2	www.googleadservices.com	www.keepnetlabs.com www.googleadservices.com
2	js.hs-scripts.com	www.keepnetlabs.com
2	fonts.googleapis.com	www.keepnetlabs.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.linkedin.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	snap.licdn.com	www.googletagmanager.com
1	www.googletagmanager.com	www.keepnetlabs.com
1	cdnjs.cloudflare.com	www.keepnetlabs.com
142	18

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
doc.keepnetlabs.com
www.twitter.com
tr.linkedin.com
flowplayer.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-30` - `2021-07-30`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Frame ID: 423EB4564A241EF48B8587E606029AEE
Requests: 133 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdlSMkUAAAAAPi7wcxJoz2raaMR6JRnPS6lq60j&co=aHR0cHM6Ly93d3cua2VlcG5ldGxhYnMuY29tOjQ0Mw..&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=lcpy1kcdamqr
Frame ID: 3E22BD62BFB0CF35BE9E141B328B2638
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

142
Requests

100 %
HTTPS

95 %
IPv6

15
Domains

18
Subdomains

18
IPs

3
Countries

4733 kB
Transfer

8821 kB
Size

9
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Keepnet-Labs-122039658449818/

Search URL Search Domain Scan URL

URL: https://twitter.com/keepnetlabs

Search URL Search Domain Scan URL

URL: https://www.instagram.com/keepnetlabs/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/keepnetlabs/

Search URL Search Domain Scan URL

URL: https://doc.keepnetlabs.com/
Title: Knowledgebase

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?m2w&s=100&p[url]=https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/&p[images][0]=https://www.keepnetlabs.com/wp-content/uploads/a-new-outlook-phishing-attack-targeting-banks.jpg&p[title]=New%20Outlook%20Themed%20Phishing%20Attack%20on%20Banking%20Sector
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=New%20Outlook%20Themed%20Phishing%20Attack%20on%20Banking%20Sector&url=https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/&title=New%20Outlook%20Themed%20Phishing%20Attack%20on%20Banking%20Sector
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Keepnet-Labs-122039658449818
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/keepnetlabs
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/keepnetlabs
Title: Instagram

Search URL Search Domain Scan URL

URL: https://tr.linkedin.com/company/keepnetlabs
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.keepnetlabs.com%2Fnew-outlook-themed-phishing-attack-on-banking-sector%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=New+Outlook+Themed+Phishing+Attack+on+Banking+Sector++&url=https%3A%2F%2Fwww.keepnetlabs.com%2Fnew-outlook-themed-phishing-attack-on-banking-sector%2F

Search URL Search Domain Scan URL

URL: https://flowplayer.com/hello/?from=player
Title: About Flowplayer

Search URL Search Domain Scan URL

URL: https://flowplayer.com/license
Title: GPL based license

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819020459/?random=879552425&cv=9&fst=1614279451825&num=1&label=o2jOCMj27X0Qq4XFhgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.keepnetlabs.com%2Fnew-outlook-themed-phishing-attack-on-banking-sector%2F&tiba=New%20Outlook%20Themed%20Phishing%20Attack%20on%20Banking%20Sector%20-%20Keepnet%20Labs&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=G_M3YK_zNM38bLGVhqgH&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/819020459/?random=879552425&cv=9&fst=1614279451825&num=1&label=o2jOCMj27X0Qq4XFhgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.keepnetlabs.com%2Fnew-outlook-themed-phishing-attack-on-banking-sector%2F&tiba=New%20Outlook%20Themed%20Phishing%20Attack%20on%20Banking%20Sector%20-%20Keepnet%20Labs&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=G_M3YK_zNM38bLGVhqgH&random=687661760&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/819020459/?random=879552425&cv=9&fst=1614279451825&num=1&label=o2jOCMj27X0Qq4XFhgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.keepnetlabs.com%2Fnew-outlook-themed-phishing-attack-on-banking-sector%2F&tiba=New%20Outlook%20Themed%20Phishing%20Attack%20on%20Banking%20Sector%20-%20Keepnet%20Labs&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=G_M3YK_zNM38bLGVhqgH&random=687661760&resp=GooglemKTybQhCsO&ipr=y

Request Chain 115

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=240970&time=1614279452839&url=https%3A%2F%2Fwww.keepnetlabs.com%2Fnew-outlook-themed-phishing-attack-on-banking-sector%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D240970%26time%3D1614279452839%26url%3Dhttps%253A%252F%252Fwww.keepnetlabs.com%252Fnew-outlook-themed-phishing-attack-on-banking-sector%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=240970&time=1614279452839&url=https%3A%2F%2Fwww.keepnetlabs.com%2Fnew-outlook-themed-phishing-attack-on-banking-sector%2F&liSync=true

142 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/ 394 KB
38 KB 78ms
49ms Document
text/html 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be47934bb6be429533638119b4dade6666effa220d3342dfca52e4e075f9dc77

Request headers

Host: www.keepnetlabs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d31194ae8a4642ec728335913fa4b42181614279451; expires=Sat, 27-Mar-21 18:57:31 GMT; path=/; domain=.keepnetlabs.com; HttpOnly; SameSite=Lax; Secure
Vary: X-Forwarded-Proto,Accept-Encoding
Last-Modified: Thu, 25 Feb 2021 17:25:58 GMT
CF-Cache-Status: DYNAMIC
cf-request-id: 087c26ba1100000ea73a10d000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F9ztne3j4M8Yq8tZlR9X7LPF7BuR1CPAfYhUqTNj60YJDXQn4DVhE0f04tkb5whWG6Yt0cO6WhRJFIMm0OiTnYb3RaUxOUqqHC0U0hzXtvwvNoWpOZYAcB0aJwnXST93"}],"group":"cf-nel","max_age":604800}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 6273a709b9930ea7-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK blocks.style.build.css
www.keepnetlabs.com/wp-content/plugins/structured-content/dist/ 3 KB
2 KB 25ms
14ms Stylesheet
text/css 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/structured-content/dist/blocks.style.build.css?ver=1.4.5
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21e40781d16d749119e73d092fd3a91883640701f700496d38ddab1fdba4f3cb

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 3261
Connection: keep-alive
Content-Length: 1324
cf-request-id: 087c26ba5100000ea75538b000000001
Last-Modified: Sun, 21 Feb 2021 23:36:25 GMT
Server: cloudflare
ETag: "ba4-5bbe127524f24-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GR2InFswZhvmBfaC2MNB2iVPB9Ga5ISKbN247yFm7RtsYxcq%2BxP22kYLJhd07eXcfBNSz1k7uBashauLmpF%2BwjIIwsUz92SaVI8Frj8Nh0ry50j%2Byzul%2BwTkp14w27qj"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a1a010ea7-FRA

GET
H/1.1 200
OK common-skeleton.min.css
www.keepnetlabs.com/wp-content/plugins/the-events-calendar/common/src/resources/css/ 12 KB
3 KB 26ms
12ms Stylesheet
text/css 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.12.18
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd1c57063478b82f0dbf91525785d7dd35115da8a1cee2aba6472bab7e069c7a

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3261
Connection: keep-alive
Content-Length: 2305
cf-request-id: 087c26ba5500004e6e4f123000000001
Last-Modified: Wed, 24 Feb 2021 23:31:06 GMT
Server: cloudflare
ETag: "3144-5bc1d6dd776b9-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t0YGBrJVj6jo6x7gRNa%2BAtnhryrqlBvEIRN%2FRwX5tI0kGtChfqgh9ZreYtoYMnDJMHs66z6LPujYs4MBeCwYsloBZTSDgAYH%2BlyTEMXk%2Bl8sCr%2B6%2FSqK%2F3M6%2Ba4KB2bU"}],"max_age":604800}
Content-Type: text/css
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a2ddc4e6e-FRA

GET
H/1.1 200
OK tooltip.min.css
www.keepnetlabs.com/wp-content/plugins/the-events-calendar/common/src/resources/css/ 2 KB
1 KB 28ms
13ms Stylesheet
text/css 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.12.18
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 872454cbfd47b444a3fa6cfa9a74b0f57e5f6b3a47b9870108d2b0e5ce4aace5

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 3261
Connection: keep-alive
Content-Length: 579
cf-request-id: 087c26ba5600004ed3bb2a9000000001
Last-Modified: Wed, 24 Feb 2021 23:31:06 GMT
Server: cloudflare
ETag: "662-5bc1d6dd776b9-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pk28FHy60927Tj1XYFPb007UXLdmNEUXgSG1OhYc8NGUIECvK3cUfr1%2Bos9dey4ybYEsDjEsJKKcwmCEQ%2BDuKwMzAs%2F6r%2FHedHWsJpTwhIU57a1NzH18PZWwlt49ojHa"}],"max_age":604800}
Content-Type: text/css
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a2d624ed3-FRA

GET
H/1.1 200
OK style.min.css
www.keepnetlabs.com/wp-includes/css/dist/block-library/ 50 KB
8 KB 32ms
17ms Stylesheet
text/css 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.2
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3261
Connection: keep-alive
Content-Length: 7849
cf-request-id: 087c26ba57000005ede8bc8000000001
Last-Modified: Mon, 22 Feb 2021 16:00:18 GMT
Server: cloudflare
ETag: "c88a-5bbeee5f4272a-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3%2Bw1dGJK%2BGErOU4pFewWfZk0sO4hav4JVaEBGvvxrma1xIwGb6IyOkSo%2F68wQEEys%2FAN2mktTpAVWzOV7IiNzNJpmttcevzEbqpFr2dGl8xNhiE0sjm2IPUGcTrr8WYH"}],"group":"cf-nel"}
Content-Type: text/css
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a2eb005ed-FRA

GET
H/1.1 200
OK styles.css
www.keepnetlabs.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
2 KB 29ms
13ms Stylesheet
text/css 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f918adfae4672ad3160e57cc94881753f1c4ee02c9f7e3f569c17b4c8109594a

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3261
Connection: keep-alive
Content-Length: 932
cf-request-id: 087c26ba5800000625e7347000000001
Last-Modified: Wed, 24 Feb 2021 18:00:04 GMT
Server: cloudflare
ETag: "a46-5bc18cdfe587a-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zQiUIANzdCqqVWwhsIa9We5DPlS1Q%2F%2FAv5Tz6oqZ%2B9ad%2FOf08%2FaPPaFOjfTyG%2BTuTJWqSqITRyCgdlHGQOL%2FGlwu0KJS13gnDeKI7KgljA78IlTjpQXXFWkSn7IjEsit"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a28230625-FRA

GET
H/1.1 200
OK cookie-law-info-public.css
www.keepnetlabs.com/wp-content/plugins/cookie-law-info/public/css/ 3 KB
2 KB 45ms
28ms Stylesheet
text/css 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.0
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8fa20af264fcdd99621fc4e3a770927452b0fe382599e0d890a3bfa31152f80

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3261
Connection: keep-alive
Content-Length: 955
cf-request-id: 087c26ba5900006359b8baa000000001
Last-Modified: Thu, 18 Feb 2021 11:36:56 GMT
Server: cloudflare
ETag: "c25-5bb9ac0bc2b76-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SEnfK%2FZsbXM378bk5ofefSCTNwXTEul3O64gQiyzAY0FBxWy5rDap8aNGhV3OMkLC22jPh84%2FFMHXA6gFWiFO1QtT8Lk4Pp5jbvxKVyxpqxyLmuCSbSuqU6X35yLAsax"}]}
Content-Type: text/css
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a28256359-FRA

GET
H/1.1 200
OK cookie-law-info-gdpr.css
www.keepnetlabs.com/wp-content/plugins/cookie-law-info/public/css/ 28 KB
6 KB 44ms
19ms Stylesheet
text/css 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.0
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a82fb0df229ab511ba5e585874443b97a62bfbd76c369a6944ed9e0750ebf698

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 3261
Connection: keep-alive
Content-Length: 4828
cf-request-id: 087c26ba6200000ea74ea29000000001
Last-Modified: Thu, 18 Feb 2021 11:36:56 GMT
Server: cloudflare
ETag: "6ecf-5bb9ac0bc2b76-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AhCIZfyuAC2OswgTzJPJ7XW8i1JPIzTlpj%2FM77%2FKVjV61%2FRQXKcXQxCv8XUsEaHLG1%2FxZUbAYFun0BdD4YFvoh%2FURfKYLUXdI3gUa%2FFSAGpT5KX%2BY%2BaouAgkLUVDHlDH"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a3a180ea7-FRA

GET
H/1.1 200
OK settings.css
www.keepnetlabs.com/wp-content/plugins/revslider/public/assets/css/ 39 KB
10 KB 37ms
11ms Stylesheet
text/css 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.6.4
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13f6990c7c68b797db2c4f00f402e2e78858314e909c702b2ced5ff48510a9c3

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3261
Connection: keep-alive
Content-Length: 9552
cf-request-id: 087c26ba6200004e6e7400d000000001
Last-Modified: Wed, 21 Mar 2018 20:02:29 GMT
Server: cloudflare
ETag: "9b4b-567f1abb88c4c-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GbNrhFiuPc1e1hekoDiCMt2cYnMuZqMvcSEFmD2LPN2wn8DmNvBerLpwQiEdTo5CiI4gqxlJ5rASwC5BN5mzzF0k5AHBXvkqLqPMmbjJqBFzvbn42w0UoGyDK%2BceFrcR"}],"max_age":604800}
Content-Type: text/css
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a3dfb4e6e-FRA

GET
H/1.1 200
OK wpcf7-redirect-frontend.min.css
www.keepnetlabs.com/wp-content/plugins/wpcf7-redirect/build/css/ 316 B
968 B 40ms
12ms Stylesheet
text/css 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=5.6.2
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 3260
Connection: keep-alive
Content-Length: 124
cf-request-id: 087c26ba6400004ed30e130000000001
Last-Modified: Sat, 13 Feb 2021 23:37:03 GMT
Server: cloudflare
ETag: "13c-5bb403ad88d3b-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LjrXMmVpV2te7yksZ%2FgnSOWm0E1pGpni8IGumejUX5hemkIy0lUZlhFS4qLErUKDdLoHSkLYLau4A7WMbt3Bc5Kt4C2%2BHGpTQ7x2Q4X1RZdMMYqxC4RSVanwqqEgNi21"}],"max_age":604800}
Content-Type: text/css
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a3d8d4ed3-FRA

GET
H/1.1 200
OK form-themes.min.css
www.keepnetlabs.com/wp-content/plugins/mailchimp-for-wp/assets/css/ 9 KB
2 KB 41ms
12ms Stylesheet
text/css 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/mailchimp-for-wp/assets/css/form-themes.min.css?ver=4.8.3
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8605bf321acdd3f271b0d1e442a7ab08a6a673cd56d71d23a56144ceeb72b18a

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3260
Connection: keep-alive
Content-Length: 1583
cf-request-id: 087c26ba6600000625f3a83000000001
Last-Modified: Thu, 21 Jan 2021 11:36:08 GMT
Server: cloudflare
ETag: "254e-5b9677a4c421e-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tuyp7XIwBDsTp6MDgLLNhqe9k8Tll5ExQH%2B0GpTzvdl54SML90CMFcjD9bly3mJ4eAJmFl3Z3dyCJHAfJmrPO5SBwlRJX6PZHfqXkp155mIYJnjAfqAuwzU6MCfNz1RF"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a384c0625-FRA

GET
H/1.1 200
OK frontend.css
www.keepnetlabs.com/wp-content/plugins/download-monitor/assets/css/ 5 KB
2 KB 43ms
11ms Stylesheet
text/css 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/download-monitor/assets/css/frontend.css?ver=5.6.2
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e149178358873942c6a434f9ae62dd952769a87c2abdf7e659c129acd398fd

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3260
Connection: keep-alive
Content-Length: 1238
cf-request-id: 087c26ba68000005ede8bc9000000001
Last-Modified: Mon, 30 Nov 2020 08:55:19 GMT
Server: cloudflare
ETag: "14a0-5b54f2b799b54-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MP%2Fm2bOdFZG0IZPSNEzQjp4wY1Wzxxi5ZrOohtv5Gdq4Z3zOyoZWirnglf99d5rLyIV%2B9pCMuXfhB4ajPgtKkS3spARkhCH7E9omSqNAnmi8SlQfYOg5cTWFsG5pbQbM"}],"group":"cf-nel"}
Content-Type: text/css
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a4edd05ed-FRA

GET
H/1.1 200
OK pum-site.min.css
www.keepnetlabs.com/wp-content/plugins/popup-maker/assets/css/ 7 KB
3 KB 60ms
23ms Stylesheet
text/css 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/popup-maker/assets/css/pum-site.min.css?ver=1.15.0
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb83871d271d24bd486d57a2ef9445bc6c28d9348255706f679730c11619cb10

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3259
Connection: keep-alive
Content-Length: 1869
cf-request-id: 087c26ba6e00004e6e18312000000001
Last-Modified: Tue, 12 Jan 2021 18:09:51 GMT
Server: cloudflare
ETag: "1ce8-5b8b7edcd41c4-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rryKSFDaOvZaVpAi0j9svvis7Bvi%2FJb6Jsl0Stm7ObCBsJ8mz0McwXUnKW7c%2FUoXrVjpzXCYu%2BlWU6lHQIRV8h5BfqAEg5z3s4%2ByLbVdD%2FjTuxL4cdNWFdXl7co9vXD7"}],"max_age":604800}
Content-Type: text/css
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a4e1c4e6e-FRA

GET
H2 200 css
fonts.googleapis.com/ 2 KB
654 B 21ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat|Acme

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb6787e49a1ab02d37fde63821de151aaf5d5133a530279c95ea37471bbc8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 18:52:48 GMT
server: ESF
date: Thu, 25 Feb 2021 18:57:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Feb 2021 18:57:31 GMT

GET
H/1.1 200
OK Defaults.css
www.keepnetlabs.com/wp-content/uploads/smile_fonts/Defaults/ 27 KB
5 KB 53ms
14ms Stylesheet
text/css 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=5.6.2
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4354449ab7a164ef5486d12020f3bc403b8ff104a8da73e9f9332106b86b061c

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 3259
Connection: keep-alive
Content-Length: 4755
cf-request-id: 087c26ba7100004ed32c088000000001
Last-Modified: Mon, 11 Sep 2017 21:33:05 GMT
Server: cloudflare
ETag: "6bf7-558f0ac05a640-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FBbLnLKsBup22ZUuoMHRL4HSeSMPhVmheccOaO%2FKChEGNsmkofIAL9otYCaKsuMdkZ%2Bm%2F4sN7aztMRVMDIcNDn89g8jCkYTaF7OG4SdfW%2F8tzmXEzCFoZnXy%2Fz31jwXV"}],"max_age":604800}
Content-Type: text/css
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a4da94ed3-FRA

GET
H/1.1 200
OK js_composer.min.css
www.keepnetlabs.com/wp-content/plugins/js_composer/assets/css/ 437 KB
41 KB 56ms
15ms Stylesheet
text/css 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.4.5
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1b09d5ec471785f0d1176686ad816755ff3e6993ae1eb5d7e3efdd13511a899

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3259
Connection: keep-alive
Content-Length: 41555
cf-request-id: 087c26ba7300000625cf1bc000000001
Last-Modified: Wed, 21 Mar 2018 20:02:27 GMT
Server: cloudflare
ETag: "6d58e-567f1ab964e6d-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4q607FAtEZhsBm%2FC0oeVXea2yvkVto4xoyUQ2mrA6rDfyX40cXenjGopgGqAtqdzhtGLNVDW6SIL918itfRW%2FIU14v9OlF%2FQ7gIYEeDcbNmoLdtjwFnFAhATXv%2BetFLV"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a586a0625-FRA

GET
H/1.1 200
OK ultimate.min.css
www.keepnetlabs.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/ 433 KB
46 KB 55ms
12ms Stylesheet
text/css 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/ultimate.min.css?ver=3.16.12
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ed0be62083f2018ae3fc1d61d4121c5cab1bd6e43e58fd151e0aec19bb9273

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3259
Connection: keep-alive
Content-Length: 45841
cf-request-id: 087c26ba75000005eda4170000000001
Last-Modified: Mon, 11 Sep 2017 21:31:41 GMT
Server: cloudflare
ETag: "6c3d0-558f0a703e940-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6Cney6Q5lHSAYC39PZj6a%2FvhtcOae%2FfPA4cAz9i8FIEJpJgJhNshYY98ix6o9QyzXaMzZQp7jwgm9Vf7uD9RR1FpHJR%2Ba0iR1k2bnTXUZ8UAe6G2Wdmhv0UuOB0fMPhj"}],"group":"cf-nel"}
Content-Type: text/css
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a5f1105ed-FRA

GET
H/1.1 200
OK bootstrap_1.css
www.keepnetlabs.com/wp-content/themes/porto/css/ 185 KB
23 KB 56ms
13ms Stylesheet
text/css 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/themes/porto/css/bootstrap_1.css?ver=5.6.2
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3b786f314ad948fdc824c2904224b4203faa7b4b24fc3b9db1c127fdc08a2dd

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 3258
Connection: keep-alive
Content-Length: 22629
cf-request-id: 087c26ba7500000ea78602c000000001
Last-Modified: Mon, 20 Jan 2020 18:18:22 GMT
Server: cloudflare
ETag: "2e403-59c965116436e-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bUjsa5ek4Uak2v36IaGhLgMBrnVNw1d%2F%2FwENBmhddIjpz58fvz%2FUZdTlDmw5iwMuDUGRiXTeMZmN7Wqb7%2FgTEVXSG9TVaixkqldzqNKGvkAqeWl6eREnSCIW69RDqBSX"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a5a3f0ea7-FRA

GET
H/1.1 200
OK plugins.css
www.keepnetlabs.com/wp-content/themes/porto/css/ 91 KB
19 KB 56ms
13ms Stylesheet
text/css 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/themes/porto/css/plugins.css?ver=5.6.2
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93bc2710a131e78f871a7d553bd83e3a69b98adc90c8a2976df996975ce88c30

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3258
Connection: keep-alive
Content-Length: 18748
cf-request-id: 087c26ba7600006359a0a4d000000001
Last-Modified: Wed, 21 Mar 2018 20:00:03 GMT
Server: cloudflare
ETag: "16bbf-567f1a30d3f55-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9jNCBkf6ZUftakyCO%2B5GrMoC%2FRZu61JvEioQI%2B5186H%2F5jkz3UBRdkswdAPiaUQZQlVuhBMu%2BefQSinv7I93zex69DFa%2BTuANlacnyNT8i0k39Thcco8maTE4MWSOPUS"}]}
Content-Type: text/css
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a582d6359-FRA

GET
H2 200 css
fonts.googleapis.com/ 19 KB
1 KB 22ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Asap%3A200%2C300%2C400%2C700%2C800%2C500%7CRoboto%3A200%2C300%2C400%2C700%2C800%2C500%7COpen+Sans%3A200%2C300%2C400%2C700%2C800%2C500%7C&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Ckhmer%2Clatin%2Clatin-ext%2Cvietnamese&ver=5.6.2

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9e0a6cdc0db5050d4741644daae55a50a547679ebc344f551efcb44b2febb62b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 18:57:31 GMT
server: ESF
date: Thu, 25 Feb 2021 18:57:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Feb 2021 18:57:31 GMT

GET
H/1.1 200
OK theme.css
www.keepnetlabs.com/wp-content/themes/porto/css/ 409 KB
63 KB 66ms
12ms Stylesheet
text/css 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/themes/porto/css/theme.css?ver=5.6.2
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c25eee5dba09f52537f60b3f8c46a99003ef356f6ba19be1315ae97b0e1c5f73

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 3258
Connection: keep-alive
Content-Length: 63504
cf-request-id: 087c26ba8000004ed3b729a000000001
Last-Modified: Wed, 21 Mar 2018 20:00:03 GMT
Server: cloudflare
ETag: "664f6-567f1a30d3f55-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IIHb%2B%2B5vaD81FC4UCXiRIKhpUCXG1j15OkgD3nsIYVhTgkdWeKODQkaDXBih3I%2F71JHi9h1Dfkahj4WNtKo5kMJ5MYCA68drVCIgA8susejhdyYJIjIyJN0v6W2don9k"}],"max_age":604800}
Content-Type: text/css
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a6dd74ed3-FRA

GET
H/1.1 200
OK dynamic_style_1.css
www.keepnetlabs.com/wp-content/themes/porto/css/ 36 KB
7 KB 72ms
13ms Stylesheet
text/css 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/themes/porto/css/dynamic_style_1.css?ver=5.6.2
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28aeb539a4b98f683c48ec86bb73d38510aa0f9f7a47a4b30cb815f7b4318c0e

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3258
Connection: keep-alive
Content-Length: 6010
cf-request-id: 087c26ba8700006359b8bab000000001
Last-Modified: Mon, 30 Nov 2020 13:08:49 GMT
Server: cloudflare
ETag: "91a2-5b552b60f4b16-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DyovbZbjDha68dIYp2v4P56MpDZKfn15l5uawGw7oErZq%2BmNQokuuS79pai7CKG5GvFo0GpXq%2BDKuRbIRYr90LvLYEPluPF5k1v2ICWNyF5B6QMj2LZ7omc9uzQ3L%2FV9"}]}
Content-Type: text/css
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a68326359-FRA

GET
H/1.1 200
OK skin_1.css
www.keepnetlabs.com/wp-content/themes/porto/css/ 156 KB
17 KB 71ms
12ms Stylesheet
text/css 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/themes/porto/css/skin_1.css?ver=5.6.2
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f084acfdb95b8c446450be8208eccfdb2003fd122e08fcfc9e914358380dc23

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 3258
Connection: keep-alive
Content-Length: 17019
cf-request-id: 087c26ba8600000ea75538d000000001
Last-Modified: Mon, 30 Nov 2020 13:08:50 GMT
Server: cloudflare
ETag: "27129-5b552b6146b96-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lBGkUZakVYQlFBwVdhnWJPU%2F8JLp6BemBfM5hFyute694Jk2d4%2BW9brliI7QcfRkMYmu%2BXt5NL89GDWGWNJgB8V8N%2F%2B1ghRdXmKFk1dEEKWAF3pfgchxapLeZ1fwaMTI"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a7a5d0ea7-FRA

GET
H/1.1 200
OK style.css
www.keepnetlabs.com/wp-content/themes/porto/ 809 B
1 KB 73ms
13ms Stylesheet
text/css 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/themes/porto/style.css?ver=5.6.2
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d40358626f5b370bbadd150fc6b453f161543d19cae066b0cb859ad438fa044

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3258
Connection: keep-alive
Content-Length: 473
cf-request-id: 087c26ba8600004e6e39b52000000001
Last-Modified: Wed, 21 Mar 2018 20:00:03 GMT
Server: cloudflare
ETag: "329-567f1a30e77d8-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xrPmoe4CQaOUhi%2B1rKoKY9Li496bVSvXgQbbp86Yrog1wUamVYtw4iQWIoRri8tKc8bYzSx8qcT40Ei7UaZIKSzwylb6voXPr%2Fse3Hh3flIU5ukwLIettgivnecOb%2FsA"}],"max_age":604800}
Content-Type: text/css
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a7e804e6e-FRA

GET
H/1.1 200
OK jquery.min.js Show response
www.keepnetlabs.com/wp-includes/js/jquery/ 87 KB
31 KB 72ms
12ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3258
Connection: keep-alive
Content-Length: 30916
cf-request-id: 087c26ba8700000625f8889000000001
Last-Modified: Mon, 15 Feb 2021 12:36:11 GMT
Server: cloudflare
ETag: "15d98-5bb5f3b20f904-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4Pa5oxAS83lvV%2BaBzXB2Y1KarsPCZRkFtOG9g5duH8zPfdJHdgzr34K8L5WHU6REu2sCqQVCFvvJQeb2b2N473Qj11R%2Bs5fMVP7YrI98GKGn4yoEhu3EbCSq46pUOLW7"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a78ad0625-FRA

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.keepnetlabs.com/wp-includes/js/jquery/ 11 KB
5 KB 74ms
14ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3258
Connection: keep-alive
Content-Length: 4169
cf-request-id: 087c26ba87000005ed1d8bc000000001
Last-Modified: Mon, 15 Feb 2021 12:36:11 GMT
Server: cloudflare
ETag: "2bd8-5bb5f3b211844-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RPzVME83qNx3AlLmCFi5gKrWZi0Juxv0YIivL%2BwVShNO9PkiJ7bADzJtzM7WxmHoS9LiEA7NBYS36C9iDaPVPDVm8dEvwTnfssAOUI11xistx9PeRMUEEY7NOCOp%2BIZU"}],"group":"cf-nel"}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a7f4a05ed-FRA

GET
H/1.1 200
OK cookie-law-info-public.js Show response
www.keepnetlabs.com/wp-content/plugins/cookie-law-info/public/js/ 34 KB
9 KB 94ms
19ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.0
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c96a4e8e5c17e860ba23499da982857936823deba867697fd327f97d95025cfc

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 3257
Connection: keep-alive
Content-Length: 8286
cf-request-id: 087c26ba9600004ed3d2ba1000000001
Last-Modified: Thu, 18 Feb 2021 11:36:56 GMT
Server: cloudflare
ETag: "889f-5bb9ac0bc2b76-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HPZ7X8bmBA%2BOibIPunFDDDrnaluIHBzqiEUDBaAlkixAme4%2FSFe20kltaCRnpwzh%2Blqg00J7R4NNRJqNiYfu18Xbq9YmX1tXgvbzx1FWAtLVkPltdQBZw3rRM42EtkSY"}],"max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a8e0e4ed3-FRA

GET
H/1.1 200
OK jquery.themepunch.tools.min.js Show response
www.keepnetlabs.com/wp-content/plugins/revslider/public/assets/js/ 108 KB
38 KB 91ms
16ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.6.4
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6eabb193731278713f4208ea84b8c7334c3dfc98f01cb074778280e1df536e62

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3257
Connection: keep-alive
Content-Length: 38335
cf-request-id: 087c26ba9700004e6e21139000000001
Last-Modified: Wed, 21 Mar 2018 20:02:29 GMT
Server: cloudflare
ETag: "1afe3-567f1abb9094d-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e7WPcVtqYZxmB85S%2B0mJvmR6IPGl962m7ZqWuJ0iMXirJJac9UoTgJ7z0auf7v5B%2B4HcFZjaP7YTuUWWnEEwxEqUDPYG7en6dzIt6OeZBeBCe0DUz9CcEHzXPLjGi%2FS9"}],"max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a8eb34e6e-FRA

GET
H/1.1 200
OK jquery.themepunch.revolution.min.js Show response
www.keepnetlabs.com/wp-content/plugins/revslider/public/assets/js/ 63 KB
18 KB 101ms
26ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.6.4
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 334349229c3564240dd0ed05e0c747db3d9e978b6cd447f19b6891b0d32a94cb

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3257
Connection: keep-alive
Content-Length: 17986
cf-request-id: 087c26ba9700006359a1820000000001
Last-Modified: Wed, 21 Mar 2018 20:02:29 GMT
Server: cloudflare
ETag: "fd8c-567f1abb9094d-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ViaQN7B60CI6jMsH18lY5l%2BzTB9jhk5ARfydBufT581CWhU9LbkESqgXxo%2F7K0ae6a1HEzB06A9QYjeFt1EpXSCS82r4JnXbfgiL4g3CKlDEegnFzM64%2F3o6K0E3YhZw"}]}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a88366359-FRA

GET
H/1.1 200
OK core.min.js Show response
www.keepnetlabs.com/wp-includes/js/jquery/ui/ 20 KB
8 KB 90ms
14ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be7f1c5aafff9458c12362747e1ad99ea6b891b82995622e2f448427ece1480

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3257
Connection: keep-alive
Content-Length: 6875
cf-request-id: 087c26ba980000062514894000000001
Last-Modified: Mon, 15 Feb 2021 12:36:11 GMT
Server: cloudflare
ETag: "513c-5bb5f3b20f904-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bv8LqpZVhRSnj%2FbnUHPRBEgQMeYronksLjkA0L5O9Vey2V4QY4JcyHjSM%2BKiKPrAPEjTQ56%2FPeWwrJmc%2FHQoDUmEZ%2BziM865vJwn07MKNlsR3kLg88mBr2WNpPpsdSyT"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a88e70625-FRA

GET
H/1.1 200
OK ultimate.min.js Show response
www.keepnetlabs.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ 253 KB
59 KB 87ms
11ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate.min.js?ver=3.16.12
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d23b5d20c33b2c140d29cf62c6d67b29bf81978ba3a4084a86a092eca15d529

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 3257
Connection: keep-alive
Content-Length: 59054
cf-request-id: 087c26ba9800000ea756322000000001
Last-Modified: Mon, 11 Sep 2017 21:31:41 GMT
Server: cloudflare
ETag: "3f3c0-558f0a703e940-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VnY7qVf9fz%2BVmdZ2iQFCPQf3lPdEki6TQQBA9blLWxdMnTaKLX84fCCmlEP1YTxuAMEDNGayNIeLwdBG9z3l78B48zdNDrjH2W4yqjrNB10ZCFOMb2T9k3aLmZqbZEeN"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a8a780ea7-FRA

GET
H/1.1 200
OK popper.min.js Show response
www.keepnetlabs.com/wp-content/themes/porto/js/ 19 KB
8 KB 92ms
16ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/themes/porto/js/popper.min.js?ver=4.2
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e95b881702116fa860c3e41ef7ebaac83c3ecf0db026aaae023b46671db74ce

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3257
Connection: keep-alive
Content-Length: 6934
cf-request-id: 087c26ba98000005ed1d8be000000001
Last-Modified: Wed, 21 Mar 2018 20:00:04 GMT
Server: cloudflare
ETag: "4b24-567f1a310f87c-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n3Mg3Rv0DFI8u1k3PcS2lYcdONT8dIRMxdadSj4bus1MCLNu%2BpwpXwZv2gKaIzXUm%2FpKV%2ByTOHfQY%2BQEprKDAfLNvBAY7Q3slv8eLRQHoX2ZioqZxLfQyoV69ULrd2m%2B"}],"group":"cf-nel"}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70a8f7705ed-FRA

GET
H/1.1 200
OK bootstrap.min.js Show response
www.keepnetlabs.com/wp-content/themes/porto/js/ 49 KB
14 KB 105ms
14ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/themes/porto/js/bootstrap.min.js?ver=4.2
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db491369f96f3ea3abbe402c3eb193976bcab32bcbb2128d90f553a288709be8

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 3257
Connection: keep-alive
Content-Length: 12991
cf-request-id: 087c26baa800000ea795be6000000001
Last-Modified: Wed, 21 Mar 2018 20:00:04 GMT
Server: cloudflare
ETag: "c4cc-567f1a310f87c-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mLtcMrvQmOYOwMwC9mOmZHBSL5zhUcOF1%2B3gXsAqgSYJZMHPNXvlv3FhoRq%2BzJHoRWT6wF8GdEULCr4dF5DwmNiKmUjnDgSxfFHs8g4PVpu7B%2FJW50I0BE%2FZxnitUuJ4"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70aaa920ea7-FRA

GET
H/1.1 200
OK plugins.min.js Show response
www.keepnetlabs.com/wp-content/themes/porto/js/ 292 KB
88 KB 104ms
12ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/themes/porto/js/plugins.min.js?ver=4.2
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4372c7931db8137056bc2ec54a56873067ca668c10f8d790d068d1fc8cfdf68e

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3256
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 087c26baa90000062514895000000001
Last-Modified: Wed, 21 Mar 2018 20:00:04 GMT
Server: cloudflare
ETag: "48ee1-567f1a310f87c-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1MeL8C%2F7f49Gj5krHGTEeT9ohN8OtgI4P28sI29hKz0IZftlVpkhhfDCOxWUvcEJVQH8%2Fgx2JkNC2%2Fnflt8Lac1JsA9iSrutMDrx6F%2FXHFgqh643kBK9GvzoG26WfXvw"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
CF-RAY: 6273a70aa9160625-FRA

GET
H2 200 simple-line-icons.css
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/ 13 KB
3 KB 16ms
13ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/simple-line-icons.css

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab9f855e542893de23c7b7e4897eb91066c9dbbfeaa1b1fa73a826867833b4b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 18:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 816437
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2217
cf-request-id: 087c26ba50000006057db21000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:18 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd2-329e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GNAu7ztCMKuhgfZmnE4R0OGjV4Hr4VJMX%2Btb0BeYL4UpqWaZr2nX2AKxOZEcVWSoxK6vzjUmiXsJlRWBxR5bCWVsNwu8%2BZS76g8Q6iYIrFMg6287WUau%2FZCuovcrNWF8MA%3D%3D"}],"max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6273a70a1b830605-FRA
expires: Tue, 15 Feb 2022 18:57:31 GMT

GET
H/1.1 200
OK keepnet-labs-logo-white.png
www.keepnetlabs.com/wp-content/uploads/ 6 KB
7 KB 16ms
13ms Image
image/png 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/keepnet-labs-logo-white.png
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c6e128d62c99877d6cfea13d45ffc63598c4cf3adb66462dc6bc3778a6987e0

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3256
Cf-Polished: status=not_needed
Connection: keep-alive
Content-Length: 6015
cf-request-id: 087c26bb4f00006359a1822000000001
Last-Modified: Sat, 25 Apr 2020 17:43:15 GMT
Server: cloudflare
ETag: "177f-5a421043a1e2b"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gtQ9wx7HCCRS0CJ2MZ%2Bxbqlj50%2F5Flf6gggUuDJRVWdGcXoarq%2B5wc0VnAMqb5660Q%2FBfiL2vTvfT3YcHf2rlSwwO5ywrXu4kIAj68Lk%2BsyySoalxyLk3cS0phAJ0Q3d"}]}
Content-Type: image/png
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70ba8616359-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK keepnet-labs-logo-x2-white.png
www.keepnetlabs.com/wp-content/uploads/ 12 KB
13 KB 14ms
13ms Image
image/png 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/keepnet-labs-logo-x2-white.png
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fc74d04921d1b023c00e30855d07fb870c81f80f4968e4e204cc0162ae0df16

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 1101
Cf-Polished: status=not_needed
Connection: keep-alive
Content-Length: 12602
cf-request-id: 087c26bb4e00000ea73727d000000001
Last-Modified: Sat, 25 Apr 2020 17:43:13 GMT
Server: cloudflare
ETag: "313a-5a421041c552b"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Sm7wamX4NUwmdrTMQj0FNKV%2BTJQ8Vw9rVZhOJITXZ2nNck4z79lQ%2F7pm5E30MD%2FDE8qsIFhpWrCHxDtAOKWJFHmA0lfj%2FWal9vAWdbcemqTa%2FBaJ89ITGQ9MivlBbcuK"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70bbb9d0ea7-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.keepnetlabs.com/wp-includes/js/ 14 KB
5 KB 12ms
12ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.2
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3257
Connection: keep-alive
Content-Length: 4662
cf-request-id: 087c26bb5600000625cf86f000000001
Last-Modified: Mon, 15 Feb 2021 12:36:11 GMT
Server: cloudflare
ETag: "3795-5bb5f3b20d9c4-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ltEEkLP8PZHEzN8k6ds8s%2FnjcjKAXfM1CA9myeJ6Fmgz4WpQHjF48JXjqfb2HvI1ib83LnMiyf2zE%2F5kF47n0iYtIYB8hCyNRggAOVy%2BUQsPrAvnrPsgQ5kriFJuUoRE"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70bbb060625-FRA

GET
H/1.1 200
OK CrownCommercialService.png
www.keepnetlabs.com/wp-content/uploads/ 11 KB
12 KB 12ms
11ms Image
image/png 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/CrownCommercialService.png
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c455954c81b2a8e34b047e924a61fb1659b21f49d1f6c8045a20a1b746b3835

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1098
Cf-Polished: origSize=11237
Connection: keep-alive
Content-Length: 11195
cf-request-id: 087c26bb5800004e6e23aa5000000001
Last-Modified: Mon, 17 Sep 2018 20:57:08 GMT
Server: cloudflare
ETag: "2be5-576176a9bbf4f"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u4gnu%2FcsSNtPGe3ilD%2B9lygUPuWdYfxMqSNqMzGj7njIa3zpKqHZHrstYqxpNQ7SpWF%2BF26BnP0ZW1y4BccQzqvLzKdUS%2BHYaoMtu%2Bf4xCi0RIJbdE6es4VxILclrU3B"}],"max_age":604800}
Content-Type: image/png
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70bc8cc4e6e-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK CYBER_PROGRAMME_LOCKUP_LIGHT-FULL-COLOUR_RGB_LRG_300DPI.png
www.keepnetlabs.com/wp-content/uploads/ 36 KB
37 KB 17ms
15ms Image
image/png 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/CYBER_PROGRAMME_LOCKUP_LIGHT-FULL-COLOUR_RGB_LRG_300DPI.png
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a223c340354e04f18e6db94d90e79df5421bea220b9cbeb29280d2cccf6e4d8e

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 1097
Cf-Polished: origSize=46509
Connection: keep-alive
Content-Length: 37019
cf-request-id: 087c26bb5d00004ed30e142000000001
Last-Modified: Sat, 25 Apr 2020 15:50:54 GMT
Server: cloudflare
ETag: "b5ad-5a41f72748911"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6iPM%2FWgzOsQBeXL%2FeGY6dHYDTkvsoGYv1OOkjzWvYmHNih4cZroEVd5m9u%2BI0GUQi4%2Fy3QAyzz3o1UMIiZIAp3v1xjJPQveUN7VB5O6Py5hXTx3V%2F88cQLYcTwCKEhjU"}],"max_age":604800}
Content-Type: image/png
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70bc87b4ed3-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK ISO_27001_New.png
www.keepnetlabs.com/wp-content/uploads/ 62 KB
62 KB 13ms
12ms Image
image/png 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/ISO_27001_New.png
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0943df3794eaf5d96dcc106311f5c406e2158101de13adecc90a3ca85017a41a

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 1097
Cf-Polished: status=not_needed
Connection: keep-alive
Content-Length: 63078
cf-request-id: 087c26bb5e00000ea755397000000001
Last-Modified: Mon, 27 Apr 2020 13:10:42 GMT
Server: cloudflare
ETag: "f666-5a4457138f4bb"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bs9sd3%2FG%2BXkkVUgtMuRt%2BhVg6dv6Wqp94upgNLpsXyhWoChDvz0xNYplk92u3MSP1Q7OgU77mPZaa5DBIV%2F6CRydiSoq%2BvHhEAIaqb8Y2Q9MknmJg7%2Fy%2FzFDtpi8LtaP"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70bcbc10ea7-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK ninjio4.jpg
www.keepnetlabs.com/wp-content/uploads/ 21 KB
22 KB 14ms
14ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/ninjio4.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba5f0ac3147e7b10867bfd3748f05b7b0ba0d519aa7c8da20e38e6f26fe8bb04

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1097
Cf-Polished: origSize=22446
Connection: keep-alive
Content-Length: 21953
cf-request-id: 087c26bb5f00006359a6a9e000000001
Last-Modified: Sun, 26 Apr 2020 14:13:48 GMT
Server: cloudflare
ETag: "57ae-5a4323501e1f4"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rMy61mkpZUOXynFptrNOHfYke0igRIQFc4Uac6P2yKsZ2iKmCjMAK0B6xb8VUYP0SzTllrYTuJFb5YStqx9n5ZCDXghaMU3FMxFTbkKJMI%2BaUXkvwv1GEHTwK6s6B8Tr"}]}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70bc8646359-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK ninjio2.jpg
www.keepnetlabs.com/wp-content/uploads/ 22 KB
23 KB 11ms
11ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/ninjio2.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60119a6a8bec18f8200baab5a58799944ed399924c7b17aec033953acfe809b2

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1097
Cf-Polished: origSize=23206, status=vary_header_present
Connection: keep-alive
Content-Length: 22662
cf-request-id: 087c26bb5f000005ed0cb70000000001
Last-Modified: Sun, 26 Apr 2020 13:29:42 GMT
Server: cloudflare
ETag: "5aa6-5a431974ed200"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ncRKWQidkg%2Bw73F87B7vr7GI5zIfOWJhD5uz73njANRTnsik5BJyMkdZDfnAK%2FmJKKGz57atpOVeMyrhx1cT3pfK0uyfBi0lAUbQbO7mVsfCP73sZdcgn5BPezRODqm9"}],"group":"cf-nel"}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70bc93d05ed-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK ninjio3.jpg
www.keepnetlabs.com/wp-content/uploads/ 37 KB
38 KB 14ms
14ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/ninjio3.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 547456111b75ed0dd9f05422a583bf517129720af3d3e557c78869aff0fb9d5e

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1097
Cf-Polished: origSize=38763, status=vary_header_present
Connection: keep-alive
Content-Length: 37499
cf-request-id: 087c26bb6300000625f3a98000000001
Last-Modified: Sun, 26 Apr 2020 13:23:22 GMT
Server: cloudflare
ETag: "976b-5a43180b0b964"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R3WAYv4e%2FWiiT7lThoT6S3Isbxu%2FZgSms5rRBP1lhM1MWVsdVcjqYBvIcdpP%2B9tLnxPJFTeCcuwBct5uxoIw39D%2FW6wGY%2BX3n9WkeOTtYddSRBPZf9fUTuMq2VDiyBBZ"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70bdb2e0625-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK ninjio5.jpg
www.keepnetlabs.com/wp-content/uploads/ 55 KB
56 KB 13ms
13ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/ninjio5.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f427dc983d134a5645b9e36c117599232f9d760165b54557d116d2e72e531f6d

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1097
Cf-Polished: origSize=57524, status=vary_header_present
Connection: keep-alive
Content-Length: 56811
cf-request-id: 087c26bb6700004e6e612d4000000001
Last-Modified: Sun, 26 Apr 2020 12:51:10 GMT
Server: cloudflare
ETag: "e0b4-5a4310d82511d"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wy%2Bp%2BOk4V%2BLo6vXPOHPwULomHCFYZMBB17tFsj80jNAe3BRjD2DlDsV5ta9G%2BG9w%2FzHOsRUGUQM4dtQquWZ4FPz5ZXV9RAFTqH1oT3VcqL4%2B%2BTNKiQRFcKEqhzoKIdee"}],"max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70bd8e94e6e-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK Ninjio6.jpg
www.keepnetlabs.com/wp-content/uploads/ 28 KB
28 KB 11ms
10ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/Ninjio6.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f631cca0b0c213c8ada172e856306e00b51e46358a775847181d1e4f161c7b6

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1097
Cf-Polished: origSize=28560, status=vary_header_present
Connection: keep-alive
Content-Length: 28211
cf-request-id: 087c26bb6b000005eda4180000000001
Last-Modified: Sun, 26 Apr 2020 13:10:45 GMT
Server: cloudflare
ETag: "6f90-5a4315385183a"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jtoSl6TbD0gIhveW09SDQRRv0HIpZWPb%2FF9THOnYDZ8uqAH3K2tQBcQYIEaUcmFxPXpH0sSd9k80zySci1sDByB9wAveU3GE3EfD8pA4j9Crp8i8kGutpLvZgZ%2FHk0%2F4"}],"group":"cf-nel"}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70bd95705ed-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK ninjio7.jpg
www.keepnetlabs.com/wp-content/uploads/ 26 KB
27 KB 11ms
10ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/ninjio7.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a4cab6234fb08bcdbd86812387e4fad9d65eba2cde3c54f234a7b9cca2266b2

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 1097
Cf-Polished: origSize=26986, status=vary_header_present
Connection: keep-alive
Content-Length: 26620
cf-request-id: 087c26bb6d00004ed3b72a6000000001
Last-Modified: Sun, 26 Apr 2020 13:16:12 GMT
Server: cloudflare
ETag: "696a-5a431670785e0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1gQhG9mjyBvf8D5%2BSkEhohd596D2i0uprLXBarDXiKEKb4eJKWl9fetJ7iDiyucdBs4WicBN%2Fdi%2BGjboXm7oMNHu1bFS00%2F0C2wjAnFAAtRqqrmvkQb9stbWYZj80fNg"}],"max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70be8a34ed3-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK ninjio8.jpg
www.keepnetlabs.com/wp-content/uploads/ 23 KB
24 KB 16ms
15ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/ninjio8.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7264af670069319b55e04042d9ee93278f42113e76ac28644ac4d688b2145051

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1096
Cf-Polished: origSize=24046, status=vary_header_present
Connection: keep-alive
Content-Length: 23580
cf-request-id: 087c26bb6e00006359b8baf000000001
Last-Modified: Sun, 26 Apr 2020 13:13:21 GMT
Server: cloudflare
ETag: "5dee-5a4315cde96d9"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V4Ug33aLjElQAPAn8whN9jeOTFStRPQfZ%2B76aFAIjsij6Y0Ee1%2BwFZRw9prPh%2FcCO76GRai9QYRnJSJdBBkOgNRpe3aRzjSFcPBjDSgtcjaJreFlomr%2BMTjeXq0qrlAS"}]}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70be8686359-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK ninjio9.png
www.keepnetlabs.com/wp-content/uploads/ 214 KB
215 KB 13ms
13ms Image
image/png 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/ninjio9.png
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38945ce59069a90596a42fc117680bb7b4a74e6808fc444866af15011ac5fa3d

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 1096
Cf-Polished: status=not_needed
Connection: keep-alive
Content-Length: 219043
cf-request-id: 087c26bb6e00000ea7631e4000000001
Last-Modified: Mon, 20 Jan 2020 17:34:30 GMT
Server: cloudflare
ETag: "357a3-59c95b42bac9c"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XpjHztMKOdAV4M6VR0fRdyy%2BLGgBZFM8VvFKZ2mmXxMWEtnkcExgzaGkwut207Qe2EnokP8cBdO1qagHPsGWLpDuh5O7lPg8H5z4a%2B8gfXAD8g1AdgoXhUusMzAYewZ9"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70bebdb0ea7-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK ninjio10.png
www.keepnetlabs.com/wp-content/uploads/ 144 KB
145 KB 13ms
13ms Image
image/png 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/ninjio10.png
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df1106533575606992895516a19c1643ac46df509135bac8f0981f34b5e46d20

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1096
Cf-Polished: origSize=173974, status=vary_header_present
Connection: keep-alive
Content-Length: 147077
cf-request-id: 087c26bb72000006252f384000000001
Last-Modified: Sat, 25 Apr 2020 17:08:18 GMT
Server: cloudflare
ETag: "2a796-5a4208739b016"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fcVcoVwnCD%2B5qF6Z1xF7Xyk%2Fv%2BimllQqVTtOeo6ncIkUw9ANVl7b6gqGxlzO0F9Zb82Tr3VBXUJqNJW%2FpJELrK6tY6V2hIcGDgxz%2BaQipWdtZT9JEZ5Ql9Z1E%2FUPZcUo"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70beb580625-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK ninjio11.png
www.keepnetlabs.com/wp-content/uploads/ 264 KB
265 KB 17ms
16ms Image
image/png 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/ninjio11.png
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c4d9b10ce15fc8679cb1a0463fb40d31f1379f398da3d5cd8c3d68c40f9849d

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1097
Cf-Polished: origSize=328102, status=vary_header_present
Connection: keep-alive
Content-Length: 270049
cf-request-id: 087c26bb7700004e6e6489e000000001
Last-Modified: Sat, 25 Apr 2020 17:08:16 GMT
Server: cloudflare
ETag: "501a6-5a42087240536"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LhTFKbUquU%2FFrRQaVR43%2FvZyQS9bxBdXiVUQVrLyNzwONA5or%2FWfRgPnJOW90pphjJyFh%2FcizOVD8bSHlFBFd4l4ye904SP7uNt5L3z7Rnf%2B926adr5w48kyBBGhOGTZ"}],"max_age":604800}
Content-Type: image/png
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70be9154e6e-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK NinjioRansomware.jpg
www.keepnetlabs.com/wp-content/uploads/ 29 KB
30 KB 12ms
12ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/NinjioRansomware.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77bfad1b193eb8ea528fb92ad671ccb9115e4df91473ddbd018b7b8d38b6be90

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1096
Cf-Polished: origSize=30211, status=vary_header_present
Connection: keep-alive
Content-Length: 29559
cf-request-id: 087c26bb76000005ede8bd9000000001
Last-Modified: Sun, 26 Apr 2020 13:07:54 GMT
Server: cloudflare
ETag: "7603-5a431495225fb"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g1TnCtS2tGZaNVA%2BmCyCEIK2UMUwEqqyY2R8VA5ecF%2FbZAIZN4g%2BZzT%2FmInhi1BgJlw3vj0s7zhXbfuImE9YCCjk1XSsfRpPAJfzB8dLR5UTPIpYu6mF6bE%2Btiw125Sg"}],"group":"cf-nel"}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70be97f05ed-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK ninjio1v3.png
www.keepnetlabs.com/wp-content/uploads/ 100 KB
101 KB 12ms
12ms Image
image/png 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/ninjio1v3.png
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba8ed11627889197e8e7fd462b6f0681c4173515d0410f7f2f4d14ec132f7d70

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 1096
Cf-Polished: status=not_needed
Connection: keep-alive
Content-Length: 102214
cf-request-id: 087c26bb7900004ed3ea270000000001
Last-Modified: Sat, 25 Apr 2020 17:08:11 GMT
Server: cloudflare
ETag: "18f46-5a42086cfab76"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=srn0IbnEP8jpzUcLKpHSuY6hvRu14F1khckmvzZzzQX%2B33znUVQCI2wGe0gzwWvJmQv0rQGVmbPTaOfOWefB0lrVKlUQMUITAFffSxWb6hd1EN4xuBPD7REXZ9wdhYKO"}],"max_age":604800}
Content-Type: image/png
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70bf8c74ed3-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK Ninjio2v3.jpg
www.keepnetlabs.com/wp-content/uploads/ 18 KB
19 KB 21ms
20ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/Ninjio2v3.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ec7b57c708d9431774c68dfa17ce458dd050ae24ac3177864c0df01666dc158

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1096
Cf-Polished: origSize=19730, status=vary_header_present
Connection: keep-alive
Content-Length: 18854
cf-request-id: 087c26bb7e00006359aa336000000001
Last-Modified: Sun, 26 Apr 2020 13:18:59 GMT
Server: cloudflare
ETag: "4d12-5a43170f734fa"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BJB6n4%2Bv2YtCikLr32UNBMp75TrBZzmggfxyh%2BvIFpB9HVTK18POZ3x1C2arspqlpVkDhIjtWBpCjJH0Y6XE9Y8kLDuGw3nghry0htX55h5HYAVde%2B81sMTE8X5A6t4m"}]}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70bf8766359-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK ninjio3v3.png
www.keepnetlabs.com/wp-content/uploads/ 163 KB
164 KB 14ms
13ms Image
image/png 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/ninjio3v3.png
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fe7ac55395f6467ec9885f62887d1536e29ae2111627d45564e55214cfee130

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1096
Cf-Polished: origSize=186009, status=vary_header_present
Connection: keep-alive
Content-Length: 167390
cf-request-id: 087c26bb84000005ed7a948000000001
Last-Modified: Sat, 25 Apr 2020 17:08:07 GMT
Server: cloudflare
ETag: "2d699-5a420869c2ab0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7P%2FzCV2XGuM5z1Ij6PWBnj4YFE319BsUS1WIHee1UCuaXuW1B7CjpPnKq%2BNVPdur23fPpD9VdCfykUSeLvKCkMmh%2ByhSEJje11O6DzGoCFeFz93LWBkQH9k516r3cXu%2F"}],"group":"cf-nel"}
Content-Type: image/png
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c09a005ed-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK ninjio4v3.png
www.keepnetlabs.com/wp-content/uploads/ 223 KB
224 KB 13ms
12ms Image
image/png 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/ninjio4v3.png
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86b68208ebda8649947db44834a8b369916c4152d0e1b5bd95002fa020fe6d3b

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1096
Cf-Polished: origSize=293438
Connection: keep-alive
Content-Length: 228472
cf-request-id: 087c26bb8400000625ed925000000001
Last-Modified: Sat, 25 Apr 2020 17:08:06 GMT
Server: cloudflare
ETag: "47a3e-5a4208684ca5c"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LLUZghpJPAdOF3GNH0vhLky8cituXiNvF3WmwHeuyodaSgy10mQMC1qlXJy1PINUO09dCA3CG3RW1fce1WyQd7IOAEjXlodRhzVx51QDoRxPwmn0YPgmX9B6a0zk%2FtmG"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c0b940625-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK ninjio5v3.png
www.keepnetlabs.com/wp-content/uploads/ 75 KB
76 KB 29ms
27ms Image
image/png 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/ninjio5v3.png
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfa78df531676a7a196b75f3e16190929f112aacccd334b64445ee62c818b06d

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 1096
Cf-Polished: status=not_needed
Connection: keep-alive
Content-Length: 77230
cf-request-id: 087c26bb8b00000ea78e9a8000000001
Last-Modified: Sat, 25 Apr 2020 17:08:04 GMT
Server: cloudflare
ETag: "12dae-5a420866c606a"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Rwtxyy3L2W9%2FsrrdtROaEzH%2FkwOMv8zFpUQleVnb7PzmujaKhkuRgvknleFrpg4Xxz%2FYQeC0LnFRSpkkLJp%2BNPZnbC0RQhpJ0ePLOOjtqh%2FslBbFCcB2EA%2Feabd3Bqup"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c1c1f0ea7-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK Ninjio6v3.jpg
www.keepnetlabs.com/wp-content/uploads/ 37 KB
37 KB 19ms
19ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/Ninjio6v3.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6fe68347e7eac4d5f26dea980b24809be340c4f125f2f8889719683ab09c373

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 3255
Cf-Polished: origSize=37657, status=vary_header_present
Connection: keep-alive
Content-Length: 37406
cf-request-id: 087c26bb8700004ed3e4862000000001
Last-Modified: Sun, 26 Apr 2020 14:01:47 GMT
Server: cloudflare
ETag: "9319-5a4320a09c12f"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z%2Feknd0J%2Bj0qzALLW3dBF4rPwcpEY9EDKJ6ltoYVLhqLvTn9Wumh9AFmeLgqzFNGTtSnXYVTOx7IiLTL8%2FFRBek4oWRkr7gUZ9LohozC3ssW%2BwVoZ2V%2FL1mFFUa5Zob2"}],"max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c08ef4ed3-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK ninjio7v3.png
www.keepnetlabs.com/wp-content/uploads/ 103 KB
104 KB 18ms
16ms Image
image/png 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/ninjio7v3.png
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f112b15ac65aa00dec0539bff4ae88e194ab23c4e78555f10fc886b7583093e

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3255
Cf-Polished: origSize=115608
Connection: keep-alive
Content-Length: 105675
cf-request-id: 087c26bb9500006359bb08b000000001
Last-Modified: Sat, 25 Apr 2020 17:08:01 GMT
Server: cloudflare
ETag: "1c398-5a420863fb308"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hv8iAHNt3N24R8cKpRPbEHjrd9R2k7zwBtEm0OkBHOW6nya91iQ15IQgHVj4FswckcdXbCWtNIEpX6R0cmFMWpGI97eoO%2BdTDBjsEgwTVUcnpR1evxASW%2FxWV6Ch5yKr"}]}
Content-Type: image/png
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c28796359-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK ninjio8v3.png
www.keepnetlabs.com/wp-content/uploads/ 266 KB
267 KB 13ms
11ms Image
image/png 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/ninjio8v3.png
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69c8ebe5482e1035711de0359e9ae110ee33426797256abca3e1bd7265430350

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1096
Cf-Polished: status=not_needed
Connection: keep-alive
Content-Length: 272392
cf-request-id: 087c26bb9500000625260b3000000001
Last-Modified: Mon, 20 Jan 2020 17:26:31 GMT
Server: cloudflare
ETag: "42808-59c95979c53ac"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2pn%2FJFQGCUrOLoGpbrx%2BmhNh98PyigBK13F1suFa9gOG5X7nW%2FUbR0itDhaCVUU%2FXukUBGtUA6roVbleBRgyJfQfYL%2B3K0dnkDHuu2K%2BvPIg0GC%2FZSk7i0vSJRDLjurn"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c2bc80625-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK Ninjio9v3-1.jpg
www.keepnetlabs.com/wp-content/uploads/ 21 KB
22 KB 12ms
11ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/Ninjio9v3-1.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c019e7b97a1d989f5dea162d2efe7899a38b36579f09b92877532657fddcd454

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1096
Cf-Polished: origSize=21506, status=vary_header_present
Connection: keep-alive
Content-Length: 21316
cf-request-id: 087c26bb96000005ed550d6000000001
Last-Modified: Sun, 26 Apr 2020 13:59:16 GMT
Server: cloudflare
ETag: "5402-5a432010a1809"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=13uBuSyz6aStXgi7LCGc7Vn7GK7KMK9hr9dKbB5OVD1dHcaDC0xDULkQU%2B77bj9OC2BGmE0az2YKthSlTs0H9k4W8Uij8H5v%2BYmiT7W2Vp6Ne0v7xUW%2BGxXdGdsz5NAw"}],"group":"cf-nel"}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c29c605ed-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK ninjio10v3.png
www.keepnetlabs.com/wp-content/uploads/ 247 KB
248 KB 19ms
19ms Image
image/png 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/ninjio10v3.png
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 834d15b9d61e018d387f433bb0c7e662b20f7d60900f45d226d4ffd12eefd76d

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1096
Cf-Polished: origSize=253462
Connection: keep-alive
Content-Length: 252836
cf-request-id: 087c26bb9600004e6e7f2d4000000001
Last-Modified: Mon, 20 Jan 2020 17:26:14 GMT
Server: cloudflare
ETag: "3de16-59c95969bcc2f"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=todHAkOXs%2FUQZizN%2B1LyTqJROp1EmAmcd7EkIBkcPKcctd6ocsAit89TW7fAlHV27ag6mh%2Fhuv25NIf0nqIvQXAgwNU0BF79NUPOo1smaepN2Mivhtiz9hfn2Fq50tSa"}],"max_age":604800}
Content-Type: image/png
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c296b4e6e-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK ninjio11v3.jpg
www.keepnetlabs.com/wp-content/uploads/ 29 KB
30 KB 13ms
13ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/ninjio11v3.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b859bb23b4ae99fe58b8b47433e9efcb7a1a92a42583b0cf17fe9b899989c3a

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 1096
Cf-Polished: origSize=30899, status=vary_header_present
Connection: keep-alive
Content-Length: 29523
cf-request-id: 087c26bb9c00004ed3f93c0000000001
Last-Modified: Sun, 26 Apr 2020 13:27:06 GMT
Server: cloudflare
ETag: "78b3-5a4318e057255"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CacLf6M1AGShtfMJEAobufrIkiYQ3f8uvwYV7XJGFDlFSd4rEXyRSw%2BRixY0D4rbEVTeHJPdnRN8ewYOrU5q1aEXWp3BbeAEow2%2B0iAjYX%2BDR8aZhOgXkhhb%2BDDMRJqR"}],"max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c29244ed3-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK ninjio12v3.png
www.keepnetlabs.com/wp-content/uploads/ 176 KB
177 KB 14ms
13ms Image
image/png 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/ninjio12v3.png
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1776485c52e2ae698fdca367fda438599179c9b56d45d237cbc6895e3ab3642a

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1096
Cf-Polished: origSize=180278, status=vary_header_present
Connection: keep-alive
Content-Length: 180019
cf-request-id: 087c26bba4000005edbb0bf000000001
Last-Modified: Mon, 20 Jan 2020 17:25:58 GMT
Server: cloudflare
ETag: "2c036-59c9595ad55ab"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QWXMpVh8UN8PM4Iun04wkWTbfKXF5i9J0IZ5l9E70kQDvLo%2Bf02hNi2n6YVAkx831SiHJOAfb4%2F%2F%2FuOhMEXxyyx7WMAyQk0P5zlE6Q971%2FjVAb0x7u%2BcQvFawkNokfp%2B"}],"group":"cf-nel"}
Content-Type: image/png
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c39ee05ed-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK Ninjio-Aware-S4-E4-3.jpg
www.keepnetlabs.com/wp-content/uploads/ 57 KB
57 KB 12ms
11ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/Ninjio-Aware-S4-E4-3.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 169f52df81e6df863f2f696b98a10c35711a78725974956dae2d56758afad0a0

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 1096
Cf-Polished: origSize=59316
Connection: keep-alive
Content-Length: 57930
cf-request-id: 087c26bba400000ea7631e6000000001
Last-Modified: Tue, 28 Apr 2020 07:27:31 GMT
Server: cloudflare
ETag: "e7b4-5a454c3b6b1e3"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OBvGY62TqSuLxqvgF%2FRNgtuPq8xEdxAHLB9c%2FGNqtjY8SC76S5Dl2ZsgIu6s1y1%2BlqZCVMTdixgKpVNh1S3J8gk0ZM7TUcVJXWYVn28eC%2FQE785E8xHGNHELV5w7z67I"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c3c380ea7-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK ninjio1.jpg
www.keepnetlabs.com/wp-content/uploads/ 40 KB
41 KB 12ms
12ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/ninjio1.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2d1106a6339fd29fae782de69b0e6a97563795aaa427c252c832240bb5bef83

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1096
Cf-Polished: origSize=41882
Connection: keep-alive
Content-Length: 41106
cf-request-id: 087c26bba700000625343e3000000001
Last-Modified: Sun, 26 Apr 2020 12:47:20 GMT
Server: cloudflare
ETag: "a39a-5a430ffd1ecd6"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JPWrd4kLlLcLZnHKptIFCRks9rXfomRUSZVw2tnFTensgplHWgOzlbcYb8TsgdjvAOZNrlSzBhTOF3pJImvZbk0xWIro8W6KlWm5%2Bi77CiAey6zuX7ARDmDdUp1Gvuej"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c3bf00625-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK Ninjio-Aware-S3-E1-1.jpg
www.keepnetlabs.com/wp-content/uploads/ 38 KB
39 KB 17ms
17ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/Ninjio-Aware-S3-E1-1.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a40b3840a5f78837535fcbeaecb867be187a131607ef3b92b4972a0121b8dbeb

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 1096
Cf-Polished: status=not_needed
Connection: keep-alive
Content-Length: 38699
cf-request-id: 087c26bbab00004ed3210f2000000001
Last-Modified: Fri, 27 Mar 2020 14:35:22 GMT
Server: cloudflare
ETag: "972b-5a1d702ef2ba8"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1qmc7HNTxgYudhpCCWLQ1vpSAXzdpa%2F8wKvf%2BRnEUguOzm9wBp01OqCp%2FoRizHBYf0194aEvz023zcSUcsDdvAsxN1Cydq91Wx2yBbhJld5v0p1DbulVlNFjB2cmdheZ"}],"max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c49644ed3-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK Ninjio-Aware-S3-E3-1.jpg
www.keepnetlabs.com/wp-content/uploads/ 62 KB
63 KB 12ms
12ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/Ninjio-Aware-S3-E3-1.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96eb16ec9ee8b7021fc44dea39f61082c5ce3ef915255ed87b64a1654d062e58

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1096
Cf-Polished: status=not_needed
Connection: keep-alive
Content-Length: 63533
cf-request-id: 087c26bbac00006359a6a9f000000001
Last-Modified: Fri, 27 Mar 2020 14:40:46 GMT
Server: cloudflare
ETag: "f82d-5a1d7163942a4"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BrLpUUKynUDkCiY%2FVL7zx4dM9leB4a0Vxr5YaIHU91ydIUATtATPmD8CwwWjRnpOXmVTtHIkllu%2F5qf3eOtuEpNNhs%2FlUMN0VgBuR2tcxZ5I%2BIs1zu6Gv2y4pk%2FF522F"}]}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c48816359-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK ninjio3v3-1.png
www.keepnetlabs.com/wp-content/uploads/ 21 KB
22 KB 21ms
20ms Image
image/png 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/ninjio3v3-1.png
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 849ac824d2688c3300c549cb47f0504ebe02e226e96a8d3e283cdc1b0a40f872

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1096
Cf-Polished: origSize=22733, status=vary_header_present
Connection: keep-alive
Content-Length: 21771
cf-request-id: 087c26bbb300004e6e5598f000000001
Last-Modified: Tue, 28 Apr 2020 07:26:53 GMT
Server: cloudflare
ETag: "58cd-5a454c16fc3ac"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rtNRrd1s0fXnpm%2Fb%2FnyDa5JzWD%2FeZJS4ldecam11t1FOICTTesEzRWtKZoI9qnTgQpbz3pSNdqXdO7ppviGERdRj6UGtMbw4ZmxA4N31hoDtSYqo6Oje5ZrJebVqGa4l"}],"max_age":604800}
Content-Type: image/png
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c59b24e6e-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK Ninjio-Aware-S4-E8-1-1.jpg
www.keepnetlabs.com/wp-content/uploads/ 42 KB
42 KB 12ms
12ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/Ninjio-Aware-S4-E8-1-1.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2a580e7a5dfc19ad6af9eff08ca2d950a203bf3b95c98eadb38ca579e119ea5

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 1096
Cf-Polished: origSize=44801
Connection: keep-alive
Content-Length: 42545
cf-request-id: 087c26bbb000000ea771184000000001
Last-Modified: Fri, 27 Mar 2020 14:47:40 GMT
Server: cloudflare
ETag: "af01-5a1d72eec5aa5"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MdhMT3CCERJAHEkJ0KAPRtj%2B%2Bq8TVX%2FwjFIH1NETNsLn1Z5wqOt3xGQM%2FcnRGB%2F%2Bn2jDpyECeVpKREMxvshol%2FWPPTzxuqyP31s7r7noxJxaZlCBkCcVNOrku03L2yes"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c4c500ea7-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK Ninjio-Aware-S3-E1.jpg
www.keepnetlabs.com/wp-content/uploads/ 43 KB
44 KB 14ms
13ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/Ninjio-Aware-S3-E1.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bf631d688aa7c439c34f86d504223649335a3b7c5c4082e34472c101d4977b1

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1096
Cf-Polished: origSize=45029, status=vary_header_present
Connection: keep-alive
Content-Length: 44116
cf-request-id: 087c26bbb4000005ed6817e000000001
Last-Modified: Sat, 25 Apr 2020 17:05:41 GMT
Server: cloudflare
ETag: "afe5-5a4207de4ba64"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lUf8Wply5WwCJhyYfCjBg4hBewVrPHT4STf2zrMg%2FA5Om1qBmPlInzZSpYZZSokxxTrCf6DpOrS7cqjO4BrFmkWm8HB%2Bq%2FFzTAymFH5L5Op6IQ%2FlNDdGQNoZVaFTb%2F9p"}],"group":"cf-nel"}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c5a0f05ed-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK Ninjio-Aware-S2-E2-1.jpg
www.keepnetlabs.com/wp-content/uploads/ 38 KB
39 KB 12ms
12ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/Ninjio-Aware-S2-E2-1.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dee6324ce86de762ec9ea35423e11cf67a5d4d7ccdd4c315ce4afd64b86f8a54

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1096
Cf-Polished: origSize=40627
Connection: keep-alive
Content-Length: 39275
cf-request-id: 087c26bbb700000625260b7000000001
Last-Modified: Fri, 27 Mar 2020 15:00:40 GMT
Server: cloudflare
ETag: "9eb3-5a1d75d67538e"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RYoYEkYGybpRTa0wblcfL9XAr1mdPL00xYyhI3PWkVom9LRDPw1XmacgkvTSmmbeTrDs7p5yrS%2BmAGbk7dmZNw6KtZ3NxtbEAX50eM58H7NfyFl0aBfMhakvOixhvfUd"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c5c240625-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK 4-NINJIO-_S3E6.jpg
www.keepnetlabs.com/wp-content/uploads/ 82 KB
83 KB 15ms
14ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/4-NINJIO-_S3E6.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e25a3298c299dd2f2c0a6e656a44ad7ad5efb3026ac4649c2bd39fa49f3b3eff

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 1096
Cf-Polished: origSize=85508
Connection: keep-alive
Content-Length: 84347
cf-request-id: 087c26bbbd00000ea73f9e1000000001
Last-Modified: Sat, 25 Apr 2020 17:05:28 GMT
Server: cloudflare
ETag: "14e04-5a4207d1e9ba3"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YApR4lEJv7ERARxJjKKsVlMrv6QtlDWQG4RYRfwthXCYfSNN8fzLwoa7ELOB8v%2BKwZZsWtjkfx7XBEJD4WE4J1OaVVNvgoBvZ3hKU2Z0vpUxeHJe633tGTn6qn%2FlPsas"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c6c690ea7-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK 4-NINJIO-_S1E5.jpg
www.keepnetlabs.com/wp-content/uploads/ 35 KB
36 KB 13ms
13ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/4-NINJIO-_S1E5.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e75b798b99219e5179e7cdbe38f59981ef8e079c0a76387240f97ecdbbb3b9f4

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 1096
Cf-Polished: origSize=37707, status=vary_header_present
Connection: keep-alive
Content-Length: 36217
cf-request-id: 087c26bbbd00004ed3391ef000000001
Last-Modified: Sat, 25 Apr 2020 17:05:26 GMT
Server: cloudflare
ETag: "934b-5a4207d027883"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bnaf2fMU3YxhrOeoG%2B6CbZSlWqFYPgO58YMFe2Izv8A9k58Sz80QxtBqUEHklq1LFZUbtMAMRzFaEJafJcjk9RT2nTmI3XzKx%2FLJcQaUI5fxgQlCphH06E2ITww9P6KE"}],"max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c69984ed3-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK 4-NINJIO-C4E6.jpg
www.keepnetlabs.com/wp-content/uploads/ 67 KB
68 KB 18ms
17ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/4-NINJIO-C4E6.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07ad8b1e39c1857fae32e6d1a88b775e5b962cba67b45aadfcd9386faa773b8c

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1096
Cf-Polished: origSize=69922
Connection: keep-alive
Content-Length: 68281
cf-request-id: 087c26bbc3000006252e37e000000001
Last-Modified: Sat, 25 Apr 2020 17:05:25 GMT
Server: cloudflare
ETag: "11122-5a4207ceccda3"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ACoE6r1Dtqt%2FdXoDFPHUFDSNMMG1Qy%2B6XTP4gx25oNK%2BnpIJOYWIcDkaM9JHWhQfhc%2Bn%2BUCF1fKsiX6bVmDS%2FabSKTdBa%2Ftd5HkKAvTPIqH8TjNIYTCMYQTP6lEW2%2BrF"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c6c4a0625-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK 4-NINJIO-_S3E2.jpg
www.keepnetlabs.com/wp-content/uploads/ 38 KB
39 KB 13ms
12ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/4-NINJIO-_S3E2.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e59573a48ba2062401ced4a64cb4c5fb1fbdc082a21354a7acd5a1224728ef45

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3254
Cf-Polished: origSize=40584, status=vary_header_present
Connection: keep-alive
Content-Length: 38926
cf-request-id: 087c26bbc6000005ede8bdd000000001
Last-Modified: Fri, 27 Mar 2020 15:26:49 GMT
Server: cloudflare
ETag: "9e88-5a1d7baeaae79"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y%2FQILmzUXAi0E3rftEsUGZFjXAE9Hyk7Wcl4FWKFs9RMt9Yo92Lq%2FMroNROVQI65%2B1UhUhoAmMqmV8dhFbXC92ZOMKu%2FJW7QnWkZYz%2FTt20kInacZ4BYH3JdoNe3auvz"}],"group":"cf-nel"}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c6a3305ed-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK 4-NINJIO-C501-1.jpg
www.keepnetlabs.com/wp-content/uploads/ 45 KB
46 KB 17ms
17ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/4-NINJIO-C501-1.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 869dcec06cf2e1a025f5758bf5aad5b45133d5018a6b12e23b72b24b08d65050

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1096
Cf-Polished: origSize=47872, status=vary_header_present
Connection: keep-alive
Content-Length: 46082
cf-request-id: 087c26bbc500004e6e329c3000000001
Last-Modified: Fri, 27 Mar 2020 16:03:17 GMT
Server: cloudflare
ETag: "bb00-5a1d83d51a3de"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y3BIUUj57aikco%2BMV4wN0dMvpy%2BMNV9Huz5y2RNm1ah32Ni7RlN%2F943qNuma8JC17y4R77XjAILRGNSHrwi0vW0m1Zkmc%2Bn9L6Xdl%2Fsl09pz2UfXYhlj3Ow0i50RtoXk"}],"max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c69d54e6e-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK style-1.css
www.keepnetlabs.com/wp-content/fv-flowplayer-custom/ 103 KB
19 KB 14ms
13ms Stylesheet
text/css 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/fv-flowplayer-custom/style-1.css?ver=1613650588
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5e091fb96dcb2f70dd9512544486a2cf56256e3a186de5cc14d2442230c3065

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3257
Connection: keep-alive
Content-Length: 18293
cf-request-id: 087c26bb05000006251489d000000001
Last-Modified: Thu, 18 Feb 2021 12:16:28 GMT
Server: cloudflare
ETag: "19b7b-5bb9b4e186c46-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gi8TFqsMtSNHN7d%2BTV4j6Uz9SSz%2Bxc2EBYHG8MTZMGBSzj3dy3%2FRXescXPvLU%2FbUQIVdSZWzxuXRSlJevYq5V%2BzHTdlvGCvjOqt8KAUs%2BhNrfAtWUskTEZ2JfiWfzlSL"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70b3a2f0625-FRA

GET
H/1.1 200
OK wp-polyfill.min.js Show response
www.keepnetlabs.com/wp-includes/js/dist/vendor/ 97 KB
34 KB 13ms
12ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 3256
Connection: keep-alive
Content-Length: 34241
cf-request-id: 087c26bb0900000ea743027000000001
Last-Modified: Mon, 12 Oct 2020 15:23:48 GMT
Server: cloudflare
ETag: "183ee-5b17ae28b0b31-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sRz0kDJUqom2%2BpIVYSqkbJTmYeIgndIrUBFVtiyzfBg0C16Yo3jtDcAHNta83CzJF6tBvqprF4J3WE633M1WZeJ9Eza%2Brz61dFgDpIlOAHvFJys0DZD%2FcbAZppHGRF1r"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70b4b390ea7-FRA

GET
H/1.1 200
OK i18n.min.js Show response
www.keepnetlabs.com/wp-includes/js/dist/ 9 KB
4 KB 22ms
15ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-includes/js/dist/i18n.min.js?ver=ac389435e7fd4ded01cf603f3aaba6a6
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c52c11cc9338b3eab968a005a5a0d6cbb9f80da1016d4f755078a8ecfd089bcb

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 3256
Connection: keep-alive
Content-Length: 3679
cf-request-id: 087c26bb2a00000ea72f357000000001
Last-Modified: Mon, 15 Feb 2021 12:36:11 GMT
Server: cloudflare
ETag: "253c-5bb5f3b2156c4-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rALIcQMlvBXeaoA2SSAmpwQHkJJfaFHFYMTYxojBtr2eRcwipScutBdDeVfI9mSmEtN6Mc7rUtJrxACJydzq%2FXhRqJqgjwTNmZTuusiq5JudBey9dFZi3m7cTp1PkGiJ"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70b7b670ea7-FRA

GET
H/1.1 200
OK lodash.min.js Show response
www.keepnetlabs.com/wp-includes/js/dist/vendor/ 71 KB
26 KB 19ms
12ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3256
Connection: keep-alive
Content-Length: 25763
cf-request-id: 087c26bb2a000006250f839000000001
Last-Modified: Mon, 12 Oct 2020 15:23:48 GMT
Server: cloudflare
ETag: "11c65-5b17ae28b0b31-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nWpoMk9miAOZbz44gG4WqKF73Y8vPf5kq5nz5yE3tCWhS8dk1XdSaYtVxooujmntx3RUGK7bOHzGbjuf86lq9XMDKfnF5seIuW2MMTfLjGAKAEUuekUwKbGct5iRC%2BdW"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70b7a900625-FRA

GET
H/1.1 200
OK url.min.js Show response
www.keepnetlabs.com/wp-includes/js/dist/ 13 KB
5 KB 24ms
17ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-includes/js/dist/url.min.js?ver=98645f0502e5ed8dadffd161e39072d2
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5d1de019f464e8279bd2003b66defb192aee756b3675dacf468a9d39e7a7240

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3256
Connection: keep-alive
Content-Length: 4747
cf-request-id: 087c26bb2b00006359a9b03000000001
Last-Modified: Mon, 15 Feb 2021 12:36:11 GMT
Server: cloudflare
ETag: "35f3-5bb5f3b217603-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Bh7fOHZBDnO%2BSyJYGcrWwjRIdj5Itiz0MLqL%2F9TDCgEoMx%2FjUuC0RTy4PQzydlpmk7cDzw0sZjtZwWfAdx3iU5UlRaE5PfO%2FJnUW7fivZW9tsPd7doGn0A3NhtsTZ5d1"}]}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70b78516359-FRA

GET
H/1.1 200
OK hooks.min.js Show response
www.keepnetlabs.com/wp-includes/js/dist/ 6 KB
3 KB 18ms
11ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-includes/js/dist/hooks.min.js?ver=84b89ab09cbfb4469f02183611cc0939
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d59bf6f772c44e0fb74fae16abb757bddf2600adc89641262accbe06d68b7de1

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3256
Connection: keep-alive
Content-Length: 2158
cf-request-id: 087c26bb2a000005ed31ad4000000001
Last-Modified: Mon, 15 Feb 2021 12:36:11 GMT
Server: cloudflare
ETag: "181e-5bb5f3b217603-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tpDw7SPjDuXPIsYCeyKvpaqGdWMPQtphMlIT1PVQBKdmRnZtuKk%2FNRqBoFhMV4wvsq5gO6DXEBzkTvqdDdL0l4324g8gxge%2BR2bCgoojJpJLBGLR8yaXDiFWjE2h5R56"}],"group":"cf-nel"}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70b78c905ed-FRA

GET
H/1.1 200
OK api-fetch.min.js Show response
www.keepnetlabs.com/wp-includes/js/dist/ 12 KB
4 KB 18ms
11ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-includes/js/dist/api-fetch.min.js?ver=4dec825c071b87c57f687eb90f7c23c3
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d87aaa11549edb8037c429c32d083c7004d4fb26db52c09ce84dc4c09cc476b9

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 3256
Connection: keep-alive
Content-Length: 3479
cf-request-id: 087c26bb2b00004ed3bb2b9000000001
Last-Modified: Mon, 15 Feb 2021 12:36:11 GMT
Server: cloudflare
ETag: "30a3-5bb5f3b2127e4-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iHSZBHSqyrrw4hX%2BUVdKsfiB3EA2L3Xgm4azAu5T9ZMj%2BO84BNhC6%2FSlnb3tiu5ZX2F%2FyTEj%2Fz9YydKLPOo1dGCx0HSCPsh9%2FPrfopiXw4Bj6jpZqmhDWwp3zJpzBM%2FS"}],"max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70b7fd14ed3-FRA

GET
H/1.1 200
OK index.js Show response
www.keepnetlabs.com/wp-content/plugins/contact-form-7/includes/js/ 11 KB
4 KB 19ms
12ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3256
Connection: keep-alive
Content-Length: 3238
cf-request-id: 087c26bb2a00004e6e55987000000001
Last-Modified: Wed, 24 Feb 2021 18:00:04 GMT
Server: cloudflare
ETag: "2ac2-5bc18cdfe48da-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SLdQzTaovxJlPILXR1SkUxhWiYJYuYbuUEnKrqQuktXkLaKv%2FWp2gNWXvb3n22tqecE8dM9v9h6Vg%2BIBku4859Mj7jmBpmAi5OvcVuXV%2BSTxuKTR8h6PHLNN97BC1p8j"}],"max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70b78534e6e-FRA

GET
H2 404 4296498.js
js.hs-scripts.com/ 0
0 143ms
118ms Script
application/json 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/4296498.js?integration=WordPress
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.keepnetlabs.com
access-control-allow-credentials: true
access-control-max-age: 3600

GET
H/1.1 200
OK wpcf7-redirect-frontend-script.js Show response
www.keepnetlabs.com/wp-content/plugins/wpcf7-redirect/build/js/ 8 KB
2 KB 16ms
14ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7-redirect-frontend-script.js?ver=1.1
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4f1a413e47f90162ead328b5fe465ece8c0e32a1625bce9598d76c420a92f32

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 3256
Connection: keep-alive
Content-Length: 1618
cf-request-id: 087c26bb3b00004ed328820000000001
Last-Modified: Sat, 13 Feb 2021 23:37:03 GMT
Server: cloudflare
ETag: "1fe4-5bb403ad87d9b-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FyOYibEJaAhfRWvTXI%2FrYmaQ3ID2em%2B6ONED%2BB6S%2FM0DOhKIZm93Gz6ksY%2B6gCNVs1OjJJEAe9bPNfUh0M%2BDvts%2BCnE4mQbeBFfG7Ma3MSN4YkTy3JQq1FrlRpyvklzP"}],"max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70b88194ed3-FRA

GET
H/1.1 200
OK site.min.js Show response
www.keepnetlabs.com/wp-content/plugins/popup-maker/assets/js/ 68 KB
18 KB 15ms
14ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/popup-maker/assets/js/site.min.js?defer&ver=1.15.0
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b3933c4dbdef00f27c2b8c2da57446d240a21b83ee7bb3734d6070c507b9554

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1101
Connection: keep-alive
Content-Length: 17544
cf-request-id: 087c26bb3900004e6e6b90f000000001
Last-Modified: Tue, 12 Jan 2021 18:09:51 GMT
Server: cloudflare
ETag: "10fe6-5b8b7edcd12e4-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vJz%2F9ArvdLI4JChOCRyT4ZoS6wCZxNoH0qAvTRSKU0LbleLaslCqQCIu88WiHH%2FzmoLwR7KcCqF%2BpDuHxNH%2BLfcRu5WvtOJBP8EwwZBv%2F4jl3ca%2FdP1vVMLU%2FPIA2dMp"}],"max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70b887a4e6e-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
678 B 29ms
22ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdlSMkUAAAAAPi7wcxJoz2raaMR6JRnPS6lq60j&ver=3.0

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

487f658db18633aa6e4d9913e12f9ae3e3f3937547cce68420582cd2cb9f6179

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 18:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 1; mode=block
expires: Thu, 25 Feb 2021 18:57:31 GMT

GET
H/1.1 200
OK index.js Show response
www.keepnetlabs.com/wp-content/plugins/contact-form-7/modules/recaptcha/ 4 KB
2 KB 16ms
15ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 671792033b9675a4d8ddbdfbb6b048da36b11b6d569c4f92ad3f785e71bba8de

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1101
Connection: keep-alive
Content-Length: 1466
cf-request-id: 087c26bb3900000625cf1c9000000001
Last-Modified: Wed, 24 Feb 2021 18:00:04 GMT
Server: cloudflare
ETag: "e8b-5bc18cdfe48da-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M1u6jDkVWFc%2BoCloWIXyIwEMi9LE5En%2FSyehiXNGYgS47RQMiZOwqcUQ84yQsGjfsFLbS06rEmcG5cBj%2BRjyq%2B2bjG%2FUX2IBK1ibGbPA5PfyrJ2Dzds8Ll1ZeAW0ksN1"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70b8ab80625-FRA

GET
H/1.1 200
OK js_composer_front.min.js Show response
www.keepnetlabs.com/wp-content/plugins/js_composer/assets/js/dist/ 19 KB
6 KB 13ms
13ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.4.5
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b51182de5d3e0e5cfa0a4ed9552dc82be393d7f7a08330f6299e08cdb2665f7f

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1101
Connection: keep-alive
Content-Length: 5712
cf-request-id: 087c26bb3a000005ed38a40000000001
Last-Modified: Wed, 21 Mar 2018 20:02:27 GMT
Server: cloudflare
ETag: "4d45-567f1ab987151-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9VFk49q%2BMFNDxpEjksv7dtUhvhsiWnaLibpIicXtlCbiAQwBK7MRLiJuhpHtqbD21R9LPmlYnhWiBkwjwColenvzGKPdlmU3z8OzKsXDXFqlr7t84cSyPhNQh79%2FonAv"}],"group":"cf-nel"}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70b88e405ed-FRA

GET
H/1.1 200
OK theme.min.js Show response
www.keepnetlabs.com/wp-content/themes/porto/js/ 151 KB
34 KB 12ms
11ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/themes/porto/js/theme.min.js?ver=4.2
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a5746036fe06e4a2bb10e3dd41de664b56d3052c00668d78a604423a278fb1

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 1101
Connection: keep-alive
Content-Length: 34379
cf-request-id: 087c26bb3a00000ea786034000000001
Last-Modified: Wed, 21 Mar 2018 20:00:04 GMT
Server: cloudflare
ETag: "25dd4-567f1a310f87c-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bvamSUKwCfPJ6AsrOSGqWC0Qw8IVbFBJvnZFuUS%2FFbWhf1k%2FbhEiMuUhP4TurfTBP0%2BX8XXYOJUFkOSKXwPbOuoaCCXWETOqfSuPkPbLd1kINlVZmD8725GHBvaLDcw0"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70b9b770ea7-FRA

GET
H/1.1 200
OK wp-embed.min.js Show response
www.keepnetlabs.com/wp-includes/js/ 1 KB
2 KB 15ms
15ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-includes/js/wp-embed.min.js?ver=5.6.2
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3256
Connection: keep-alive
Content-Length: 765
cf-request-id: 087c26bb3e000063599db73000000001
Last-Modified: Mon, 15 Feb 2021 12:36:11 GMT
Server: cloudflare
ETag: "592-5bb5f3b20e964-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F%2F7l0GZjYvuNlIfxHa67ZGjPN388lbNdjwS49oh3Vo%2BsLbnOVH4TUL8XtXL7ZWbkLV5LkFUaK%2BlDkzxCemPXhYqcQ%2F9EciKjR5Qsx%2BHpzE6snE8OS3Q6QVSMOgy0DRdX"}]}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70b98586359-FRA

GET
H/1.1 200
OK fv-flowplayer.min.js Show response
www.keepnetlabs.com/wp-content/plugins/fv-wordpress-flowplayer/flowplayer/ 268 KB
79 KB 15ms
13ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/fv-wordpress-flowplayer/flowplayer/fv-flowplayer.min.js?ver=7.4.40.727
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 638474fba3390ace7dc695fae6c399119fbad29f83677d5dbda8b48804d75535

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1101
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 087c26bb4b000005ed1703e000000001
Last-Modified: Thu, 18 Feb 2021 11:36:49 GMT
Server: cloudflare
ETag: "42f92-5bb9ac056bab6-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AdAvgLOHk7rvr69i37Fq2kBf6OZwF%2BA7FwIvk2pgyEvEwfrloWzmpKPEYUvoQpTEXmWgpc8Yhi3BtPbGgzZf57lR3dtrtoEDbrKI%2FOgTEwqZkYYezSQ%2BO0UgdLLNY2ld"}],"group":"cf-nel"}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
CF-RAY: 6273a70ba90905ed-FRA

GET
H/1.1 200
OK forms.min.js Show response
www.keepnetlabs.com/wp-content/plugins/mailchimp-for-wp/assets/js/ 7 KB
4 KB 11ms
10ms Script
application/x-javascript 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.min.js?ver=4.8.3
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a967a69edb3b1b523c71a86b0c665fa93436249640a987aead72a28ca348461

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1101
Connection: keep-alive
Content-Length: 2758
cf-request-id: 087c26bb4b00000625cf1ca000000001
Last-Modified: Thu, 21 Jan 2021 11:36:08 GMT
Server: cloudflare
ETag: "1abd-5b9677a4c22df-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MpSNZs6eN5Ljkw6wQBWLwaMMr30ROiX7nvvyF0RqbA6SXhLGpJWegcI2%2B7KAMUaqPDhmyOZ2i89fF2S0d5HIII3fgT0FIJD5P%2F3INnU9ecYXOEawymdXSo9Wog3poAUs"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70baae70625-FRA

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 39 KB
16 KB 100ms
36ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

7a7b3c367df34a1ca92184e690f8e5d44bf7e461de49fe3766ab8b01583c91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 18:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 15265
x-xss-protection: 0
server: cafe
etag: 14394186244095651158
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 25 Feb 2021 18:57:31 GMT

GET
H2 200 KFOoCniXp96ayzse4GZNCzc.woff2
fonts.gstatic.com/s/asap/v13/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/asap/v13/KFOoCniXp96ayzse4GZNCzc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Asap%3A200%2C300%2C400%2C700%2C800%2C500%7CRoboto%3A200%2C300%2C400%2C700%2C800%2C500%7COpen+Sans%3A200%2C300%2C400%2C700%2C800%2C500%7C&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Ckhmer%2Clatin%2Clatin-ext%2Cvietnamese&ver=5.6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fd73b7d75ef856b689964d016bfd8a5415acfbda909e252b73165842d3b088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.keepnetlabs.com
Referer: https://fonts.googleapis.com/css?family=Asap%3A200%2C300%2C400%2C700%2C800%2C500%7CRoboto%3A200%2C300%2C400%2C700%2C800%2C500%7COpen+Sans%3A200%2C300%2C400%2C700%2C800%2C500%7C&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Ckhmer%2Clatin%2Clatin-ext%2Cvietnamese&ver=5.6.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 20:39:10 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 23:52:12 GMT
server: sffe
age: 80301
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13664
x-xss-protection: 0
expires: Thu, 24 Feb 2022 20:39:10 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
24 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: cmIzSj6PBc8tOqHZ84evQZGnvC6LmHuKa0z3w/tD+a7Kh6tLRccWSL/qGOcn5QAD1ZlGMBZN7oOUZ3OXo8SNbg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 25 Feb 2021 18:57:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 111 KB
41 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K596HNX

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c85e30d6bb61f4f43d695f0a60e0edd18df779323a35772d6e38671ad17b973a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 18:57:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41764
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Feb 2021 18:57:31 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.keepnetlabs.com/wp-content/themes/porto/fonts/fontawesome/ 70 KB
71 KB 27ms
15ms Font
application/font-woff2 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/themes/porto/fonts/fontawesome/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/wp-content/themes/porto/css/plugins.css?ver=5.6.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Origin: https://www.keepnetlabs.com
Referer: https://www.keepnetlabs.com/wp-content/themes/porto/css/plugins.css?ver=5.6.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 1099
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 087c26bb4900004ed3e81bd000000001
Last-Modified: Wed, 21 Mar 2018 20:00:04 GMT
Server: cloudflare
ETag: "118d8-567f1a3109abc-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6r%2F9vm%2FxOfOOC47Y%2F7a6dKIQ%2FHQ4NlUIgBDrETbT0DEjvg1QfjDBZ%2B4phIYs84qp0hgbD6Th5vbXD94QpKDWALlG2PWOeFjAX8OL0tQbsZMouSKniA5sptQ%2FokqAPkKl"}],"max_age":604800}
Content-Type: application/font-woff2
Cache-Control: max-age=43200
CF-RAY: 6273a70ba8484ed3-FRA

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 35ms
19ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.keepnetlabs.com
Referer: https://fonts.googleapis.com/css?family=Asap%3A200%2C300%2C400%2C700%2C800%2C500%7CRoboto%3A200%2C300%2C400%2C700%2C800%2C500%7COpen+Sans%3A200%2C300%2C400%2C700%2C800%2C500%7C&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Ckhmer%2Clatin%2Clatin-ext%2Cvietnamese&ver=5.6.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 05:52:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 565497
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sat, 19 Feb 2022 05:52:34 GMT

GET
H/1.1 200
OK porto.woff2
www.keepnetlabs.com/wp-content/themes/porto/fonts/porto-font/ 29 KB
30 KB 24ms
12ms Font
application/font-woff2 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.keepnetlabs.com/wp-content/themes/porto/fonts/porto-font/porto.woff2?23364375
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/wp-content/themes/porto/css/theme.css?ver=5.6.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf6acf02f9e7eafa108db4fcb74f5fce30c0e260eed958ebdd12ae0820eba8b7

Request headers

Origin: https://www.keepnetlabs.com
Referer: https://www.keepnetlabs.com/wp-content/themes/porto/css/theme.css?ver=5.6.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1099
Connection: keep-alive
Content-Length: 29623
cf-request-id: 087c26bb4900004e6e2f014000000001
Last-Modified: Wed, 21 Mar 2018 20:00:04 GMT
Server: cloudflare
ETag: "73a0-567f1a3109abc-gzip"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LMy9uTq248QOZ6DJOcq9bxlFWUtNZZePM4GJXLz9By%2FZu7849DEy8nMAwmrhqHRKMiaTmPPBezEXNHmmQEEWfw0ysWf8a3QjboNlfco%2F9%2BI6pAZBLEF1w6%2F5i16%2B4c%2BJ"}],"max_age":604800}
Content-Type: application/font-woff2
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70ba8ae4e6e-FRA

GET
H3-Q050 200 KFOnCniXp96aw4A79UtvBh0_IsE.woff2
fonts.gstatic.com/s/asap/v13/ 13 KB
13 KB 35ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/asap/v13/KFOnCniXp96aw4A79UtvBh0_IsE.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

412abdf3c097621eaac39fbf57fbdf5bcd290c75204c3c5c08aa71f93757e883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.keepnetlabs.com
Referer: https://fonts.googleapis.com/css?family=Asap%3A200%2C300%2C400%2C700%2C800%2C500%7CRoboto%3A200%2C300%2C400%2C700%2C800%2C500%7COpen+Sans%3A200%2C300%2C400%2C700%2C800%2C500%7C&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Ckhmer%2Clatin%2Clatin-ext%2Cvietnamese&ver=5.6.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:41:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 23:52:30 GMT
server: sffe
age: 602162
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13600
x-xss-protection: 0
expires: Fri, 18 Feb 2022 19:41:29 GMT

GET
H/1.1 200
OK new-outlook-phishing-attack-768x465.jpg
www.keepnetlabs.com/wp-content/uploads/ 30 KB
31 KB 67ms
67ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/new-outlook-phishing-attack-768x465.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bee715abce35fe5086c2715e6a38459b59e56e5be1571decf782401d90bb9f9b

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 31221
cf-request-id: 087c26bbbb000063599e0c2000000001
Last-Modified: Wed, 02 Sep 2020 13:32:38 GMT
Server: cloudflare
ETag: "79f5-5ae54ab5ac986"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BjmFxuaemImPp3mip0zSEM8%2BZFnT7E2AjGbykeZb4U2KlZspXIAAwFmvTsgVIrTerMdp2aHWg4Kn%2Fb1Y%2Bb4p2iOsZZHvIW0V9dlAXMpSQMVMTqZL%2BqqFJXlczwcgS62e"}]}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c58856359-FRA

GET
H/1.1 200
OK fake-outlook-phishing-website-768x524.jpg
www.keepnetlabs.com/wp-content/uploads/ 38 KB
39 KB 58ms
58ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/fake-outlook-phishing-website-768x524.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a9f33f52b5ad98e688e7747481c4c6383dea71578da4056309f9037b8b92a88

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
CF-Cache-Status: MISS
NEL: {"max_age":604800,"report_to":"cf-nel"}
Connection: keep-alive
Content-Length: 38855
cf-request-id: 087c26bbcc00004ed3b5adf000000001
Last-Modified: Wed, 02 Sep 2020 13:32:32 GMT
Server: cloudflare
ETag: "97c7-5ae54aaf8b425"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LR6to1aaGOx1BkSt1nXv%2BFhPfkUs4ehLR3jVjFZGgZb2mn7HdZgD%2Fx6jnGaqR1OdtQ%2Fl9A1A9X7l%2BlAQwTU1CvTcIconabpJcnvneIl6O9V%2F0XSLyAoJYWZdkJWIoqTK"}],"max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a70c79b74ed3-FRA

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 11 KB
5 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.33

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-fb-rlafr: 0
pragma: public
x-fb-debug: xerv+Wc1gNX+L0QMa3YTWwmp/HBF5lWiNAzruTeQY+Sv/2lmpHj7oYFX3EVf2G6aXYGtNaYStSvv3SQU6l9K9w==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 25 Feb 2021 18:57:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1987922004815741 Show response
connect.facebook.net/signals/config/ 240 KB
69 KB 57ms
57ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1987922004815741?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67e8519b1d53ae113f5b80a94e6a4e9ffc17685fe29a29a8b52ff986df5d0d31

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: TXiay+3rF1zBy6mc/yYeESdBleb7g0W4XTTU1CtwhsN2LTBjJOB9aKzFabUCtY6BxKrsUfDSBwrLoqqNRrtMIg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 25 Feb 2021 18:57:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 2013484895
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 404 4296498.js
js.hs-scripts.com/ 0
0 14ms
14ms Script
application/json 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/4296498.js?integration=WordPress
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.keepnetlabs.com
access-control-allow-credentials: true
access-control-max-age: 3600

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ 331 KB
129 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdlSMkUAAAAAPi7wcxJoz2raaMR6JRnPS6lq60j&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.keepnetlabs.com
Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 18:20:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2246
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132194
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 03:04:57 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Feb 2022 18:20:05 GMT

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/819020459/ 2 KB
2 KB 46ms
31ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/819020459/?random=1614279451825&cv=9&fst=1614279451825&num=1&label=o2jOCMj27X0Qq4XFhgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.keepnetlabs.com%2Fnew-outlook-themed-phishing-attack-on-banking-sector%2F&tiba=New%20Outlook%20Themed%20Phishing%20Attack%20on%20Banking%20Sector%20-%20Keepnet%20Labs&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25d3e6dd47cb94695e7accd241e28a2f9fe123aa7f6b183270fb1a09f34422ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 18:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1152
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 28ms
7ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K596HNX
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=42060
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K596HNX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3295
date: Thu, 25 Feb 2021 18:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 25 Feb 2021 20:02:36 GMT

GET
H/1.1 200
OK a-new-outlook-phishing-attack-targeting-banks.jpg
www.keepnetlabs.com/wp-content/uploads/ 72 KB
73 KB 48ms
47ms Image
image/jpeg 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.keepnetlabs.com/wp-content/uploads/a-new-outlook-phishing-attack-targeting-banks.jpg
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8031605d45d5a58206ae28201112e38e222bf093bb35da16a647676f9cf55eca

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 18:57:32 GMT
CF-Cache-Status: REVALIDATED
NEL: {"max_age":604800,"report_to":"cf-nel"}
Cf-Polished: origSize=81841, status=vary_header_present
Connection: keep-alive
Content-Length: 73733
cf-request-id: 087c26be4500004ed3ef87e000000001
Last-Modified: Wed, 02 Sep 2020 13:32:28 GMT
Server: cloudflare
ETag: "13fb1-5ae54aac01025"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: X-Forwarded-Proto,Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P7Q18Qwx95PwFv%2Bi708hdnW4AmUHg583qPh5cje7t%2FXh%2FeH%2F0uRRenfKuLu0fgYicyCuzvJB162VTkjKpLYR0GQH9QXC3WO3HOiR5pipmwgx9adiDFsUCathUcvIQeYC"}],"max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=43200
Accept-Ranges: bytes
CF-RAY: 6273a71068d24ed3-FRA
Cf-Bgj: imgq:100,h2pri

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1987922004815741&ev=PageView&dl=https%3A%2F%2Fwww.keepnetlabs.com%2Fnew-outlook-themed-phishing-attack-on-banking-sector%2F&rl=&if=false&ts=1614279452243&cd[source]=wordpress&cd[version]=5.6.2&cd[pluginVersion]=1.7.5&sw=1600&sh=1200&v=2.9.33&r=stable&a=wordpress-5.6.2-1.7.5&ec=0&o=30&fbp=fb.1.1614279452241.1022417688&it=1614279451657&coo=false&rqm=GET

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 18:57:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 25 Feb 2021 18:57:32 GMT

GET
H3-Q050 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 3E22 19 KB
10 KB 41ms
41ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdlSMkUAAAAAPi7wcxJoz2raaMR6JRnPS6lq60j&co=aHR0cHM6Ly93d3cua2VlcG5ldGxhYnMuY29tOjQ0Mw..&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=lcpy1kcdamqr

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cfb3e67d2313cc982d27f124126fbd3e14c15d768bb8602716bf1f554e37df41

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PFv4oXrpdG/2IwdMKlwEpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LdlSMkUAAAAAPi7wcxJoz2raaMR6JRnPS6lq60j&co=aHR0cHM6Ly93d3cua2VlcG5ldGxhYnMuY29tOjQ0Mw..&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=lcpy1kcdamqr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 25 Feb 2021 18:57:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-PFv4oXrpdG/2IwdMKlwEpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10080
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

/
www.google.de/pagead/1p-conversion/819020459/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819020459/?random=879552425&cv=9&fst=1614279451825&num=1&label=o2jOCMj27X0Qq4XFhgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u...
https://www.google.com/pagead/1p-conversion/819020459/?random=879552425&cv=9&fst=1614279451825&num=1&label=o2jOCMj27X0Qq4XFhgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_...
https://www.google.de/pagead/1p-conversion/819020459/?random=879552425&cv=9&fst=1614279451825&num=1&label=o2jOCMj27X0Qq4XFhgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_c...

42 B
108 B

23ms
20ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/819020459/?random=879552425&cv=9&fst=1614279451825&num=1&label=o2jOCMj27X0Qq4XFhgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.keepnetlabs.com%2Fnew-outlook-themed-phishing-attack-on-banking-sector%2F&tiba=New%20Outlook%20Themed%20Phishing%20Attack%20on%20Banking%20Sector%20-%20Keepnet%20Labs&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=G_M3YK_zNM38bLGVhqgH&random=687661760&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 18:57:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 18:57:32 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/819020459/?random=879552425&cv=9&fst=1614279451825&num=1&label=o2jOCMj27X0Qq4XFhgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.keepnetlabs.com%2Fnew-outlook-themed-phishing-attack-on-banking-sector%2F&tiba=New%20Outlook%20Themed%20Phishing%20Attack%20on%20Banking%20Sector%20-%20Keepnet%20Labs&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=G_M3YK_zNM38bLGVhqgH&random=687661760&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=240970&time=1614279452839&url=https%3A%2F%2Fwww.keepnetlabs.com%2Fnew-outlook-themed-phishing-attack-on-banking-sector%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D240970%26time%3D1614279452839%26url%3Dhttps%253A%252F%252Fwww.keepnetlabs.com%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=240970&time=1614279452839&url=https%3A%2F%2Fwww.keepnetlabs.com%2Fnew-outlook-themed-phishing-attack-on-banking-sector%2F&liSync=true

0
274 B

220ms
220ms

Image
application/javascript

2620:119:50e1:101::6cae:b25
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=240970&time=1614279452839&url=https%3A%2F%2Fwww.keepnetlabs.com%2Fnew-outlook-themed-phishing-attack-on-banking-sector%2F&liSync=true
Requested by: Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 18:57:33 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-esv5
content-type: application/javascript
content-length: 0
x-li-uuid: zo7iPJwSZxZQWTx6HisAAA==

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action: 1
content-length: 0
x-li-uuid: c5jCMZwSZxagaW4rjCsAAA==
pragma: no-cache
x-li-pop: afd-prod-ltx1
x-msedge-ref: Ref A: 6B158A79B5C74BC1ADA6BCE47BA0540C Ref B: FRAEDGE0710 Ref C: 2021-02-25T18:57:33Z
date: Thu, 25 Feb 2021 18:57:33 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=240970&time=1614279452839&url=https%3A%2F%2Fwww.keepnetlabs.com%2Fnew-outlook-themed-phishing-attack-on-banking-sector%2F&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-105761689-1&cid=913371279.1614279453&jid=1784976945&gjid=483777725&_gid=1510966340.1614279453&_u=YGBAgEABAAAAAE~&z=1189721696

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 25 Feb 2021 18:57:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.keepnetlabs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 7ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=673862625&t=pageview&_s=1&dl=https%3A%2F%2Fwww.keepnetlabs.com%2Fnew-outlook-themed-phishing-attack-on-banking-sector%2F&ul=en-us&de=UTF-8&dt=New%20Outlook%20Themed%20Phishing%20Attack%20on%20Banking%20Sector%20-%20Keepnet%20Labs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1784976945&gjid=483777725&cid=913371279.1614279453&tid=UA-105761689-1&_gid=1510966340.1614279453&gtm=2wg2h0K596HNX&z=23384355

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 05:11:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49578
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
87 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary9h5mznWdeSvBr48P

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 25 Feb 2021 18:57:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.keepnetlabs.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
65 B 30ms
30ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-105761689-1&cid=913371279.1614279453&jid=1784976945&_u=YGBAgEABAAAAAE~&z=1733548666

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 18:57:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-105761689-1&cid=913371279.1614279453&jid=1784976945&_u=YGBAgEABAAAAAE~&z=1733548666

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 18:57:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame 3E22 50 KB
25 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdlSMkUAAAAAPi7wcxJoz2raaMR6JRnPS6lq60j&co=aHR0cHM6Ly93d3cua2VlcG5ldGxhYnMuY29tOjQ0Mw..&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=lcpy1kcdamqr

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdlSMkUAAAAAPi7wcxJoz2raaMR6JRnPS6lq60j&co=aHR0cHM6Ly93d3cua2VlcG5ldGxhYnMuY29tOjQ0Mw..&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=lcpy1kcdamqr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 17:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 03:04:57 GMT
server: sffe
age: 265464
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Tue, 22 Feb 2022 17:13:08 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame 3E22 331 KB
129 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdlSMkUAAAAAPi7wcxJoz2raaMR6JRnPS6lq60j&co=aHR0cHM6Ly93d3cua2VlcG5ldGxhYnMuY29tOjQ0Mw..&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=lcpy1kcdamqr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 18:05:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3147
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132194
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 03:04:57 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Feb 2022 18:05:05 GMT

GET
H3-Q050 200 LEWTDn-0uFEPleelj_jDU3iJDiQgFXaquEo2jgFkIt8.js Show response
www.google.com/js/bg/ Frame 3E22 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/LEWTDn-0uFEPleelj_jDU3iJDiQgFXaquEo2jgFkIt8.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c45930e7fb4b8510f95e7a58ff8c35378890e24201576aab84a368e016422df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdlSMkUAAAAAPi7wcxJoz2raaMR6JRnPS6lq60j&co=aHR0cHM6Ly93d3cua2VlcG5ldGxhYnMuY29tOjQ0Mw..&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=lcpy1kcdamqr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 13:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 18282
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6282
x-xss-protection: 0
expires: Fri, 25 Feb 2022 13:52:50 GMT

GET
H3-Q050 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3E22 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:56:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 21662
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Thu, 04 Mar 2021 12:56:30 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3E22 10 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdlSMkUAAAAAPi7wcxJoz2raaMR6JRnPS6lq60j&co=aHR0cHM6Ly93d3cua2VlcG5ldGxhYnMuY29tOjQ0Mw..&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=lcpy1kcdamqr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 570714
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
expires: Sat, 19 Feb 2022 04:25:38 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3E22 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdlSMkUAAAAAPi7wcxJoz2raaMR6JRnPS6lq60j&co=aHR0cHM6Ly93d3cua2VlcG5ldGxhYnMuY29tOjQ0Mw..&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=lcpy1kcdamqr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 07:00:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 561446
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10788
x-xss-protection: 0
expires: Sat, 19 Feb 2022 07:00:06 GMT

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/api2/ Frame 3E22 102 B
240 B 16ms
15ms Other
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ab1e16c1b3f793e0aec723c7a7add9e179781105d1646ced630af7007ca52720

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdlSMkUAAAAAPi7wcxJoz2raaMR6JRnPS6lq60j&co=aHR0cHM6Ly93d3cua2VlcG5ldGxhYnMuY29tOjQ0Mw..&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=lcpy1kcdamqr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 18:57:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 25 Feb 2021 18:57:32 GMT

POST
H3-Q050 200 reload Show response
www.google.com/recaptcha/api2/ Frame 3E22 9 KB
7 KB 59ms
59ms XHR
application/json 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdlSMkUAAAAAPi7wcxJoz2raaMR6JRnPS6lq60j

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3d0663941c8618e0a53cadf0588e090f34a3db30f5d38df1d2bc342e5a8a51ad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdlSMkUAAAAAPi7wcxJoz2raaMR6JRnPS6lq60j&co=aHR0cHM6Ly93d3cua2VlcG5ldGxhYnMuY29tOjQ0Mw..&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=lcpy1kcdamqr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 25 Feb 2021 18:57:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6611
x-xss-protection: 1; mode=block
expires: Thu, 25 Feb 2021 18:57:33 GMT

GET
H/1.1 200
OK refill Show response
www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/1498/ 3 B
1 KB 325ms
324ms Fetch
application/json 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/1498/refill?_locale=user

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/wp-includes/js/dist/api-fetch.min.js?ver=4dec825c071b87c57f687eb90f7c23c3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7526f9a4360fd590555d5b3a1107042f18a6ace66a09cbbfd266f86621266fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
X-WP-Nonce: 61faab5112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
Date: Thu, 25 Feb 2021 18:57:34 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"max_age":604800,"report_to":"cf-nel"}
Connection: keep-alive
Vary: X-Forwarded-Proto,Accept-Encoding,Origin
Content-Length: 3
cf-request-id: 087c26c48f00004ed3ca268000000001
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Allow: GET
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=umQW0vf973ZggNMHR2YUtTVQ8Q%2BeVEjxPiz%2FC4lpadFVudt%2BJwYTUtQg2mvrg%2BW%2FD26me%2F2ZwYzC3bDsABq60iZZCK%2FjGdXnH7iobTyr47UsnxZ1Cq0kDYdrAe5Bi5op"}],"max_age":604800}
Content-Type: application/json; charset=UTF-8
X-WP-Nonce: 61faab5112
X-Robots-Tag: noindex
CF-RAY: 6273a71a7bad4ed3-FRA
Link: <https://www.keepnetlabs.com/wp-json/>; rel="https://api.w.org/"
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link

GET
H/1.1 200
OK refill Show response
www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/4747/ 3 B
1 KB 395ms
395ms Fetch
application/json 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/4747/refill?_locale=user

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/wp-includes/js/dist/api-fetch.min.js?ver=4dec825c071b87c57f687eb90f7c23c3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7526f9a4360fd590555d5b3a1107042f18a6ace66a09cbbfd266f86621266fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
X-WP-Nonce: 61faab5112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
Date: Thu, 25 Feb 2021 18:57:34 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Vary: X-Forwarded-Proto,Accept-Encoding,Origin
Content-Length: 3
cf-request-id: 087c26c49000006359aa368000000001
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Allow: GET
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bAQvQ1jPNLVPQHZWuRdpMPcgH%2BVHfKb22%2B4rFKGbO8VdYPGTy6VBy38pkN2%2BvTLx6nw5fP1rrDotp3LBdfGmoW2GiNVQ6s5EVsZUbD3R4r3ou5iSdAGgqZdcpl0lbI0x"}]}
Content-Type: application/json; charset=UTF-8
X-WP-Nonce: 61faab5112
X-Robots-Tag: noindex
CF-RAY: 6273a71a7af66359-FRA
Link: <https://www.keepnetlabs.com/wp-json/>; rel="https://api.w.org/"
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link

GET
H/1.1 200
OK refill Show response
www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/5469/ 3 B
1 KB 262ms
261ms Fetch
application/json 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/5469/refill?_locale=user

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/wp-includes/js/dist/api-fetch.min.js?ver=4dec825c071b87c57f687eb90f7c23c3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7526f9a4360fd590555d5b3a1107042f18a6ace66a09cbbfd266f86621266fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
X-WP-Nonce: 61faab5112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
Date: Thu, 25 Feb 2021 18:57:34 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Vary: X-Forwarded-Proto,Accept-Encoding,Origin
Content-Length: 3
cf-request-id: 087c26c49000004e6e740ba000000001
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Allow: GET
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jqTictKoUy1ySfTpJ%2FDY4i%2FUXePVWQOcL93nKQqioWukyr87Y3kj02ntJJvQxc4zWJiKkSbws5AltS2K4KJ9wzkuDocpjjLgh1vN%2B1HXW0WmcQJGAdI3CHPjd91k1ndp"}],"max_age":604800}
Content-Type: application/json; charset=UTF-8
X-WP-Nonce: 61faab5112
X-Robots-Tag: noindex
CF-RAY: 6273a71a8a0b4e6e-FRA
Link: <https://www.keepnetlabs.com/wp-json/>; rel="https://api.w.org/"
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link

GET
H/1.1 200
OK refill Show response
www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/6931/ 3 B
1 KB 351ms
350ms Fetch
application/json 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/6931/refill?_locale=user

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/wp-includes/js/dist/api-fetch.min.js?ver=4dec825c071b87c57f687eb90f7c23c3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7526f9a4360fd590555d5b3a1107042f18a6ace66a09cbbfd266f86621266fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
X-WP-Nonce: 61faab5112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
Date: Thu, 25 Feb 2021 18:57:34 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Vary: X-Forwarded-Proto,Accept-Encoding,Origin
Content-Length: 3
cf-request-id: 087c26c491000006253408b000000001
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Allow: GET
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bZ2RQFrO5X88JjOA4eHi3oirSflIzy4bkVXV%2BioCsjpJb6YsCUsKtfv%2Bjazvj7lCcLnjxMAD3TgIV23nu%2FMB2uk749DOHmyxae%2BmUYcFBCHABqu6vR%2F1WLF1qzWVt%2BW8"}],"group":"cf-nel","max_age":604800}
Content-Type: application/json; charset=UTF-8
X-WP-Nonce: 61faab5112
X-Robots-Tag: noindex
CF-RAY: 6273a71a8ce70625-FRA
Link: <https://www.keepnetlabs.com/wp-json/>; rel="https://api.w.org/"
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link

GET
H/1.1 200
OK refill Show response
www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/6953/ 3 B
1 KB 389ms
389ms Fetch
application/json 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/6953/refill?_locale=user

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/wp-includes/js/dist/api-fetch.min.js?ver=4dec825c071b87c57f687eb90f7c23c3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7526f9a4360fd590555d5b3a1107042f18a6ace66a09cbbfd266f86621266fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
X-WP-Nonce: 61faab5112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
Date: Thu, 25 Feb 2021 18:57:34 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Vary: X-Forwarded-Proto,Accept-Encoding,Origin
Content-Length: 3
cf-request-id: 087c26c491000005ed170eb000000001
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Allow: GET
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Nlp%2FMZFJCTvseG5uGYtWzQn5lkS7VQlZV%2F1zgcl9oaA6Bao2BjuYztQ3ICkNuvn5mTYDtdwwoGEW3pjrdQkaABeeIwGmkMgLrRQiSUqImIeU89OdiQBiNlhTThHcRo5R"}],"group":"cf-nel"}
Content-Type: application/json; charset=UTF-8
X-WP-Nonce: 61faab5112
X-Robots-Tag: noindex
CF-RAY: 6273a71a8be805ed-FRA
Link: <https://www.keepnetlabs.com/wp-json/>; rel="https://api.w.org/"
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link

GET
H/1.1 200
OK refill Show response
www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/6958/ 3 B
1 KB 366ms
366ms Fetch
application/json 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/6958/refill?_locale=user

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/wp-includes/js/dist/api-fetch.min.js?ver=4dec825c071b87c57f687eb90f7c23c3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7526f9a4360fd590555d5b3a1107042f18a6ace66a09cbbfd266f86621266fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
X-WP-Nonce: 61faab5112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
Date: Thu, 25 Feb 2021 18:57:34 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"max_age":604800,"report_to":"cf-nel"}
Connection: keep-alive
Vary: X-Forwarded-Proto,Accept-Encoding,Origin
Content-Length: 3
cf-request-id: 087c26c49200000ea7928d8000000001
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Allow: GET
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YRDwUx%2Fqs2scMMOnMse3eFyhU%2BAMAJI5lgd%2FUIR9kMqmOxWK3tZjSA5uv%2BKZUcu2HB4YBtj4%2F%2FLBE%2BGe9aTcl26yhf8zXStra9xOuu0Gk09ywEq8COxqXBjcHmu%2FtO21"}],"group":"cf-nel","max_age":604800}
Content-Type: application/json; charset=UTF-8
X-WP-Nonce: 61faab5112
X-Robots-Tag: noindex
CF-RAY: 6273a71a8ccb0ea7-FRA
Link: <https://www.keepnetlabs.com/wp-json/>; rel="https://api.w.org/"
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link

GET
H/1.1 200
OK refill Show response
www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/7026/ 3 B
1 KB 591ms
331ms Fetch
application/json 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/7026/refill?_locale=user

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/wp-includes/js/dist/api-fetch.min.js?ver=4dec825c071b87c57f687eb90f7c23c3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7526f9a4360fd590555d5b3a1107042f18a6ace66a09cbbfd266f86621266fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
X-WP-Nonce: 61faab5112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
Date: Thu, 25 Feb 2021 18:57:34 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Vary: X-Forwarded-Proto,Accept-Encoding,Origin
Content-Length: 3
cf-request-id: 087c26c59600004e6e3980f000000001
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Allow: GET
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mgc9H2UusbUNpovu0kgo8zECRN%2Fm%2B3ddDUkNXF0pJ5k9jy4frxMt0wLVemZFPwT5mhuiVezRLP810wI2WZr8P7X%2BnNVoHZWqr2CkfvO%2FGhkJPE9BuXQGt9HYnJV9ela8"}],"max_age":604800}
Content-Type: application/json; charset=UTF-8
X-WP-Nonce: 61faab5112
X-Robots-Tag: noindex
CF-RAY: 6273a71c2cf34e6e-FRA
Link: <https://www.keepnetlabs.com/wp-json/>; rel="https://api.w.org/"
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link

GET
H/1.1 200
OK refill Show response
www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/6095/ 3 B
1 KB 1570ms
1248ms Fetch
application/json 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/6095/refill?_locale=user

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/wp-includes/js/dist/api-fetch.min.js?ver=4dec825c071b87c57f687eb90f7c23c3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7526f9a4360fd590555d5b3a1107042f18a6ace66a09cbbfd266f86621266fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
X-WP-Nonce: 61faab5112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
Date: Thu, 25 Feb 2021 18:57:35 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"max_age":604800,"report_to":"cf-nel"}
Connection: keep-alive
Vary: X-Forwarded-Proto,Accept-Encoding,Origin
Content-Length: 3
cf-request-id: 087c26c5d400004ed3288e5000000001
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Allow: GET
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ujHoIWrsFBGwj4q88ZafMUmQqvACqeoHazISv6kMW%2FvUpH6ZhvqHdzaYrBPoy8ZH78zQvoLFCD3wV4fyz%2BfjjMHoAIBEojCNI%2BFssuAWAkQs67bHoNGt04Ik2lI0PPHX"}],"max_age":604800}
Content-Type: application/json; charset=UTF-8
X-WP-Nonce: 61faab5112
X-Robots-Tag: noindex
CF-RAY: 6273a71c8f2d4ed3-FRA
Link: <https://www.keepnetlabs.com/wp-json/>; rel="https://api.w.org/"
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link

GET
H/1.1 200
OK refill Show response
www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/7540/ 3 B
1 KB 1537ms
1188ms Fetch
application/json 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/7540/refill?_locale=user

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/wp-includes/js/dist/api-fetch.min.js?ver=4dec825c071b87c57f687eb90f7c23c3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7526f9a4360fd590555d5b3a1107042f18a6ace66a09cbbfd266f86621266fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
X-WP-Nonce: 61faab5112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
Date: Thu, 25 Feb 2021 18:57:35 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Vary: X-Forwarded-Proto,Accept-Encoding,Origin
Content-Length: 3
cf-request-id: 087c26c5f000000625063ac000000001
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Allow: GET
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FZfc7b%2FEIF%2Ba8CIv1Yuvep46z2VFXFZwLl2fxNMpchTLQlkOIHRIUEmmeABjEFau5zldqM0ubMfopbUGp4pipqv90QCJOcnyS2aov1eDJ%2FMBcwMabr1k1rXQPST0lqgp"}],"group":"cf-nel","max_age":604800}
Content-Type: application/json; charset=UTF-8
X-WP-Nonce: 61faab5112
X-Robots-Tag: noindex
CF-RAY: 6273a71cb8690625-FRA
Link: <https://www.keepnetlabs.com/wp-json/>; rel="https://api.w.org/"
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link

GET
H/1.1 200
OK refill Show response
www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/4731/ 3 B
1 KB 2579ms
2214ms Fetch
application/json 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/4731/refill?_locale=user

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/wp-includes/js/dist/api-fetch.min.js?ver=4dec825c071b87c57f687eb90f7c23c3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7526f9a4360fd590555d5b3a1107042f18a6ace66a09cbbfd266f86621266fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
X-WP-Nonce: 61faab5112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
Date: Thu, 25 Feb 2021 18:57:36 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"max_age":604800,"report_to":"cf-nel"}
Connection: keep-alive
Vary: X-Forwarded-Proto,Accept-Encoding,Origin
Content-Length: 3
cf-request-id: 087c26c60000000ea72f3d7000000001
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Allow: GET
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BMPK9Os4E2IrOnCAkn%2Fc9GHa9tiuXL99jAwgFPIX554faJQLkqtaqnI98etNUGcelsv8DJDmBnQPftQ%2B%2BS5T3mrPmRYZUDe4C7u54Obgd3zUc3enoOpZOj5NBH8aaDdJ"}],"group":"cf-nel","max_age":604800}
Content-Type: application/json; charset=UTF-8
X-WP-Nonce: 61faab5112
X-Robots-Tag: noindex
CF-RAY: 6273a71ccf9c0ea7-FRA
Link: <https://www.keepnetlabs.com/wp-json/>; rel="https://api.w.org/"
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link

GET
H/1.1 200
OK refill Show response
www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/3919/ 3 B
1 KB 2572ms
2186ms Fetch
application/json 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/3919/refill?_locale=user

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/wp-includes/js/dist/api-fetch.min.js?ver=4dec825c071b87c57f687eb90f7c23c3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7526f9a4360fd590555d5b3a1107042f18a6ace66a09cbbfd266f86621266fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
X-WP-Nonce: 61faab5112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
Date: Thu, 25 Feb 2021 18:57:36 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Vary: X-Forwarded-Proto,Accept-Encoding,Origin
Content-Length: 3
cf-request-id: 087c26c617000005edd1b68000000001
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Allow: GET
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FLAoRemWLizl5JZRSqxwV7gNPrY%2BjVi7E6Q6nBtNoGevreYoRZQ5F84Va7NzKUQbm1qttMbtFzP2TFK2sUyzoiTRKVPkjECmmBxcRGd%2FW2aQuBd9cs%2BXm6NWl%2BiviQAq"}],"group":"cf-nel"}
Content-Type: application/json; charset=UTF-8
X-WP-Nonce: 61faab5112
X-Robots-Tag: noindex
CF-RAY: 6273a71cf90905ed-FRA
Link: <https://www.keepnetlabs.com/wp-json/>; rel="https://api.w.org/"
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link

GET
H/1.1 200
OK refill Show response
www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/3854/ 3 B
1 KB 2551ms
2160ms Fetch
application/json 2606:4700:20::681a:ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.keepnetlabs.com/wp-json/contact-form-7/v1/contact-forms/3854/refill?_locale=user

Requested by

Host: www.keepnetlabs.com
URL: https://www.keepnetlabs.com/wp-includes/js/dist/api-fetch.min.js?ver=4dec825c071b87c57f687eb90f7c23c3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ea5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7526f9a4360fd590555d5b3a1107042f18a6ace66a09cbbfd266f86621266fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://www.keepnetlabs.com/new-outlook-themed-phishing-attack-on-banking-sector/
X-WP-Nonce: 61faab5112
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
Date: Thu, 25 Feb 2021 18:57:36 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Vary: X-Forwarded-Proto,Accept-Encoding,Origin
Content-Length: 3
cf-request-id: 087c26c61b00006359a0a8b000000001
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Allow: GET
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ghJm2EorSXVVLNhBtkEL%2FxGNnT%2BpGs1SZHgizcHMIpDslgKuzSBDMLy%2Fl4NEESZXBcdTLZQns84grLKjmq%2FtQLyYXM56e2%2B%2BIM3sEy9TgzAp1DVmgWsKR84bWOpvEB0p"}]}
Content-Type: application/json; charset=UTF-8
X-WP-Nonce: 61faab5112
X-Robots-Tag: noindex
CF-RAY: 6273a71cfb5c6359-FRA
Link: <https://www.keepnetlabs.com/wp-json/>; rel="https://api.w.org/"
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link

Verdicts & Comments Add Verdict or Comment

250 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.keepnetlabs.com/	1970-01-19 16:24:39	Name: _dc_gtm_UA-105761689-1 Value: 1
.keepnetlabs.com/	1970-01-20 09:55:51	Name: _ga Value: GA1.2.913371279.1614279453
.keepnetlabs.com/	1970-01-19 18:34:15	Name: _fbp Value: fb.1.1614279452241.1022417688
.google.com/recaptcha	1970-01-19 20:43:51	Name: _GRECAPTCHA Value: 09AImWOhKTyBStbPdY39EAeUYH_DlO8oZ2Cs3d9tBt90Fjr0SjkYk6iusyaiyr-L1vhm9PG--EnLyNqd17oc-agZo
.keepnetlabs.com/	1970-01-19 17:07:51	Name: __cfduid Value: d31194ae8a4642ec728335913fa4b42181614279451
www.keepnetlabs.com/	1969-12-31 23:59:59	Name: gridcookie Value: grid
www.keepnetlabs.com/	1970-01-20 01:10:15	Name: cookielawinfo-checkbox-necessary Value: yes
.keepnetlabs.com/	1970-01-19 16:26:05	Name: _gid Value: GA1.2.1510966340.1614279453
www.keepnetlabs.com/	1970-01-20 01:10:15	Name: cookielawinfo-checkbox-non-necessary Value: yes

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.keepnetlabs.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://www.keepnetlabs.com/wp-content/plugins/popup-maker/assets/js/site.min.js?defer&ver=1.15.0(Line 1) Message: init popups ✔

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.hs-scripts.com
px.ads.linkedin.com
snap.licdn.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.keepnetlabs.com
www.linkedin.com
172.217.16.130
2606:4700:20::681a:ea5
2606:4700::6810:135e
2606:4700::6811:d6cc
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:800::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2004
2a00:1450:400c:c07::9c
2a02:26f0:6c00:28c::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
07ad8b1e39c1857fae32e6d1a88b775e5b962cba67b45aadfcd9386faa773b8c
0943df3794eaf5d96dcc106311f5c406e2158101de13adecc90a3ca85017a41a
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11a5746036fe06e4a2bb10e3dd41de664b56d3052c00668d78a604423a278fb1
13f6990c7c68b797db2c4f00f402e2e78858314e909c702b2ced5ff48510a9c3
169f52df81e6df863f2f696b98a10c35711a78725974956dae2d56758afad0a0
1776485c52e2ae698fdca367fda438599179c9b56d45d237cbc6895e3ab3642a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bf631d688aa7c439c34f86d504223649335a3b7c5c4082e34472c101d4977b1
1fc74d04921d1b023c00e30855d07fb870c81f80f4968e4e204cc0162ae0df16
21e40781d16d749119e73d092fd3a91883640701f700496d38ddab1fdba4f3cb
25d3e6dd47cb94695e7accd241e28a2f9fe123aa7f6b183270fb1a09f34422ef
26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8
28aeb539a4b98f683c48ec86bb73d38510aa0f9f7a47a4b30cb815f7b4318c0e
2c45930e7fb4b8510f95e7a58ff8c35378890e24201576aab84a368e016422df
2c4d9b10ce15fc8679cb1a0463fb40d31f1379f398da3d5cd8c3d68c40f9849d
2d23b5d20c33b2c140d29cf62c6d67b29bf81978ba3a4084a86a092eca15d529
2d40358626f5b370bbadd150fc6b453f161543d19cae066b0cb859ad438fa044
2f112b15ac65aa00dec0539bff4ae88e194ab23c4e78555f10fc886b7583093e
334349229c3564240dd0ed05e0c747db3d9e978b6cd447f19b6891b0d32a94cb
38945ce59069a90596a42fc117680bb7b4a74e6808fc444866af15011ac5fa3d
3a4cab6234fb08bcdbd86812387e4fad9d65eba2cde3c54f234a7b9cca2266b2
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3d0663941c8618e0a53cadf0588e090f34a3db30f5d38df1d2bc342e5a8a51ad
412abdf3c097621eaac39fbf57fbdf5bcd290c75204c3c5c08aa71f93757e883
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
4354449ab7a164ef5486d12020f3bc403b8ff104a8da73e9f9332106b86b061c
4372c7931db8137056bc2ec54a56873067ca668c10f8d790d068d1fc8cfdf68e
46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b
487f658db18633aa6e4d9913e12f9ae3e3f3937547cce68420582cd2cb9f6179
4a967a69edb3b1b523c71a86b0c665fa93436249640a987aead72a28ca348461
547456111b75ed0dd9f05422a583bf517129720af3d3e557c78869aff0fb9d5e
5b3933c4dbdef00f27c2b8c2da57446d240a21b83ee7bb3734d6070c507b9554
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5be7f1c5aafff9458c12362747e1ad99ea6b891b82995622e2f448427ece1480
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
60119a6a8bec18f8200baab5a58799944ed399924c7b17aec033953acfe809b2
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
638474fba3390ace7dc695fae6c399119fbad29f83677d5dbda8b48804d75535
671792033b9675a4d8ddbdfbb6b048da36b11b6d569c4f92ad3f785e71bba8de
67e8519b1d53ae113f5b80a94e6a4e9ffc17685fe29a29a8b52ff986df5d0d31
69c8ebe5482e1035711de0359e9ae110ee33426797256abca3e1bd7265430350
6a9f33f52b5ad98e688e7747481c4c6383dea71578da4056309f9037b8b92a88
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6c6e128d62c99877d6cfea13d45ffc63598c4cf3adb66462dc6bc3778a6987e0
6eabb193731278713f4208ea84b8c7334c3dfc98f01cb074778280e1df536e62
6f084acfdb95b8c446450be8208eccfdb2003fd122e08fcfc9e914358380dc23
7264af670069319b55e04042d9ee93278f42113e76ac28644ac4d688b2145051
77bfad1b193eb8ea528fb92ad671ccb9115e4df91473ddbd018b7b8d38b6be90
7a7b3c367df34a1ca92184e690f8e5d44bf7e461de49fe3766ab8b01583c91dd
7b859bb23b4ae99fe58b8b47433e9efcb7a1a92a42583b0cf17fe9b899989c3a
7c455954c81b2a8e34b047e924a61fb1659b21f49d1f6c8045a20a1b746b3835
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7fe7ac55395f6467ec9885f62887d1536e29ae2111627d45564e55214cfee130
8031605d45d5a58206ae28201112e38e222bf093bb35da16a647676f9cf55eca
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834d15b9d61e018d387f433bb0c7e662b20f7d60900f45d226d4ffd12eefd76d
849ac824d2688c3300c549cb47f0504ebe02e226e96a8d3e283cdc1b0a40f872
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8605bf321acdd3f271b0d1e442a7ab08a6a673cd56d71d23a56144ceeb72b18a
869dcec06cf2e1a025f5758bf5aad5b45133d5018a6b12e23b72b24b08d65050
86b68208ebda8649947db44834a8b369916c4152d0e1b5bd95002fa020fe6d3b
872454cbfd47b444a3fa6cfa9a74b0f57e5f6b3a47b9870108d2b0e5ce4aace5
87ed0be62083f2018ae3fc1d61d4121c5cab1bd6e43e58fd151e0aec19bb9273
8e95b881702116fa860c3e41ef7ebaac83c3ecf0db026aaae023b46671db74ce
8ec7b57c708d9431774c68dfa17ce458dd050ae24ac3177864c0df01666dc158
93bc2710a131e78f871a7d553bd83e3a69b98adc90c8a2976df996975ce88c30
96eb16ec9ee8b7021fc44dea39f61082c5ce3ef915255ed87b64a1654d062e58
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf
9e0a6cdc0db5050d4741644daae55a50a547679ebc344f551efcb44b2febb62b
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9f631cca0b0c213c8ada172e856306e00b51e46358a775847181d1e4f161c7b6
a1b09d5ec471785f0d1176686ad816755ff3e6993ae1eb5d7e3efdd13511a899
a223c340354e04f18e6db94d90e79df5421bea220b9cbeb29280d2cccf6e4d8e
a2d1106a6339fd29fae782de69b0e6a97563795aaa427c252c832240bb5bef83
a40b3840a5f78837535fcbeaecb867be187a131607ef3b92b4972a0121b8dbeb
a82fb0df229ab511ba5e585874443b97a62bfbd76c369a6944ed9e0750ebf698
ab1e16c1b3f793e0aec723c7a7add9e179781105d1646ced630af7007ca52720
ab9f855e542893de23c7b7e4897eb91066c9dbbfeaa1b1fa73a826867833b4b1
b51182de5d3e0e5cfa0a4ed9552dc82be393d7f7a08330f6299e08cdb2665f7f
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
b8e149178358873942c6a434f9ae62dd952769a87c2abdf7e659c129acd398fd
b8fa20af264fcdd99621fc4e3a770927452b0fe382599e0d890a3bfa31152f80
ba5f0ac3147e7b10867bfd3748f05b7b0ba0d519aa7c8da20e38e6f26fe8bb04
ba8ed11627889197e8e7fd462b6f0681c4173515d0410f7f2f4d14ec132f7d70
bb6787e49a1ab02d37fde63821de151aaf5d5133a530279c95ea37471bbc8d36
be47934bb6be429533638119b4dade6666effa220d3342dfca52e4e075f9dc77
bee715abce35fe5086c2715e6a38459b59e56e5be1571decf782401d90bb9f9b
bf6acf02f9e7eafa108db4fcb74f5fce30c0e260eed958ebdd12ae0820eba8b7
c019e7b97a1d989f5dea162d2efe7899a38b36579f09b92877532657fddcd454
c25eee5dba09f52537f60b3f8c46a99003ef356f6ba19be1315ae97b0e1c5f73
c2a580e7a5dfc19ad6af9eff08ca2d950a203bf3b95c98eadb38ca579e119ea5
c4f1a413e47f90162ead328b5fe465ece8c0e32a1625bce9598d76c420a92f32
c52c11cc9338b3eab968a005a5a0d6cbb9f80da1016d4f755078a8ecfd089bcb
c6fe68347e7eac4d5f26dea980b24809be340c4f125f2f8889719683ab09c373
c7fd73b7d75ef856b689964d016bfd8a5415acfbda909e252b73165842d3b088
c85e30d6bb61f4f43d695f0a60e0edd18df779323a35772d6e38671ad17b973a
c96a4e8e5c17e860ba23499da982857936823deba867697fd327f97d95025cfc
cb83871d271d24bd486d57a2ef9445bc6c28d9348255706f679730c11619cb10
ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93
cd1c57063478b82f0dbf91525785d7dd35115da8a1cee2aba6472bab7e069c7a
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cfa78df531676a7a196b75f3e16190929f112aacccd334b64445ee62c818b06d
cfb3e67d2313cc982d27f124126fbd3e14c15d768bb8602716bf1f554e37df41
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d3b786f314ad948fdc824c2904224b4203faa7b4b24fc3b9db1c127fdc08a2dd
d59bf6f772c44e0fb74fae16abb757bddf2600adc89641262accbe06d68b7de1
d5e091fb96dcb2f70dd9512544486a2cf56256e3a186de5cc14d2442230c3065
d87aaa11549edb8037c429c32d083c7004d4fb26db52c09ce84dc4c09cc476b9
db491369f96f3ea3abbe402c3eb193976bcab32bcbb2128d90f553a288709be8
dee6324ce86de762ec9ea35423e11cf67a5d4d7ccdd4c315ce4afd64b86f8a54
df1106533575606992895516a19c1643ac46df509135bac8f0981f34b5e46d20
e25a3298c299dd2f2c0a6e656a44ad7ad5efb3026ac4649c2bd39fa49f3b3eff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59573a48ba2062401ced4a64cb4c5fb1fbdc082a21354a7acd5a1224728ef45
e7526f9a4360fd590555d5b3a1107042f18a6ace66a09cbbfd266f86621266fb
e75b798b99219e5179e7cdbe38f59981ef8e079c0a76387240f97ecdbbb3b9f4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f427dc983d134a5645b9e36c117599232f9d760165b54557d116d2e72e531f6d
f5d1de019f464e8279bd2003b66defb192aee756b3675dacf468a9d39e7a7240
f918adfae4672ad3160e57cc94881753f1c4ee02c9f7e3f569c17b4c8109594a
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

www.keepnetlabs.com Open in urlscan Pro 2606:4700:20::681a:ea5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

142 Requests

100 %HTTPS

95 %IPv6

15 Domains

18 Subdomains

18 IPs

3 Countries

4733 kBTransfer

8821 kBSize

9 Cookies

16 Outgoing links

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.keepnetlabs.com Open in urlscan Pro
2606:4700:20::681a:ea5 Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

100 %
HTTPS

95 %
IPv6

15
Domains

18
Subdomains

18
IPs

3
Countries

4733 kB
Transfer

8821 kB
Size

9
Cookies

142 HTTP transactions
0 data transactions