cofense.com Open in urlscan Pro
141.193.213.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/
Submission: On September 28 via api (September 28th 2023, 2:12:17 am UTC) from TR — Scanned from DE

Summary HTTP 164 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 28 domains to perform 164 HTTP transactions. The main IP is 141.193.213.21, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is cofense.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2023. Valid for: a year.

This is the only time cofense.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	141.193.213.21 141.193.213.21	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
81	2400:52e0:1a0... 2400:52e0:1a01::1000:1	200325 (BUNNYCDN) (BUNNYCDN)
9	2606:4700::68... 2606:4700::6812:1105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ed3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2600:1f18:e8a... 2600:1f18:e8a:cd02:882c:d916:bae1:7722	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
10	2.17.100.193 2.17.100.193	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.216.46.62 3.216.46.62	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:880f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	88.221.60.75 88.221.60.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	143.204.98.123 143.204.98.123	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:973c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	146.75.122.109 146.75.122.109	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a02:26f0:480... 2a02:26f0:480:23::1726:629c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.200.97.200 34.200.97.200	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:20e... 2600:9000:20eb:4800:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	35.157.162.42 35.157.162.42	16509 (AMAZON-02) (AMAZON-02)
2	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.199.134.194 34.199.134.194	14618 (AMAZON-AES) (AMAZON-AES)
1	35.186.247.156 35.186.247.156	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.216.44.106 52.216.44.106	16509 (AMAZON-02) (AMAZON-02)
164	34

8 141.193.213.21 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

cofense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

81 2400:52e0:1a01::1000:1 (None, )

ASN200325 (BUNNYCDN, SI)

ehhbozgsut3.exactdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:1105 (United States)

ASN13335 (CLOUDFLARENET, US)

js.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ed3 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f18:e8a:cd02:882c:d916:bae1:7722 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.esnchocco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.17.100.193 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-193.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:16::215:149b (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.216.46.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-46-62.compute-1.amazonaws.com

lltrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:880f (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.60.75 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-60-75.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.123 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-123.fra50.r.cloudfront.net

static.oktopost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:973c (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.122.109 (Sweden)

ASN54113 (FASTLY, US)

extend.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.52 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:23::1726:629c (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.200.97.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-97-200.compute-1.amazonaws.com

okt.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:4800:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

404-jhu-612.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.162.42 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-162-42.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.152.143.207 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.134.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-134-194.compute-1.amazonaws.com

app.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.247.156 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.44.106 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com

qualified-production.s3.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
81	exactdn.com ehhbozgsut3.exactdn.com	713 KB
12	6sc.co j.6sc.co — Cisco Umbrella Rank: 14010 c.6sc.co — Cisco Umbrella Rank: 19472 ipv6.6sc.co — Cisco Umbrella Rank: 14550 b.6sc.co — Cisco Umbrella Rank: 7792	19 KB
10	qualified.com js.qualified.com — Cisco Umbrella Rank: 59580 app.qualified.com — Cisco Umbrella Rank: 63435 assets.qualified.com — Cisco Umbrella Rank: 64158	1 MB
8	cofense.com cofense.com	38 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1290 o.clarity.ms — Cisco Umbrella Rank: 10291 c.clarity.ms — Cisco Umbrella Rank: 2092	27 KB
6	esnchocco.com obs.esnchocco.com — Cisco Umbrella Rank: 47148	2 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 830 www.linkedin.com — Cisco Umbrella Rank: 951 px4.ads.linkedin.com — Cisco Umbrella Rank: 7048	5 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2225 www.google.com — Cisco Umbrella Rank: 11	730 B
3	google.de www.google.de — Cisco Umbrella Rank: 3974	578 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 175	410 B
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 43359 ibc-flow.techtarget.com — Cisco Umbrella Rank: 52165	2 KB
3	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1593	13 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	297 KB
2	amazonaws.com qualified-production.s3.us-east-1.amazonaws.com — Cisco Umbrella Rank: 89408	14 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 23716	586 B
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 2079	737 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 7483	6 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 481	761 B
1	sentry.io sentry.io — Cisco Umbrella Rank: 231	324 B
1	mktoresp.com 404-jhu-612.mktoresp.com	318 B
1	okt.to okt.to — Cisco Umbrella Rank: 94483	100 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 806	573 B
1	vimeocdn.com extend.vimeocdn.com — Cisco Umbrella Rank: 19072	6 KB
1	oktopost.com static.oktopost.com — Cisco Umbrella Rank: 123700	4 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 10820	2 KB
1	lltrck.com lltrck.com — Cisco Umbrella Rank: 87407
1	typekit.net p.typekit.net — Cisco Umbrella Rank: 1428	172 B
164	28

	Domain	Requested by
81	ehhbozgsut3.exactdn.com	cofense.com ehhbozgsut3.exactdn.com
8	assets.qualified.com	cofense.com app.qualified.com assets.qualified.com
8	cofense.com	ehhbozgsut3.exactdn.com
7	b.6sc.co	cofense.com
6	obs.esnchocco.com	ehhbozgsut3.exactdn.com cofense.com
3	px.ads.linkedin.com	3 redirects
3	www.google.de	cofense.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	region1.analytics.google.com	www.googletagmanager.com
3	snap.licdn.com	www.googletagmanager.com snap.licdn.com
3	www.googletagmanager.com	cofense.com www.googletagmanager.com www.google-analytics.com
2	qualified-production.s3.us-east-1.amazonaws.com	assets.qualified.com
2	c.clarity.ms	1 redirects
2	o.clarity.ms	www.clarity.ms
2	epsilon.6sense.com	j.6sc.co
2	cdn.linkedin.oribi.io	snap.licdn.com
2	ibc-flow.techtarget.com	trk.techtarget.com
2	ipv6.6sc.co	j.6sc.co
2	c.6sc.co	j.6sc.co
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.clarity.ms	cofense.com www.clarity.ms
2	munchkin.marketo.net	cofense.com munchkin.marketo.net
1	c.bing.com	1 redirects
1	sentry.io	assets.qualified.com
1	app.qualified.com	js.qualified.com
1	px4.ads.linkedin.com	cofense.com
1	www.linkedin.com	1 redirects
1	404-jhu-612.mktoresp.com	munchkin.marketo.net
1	www.google.com	cofense.com
1	okt.to	static.oktopost.com
1	secure.adnxs.com	j.6sc.co
1	extend.vimeocdn.com	www.googletagmanager.com
1	trk.techtarget.com	cofense.com
1	static.oktopost.com	cofense.com
1	ws.zoominfo.com	cofense.com
1	lltrck.com	cofense.com
1	j.6sc.co	cofense.com
1	p.typekit.net	ehhbozgsut3.exactdn.com
1	js.qualified.com	cofense.com
164	39

This site contains links to these domains. Also see Links.

Domain
cofense.zendesk.com
go.cofense.com
www.cloudflare.com
mrd0x.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
wpml.org

Subject Issuer	Validity	Valid
cofense.com Cloudflare Inc ECC CA-3	`2023-06-16` - `2024-06-14`	a year	crt.sh
*.exactdn.com R3	`2023-09-11` - `2023-12-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.esnchocco.com ZeroSSL ECC Domain Secure Site CA	`2023-08-30` - `2023-11-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
6sc.co R3	`2023-08-19` - `2023-11-17`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
lltrck.com Amazon RSA 2048 M02	`2023-07-26` - `2024-08-23`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.oktopost.com Amazon RSA 2048 M01	`2023-08-29` - `2024-09-26`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-18` - `2024-03-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
ibc-flow.techtarget.com GTS CA 1D4	`2023-09-21` - `2023-12-20`	3 months	crt.sh
okt.to R3	`2023-08-02` - `2023-10-31`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.6sense.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
app.qualified.com R3	`2023-09-21` - `2023-12-20`	3 months	crt.sh
sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2024-09-07`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-07-10` - `2024-06-21`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/
Frame ID: 072E7B821A77C41BCAD04BBC753B936D
Requests: 159 HTTP requests in this frame

Frame: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=4994adba-b84b-4760-b656-783acbcab50b
Frame ID: E104BB863BD448468A26E8737D8DF2EE
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Browser-in-the-Browser (BitB) Attacks Target SSO | Cofense

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

164
Requests

97 %
HTTPS

51 %
IPv6

28
Domains

39
Subdomains

34
IPs

6
Countries

2234 kB
Transfer

6035 kB
Size

40
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://cofense.zendesk.com/auth/v2/login/signin
Title: Customer Resource Center

Search URL Search Domain Scan URL

URL: https://go.cofense.com/live-demo/
Title: Get a Demo

Search URL Search Domain Scan URL

URL: https://www.cloudflare.com/learning/access-management/what-is-sso/
Title: SSO

Search URL Search Domain Scan URL

URL: https://mrd0x.com/browser-in-the-browser-phishing-attack/
Title: attacks last year

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Cofense/
Title: Facebook-f

Search URL Search Domain Scan URL

URL: https://twitter.com/cofense
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/11500065/
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCbvJmFk-Pwf85UbGI9-EGxw
Title: Youtube

Search URL Search Domain Scan URL

URL: https://wpml.org/
Title: wpml.org

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 136

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1695867131885&url=https%3A%2F%2Fcofense.com%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1695867131885&url=https%3A%2F%2Fcofense.com%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D300721%26time%3D1695867131885%26url%3Dhttps%253A%252F%252Fcofense.com%252Fblog%252Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1695867131885&url=https%3A%2F%2Fcofense.com%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1695867131885&url=https%3A%2F%2Fcofense.com%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJzOhFV2JskoAAAAYrZjtrNRPz8crpeSr14rD2-mvN9ctCvDeKl4tpWjkN8tSRqvLR8nvANABayww

Request Chain 160

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C4AFE2DF55F8412E99863D268957981A&RedC=c.clarity.ms&MXFR=2A72EFE1524565E422F3FC7B56456B70 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C4AFE2DF55F8412E99863D268957981A&MUID=00A8636DFC8A69480D5270F7FDE16898

164 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/ 145 KB
27 KB 252ms
185ms Document
text/html 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 7e6c5c59d177113846e655959502bd5e445e0d96eef497d22d2b167fae3c8bec

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=2419200, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 80d875b908a31e32-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 28 Sep 2023 02:12:09 GMT
last-modified: Tue, 26 Sep 2023 16:43:15 GMT
link: <https://cofense.com/wp-json/>; rel="https://api.w.org/" <https://cofense.com/wp-json/wp/v2/posts/104291>; rel="alternate"; type="application/json" <https://cofense.com/?p=104291>; rel=shortlink
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 158
x-cache-group: normal
x-cacheable: YES:2419200.000
x-powered-by: WP Engine

GET
H2 200 3f4cc36ec4f01d8cc5a1315c08b91f0b.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/i/ 97 KB
38 KB 1039ms
593ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/i/3f4cc36ec4f01d8cc5a1315c08b91f0b.js?ver=1695848907

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

f03862d228db601d224f174dce063ad21b8f70f2a27ccaa7fda525cf06df955a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 999
cdn-cachedat: 09/27/2023 21:09:37
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 593f8573e1cc8cdfe76f1d83c3552413
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/i/3f4cc36ec4f01d8cc5a1315c08b91f0b.js?ver=1695848907>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 styles.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/ 57 KB
9 KB 605ms
159ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=1695848904

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

30db81ee3fd2296a2f5d01bb41c96067068327115900e2bdb865ffcfed6fdf8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 992
cdn-cachedat: 09/27/2023 21:09:35
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 4bffb989278ebe98419a9edb5d4fe0ed
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=1695848904>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 style.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/ 906 B
1 KB 801ms
355ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1695848904

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

19fb8fd435c0bce0c7b49c24d128cce686d4a6bba0de63d34d5effa4e1f644f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 954
cdn-cachedat: 09/27/2023 21:09:35
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 5b187784bde082afc39410c9e3b1dab3
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1695848904>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 style.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/ 258 B
1004 B 756ms
311ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1695848904

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

4b9257e3e9c959214ddfab833a69a021ae6557403efe76afcbee259621175274

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 998
cdn-cachedat: 09/27/2023 21:09:35
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 7c7631a50762e507ffe63ad5e02df4ef
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1695848904>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 style.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/themes/cofense/ 8 KB
4 KB 800ms
354ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/themes/cofense/style.css?ver=1695848904

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

c3dfc3f03106f85ab56ceaadf44433f35cca4209d64922d50a1c650c90aa60ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1002
cdn-cachedat: 09/27/2023 21:09:35
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 307647fadc696802b6fbc104407e2e78
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/themes/cofense/style.css?ver=1695848904>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 elementor-icons.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/ 20 KB
5 KB 658ms
213ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1695848905

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

bf685e293d51dc7a9ca630e387c90e436811766ab6a41df5dd0dd660b91f9eaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 900
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: eb9f686da8380fc6bfaba4acce70dbfc
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1695848905>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend-lite.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/css/ 114 KB
17 KB 989ms
544ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=1695848905

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

a9979d70d8cbb8fe7ee74247da30eb3e1f0b70ac937f7f5f6113166b3cc02ca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 995
cdn-cachedat: 09/27/2023 21:09:35
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 8e3cc97eace584ffb1ea363365207f86
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=1695848905>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 swiper.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/swiper/css/ 13 KB
3 KB 777ms
332ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=1695848905

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 984
cdn-cachedat: 09/27/2023 21:09:35
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 79abe73f2a2ed7653ce35427a30f1b1f
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=1695848905>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-15.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 6 KB
2 KB 810ms
365ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-15.css?ver=1695848763

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

b7aa6ab9df6a0e844f86c52f547756342afab7b158a51c6c54ec5c10ba9e3773

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:06:22 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 997
cdn-cachedat: 09/27/2023 21:09:35
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:06:22 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 03d1c8cad2fcc136eb9916a3282cbc02
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-15.css?ver=1695848763>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend-lite.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/css/ 11 KB
3 KB 755ms
310ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=1695848905

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

b5fa21b85bd484e42940368b586b409f970f2415eb1add4abad16dbf8ee8c1f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1111
cdn-cachedat: 09/27/2023 21:09:35
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 0088ba072f72d840147df8cbd8d1cbab
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=1695848905>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-104291.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 141 B
903 B 863ms
418ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-104291.css?ver=1695848764

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

40866ec78876a63fea371c77acbb0cf7586aff4bd46a0fb5e801d5f442f62c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:17:56 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1110
cdn-cachedat: 09/27/2023 23:16:39
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:11:39 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 292f37e89f1a0d63a9b3c4aae4460555
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-104291.css?ver=1695848764>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-93807.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 3 KB
1 KB 893ms
449ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-93807.css?ver=1695848763

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

f4221e726cd903ea62b23099982f627213f319bad4697da681b33ec82d613500

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:06:22 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 985
cdn-cachedat: 09/27/2023 21:09:35
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:06:22 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 065ff6eaf8cb56a3501d56a071ec56f7
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-93807.css?ver=1695848763>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-1266.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 18 KB
3 KB 851ms
407ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-1266.css?ver=1695848770

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

6844ea1d998d79155a0763c9946da7c064a293e776d2142c8e91fcacee8542e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:07:44 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 984
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:06:13 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 7f577f7e25badbfc032504279f36c66d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-1266.css?ver=1695848770>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-1271.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 15 KB
3 KB 943ms
500ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-1271.css?ver=1695848770

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

0a828dbd42b518c042d31e8c907ce91c852f06759f79a659341c8c4fa74492b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:07:44 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 985
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:06:12 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 6b5efe5f7ce9c35a1240a1214edcc725
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-1271.css?ver=1695848770>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-1386.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 12 KB
3 KB 946ms
502ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-1386.css?ver=1695848770

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

f22f932d4024701930979deb0996cc5919e760b0a39fb638fd2d93c13be84305

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 987
cdn-cachedat: 09/27/2023 21:29:01
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 8101de47416f46b822fe57327fc0315e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-1386.css?ver=1695848770>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 widget-styles.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/ 435 KB
59 KB 947ms
503ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=1695848905

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

4d8f302eda9307bb0c244cc89f76f5d4eccd84380f4d04d47c49115ca989a983

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:28 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1111
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:27 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 4bd98554e1f936eb52ceec7c32ffa4f1
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=1695848905>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 responsive.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/ 30 KB
5 KB 945ms
502ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=1695848906

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

12c3f7bc60c99d1b6b634d6cd16fbb0e26ae75ddda15d7a6e5106cd5dad83f14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 900
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 6e268ada533d8b846c27b8ffd3f6e645
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=1695848906>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 ecs-style.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/css/ 6 KB
2 KB 945ms
503ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/css/ecs-style.css?ver=1695848906

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

8cbc49b1385bf29debe95333f04795a6e3a2cf218d88b415b29872d06491fd1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 907
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 9cdd72625bc92e649b38ba9eec3012ae
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/css/ecs-style.css?ver=1695848906>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-1444.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 850ms
407ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-1444.css?ver=1678361574

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

0800c1bcae9fd7a9ab8bb0fc08bb60392cde06279906b58ba73a9d32c0ef0f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:46 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1000
cdn-cachedat: 09/18/2023 14:16:23
cdn-pullzone: 1418769
last-modified: Mon, 18 Sep 2023 13:30:31 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 95520ca8f278ab9a1bfdf7de9db94cb4
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-1444.css?ver=1678361574>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-1462.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 870ms
428ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-1462.css?ver=1671033592

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

880bd0c057b2118ce8870a412c9bbc9c744ecc1ffc2e0cec852f0822467a5468

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:46 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 992
cdn-cachedat: 09/18/2023 14:16:23
cdn-pullzone: 1418769
last-modified: Mon, 18 Sep 2023 13:30:32 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: e8340bb24b553d35becf08044ee36aa8
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-1462.css?ver=1671033592>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-86702.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 878 B
1 KB 860ms
418ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-86702.css?ver=1666612343

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

08d9e28e5a3cf2a632f0a595610c79ae90f8dc50f3dd17914f2e6ef324b100bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:46 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1109
cdn-cachedat: 09/18/2023 14:16:23
cdn-pullzone: 1418769
last-modified: Mon, 18 Sep 2023 13:30:31 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: e7ec1e190e797174b8730ddc171ab1ef
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-86702.css?ver=1666612343>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-86773.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 942ms
500ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-86773.css?ver=1666885690

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

06c5b21ed6beb8535987a718d67db031fd8f9658a06e347946420fece8a2d845

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:41 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1000
cdn-cachedat: 09/18/2023 14:16:23
cdn-pullzone: 1418769
last-modified: Mon, 18 Sep 2023 13:30:41 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 4087292db12cb12e740c63f29d02caab
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-86773.css?ver=1666885690>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-94275.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 1 KB
1 KB 859ms
417ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-94275.css?ver=1666870708

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

21a8d9de57277a54200a816f7c852e39febfb766f6fcecd3d7e8d4c90dd5f55f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:41 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1113
cdn-cachedat: 09/18/2023 14:16:23
cdn-pullzone: 1418769
last-modified: Mon, 18 Sep 2023 13:30:41 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: d19920f27a107a4c1f0ea0595269f3a5
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-94275.css?ver=1666870708>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-96442.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 829ms
387ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-96442.css?ver=1680173529

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

5ec0edcab83d68a0bbdaaa014ca2eb993bf8bb3eb9eb5291be25e602a0d50e2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:41 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1112
cdn-cachedat: 09/18/2023 14:16:23
cdn-pullzone: 1418769
last-modified: Mon, 18 Sep 2023 13:30:41 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 35f28350ec7b0d6caa1f857817b69b80
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-96442.css?ver=1680173529>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-96443.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 818ms
377ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-96443.css?ver=1684235063

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

edf0c45100bd76408c47b7a27b7cc7a85d776b1baf46de9e33f5b90bff9d5ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:41 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1111
cdn-cachedat: 09/18/2023 14:16:23
cdn-pullzone: 1418769
last-modified: Mon, 18 Sep 2023 13:30:41 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 2866b801a9e544737b621849e3d24f39
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-96443.css?ver=1684235063>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-96445.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 942ms
501ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-96445.css?ver=1675169689

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

6c64f1f61427b7aff7961cee93a0ee95c454274084a3a9e10aed8496929450d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:46 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1001
cdn-cachedat: 09/18/2023 14:16:23
cdn-pullzone: 1418769
last-modified: Mon, 18 Sep 2023 13:30:31 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: b295186a98864a9a53f248912a41a1b5
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-96445.css?ver=1675169689>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 css
ehhbozgsut3.exactdn.com/easyio-fonts/ 26 KB
2 KB 880ms
438ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/easyio-fonts/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.3

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

5fde6eacc077ab58c0a3e25657dcc7bb8c2c21469b7223f8135dd46da6beee25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:46 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 987
cdn-cachedat: 09/18/2023 14:16:23
cdn-pullzone: 1418769
last-modified: Mon, 18 Sep 2023 13:30:46 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 8484f1d930ee5e65930fe7f2b5cc4f40
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/easyio-fonts/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.3>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 fontawesome.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
14 KB 940ms
499ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=1695848906

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:28 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1109
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:27 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: dbc47a585a8086575f29e7743d4fe384
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=1695848906>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 solid.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 1 KB
1 KB 939ms
498ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1695848907

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

d16687a04944f1fe7b82f081d4267457122bc36b26de671c1132ca5fdc938f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 907
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: e1f6ddf438afb8e33867c90b07288711
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1695848907>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 brands.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 1 KB
1 KB 1035ms
594ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1695848907

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

ad2364119e81655c5452420dd9a2e2a488dd6658012ae9db392d4ee441c1e6a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 899
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 05f05dc0edca5f513451b27cef6e0256
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1695848907>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 language-cookie.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/ 239 B
1 KB 1033ms
592ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=1695848907

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

848ebbe22f48bb9cbdef963602e58e60688e934f430b6839500232159560c6de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:28 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 994
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 0edd844a5f75bdabeddbe27c2b5fb178
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=1695848907>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ehhbozgsut3.exactdn.com/wp-includes/js/jquery/ 85 KB
33 KB 944ms
503ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:46 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1000
cdn-cachedat: 09/18/2023 14:16:23
cdn-pullzone: 1418769
last-modified: Mon, 18 Sep 2023 13:30:31 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: de4f626e897d41191ebca6c7115ad05e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 jquery-migrate.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/jquery/ 13 KB
6 KB 985ms
545ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/jquery/jquery-migrate.min.js?ver=1695848907

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

a7c3b69070e18da88843ce5865aae332f74fae0ada9c0a6004c6615c9813b4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1000
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: d6abdf86b67a5049cf956f389821d843
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-includes/js/jquery/jquery-migrate.min.js?ver=1695848907>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 ecs_ajax_pagination.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/js/ 3 KB
2 KB 983ms
543ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/js/ecs_ajax_pagination.js?ver=1695848908

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

a5b92372018c41010f3abc7e2508e4f4e1be30c6aa4bad99ae72504ad3e105a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1112
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 70b74f3688a364d88699b9860f7804a4
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/js/ecs_ajax_pagination.js?ver=1695848908>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 ecs.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/js/ 249 B
997 B 1034ms
594ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/js/ecs.js?ver=1695848908

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

58f8be459c8d1062283ac072740cb4504fc4b3c06f7f6f1e6b17643115cf2cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 953
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 6386457c6d1db32c2c15e9fd856fcd58
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/js/ecs.js?ver=1695848908>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 zlo5wor.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/ 816 B
1 KB 986ms
546ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/zlo5wor.css?ver=1695848907

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

3c1a5c4b5574a4104a92b2e700e6f0fc5b001c4297ebc5a1e76d67b1fbeb1c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1001
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: eb2f73efc11cac19e8d687445f80e3a6
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/zlo5wor.css?ver=1695848907>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 qualified.js Show response
js.qualified.com/ 283 KB
88 KB 455ms
424ms Script
text/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.qualified.com/qualified.js?token=H3wWDXLUxD4irieG

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c770a9bc7198791c47df8309ed2cd1153470fe6bb822e9f335583bfd3b5098aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:11 GMT
content-encoding: gzip
via: 1.1 spaces-router (devel)
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: MISS
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 237d7982-72f5-ac76-7e22-8b7088d201c1
pragma: no-cache
x-runtime: 0.022746
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"c770a9bc7198791c47df8309ed2cd115"
x-download-options: noopen
vary: Accept,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 80d875c2feb437f6-FRA
expires: Thu, 28 Sep 2023 06:12:11 GMT

GET
H2 200 widget-nav-menu.min.css
ehhbozgsut3.exactdn.com/wp-content/plugins/elementor-pro/assets/css/ 26 KB
4 KB 940ms
500ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

7f593e1de91b7e12418fbf5c6efec63fc1eee75e7d7767029a2942721550a9f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:41 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1115
cdn-cachedat: 09/18/2023 14:16:23
cdn-pullzone: 1418769
last-modified: Mon, 18 Sep 2023 13:30:41 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: fb3ffc1d06296820a36d92976ac82b3c
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 widget-icon-list.min.css
ehhbozgsut3.exactdn.com/wp-content/plugins/elementor/assets/css/ 10 KB
2 KB 877ms
438ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

6f22c76ad8895de2c15b58688a9a5a8df753bcacc03448aa94706ac70e6b2fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:41 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1113
cdn-cachedat: 09/18/2023 14:16:23
cdn-pullzone: 1418769
last-modified: Mon, 18 Sep 2023 13:30:41 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: de29f9c28ea0742519579734e8b54e3e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 widget-theme-elements.min.css
ehhbozgsut3.exactdn.com/wp-content/plugins/elementor-pro/assets/css/ 10 KB
3 KB 825ms
386ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/elementor-pro/assets/css/widget-theme-elements.min.css

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

13aca15552884d3dc240df277770e2caa6088f66c721a7089d921599f67dfbdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:41 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 999
cdn-cachedat: 09/18/2023 14:16:23
cdn-pullzone: 1418769
last-modified: Mon, 18 Sep 2023 13:30:41 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 98f30f0ad9a801a6e48b9b34b10c7954
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/css/widget-theme-elements.min.css>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 widget-share-buttons.min.css
ehhbozgsut3.exactdn.com/wp-content/plugins/elementor-pro/assets/css/ 30 KB
3 KB 938ms
499ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/elementor-pro/assets/css/widget-share-buttons.min.css

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

39c436c1d5dc63d9437c8eb0ff081e7267d313bee370a58476343e7fab4114ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:31:49 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1109
cdn-cachedat: 09/18/2023 14:16:23
cdn-pullzone: 1418769
last-modified: Mon, 18 Sep 2023 13:30:44 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: f55e6929e7d65daa171ce228ed026cd7
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/css/widget-share-buttons.min.css>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 widget-posts.min.css
ehhbozgsut3.exactdn.com/wp-content/plugins/elementor-pro/assets/css/ 14 KB
3 KB 938ms
499ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/elementor-pro/assets/css/widget-posts.min.css

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

b1de39e677dcddced11ca33847341c52dfba355e979cd15bb02a6d09c73fe8e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:31:49 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 997
cdn-cachedat: 09/18/2023 14:16:23
cdn-pullzone: 1418769
last-modified: Mon, 18 Sep 2023 13:31:49 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 74ba9f703c09944de741e80aef59704f
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/css/widget-posts.min.css>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-9276.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 4 KB
2 KB 984ms
545ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-9276.css?ver=1695848764

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

8f9de5ce0bd559fccdcf15f73bef8d60af03428ea4c33222985a6644d1351b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:06:22 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 992
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:06:22 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: d75e5fe4abc3dd126c0d4086d7693c67
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-9276.css?ver=1695848764>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-9277.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 5 KB
2 KB 985ms
546ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-9277.css?ver=1695848764

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

80ae295e1e684f6903ca3b3896fb69550a5051c018482eae7d601f5a270c5f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:06:22 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 996
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:06:22 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: c130226a0c4a8b54152d51f533d50fdd
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-9277.css?ver=1695848764>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-9907.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 940ms
501ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-9907.css?ver=1695848764

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

b4d6f31b12061ce5f7eb43054704209c45634f84c8dcfd0666907f33fa527401

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:06:22 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 984
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:06:22 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 1826dc3776453f4f0cddb78eaeb55843
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-9907.css?ver=1695848764>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-94175.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 985ms
546ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-94175.css?ver=1695848764

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

f18d03ea1db25769e0297f023bbb4f700a35027e4b26c8ce2cea90dd91956cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:06:22 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1115
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:06:22 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: d5c6022f0910458f8ad1f0da4bb5e330
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-94175.css?ver=1695848764>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-94173.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 940ms
501ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-94173.css?ver=1695848764

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

ff0ef2b4514a9a824e24181bd336b7b282a0ff614b16dcc9484470aa337c15a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:06:22 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 985
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:06:22 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 390335fa623f7bf285e342f5f6aa8331
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-94173.css?ver=1695848764>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 regular.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 1 KB
1 KB 940ms
502ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=1695848915

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

65d8dd786920a8a2fa4df78fdcb708f06cf67c5febe9cfd5ca83c479a66fdad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1115
cdn-cachedat: 09/27/2023 21:29:02
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 025d07ce1cbdeeac9c3c49de0e68cd70
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=1695848915>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-96724.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 6 KB
2 KB 938ms
500ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-96724.css?ver=1695848764

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

365b620ba7cfdf23e9c6f78bfda3004c9ae0c8deb6605fe0b069c0ae992981b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:06:22 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 992
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:06:22 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: fb4c7d994dc9e42b251e60f93178b8ee
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-96724.css?ver=1695848764>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 animations.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
4 KB 939ms
501ms Stylesheet
text/css 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=1695848907

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

a144b7eb90f5589866d0546b15df7c4473c9ff44b079490e449c0ad96bb82511

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:28 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 984
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:27 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: da1889481a9ce0a2157bb4464c592607
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=1695848907>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 lazysizes.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ewww-image-optimizer/includes/ 15 KB
7 KB 983ms
545ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=1695848908

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

136ae09fa1a7c5fc9e017fef8c19b4408a8f4fdf9c9df542652a9746ee3e9b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 953
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: b90a924c2a92497d532fd33b7bb3b59f
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=1695848908>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 navigation.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/themes/cofense/js/ 2 KB
1 KB 985ms
547ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/themes/cofense/js/navigation.js?ver=1695848908

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

3c60f28ac63eb4fed3d219aba2496cb5da8b96a1db54a8d9b5c87ada17e42c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 993
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 13f9a0ba18cd84c882d649cc8c7e0faf
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/themes/cofense/js/navigation.js?ver=1695848908>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend-script.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/libs/framework/assets/js/ 39 B
881 B 985ms
547ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=1695848908

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

89b87d53f74bf77c35b63352937c490fa8e07f70eb549d9307ea8e945fc00bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 997
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
content-length: 39
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 6e407effd6ffe212e6819e5417ba7da3
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=1695848908>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 widget-scripts.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 134 KB
40 KB 1030ms
593ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=1695848908

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

234cbce3c37318c0a714729e1340c5bbdde1e9ebf444c5480db3ffe149ca9ee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 986
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 90b5b5464fa8bce174a688c23bd87d3c
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=1695848908>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 jquery.smartmenus.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/lib/smartmenus/ 25 KB
9 KB 1029ms
591ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1695848908

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

bab206232a7ed22b16328f93b591887cf8e69c92871ee89fd421c94407b4f9a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1111
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: b84d1572b46cd012c73217de30ffc615
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1695848908>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 imagesloaded.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/ 5 KB
3 KB 1031ms
593ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/imagesloaded.min.js?ver=1695848908

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

4902421a8e4268518e9435b729b6a50ce42d76cf3afd2a6ed6d1db87b565cc66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1000
cdn-cachedat: 09/27/2023 21:29:02
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: e93d5e846847d246174ef0b15a817950
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-includes/js/imagesloaded.min.js?ver=1695848908>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 webpack-pro.runtime.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/ 6 KB
3 KB 984ms
547ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=1695848909

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

42b4c874dffcf22341dc94e183d251784e1c2051781c626ee0c437123038179b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 985
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 87a25eb9b0a21c111300265f1da17714
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=1695848909>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 webpack.runtime.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/ 5 KB
3 KB 984ms
547ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=1695848909

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

f620b8e096348901c9db9096e8e0cd25d19a5c3bac267828913b86fe9c3e70e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:28 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1111
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:27 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 6d36fe85489f425d1b4e0057f89dcdcf
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=1695848909>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend-modules.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/ 57 KB
19 KB 1031ms
594ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=1695848909

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

7aa61aaaee334a216bfd3a14ecdc865013ebf98deadb0ab891f39563c951148e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 852
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 24460983927f63d3754da42e2c7327d4
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=1695848909>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 wp-polyfill-inert.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/ 8 KB
4 KB 1028ms
592ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=1695848909

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

cf7e7bef418e30a1109043d1ce9bd96d95871973d9f0f48f453ed8d2e070d3c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1000
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: c8162873a2042d69f54452002faae862
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=1695848909>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 regenerator-runtime.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/ 6 KB
3 KB 1028ms
592ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=1695848909

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1114
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 6b2656de28df99065b1b94a59ca4c6db
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=1695848909>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 wp-polyfill.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/ 16 KB
7 KB 981ms
545ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=1695848909

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

94b0e9b4abbe9e99299038ddeace0340091f244ec3da58d079620ed8d81ce591

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1112
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 8d6a591b715677cf15a020a6fa3acf3d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=1695848909>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 hooks.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/ 5 KB
2 KB 981ms
544ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/hooks.min.js?ver=1695848909

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

b4234e7878e78bc3463dee60b74dabc4249a8858550b89c4f5c23235d033c2d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 984
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: c10697145617b2cab17d818ea9987682
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-includes/js/dist/hooks.min.js?ver=1695848909>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 i18n.min.js Show response
ehhbozgsut3.exactdn.com/wp-includes/js/dist/ 9 KB
5 KB 981ms
545ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:41 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 995
cdn-cachedat: 09/18/2023 14:16:23
cdn-pullzone: 1418769
last-modified: Mon, 18 Sep 2023 13:30:41 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 4e68b381403e56b9fb7255df5eb960aa
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/ 24 KB
8 KB 980ms
544ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=1695848910

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

b27499a493a4a5b6179b62c1c27aa8e9b22d8ca964123da47caecd21f578577e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1001
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 2872c8741f4bc951078233402c824307
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=1695848910>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 waypoints.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
4 KB 1030ms
594ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=1695848910

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

e2ac5ea7f5449806fb65e42f8c0c97ac9d4c3e83da641340767ab071526da96e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 900
cdn-cachedat: 09/27/2023 21:09:37
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 9699a49a868d199c4d759bf9848570bc
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=1695848910>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 core.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/jquery/ui/ 21 KB
8 KB 983ms
547ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/jquery/ui/core.min.js?ver=1695848910

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

ba537e3957077fcc988d30e467e3464ef916baecec231691a65fd7d66a99c1f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 985
cdn-cachedat: 09/27/2023 21:09:37
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: ccceb5d43295e2ed28981f8ba05a65a1
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-includes/js/jquery/ui/core.min.js?ver=1695848910>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/ 39 KB
14 KB 980ms
544ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=1695848910

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

9229325856a60fe3abf028e558871b71587d0fba6f8a5f12fd9bc1ede7610429

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 993
cdn-cachedat: 09/27/2023 21:09:37
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: e13b7924d0cae96bf7f047f0bfde8dea
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=1695848910>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 elements-handlers.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/ 35 KB
10 KB 979ms
543ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=1695848910

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

6b8f5e0248d13985550a57857f4f871e49ca9ec45354630c4039feb6850478c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:28 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1001
cdn-cachedat: 09/27/2023 21:09:37
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:27 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 587b82ed87962b1884656fa2aa6fcada
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=1695848910>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 animate-circle.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 681 B
1 KB 1027ms
591ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.min.js?ver=1695848910

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

a8642bcd147ba3528345f5bd17f788cd524931e093255b2c1c8344677a1ab505

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 912
cdn-cachedat: 09/27/2023 21:09:37
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 6f8addf220ced2edf3c6fd9003805024
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.min.js?ver=1695848910>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 elementor.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 18 KB
6 KB 983ms
548ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=1695848910

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

1c5062c716f15143dd0a8f6f6993a6f8db2900afc49e6193a9664a782a2e1686

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 912
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 5d102dd054aca14d4958d63d2886fd61
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=1695848910>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 jquery.sticky.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/lib/sticky/ 4 KB
2 KB 1028ms
592ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=1695848910

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

a0eb0368e9e7b3ceaf152e2ef2212e6c2f1b924e34faa7f9841a4ef702a09da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 21:09:01 GMT
date: Thu, 28 Sep 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1000
cdn-cachedat: 09/27/2023 21:09:36
cdn-pullzone: 1418769
last-modified: Wed, 27 Sep 2023 21:09:01 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 29cea0550e90c1e82a190c9ecacc44ef
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=1695848910>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 lazyload.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
4 KB 159ms
159ms Script
text/javascript 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:46 GMT
date: Thu, 28 Sep 2023 02:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 993
cdn-cachedat: 09/18/2023 14:16:23
cdn-pullzone: 1418769
last-modified: Mon, 18 Sep 2023 13:30:43 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 9007876758041ec8eb87d900a9a6040d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 37ms
7ms Stylesheet
text/css 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=zlo5wor&ht=tk&f=26014&a=103167865&app=typekit&e=css
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/zlo5wor.css?ver=1695848907
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed3 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ehhbozgsut3.exactdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:11 GMT
last-modified: Fri, 14 Jul 2023 12:44:32 GMT
server: nginx
etag: "64b14330-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 ct Show response
obs.esnchocco.com/ 4 KB
1 KB 385ms
129ms Script
text/javascript 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.esnchocco.com/ct?id=49380&url=https%3A%2F%2Fcofense.com%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F&sf=0&tpi=&ch=&uvid=&tsf=0&tsfmi=&tsfu=&cb=1695867131434&hl=2&op=0&ag=4015153033&rand=946591900517975265520951811950082427203626200854205287166227248116112120160299089978&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDQ3MjldLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjYsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjozNjk4NTE4NzEwLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMSwwLDEsMCwwLDgsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMTAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDIsMCJdLFstMSwiLSJdLFstMiwiMzgsZWNYR1gxOW5ucnZWTzJKZGxOaHhCS1FrTHZTRmRBUUJDbGgxNFZVVkZBbEY3K0NBSXFYUkJGQ0UxNkZZa29WVXBBV2hBU0lEMmtaNU50VSs2OWIvMSs1ODdjeldSSkFQbEdsOSJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBhZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCIsXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIl19Il0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCI0Il0sWy0xOCwiWzAsMCwwLDFdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCIsMTYwMCwxMjAwXSJdLFstMjAsIi0iXSxbLTIxLCItIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6MTAwMDAwMDAsXCJ1amhzXCI6MTAwMDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJbMCw5LjQsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjk1ODY3MTMxNDE0LC0yXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy0zOCwibCwtMSwtMSwwLDAsMSwwLDM3LDIxLDIwMCwtMSwwLCwsMTcyMywxNzIzIl0sWy0zOSwiW1wiMjAwMzAxMDdcIiw0LFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDMsZmFsc2UsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMDEwMTEwMTAwMDAwMSJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCItIl0sWy00NiwiMCJdLFstNDcsIkV1cm9wZS9CZXJsaW4sZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjEwMCJdLFstNTQsIntcImhcIjpbXCJfM1wiLFwiMzI5OTkxMzY5XCIsXCIyOTc4NTQ0NzQwXCIsXCIyOTA2MDgyNTY3XCJdLFwiZFwiOltdLFwic1wiOjF9Il0sWy01NSwiMCJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy01NywiV0UwWlYxeE9jVmhYWFZWY1N4Y0ZXbFpVU1V4TlhGMEhHV0pZU2hsWVNVbFZRR1FaRVZ4UFdGVVpXRTBaQlZoWFZsZEFWRlpNU2djWkVRTU9Bd2dNQ1E0SUFSQVZHUVZZVjFaWFFGUldURW9IQXdnQkF3b0pFQlZZVFJsNFMwdFlRQmRMWEJrUlVVMU5TVW9ERmhaY1VWRmJWa05lU2t4TkNoZGNRVmhhVFYxWEYxcFdWQlpPU1JSYVZsZE5YRmRORmxwWVdsRmNGbFJRVnhZSUZsQVdDbDhOV2xvS0QxeGFEVjhKQ0YwQldsb01XQWdLQ0F4YUNRRmJBQWhmQ1ZzWFUwb0dUMXhMQkFnUEFBd0JEUUVBQ1E0RENBTVBEQTBNQ1JBVldFMFpUUmRjUVVsV1MwMUtHUkZSVFUxSlNnTVdGbHhSVVZ0V1ExNUtURTBLRjF4QldBPT0iXSxbLTU4LCItIl0sWy01OSwiZGVmYXVsdCJdLFstNjAsMjIxXSxbLTYxLCJ7XCJ3Z3NsXCI6XCIwO1wiLFwicGNmXCI6XCJiZ3JhOHVub3JtXCJ9Il0sWy02MiwiODAiXSxbLTYzLCIxIl0sWy02NCwiWzAsXCJcIixbXV0iXSxbLTY1LCItIl0sWy02NiwiZ2VvbG9jYXRpb24sZ2FtZXBhZCxjaGVjdCxtaWRpLGRpc3BsYXljYXB0dXJlLHVzYixsb2NhbGZvbnRzLHBpY3R1cmVpbnBpY3R1cmUscHVibGlja2V5Y3JlZGVudGlhbHNnZXQsb3RwY3JlZGVudGlhbHMsY2h1YWZvcm1mYWN0b3IsZW5jcnlwdGVkbWVkaWEsY2hzYXZlZGF0YSxjaHVhZnVsbHZlcnNpb25saXN0LGNodWF3b3c2NCxjaGRvd25saW5rLGNocHJlZmVyc2NvbG9yc2NoZW1lLHN5bmN4aHIsY2h1YW1vZGVsLHNlcmlhbCxjYW1lcmEsY2hwcmVmZXJzcmVkdWNlZG1vdGlvbixwcml2YXRlc3RhdGV0b2tlbmlzc3VhbmNlLGlkZW50aXR5Y3JlZGVudGlhbHNnZXQsY2h1YWZ1bGx2ZXJzaW9uLGZ1bGxzY3JlZW4sY2hkcHIsa2V5Ym9hcmRtYXAsY2h1YXBsYXRmb3JtLGd5cm9zY29wZSx3aW5kb3dwbGFjZW1lbnQsY2h1YW1vYmlsZSxjaHVhLG1hZ25ldG9tZXRlcixhY2NlbGVyb21ldGVyLHByaXZhdGVzdGF0ZXRva2VucmVkZW1wdGlvbixjaHVhYXJjaCx4cnNwYXRpYWx0cmFja2luZyxpZGxlZGV0ZWN0aW9uLGNodWFwbGF0Zm9ybXZlcnNpb24sY2h3aWR0aCxjbGlwYm9hcmRyZWFkLGNodmlld3BvcnR3aWR0aCxwYXltZW50LGNodmlld3BvcnRoZWlnaHQsY2hydHQsYXV0b3BsYXksY3Jvc3NvcmlnaW5pc29sYXRlZCxoaWQsY2h1YWJpdG5lc3Msc2NyZWVud2FrZWxvY2ssY2xpcGJvYXJkd3JpdGUsY2hkZXZpY2VtZW1vcnksbWljcm9waG9uZSJdLFsiZGRiIiwiMCwzOCwwLDAsMSwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMiwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDEsMCwwLDAsMCwwLDEsMiwwLDAsNiwwLDEsMCwwLDAsMCwwLDAsMCwxLDAsMCw0LDEsMCwwLDAsMCwwIl0sWyJibmNoIiw4N10sWyJhYm5jaCIsODhdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=zgygo7koVS&pto=1743&ver=56&gac=-&mei=&ap=&fe=1&duid=1.1695867131.Pkkg8BZvVlKKpGzb&suid=1.1695867131.lHrwYqPxnjqqxg4T&tuid=1.1695867131.wJshZGmB4ndhF7ra&fbc=-&gtm=-&it=73%2C256%2C1374&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/i/3f4cc36ec4f01d8cc5a1315c08b91f0b.js?ver=1695848907
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 721afdec05c82200e4aa75b494bbc990d1581970e2139d409749a6f78112f567

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Thu, 28 Sep 2023 02:12:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1277
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 338 KB
109 KB 79ms
33ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

09b473616cc3968b02955334217fe0e733d560ecd4d8ba7bcce92a89576c00c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110982
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Sep 2023 02:12:11 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13ba7d85cedf2d5b14f9091119f9067689bdc33edde1d37a654787d416fbca34

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c9c75fffdaf3ed3272dd1b83e9143ad5c33c8d9d58195ef6f9bff1e3591c216

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18e34d3eda4a30d1db7bd21d39ba64cb7b6fe1243a976c829fc4c6df031bc80c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a610dabbe44fa30b1c049bc58af7602792119a73f01b06021e66f11b34883f3b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f00ae8ae2fcc7db180e3d5a5cf613917a3eb9497ad1eeb32b335281ca2556f82

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49ee63b69dc7a6c2b17d9dac95356cbf9f89427710695cf51b37d08dac616a4c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39eeb47a5d22f99100deb70fc52831d17942755c4e48e1b41f69274c924f3128

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5231072de27cfe7ed0a432f3068a71ae38c8194cfb0f42b2126023fa7c99dc4c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39c5b9da29291f6b37c7e9428f2de883301f85f5e9cbfce66712875fb7c45d7a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 NETWORKHEADERBG-1.png
ehhbozgsut3.exactdn.com/wp-content/uploads/2022/06/ 40 KB
41 KB 160ms
160ms Image
image/webp 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/2022/06/NETWORKHEADERBG-1.png?strip=all&lossy=1&ssl=1

Requested by

Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-1386.css?ver=1695848770

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

2cb2dbcaef23560aab640aaa379e55b607c905a3f8f41b813679e5e503ecdf17

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-1386.css?ver=1695848770
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:47 GMT
date: Thu, 28 Sep 2023 02:12:11 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 999
cdn-cachedat: 09/18/2023 14:16:25
cdn-pullzone: 1418769
content-length: 40664
last-modified: Mon, 18 Sep 2023 13:30:46 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 86f97655f137c023db7ba8da2d3b1942
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/2022/06/NETWORKHEADERBG-1.png>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 inter-latin-500-normal.woff2
ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/ 17 KB
18 KB 637ms
317ms Font
font/woff2 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/inter-latin-500-normal.woff2

Requested by

Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/easyio-fonts/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ehhbozgsut3.exactdn.com/easyio-fonts/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.3
Origin: https://cofense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:46 GMT
date: Thu, 28 Sep 2023 02:12:11 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 953
cdn-cachedat: 09/18/2023 14:16:25
cdn-pullzone: 1418769
content-length: 17552
last-modified: Mon, 18 Sep 2023 13:30:44 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: f469c1f0c8bf6eba6de291882a849cbb
link: <https://cofense2022stg.wpengine.com/easyio-bfont/inter/files/inter-latin-500-normal.woff2>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 inter-latin-700-normal.woff2
ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/ 17 KB
18 KB 687ms
367ms Font
font/woff2 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/inter-latin-700-normal.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

ced2d8e02e2fbf08d2edec9b5f13648ed8348588a05f7181632f3c1dd6e1f5c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ehhbozgsut3.exactdn.com/easyio-fonts/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.3
Origin: https://cofense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:44 GMT
date: Thu, 28 Sep 2023 02:12:11 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1001
cdn-cachedat: 09/18/2023 14:16:25
cdn-pullzone: 1418769
content-length: 17784
last-modified: Mon, 18 Sep 2023 13:30:44 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: a730a572b86de79824139ba1e75a17d1
link: <https://cofense2022stg.wpengine.com/easyio-bfont/inter/files/inter-latin-700-normal.woff2>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 inter-latin-400-normal.woff2
ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/ 16 KB
17 KB 748ms
428ms Font
font/woff2 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/inter-latin-400-normal.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ehhbozgsut3.exactdn.com/easyio-fonts/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.3
Origin: https://cofense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:44 GMT
date: Thu, 28 Sep 2023 02:12:11 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 999
cdn-cachedat: 09/18/2023 14:16:25
cdn-pullzone: 1418769
content-length: 16708
last-modified: Mon, 18 Sep 2023 13:30:44 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: d3ed39f4ea4c7739ca6b5a7532eff923
link: <https://cofense2022stg.wpengine.com/easyio-bfont/inter/files/inter-latin-400-normal.woff2>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 fa-solid-900.woff2
ehhbozgsut3.exactdn.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 749ms
429ms Font
font/woff2 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

Requested by

Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1695848907

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1695848907
Origin: https://cofense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:46 GMT
date: Thu, 28 Sep 2023 02:12:11 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 998
cdn-cachedat: 09/18/2023 14:16:25
cdn-pullzone: 1418769
content-length: 78196
last-modified: Mon, 18 Sep 2023 13:30:34 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 63ff79fa1df4ba9cf2702278b05c3dd3
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 inter-latin-600-normal.woff2
ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/ 17 KB
18 KB 687ms
367ms Font
font/woff2 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/inter-latin-600-normal.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

048d136d592e66896cccc1fe4fada4feb16b7f6af671cd49a2fe6ed6b2276c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ehhbozgsut3.exactdn.com/easyio-fonts/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.3
Origin: https://cofense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:54 GMT
date: Thu, 28 Sep 2023 02:12:11 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 996
cdn-cachedat: 09/18/2023 14:16:25
cdn-pullzone: 1418769
content-length: 17660
last-modified: Mon, 18 Sep 2023 13:30:54 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 463536bc980f2a6638c52994a44eebd8
link: <https://cofense2022stg.wpengine.com/easyio-bfont/inter/files/inter-latin-600-normal.woff2>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 fa-brands-400.woff2
ehhbozgsut3.exactdn.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 75 KB
76 KB 748ms
428ms Font
font/woff2 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2

Requested by

Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1695848907

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1695848907
Origin: https://cofense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:47 GMT
date: Thu, 28 Sep 2023 02:12:11 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 954
cdn-cachedat: 09/18/2023 14:16:25
cdn-pullzone: 1418769
content-length: 76764
last-modified: Mon, 18 Sep 2023 13:30:44 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 092542906327835fd430732bbfe3735f
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 dialog.min.js Show response
cofense.com/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
4 KB 19ms
19ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=1695848910
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9ba3d0c5d5408e00becd36ad394fa9ad9c0616741ebdd6dddc8e837db3605ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
age: 6449
etag: W/"64405228-29fd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 80d875c43f431e32-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 nav-menu.70d63d6d093f3a45a0c6.bundle.min.js Show response
cofense.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 26ms
25ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.70d63d6d093f3a45a0c6.bundle.min.js
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=1695848909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2e6635e04d9963d4ac52e813fb7c3da30dbc68d68cbd2b5d5e41dd13433f302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Sep 2023 20:26:21 GMT
server: cloudflare
age: 6449
etag: W/"650ca6ed-122b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 80d875c44f461e32-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
cofense.com/wp-content/plugins/elementor/assets/js/ 1 KB
753 B 33ms
32ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=1695848909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46ade2015c8f9b9cabbf67dfde5da6664f4690725cd94ee6215eeacfe9b19b3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Sep 2023 20:26:25 GMT
server: cloudflare
age: 6449
etag: W/"650ca6f1-550"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 80d875c46f611e32-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 share-buttons.81497e7fccd4fa77b6b9.bundle.min.js Show response
cofense.com/wp-content/plugins/elementor-pro/assets/js/ 2 KB
840 B 21ms
21ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/share-buttons.81497e7fccd4fa77b6b9.bundle.min.js
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=1695848909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ae1d0795901f709b38e3a8afa9b791fed006d781b5161bd4ac921c5d4a73c5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Sep 2023 20:26:22 GMT
server: cloudflare
age: 6449
etag: W/"650ca6ee-62c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 80d875c47f6f1e32-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 load-more.064e7e640e7ef9c3fc30.bundle.min.js Show response
cofense.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 23ms
22ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/load-more.064e7e640e7ef9c3fc30.bundle.min.js
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=1695848909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dcdd6d49205a7b8a0b5d35b65b6d70c7675bd653e29e18992d6470ece0c3d1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Sep 2023 20:26:21 GMT
server: cloudflare
age: 6449
etag: W/"650ca6ed-151a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 80d875c48f701e32-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 posts.e33113a212454e383747.bundle.min.js Show response
cofense.com/wp-content/plugins/elementor-pro/assets/js/ 3 KB
1 KB 20ms
20ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/posts.e33113a212454e383747.bundle.min.js
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=1695848909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b56b366f67c5c49beade9a2c61c6673272fb4fc57f165b1f9d68d255cfa2e7e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Sep 2023 20:26:21 GMT
server: cloudflare
age: 6449
etag: W/"650ca6ed-cfd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 80d875c48f721e32-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 6si.min.js Show response
j.6sc.co/ 51 KB
15 KB 73ms
14ms Script
application/javascript 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

3ac0c589d242920586289eabdd93bf71f3d85bb1c6c8333d3e2deb4e173b61a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Aug 2023 22:29:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "64e7d9dd-cc38"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 14993
expires: Thu, 28 Sep 2023 02:12:11 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 69ms
14ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=15221
accept-ranges: bytes
content-length: 3822

GET
H2 403 lt-v3.js
lltrck.com/scripts/ 0
0 482ms
152ms Script
text/html 3.216.46.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lltrck.com/scripts/lt-v3.js?llid=19612
Requested by: Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.46.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-46-62.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H2 200 2Uq3HoQoVZEHgHXXf288 Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 259ms
191ms Script
text/javascript 2606:4700::6810:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/2Uq3HoQoVZEHgHXXf288

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

7794720ccdd371782c33a11505639e48315d2288f5e14d200fba50ba50275368

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 80d875c52e0c18ff-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 83ms
16ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Thu, 28 Sep 2023 02:12:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 oktrk.js Show response
static.oktopost.com/ 9 KB
4 KB 100ms
8ms Script
application/javascript 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oktopost.com/oktrk.js
Requested by: Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 17:48:36 GMT
content-encoding: gzip
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jan 2020 09:47:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 85787
etag: W/"57315c24d6fec75c4d46a8cc3fa6e0d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: jtZmoLsO8_ASrDQQES7ld9FmO7_d2I8wN3RUjjH_if5d2uTLPKHNAA==

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 88ms
36ms Script
text/javascript 2606:4700:4400::ac40:973c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:973c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:11 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
server: cloudflare
age: 39376
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1200
cf-ray: 80d875c519084d4f-FRA
expires: Thu, 28 Sep 2023 02:32:11 GMT

GET
H2 200 ed9ggbnvvo Show response
www.clarity.ms/tag/ 1 KB
2 KB 251ms
184ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ed9ggbnvvo?ref=gtm2
Requested by: Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c9ee8bc4ce11ed07c91f2c1ed09e6faa746e2a3458d8b4bfcd28a639ac04b6fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: -1
date: Thu, 28 Sep 2023 02:12:11 GMT
x-azure-ref: 20230928T021211Z-fhraamy8hd7pv2f66gxk5882m800000000k000000001e7tb
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1216
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 293 KB
94 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0cf7b49bc1c6290e31b40e48eab4d0ae6b86bf45f156ccd30a926b6da0553839

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96426
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 28 Sep 2023 02:12:11 GMT

GET
H2 200 9017396.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 39ms
7ms Script
text/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/9017396.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 , Sweden, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 6c649cc3d4aee7683250622541a6045ad4ac3beb93df1fcdd3ec1f7f12a1ff44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-cache-hits: 46517
date: Thu, 28 Sep 2023 02:12:11 GMT
content-encoding: gzip
via: 1.1 varnish
age: 29533735
x-cache: HIT
content-length: 5579
x-served-by: cache-fra-etou8220114-FRA
last-modified: Thu, 20 Oct 2022 22:49:15 GMT
server: Apache
x-timer: S1695867132.736532,VS0,VE0
etag: "421e-5eb7f2274b0c0-gzip"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-vimeo-dc: ge
x-bapp-server: assets-769d499c7b-6rkpw
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Oct 2032 06:23:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 34ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 01:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1348
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 28 Sep 2023 03:49:43 GMT

GET
H2 200 cofense.png
ehhbozgsut3.exactdn.com/wp-content/uploads/2022/06/ 3 KB
4 KB 160ms
160ms Image
image/webp 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/2022/06/cofense.png?strip=all&lossy=1&ssl=1

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

c45f781964e97c179059fb620032eddab4a86bf8af6cd3f7460b2fa839fedb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Tue, 17 Sep 2024 13:30:51 GMT
date: Thu, 28 Sep 2023 02:12:11 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1108
cdn-cachedat: 09/18/2023 14:16:26
cdn-pullzone: 1418769
content-length: 3568
last-modified: Mon, 18 Sep 2023 13:30:51 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 43b0a7cdb74f45b373bcde31014bef34
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/2022/06/cofense.png>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 Figure-1-1.png
ehhbozgsut3.exactdn.com/wp-content/uploads/2023/09/ 18 KB
19 KB 169ms
169ms Image
image/webp 2400:52e0:1a01::1000:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/2023/09/Figure-1-1.png?strip=all&lossy=1&ssl=1

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a01::1000:1 -, , ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-LA1-1000 /

Resource Hash

8f4c09812f9c894f72ff20508072b8d4101bef0170fd6d9ac97552dd208380bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Wed, 25 Sep 2024 20:38:41 GMT
date: Thu, 28 Sep 2023 02:12:11 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 852
cdn-cachedat: 09/27/2023 13:38:59
cdn-pullzone: 1418769
content-length: 18428
last-modified: Tue, 26 Sep 2023 20:38:41 GMT
server: BunnyCDN-LA1-1000
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 001a90b631a821d141c24770d742d6e0
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/2023/09/Figure-1-1.png>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H3 200 share-link.min.js Show response
cofense.com/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 189ms
189ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.16.4
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=1695848910
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-a3c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 80d875c5392e4d4f-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 37ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3G76T4W3LR&gtm=45je39p0&_p=1235663094&_gaz=1&cid=792912281.1695867132&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695867131&sct=1&seg=0&dl=https%3A%2F%2Fcofense.com%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F&dt=Browser-in-the-Browser%20(BitB)%20Attacks%20Target%20SSO%20%7C%20Cofense&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:12:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
242 B 55ms
20ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3G76T4W3LR&cid=792912281.1695867132&gtm=45je39p0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:12:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 62ms
18ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3G76T4W3LR&cid=792912281.1695867132&gtm=45je39p0&aip=1&z=878591653

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:12:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 10ms
10ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=38997
accept-ranges: bytes
content-length: 4862

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 10ms
10ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=15221
accept-ranges: bytes
content-length: 3822

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
573 B 43ms
8ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:12:11 GMT
an-x-request-uuid: be90ef1c-f6c2-4f21-b06f-37bcfc2f54e0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cofense.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.137; 178.162.209.137; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
190 B 15ms
14ms XHR
text/html 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.193 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:11 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://cofense.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 24 B
313 B 58ms
14ms XHR
text/html 2a02:26f0:480:23::1726:629c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:23::1726:629c , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fcfdcd4cb2d6b031d35a9afc9f38c7873268c65874d0f8cd2129a8944a8c8030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:12:11 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://cofense.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a00:c98:2050:a007:2::13
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1695867131842_388391900_190401955_23_851_6_22_219";dur=1
content-length: 24
expires: Thu, 28 Sep 2023 02:12:11 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
190 B 14ms
14ms XHR
text/html 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.193 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:11 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://cofense.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 24 B
313 B 55ms
13ms XHR
text/html 2a02:26f0:480:23::1726:629c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:23::1726:629c , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fcfdcd4cb2d6b031d35a9afc9f38c7873268c65874d0f8cd2129a8944a8c8030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:12:11 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://cofense.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a00:c98:2050:a007:2::13
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1695867131865_388391900_190401956_21_846_6_0_219";dur=1
content-length: 24
expires: Thu, 28 Sep 2023 02:12:11 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 19ms
15ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Thu, 28 Sep 2023 02:12:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Sat, 06 Jan 2024 02:12:11 GMT

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
465 B 128ms
127ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17654763&r=1695867131822&ref=https%3A%2F%2Fcofense.com%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F&version=2.4
Requested by: Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 17654763
Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:12 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdsurSRlluVY50X8jQrIsW5sULKU49VuzyiJdLUyTLoQ2nBOqt0KRrroHV2RchvCX7ndlzwmSt0Qtvbi2AZCXCB9gg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Thu, 28 Sep 2023 03:12:12 GMT

GET
H2 200 ping Show response
okt.to/ 0
100 B 327ms
109ms Script
text/javascript 34.200.97.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://okt.to/ping?uri=%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F&aid=001shx33p56dsdg&ts=1695867131823

Requested by

Host: static.oktopost.com
URL: https://static.oktopost.com/oktrk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.200.97.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-97-200.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:12 GMT
strict-transport-security: max-age=31536000;
content-type: text/javascript;charset=UTF-8

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 147ms
110ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17654763&r=1695867131822&ref=https%3A%2F%2Fcofense.com%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://cofense.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 28 Sep 2023 02:12:11 GMT
expires: Thu, 28 Sep 2023 02:12:11 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ADPycduY7V5AzITGrqMqpFlm2IOo_FKCjJ4wTm6bPVrF_HbzcZpxZrEO0nBY1naLS88t7H-vCzz1gTH55-DEkqL9yU3DJg

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
218 B 17ms
16ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1235663094&t=pageview&_s=1&dl=https%3A%2F%2Fcofense.com%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F&ul=en-us&de=UTF-8&dt=Browser-in-the-Browser%20(BitB)%20Attacks%20Target%20SSO%20%7C%20Cofense&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgUABAAAAACAAI~&jid=309876046&gjid=338973280&cid=792912281.1695867132&tid=UA-114787942-1&_gid=518663699.1695867132&_slc=1&gtm=45He39p0n815RQ37KH&z=1951104332

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

55a584b426a4c83b14dc79e65c48e065d826852bbbd32814c0127f6ac70a922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:12:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 18ms
18ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-114787942-1&cid=792912281.1695867132&jid=309876046&gjid=338973280&_gid=518663699.1695867132&_u=YCDAgUABAAAAAGAAI~&z=1224651421

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 28 Sep 2023 02:12:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/300721/domain/cofense.com/ 36 B
373 B 40ms
10ms XHR
application/json 2600:9000:20eb:4800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/300721/domain/cofense.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 01:31:56 GMT
content-encoding: gzip
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 2415
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: rDeHzVr209K0XJe-bUmo2r_FX2FghOOuNk6ca5aJL3i0y-3jTokWng==

GET
H2 200 tc_imp.gif
obs.esnchocco.com/tracker/ 43 B
79 B 103ms
102ms Image
image/gif 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.esnchocco.com/tracker/tc_imp.gif?e=37dfbd8ee84e001363ebcf33ed46899c9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a188e652717071a10acf9f29f674a8186db517f384df679700381338a669352350675930354583d555b92ba6a4777be26bb25cb43e2916af05265ac5e24721bd853e946f4c6d7df3abb2807ff7ccaa8556d8e0e3143714493d60265f660b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a4938677a0d8d759e348955a2e019cbecbf7af2b95dfe57594351ccdeb8b795904fd736ea9c31760ecdfae738a03ae46b58c49cb4b99c62996306491cf2ed86692dabde193fdbd4c38fc2eb5b8f22f4d26f9913f82be50eb0102419457459a838eccc6f09437842bdd91f88876e379363494753e859381012cdca765a106a8935d9b62be7a520454c720bf42dfd1b87cb98e77d11fee88cd9464884d4761eb5d115431447a88bd72b90ac2dc9035b3d325b3d02addc2b1ad33cfa0e05c777384a906158aec471a03b4b4a212d12886f80efdea2fae6ee5608759d008c5ea69914f65a6fbd074352d721f38580405a0f39e70c05ce603171478bced10818a121ea0aac3a8eb3db1b1bda9d8bcd6a559452ee6559aa40f3cf01f3c4e892724257efc69b26405d0a99d71800bd43996ad2dcba4109a730c3d23007a0f9fc3edc721785d9b045896d4d0a7adcc530482adbb7d92d36e78ded20e216ff993c54b20b727855f8307e23f9b12d8d40ef9ba32e29d94cf994762efe7277e8376a68db8b70b9d6c34150588754250b1a05e93f115ca9998ca48d08687330a315ba33cab05ae52ae9c68963246212c266f2ba403da933947b871c1a1fc30d1c94a8d7772b1712777c8e0a3601c882d8ef550ad4d631256ae7869dbfbc562d956209b831aa4d7dbf88141db43095a57b51e6432d4ce561dfb74b0faa53f93c1a84b0428b06032091ace1159e391e81f1093636f94edc419a3a3e7bd5d7cee68cd002807de52313d9586164be0bbffc4a0f64af330a772c77190cb53b8b2ab7a73b6d91ea0cbe9eb9badc4c7365e9eb27017893591099442f3a476f9ddc7d46da0c688bae94c25d1bdbae2519e17db0304681374d8cf7a659e77e00390d66ab10571a1141ebc6cecdd242dfb30621b13cda89b78c8&cri=zgygo7koVS&ts=427&cb=1695867131861
Requested by: Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Thu, 28 Sep 2023 02:12:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 293 KB
94 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZVTRKX60MM&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c4d8793b26771cfceea1f795546896b7eb2f1e7af8cf6c9b77df286ddf4a9bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96514
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 28 Sep 2023 02:12:11 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
483 B 189ms
186ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=6099c327-d21a-4da0-87e3-cc001b001cb4&session=ea523e32-4f3c-479e-8b23-d3301f9c86a7&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2028%20Sep%202023%2002%3A12%3A11%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Sep%202023%2002%3A12%3A11%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22b253130e4accad98012a3abe3f4b4c7a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Sep%202023%2002%3A12%3A11%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Sep%202023%2002%3A12%3A11%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Sep%202023%2002%3A12%3A11%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Sep%202023%2002%3A12%3A11%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22b253130e4accad98012a3abe3f4b4c7a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Sep%202023%2002%3A12%3A11%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Sep%202023%2002%3A12%3A11%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22a9e769d7d96a596f969b9dc5023033e21a69bf40%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Sep%202023%2002%3A12%3A11%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Sep%202023%2002%3A12%3A11%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20how%20attackers%20can%20use%20malicious%20HTML%20attachments%20to%20carry%20out%20browser%20in%20the%20browser%20(BitB)%20attacks%20and%20take%20advantage%20of%20single%20sign%20on%20trusts.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Browser-in-the-Browser%20(BitB)%20Attacks%20Target%20SSO%20%7C%20Cofense%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense.com%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F&pageViewId=0fd2fa67-74db-4eea-8984-b8a87e91068f&an_uid=0&v=1.1.6

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:12 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 62ms
18ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-114787942-1&cid=792912281.1695867132&jid=309876046&_u=YCDAgUABAAAAAGAAI~&z=69375410

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:12:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
17ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-114787942-1&cid=792912281.1695867132&jid=309876046&_u=YCDAgUABAAAAAGAAI~&z=69375410

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:12:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 422afa2b-7e45-49a5-9651-14b89948377f
https://cofense.com/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://cofense.com/422afa2b-7e45-49a5-9651-14b89948377f
Requested by: Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99ffd388dcb86ec240b34b5df09b4f0b93877955590507d59b364d8e86f354fc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Length: 261
Content-Type

POST
H/1.1 200
OK visitWebPage
404-jhu-612.mktoresp.com/webevents/ 2 B
318 B 521ms
94ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://404-jhu-612.mktoresp.com/webevents/visitWebPage?_mchNc=1695867131884&_mchCn=&_mchId=404-JHU-612&_mchTk=_mch-cofense.com-1695867131883-10506&_mchHo=cofense.com&_mchPo=&_mchRu=%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Thu, 28 Sep 2023 02:12:12 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: fc2f43f6-c87a-42d6-88d0-a0d7b76ca059

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1695867131885&url=https%3A%2F%2Fcofense.com%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F&tm=gtmv2
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1695867131885&url=https%3A%2F%2Fcofense.com%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F&tm=gtmv2&cooki...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D300721%26time%3D1695867131885%26url%3Dhttps%253A%252F%252Fcofense.com%252Fblog%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1695867131885&url=https%3A%2F%2Fcofense.com%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F&tm=gtmv2&cooki...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1695867131885&url=https%3A%2F%2Fcofense.com%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F&tm=gtmv2&cook...

0
265 B

258ms
212ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1695867131885&url=https%3A%2F%2Fcofense.com%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJzOhFV2JskoAAAAYrZjtrNRPz8crpeSr14rD2-mvN9ctCvDeKl4tpWjkN8tSRqvLR8nvANABayww
Requested by: Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:12 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 0ABCFD618DC64B8EA425D8110FD77407 Ref B: FRAEDGE1510 Ref C: 2023-09-28T02:12:12Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYGYdYKblmCf8xjgSMP7g==

Redirect headers

date: Thu, 28 Sep 2023 02:12:11 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 09AF48C663D14E95AA7E75918C443608 Ref B: FRAEDGE1308 Ref C: 2023-09-28T02:12:12Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1695867131885&url=https%3A%2F%2Fcofense.com%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJzOhFV2JskoAAAAYrZjtrNRPz8crpeSr14rD2-mvN9ctCvDeKl4tpWjkN8tSRqvLR8nvANABayww
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYGYdYGmWZiI9IHv5+Vcw==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 195ms
194ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=6099c327-d21a-4da0-87e3-cc001b001cb4&session=ea523e32-4f3c-479e-8b23-d3301f9c86a7&event=ipv6&q=%7B%22address%22%3A%222a00%3Ac98%3A2050%3Aa007%3A2%3A%3A13%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20how%20attackers%20can%20use%20malicious%20HTML%20attachments%20to%20carry%20out%20browser%20in%20the%20browser%20(BitB)%20attacks%20and%20take%20advantage%20of%20single%20sign%20on%20trusts.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Browser-in-the-Browser%20(BitB)%20Attacks%20Target%20SSO%20%7C%20Cofense%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense.com%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F&pageViewId=0fd2fa67-74db-4eea-8984-b8a87e91068f&an_uid=0&v=1.1.6

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:12 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
BLOB 200
OK 593edb9c-ac7a-418f-9229-c6310a2d28d7
https://cofense.com/ 529 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://cofense.com/593edb9c-ac7a-418f-9229-c6310a2d28d7
Requested by: Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1977c35b33222488f8980b145f71443084dc5620a4a88f89c2fb11cfe8be6520

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Length: 529
Content-Type

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/300721/domain/cofense.com/ 36 B
364 B 11ms
7ms XHR
application/json 2600:9000:20eb:4800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/300721/domain/cofense.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 01:31:56 GMT
content-encoding: gzip
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 2415
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: GWOxMcI1M9ZdKMGc5EQME-Oq3aBDK6SIztOu3g-LQ1nRLKilW0bfUg==

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.10/ 57 KB
24 KB 29ms
29ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.10/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ed9ggbnvvo?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:11 GMT
content-encoding: br
last-modified: Wed, 27 Sep 2023 16:00:43 GMT
etag: W/"0x8DBBF72E7CB2A7E"
vary: Accept-Encoding
x-azure-ref: 20230928T021211Z-fhraamy8hd7pv2f66gxk5882m800000000k000000001e7u5
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 1b676f56-801e-0067-5572-f13e27000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 19ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZVTRKX60MM&gtm=45je39p0&_p=1235663094&_gaz=1&ul=en-us&sr=1600x1200&cid=792912281.1695867132&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fcofense.com%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F&dt=Browser-in-the-Browser%20(BitB)%20Attacks%20Target%20SSO%20%7C%20Cofense&sid=1695867131&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZVTRKX60MM&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:12:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 19ms
18ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZVTRKX60MM&cid=792912281.1695867132&gtm=45je39p0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZVTRKX60MM&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:12:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 19ms
19ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZVTRKX60MM&cid=792912281.1695867132&gtm=45je39p0&aip=1&z=1587195333

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:12:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 756 B
586 B 30ms
14ms XHR
application/json 35.157.162.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.162.42 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-162-42.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d96ac3de06de0a5a49356221469a414db632cd4486a405940cd839f8e23c1f83

Request headers

Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
Authorization: Token a9e769d7d96a596f969b9dc5023033e21a69bf40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
X-6s-CustomID: WebTag1.0 b253130e4accad98012a3abe3f4b4c7a

Response headers

date: Thu, 28 Sep 2023 02:12:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://cofense.com
access-control-allow-credentials: true
content-length: 404

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 45ms
9ms Preflight 35.157.162.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.162.42 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-162-42.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://cofense.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://cofense.com
access-control-max-age: 1800
date: Thu, 28 Sep 2023 02:12:12 GMT
server: nginx

GET
BLOB 200
OK 95dfa298-2877-44d5-9438-be02ada36a36
https://cofense.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://cofense.com/95dfa298-2877-44d5-9438-be02ada36a36
Requested by: Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
291 B 387ms
196ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cofense.com
Date: Thu, 28 Sep 2023 02:12:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H/1.1 200
OK messenger Show response
app.qualified.com/w/1/H3wWDXLUxD4irieG/ Frame E104 6 KB
3 KB 341ms
115ms Document
text/html 34.199.134.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=4994adba-b84b-4760-b656-783acbcab50b

Requested by

Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=H3wWDXLUxD4irieG

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.199.134.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-199-134-194.compute-1.amazonaws.com

Software

Resource Hash

c8a01932eab48cbd7c37c45597b2f55f41aa471f4add6de56c0e301cdea9c8a9

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cofense.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Length: 1740
Content-Security-Policy
Content-Type: text/html; charset=utf-8
Date: Thu, 28 Sep 2023 02:12:12 GMT
Etag: W/"c8a01932eab48cbd7c37c45597b2f55f"
Link: <https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css>; rel=preload; as=style; nopush,<https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css>; rel=preload; as=style; nopush
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Via: 1.1 spaces-router (devel)
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 493d384c-b344-91f2-14ec-f072ee6cbf78
X-Runtime: 0.019128
X-Xss-Protection: 1; mode=block

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
483 B 193ms
192ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:13 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 messenger-94e6eccc.chunk.css
assets.qualified.com/packs/css/vendors~widget/sandboxed/ Frame E104 35 KB
7 KB 28ms
18ms Stylesheet
text/css 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css
Requested by: Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb3487cae40a55bf31dc6e6191ab0d88ec8c8f85c62bf28ad25ad0a40c16a611

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:12 GMT
x-amz-version-id: nZxsrH887GdfUGGuQnwzmaU9YPeyQVEN
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 07RN9PT5FDTFQ4HK
age: 2390
x-amz-server-side-encryption: AES256
x-amz-id-2: imJXSfUgYshmruBeNCdPgS2qiXJ2whfZ4wFxWAj9gXscsFpN5FEo48kca0ALe1i9yNOejItUMic=
last-modified: Sat, 26 Aug 2023 01:50:02 GMT
server: cloudflare
etag: W/"a788ecf510f83ee517cbaf79306145dd"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 80d875cc3c1037f6-FRA
expires: Thu, 28 Sep 2023 06:12:12 GMT

GET
H2 200 messenger-ea37ea0f.chunk.css
assets.qualified.com/packs/css/widget/sandboxed/ Frame E104 5 KB
1 KB 24ms
14ms Stylesheet
text/css 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css
Requested by: Host: cofense.com
URL: https://cofense.com/blog/browser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:12 GMT
x-amz-version-id: raogLJKXyh8nJX8ZhwlE.SSUwAmM3jCq
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 0VWKFB4AA1T8BF4F
age: 2390
x-amz-server-side-encryption: AES256
x-amz-id-2: 221LaT3C+XwJ7AnQsFgHItHyXP3YYZjkXXE4736QHT1JGDqCaJL4L5A32pbMgFg0hVQ28xl59Ic=
last-modified: Fri, 22 Sep 2023 23:26:32 GMT
server: cloudflare
etag: W/"22d5f23e695250d3c5a5b1e76a015c5e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 80d875cc3c0f37f6-FRA
expires: Thu, 28 Sep 2023 06:12:12 GMT

GET
H2 200 messenger~runtime-6d98d8c33d5586a4f539.js Show response
assets.qualified.com/packs/js/widget/sandboxed/ Frame E104 2 KB
1 KB 19ms
16ms Script
application/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget/sandboxed/messenger~runtime-6d98d8c33d5586a4f539.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=4994adba-b84b-4760-b656-783acbcab50b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed2134aee1410a2bf4c01a39bce276aa5f154897feaebe85b9767ee834b2ff92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:12 GMT
x-amz-version-id: pYddc0kAE1Kdcb15nJSJAg4pN4NkIG0.
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: K92JV24HB9A1P1PT
age: 2448
x-amz-server-side-encryption: AES256
x-amz-id-2: 1cs5jQrUUHpMQmNVBkLxZG56hw0YsbD5HJBNUCrhpUgLuoPhg7lMoQZK+WZ1yFtPID8nvUESoal3IZUX9uCZhg==
last-modified: Wed, 27 Sep 2023 00:57:51 GMT
server: cloudflare
etag: W/"99082efa8d96ad2c7be0cb2907d83901"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 80d875cc3c1237f6-FRA
expires: Thu, 28 Sep 2023 06:12:12 GMT

GET
H2 200 messenger-0d6cedda89afcde88c20.chunk.js Show response
assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/ Frame E104 1 MB
362 KB 21ms
18ms Script
application/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=4994adba-b84b-4760-b656-783acbcab50b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb6ad26fc445486c33ba095573c96126e6905a49d58dca05b14b1e88aa27f38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:12 GMT
x-amz-version-id: 8NBH7q_9jdKR2zEgz2p5nNS7ASdVLKvG
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 64YJQQSTDK49B4XS
age: 5880
x-amz-server-side-encryption: AES256
x-amz-id-2: 1ru/OvZ8YC5t6R8USL651F4eF+KRfxk/pQs+1q+Xd87XWLQumVnIlKBp/gru3wSVdCPit2zJ8rE=
last-modified: Mon, 11 Sep 2023 23:04:49 GMT
server: cloudflare
etag: W/"38b08f27be250e4a49545f7ded75049c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 80d875cc3c1137f6-FRA
expires: Thu, 28 Sep 2023 06:12:12 GMT

GET
H2 200 messenger-8b1d9e2ffe73d0542f8a.chunk.js Show response
assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/ Frame E104 778 KB
180 KB 25ms
23ms Script
application/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/messenger-8b1d9e2ffe73d0542f8a.chunk.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=4994adba-b84b-4760-b656-783acbcab50b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b88a666ea0dc1a5cc7c9da8f2bf4b4cf36cb4ef1fe0480572d51cd86962f2e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:12 GMT
x-amz-version-id: LY9xlimxUW911cgpFyeYwI6_57eqqwTX
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: K92KMDDPN3TAD2CX
age: 2445
x-amz-server-side-encryption: AES256
x-amz-id-2: x7aU7+GcN+A3tCzYzskXJT5QxWPD9B5j8mOIFgNF4a+80eYfIJ4KuMwgoYFRGWp0lXEl32vlzN8=
last-modified: Wed, 27 Sep 2023 00:57:51 GMT
server: cloudflare
etag: W/"3f2ce14c3ad0ebc7341cb8cd81beb684"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 80d875cc5c1c37f6-FRA
expires: Thu, 28 Sep 2023 06:12:12 GMT

GET
H2 200 Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame E104 97 KB
97 KB 44ms
21ms Font
font/woff2 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/media/fonts/inter/Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=4994adba-b84b-4760-b656-783acbcab50b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer: https://app.qualified.com/
Origin: https://app.qualified.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:12 GMT
x-amz-version-id: Ts0p7fbKsZIFu_VEk6HOvm9iYpTRKuos
cf-cache-status: HIT
x-amz-request-id: A014AXCH5HAYN619
age: 25316950
content-length: 98868
x-amz-id-2: IJ/hVgCs33ecZmS06+Ka+dHvpugbE2eU1ZCcp0I9amPp9Dk45jvq9GOwp+V0XScoH+qD8bPUljc=
last-modified: Thu, 08 Dec 2022 23:17:25 GMT
server: cloudflare
etag: "dc131113894217b5031000575d9de002"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 80d875cc5837918c-FRA
expires: Fri, 27 Sep 2024 08:12:12 GMT

GET
H2 200 Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame E104 103 KB
104 KB 35ms
13ms Font
font/woff2 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/media/fonts/inter/Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=4994adba-b84b-4760-b656-783acbcab50b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5

Request headers

Referer: https://app.qualified.com/
Origin: https://app.qualified.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:12 GMT
x-amz-version-id: ePBeoMCujYBxKBCWHO9COs36tHcpJSw9
cf-cache-status: HIT
x-amz-request-id: A01B2QDFTMXZH5PS
age: 25316950
content-length: 105804
x-amz-id-2: QrEATIdRG82StQ9vuCskL/XEsQIIMY+OzO15MGNTQIYZKmPGvaIhnxUF1uCukz9/QAqZn2UpPyU=
last-modified: Thu, 08 Dec 2022 23:17:25 GMT
server: cloudflare
etag: "007ad31a53f4ab3f58ee74f2308482ce"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 80d875cc5838918c-FRA
expires: Fri, 27 Sep 2024 08:12:12 GMT

POST
H2 200 mon Show response
obs.esnchocco.com/ 0
144 B 104ms
103ms XHR
application/json 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.esnchocco.com/mon
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/i/3f4cc36ec4f01d8cc5a1315c08b91f0b.js?ver=1695848907
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://cofense.com
date: Thu, 28 Sep 2023 02:12:12 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.esnchocco.com/ 0
16 B 106ms
103ms XHR
application/json 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.esnchocco.com/mon
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/i/3f4cc36ec4f01d8cc5a1315c08b91f0b.js?ver=1695848907
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://cofense.com
date: Thu, 28 Sep 2023 02:12:12 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 / Show response
sentry.io/api/1332833/envelope/ Frame E104 2 B
324 B 155ms
122ms Fetch
application/json 35.186.247.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1332833/envelope/?sentry_key=b5158ee3382d49b28a864fb2b91bcaaf&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1

Requested by

Host: assets.qualified.com
URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.247.156 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

156.247.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.qualified.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 28 Sep 2023 02:12:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C4AFE2DF55F8412E99863D268957981A&RedC=c.clarity.ms&MXFR=2A72EFE1524565E422F3FC7B56456B70
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C4AFE2DF55F8412E99863D268957981A&MUID=00A8636DFC8A69480D5270F7FDE16898

42 B
465 B

28ms
28ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C4AFE2DF55F8412E99863D268957981A&MUID=00A8636DFC8A69480D5270F7FDE16898
Protocol: H2
Server: 68.219.88.97 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:12:13 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:12:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 888CCB0BB941464697EAE282CE84740B Ref B: FRAEDGE1419 Ref C: 2023-09-28T02:12:13Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C4AFE2DF55F8412E99863D268957981A&MUID=00A8636DFC8A69480D5270F7FDE16898
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
291 B 94ms
94ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cofense.com
Date: Thu, 28 Sep 2023 02:12:13 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 212ms
212ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:14 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
483 B 197ms
197ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:15 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 mon Show response
obs.esnchocco.com/ 0
39 B 110ms
109ms XHR
application/json 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.esnchocco.com/mon
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/i/3f4cc36ec4f01d8cc5a1315c08b91f0b.js?ver=1695848907
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://cofense.com
date: Thu, 28 Sep 2023 02:12:14 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H/1.1 200
OK 976848be5d3705f67929c776e7c981f073674577458bffa4c5df2500b43cc5d1.png
qualified-production.s3.us-east-1.amazonaws.com/uploads/ Frame E104 7 KB
7 KB 333ms
119ms Image
image/png 52.216.44.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qualified-production.s3.us-east-1.amazonaws.com/uploads/976848be5d3705f67929c776e7c981f073674577458bffa4c5df2500b43cc5d1.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.44.106 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-east-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 35f2fd2da69d4fb87275d7ce76117c573c18ab9c6dbbd08429712af6346c26a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Thu, 28 Sep 2023 02:12:16 GMT
Last-Modified: Thu, 20 Apr 2023 21:32:06 GMT
Server: AmazonS3
x-amz-request-id: J73BXWYFVNYS44CC
ETag: "28067073f437880b9148c0ab27de6900"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Cache-Control: Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 6908
x-amz-id-2: OCTgYS+ZvHDXiPbpou+e9Fltti0azH/cepDg0qQDEzRWG7QafFR8MX5VuCNlQhde384a89p/IVI=

GET
H/1.1 200
OK 976848be5d3705f67929c776e7c981f073674577458bffa4c5df2500b43cc5d1.png
qualified-production.s3.us-east-1.amazonaws.com/uploads/ Frame E104 7 KB
7 KB 114ms
114ms Image
image/png 52.216.44.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qualified-production.s3.us-east-1.amazonaws.com/uploads/976848be5d3705f67929c776e7c981f073674577458bffa4c5df2500b43cc5d1.png
Requested by: Host: assets.qualified.com
URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.44.106 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-east-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 35f2fd2da69d4fb87275d7ce76117c573c18ab9c6dbbd08429712af6346c26a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Thu, 28 Sep 2023 02:12:16 GMT
Last-Modified: Thu, 20 Apr 2023 21:32:06 GMT
Server: AmazonS3
x-amz-request-id: J735R10GFK3A5T8F
ETag: "28067073f437880b9148c0ab27de6900"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Cache-Control: Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 6908
x-amz-id-2: m3SC4QRWD3w9FOGdNnqGBj1Y2i7yEK/Kx0jgxNotBaknUdBAUQ2fyFFz7AAZcDMw3LExTR7SFbo=

GET
H2 200 Inter-roman.var-ba4caefcdf5b36b438db92786991c845.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame E104 222 KB
222 KB 15ms
15ms Font
font/woff2 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/media/fonts/inter/Inter-roman.var-ba4caefcdf5b36b438db92786991c845.woff2
Requested by: Host: assets.qualified.com
URL: https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3

Request headers

Referer: https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css
Origin: https://app.qualified.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:15 GMT
x-amz-version-id: WWklHViP_Xquset3V0e38cj0ro4lj_BO
cf-cache-status: HIT
x-amz-request-id: Y97QS8N2TJ6ZS6BX
age: 17192605
x-amz-server-side-encryption: AES256
content-length: 227180
x-amz-id-2: zbaNIV03OAED3p+GCYieYK+y7cMsFyMlYDVyCal3HseSrwFUSNi7cQBQR03IylmtWJzkK+ZPLkQ=
last-modified: Sat, 11 Mar 2023 02:12:38 GMT
server: cloudflare
etag: "66c6e40883646a7ad993108b2ce2da32"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 80d875de1a78918c-FRA
expires: Fri, 27 Sep 2024 08:12:15 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
483 B 194ms
194ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:16 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 20ms
20ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3G76T4W3LR&gtm=45je39p0&_p=1235663094&cid=792912281.1695867132&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1695867131&sct=1&seg=0&dl=https%3A%2F%2Fcofense.com%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F&dt=Browser-in-the-Browser%20(BitB)%20Attacks%20Target%20SSO%20%7C%20Cofense&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:12:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 195ms
194ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:12:17 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 mon Show response
obs.esnchocco.com/ 0
39 B 108ms
108ms XHR
application/json 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.esnchocco.com/mon
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/i/3f4cc36ec4f01d8cc5a1315c08b91f0b.js?ver=1695848907
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://cofense.com
date: Thu, 28 Sep 2023 02:12:16 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cofense.com/	1970-01-20 17:15:51	Name: _cq_duid Value: 1.1695867131.Pkkg8BZvVlKKpGzb
.cofense.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1695867131.lHrwYqPxnjqqxg4T
cofense.com/	1969-12-31 23:59:59	Name: wp-wpml_current_language Value: en
.cofense.com/	1970-01-20 17:14:03	Name: _gcl_au Value: 1.1.1795443517.1695867132
.cofense.com/	1970-01-21 00:40:27	Name: attr_first Value: %7B%22source%22%3A%22(direct)%22%2C%22medium%22%3A%22(none)%22%2C%22campaign%22%3A%22(not%20set)%22%2C%22term%22%3A%22(not%20provided)%22%2C%22content%22%3A%22(not%20set)%22%2C%22lp%22%3A%22cofense.com%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F%22%2C%22date%22%3A%222023-09-28%22%2C%22timestamp%22%3A1695867131631%7D
.cofense.com/	1970-01-20 15:04:28	Name: attr_last Value: %7B%22source%22%3A%22(direct)%22%2C%22medium%22%3A%22(none)%22%2C%22campaign%22%3A%22(not%20set)%22%2C%22term%22%3A%22(not%20provided)%22%2C%22content%22%3A%22(not%20set)%22%2C%22lp%22%3A%22cofense.com%2Fblog%2Fbrowser-in-the-browser-bitb-attack-takes-advantage-of-sso-trust%2F%22%2C%22date%22%3A%222023-09-28%22%2C%22timestamp%22%3A1695867131631%7D
.techtarget.com/	1970-01-20 15:04:28	Name: __cf_bm Value: clOGpgpnPiwgexLKYyqDE7pBZlCvK3_aypSJ4oKQIkI-1695867131-0-ARNjpiQcK3KsOHniWmerWO6yHntmQ3tloa7aN15zw6WS4jmdVMbAuKnSyZRxbOOZeMv3WSd5fldgdTemWc7ZYJY=
obs.esnchocco.com/	1970-01-20 23:08:17	Name: cg_uuid Value: 335bfc7f817768e4df53f0ad78a4d418
.cofense.com/	1970-01-21 00:40:27	Name: _ga Value: GA1.2.792912281.1695867132
.cofense.com/	1970-01-20 15:05:53	Name: _gid Value: GA1.2.518663699.1695867132
.cofense.com/	1970-01-20 15:04:27	Name: _dc_gtm_UA-114787942-1 Value: 1
cofense.com/	1970-01-20 15:14:31	Name: _an_uid Value: 0
cofense.com/	1970-01-21 00:40:27	Name: _gd_visitor Value: 6099c327-d21a-4da0-87e3-cc001b001cb4
cofense.com/	1970-01-20 15:04:41	Name: _gd_session Value: ea523e32-4f3c-479e-8b23-d3301f9c86a7
.cofense.com/	1970-01-21 00:40:27	Name: _mkto_trk Value: id:404-JHU-612&token:_mch-cofense.com-1695867131883-10506
www.clarity.ms/	1970-01-20 23:50:03	Name: CLID Value: c04f40861ae34162a363b5243c77af98.20230928.20240927
.ws.zoominfo.com/	1970-01-20 23:50:03	Name: visitorId Value: 7915e0fc33a742ea32b64d5db9a6c0cfe60f9e22d8238cb7401fb5ba299448fb
.zoominfo.com/	1970-01-20 15:04:28	Name: __cf_bm Value: gngbDKdypbxLcVi1sNARy5BjW1KYXwm5Lx28a2vSsnc-1695867131-0-Ad45u0VDGkGjeChDl4PAUAITnBt3VGEMfL/jDnrAG3Y5bo83aQKoCXSfpJFHa7qWjfu0m2zi5RLOz9oi4qoW2xU=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 3Sohv3VJ3uTdtT0PawKcb6dd81xLqz_dQYbDJXeWiyg-1695867131888-0-604800000
cofense.com/	1970-01-20 15:05:53	Name: ln_or Value: eyIzMDA3MjEiOiJkIn0%3D
.cofense.com/	1970-01-21 00:40:27	Name: _ga_ZVTRKX60MM Value: GS1.2.1695867131.1.0.1695867131.60.0.0
.cofense.com/	1970-01-20 23:50:03	Name: _clck Value: z2u7lc\|2\|ffe\|0\|1366
.6sc.co/	1970-01-21 00:40:27	Name: 6suuid Value: bd6411029d992c00fce0146552000000d86a1800
.linkedin.com/	1970-01-20 17:14:03	Name: li_sugr Value: 8ec8e40e-719e-4a54-8d44-fc38e221e4ee
.linkedin.com/	1970-01-20 23:50:03	Name: bcookie Value: "v=2&57af1775-4a84-4dac-8f90-5c33f4650448"
.linkedin.com/	1970-01-20 15:05:53	Name: lidc Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2846:u=1:x=1:i=1695867132:t=1695953532:v=2:sig=AQEVMh1FXuYYxYgC1vxFiLn-pOuIcPgt"
.cofense.com/	1970-01-21 00:40:27	Name: _ga_3G76T4W3LR Value: GS1.1.1695867131.1.0.1695867132.59.0.0
.linkedin.com/	1970-01-20 15:47:39	Name: UserMatchHistory Value: AQIRTutmrcj7fwAAAYrZjtlBBrUihxkPsqeN3F4-o8OQ81cY4Z86kMr1OvkcKFN0Y9WXKBfdYC0jiw
.linkedin.com/	1970-01-20 15:47:39	Name: AnalyticsSyncHistory Value: AQLnP2gNDqreSQAAAYrZjtlBW3Kq6rFI7_O8AIxL2RSq10_acQVnTei9UgOErfK-YGB95qFF9hrr1PWOjGEdqA
.www.linkedin.com/	1970-01-20 23:50:03	Name: bscookie Value: "v=1&202309280212129d7f1d5d-f95f-43a5-86eb-cee5e91d44a7AQF97zepTnkJq8kMpdLnfSOqblQLmRz6"
.linkedin.com/	1970-01-20 19:23:39	Name: li_gc Value: MTswOzE2OTU4NjcxMzI7MjswMjGd0mdd6knJ6aDWFkD5eDOqVO+wonWRo2iUm3K73yiOow==
.cofense.com/	1970-01-20 15:05:53	Name: _clsk Value: wmhi4i\|1695867132527\|1\|1\|o.clarity.ms/collect
.bing.com/	1970-01-21 00:26:03	Name: MUID Value: 00A8636DFC8A69480D5270F7FDE16898
.c.bing.com/	1970-01-20 15:14:31	Name: MR Value: 0
.c.bing.com/	1970-01-21 00:26:03	Name: SRM_B Value: 00A8636DFC8A69480D5270F7FDE16898
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 00:26:03	Name: MUID Value: 00A8636DFC8A69480D5270F7FDE16898
.c.clarity.ms/	1970-01-20 15:14:31	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 15:04:27	Name: ANONCHK Value: 0
.cofense.com/	1970-01-21 00:40:27	Name: __q_state_H3wWDXLUxD4irieG Value: eyJ1dWlkIjoiNDk5NGFkYmEtYjg0Yi00NzYwLWI2NTYtNzgzYWNiY2FiNTBiIiwiY29va2llRG9tYWluIjoiY29mZW5zZS5jb20iLCJtZXNzZW5nZXJFeHBhbmRlZCI6ZmFsc2UsInByb21wdERpc21pc3NlZCI6ZmFsc2UsImNvbnZlcnNhdGlvbklkIjoiMTIzMzc0MDg4MjgwMTEzOTk3NiJ9

141 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	verbose	URL: blob:https://cofense.com/422afa2b-7e45-49a5-9651-14b89948377f(Line 1) Message: Error
network	error	URL: https://lltrck.com/scripts/lt-v3.js?llid=19612 Message: Failed to load resource: the server responded with a status of 403 ()
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-0d6cedda89afcde88c20.chunk.js(Line 1) Message: Rendering was performed in a subtree hidden by content-visibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

404-jhu-612.mktoresp.com
app.qualified.com
assets.qualified.com
b.6sc.co
c.6sc.co
c.bing.com
c.clarity.ms
cdn.linkedin.oribi.io
cofense.com
ehhbozgsut3.exactdn.com
epsilon.6sense.com
extend.vimeocdn.com
ibc-flow.techtarget.com
ipv6.6sc.co
j.6sc.co
js.qualified.com
lltrck.com
munchkin.marketo.net
o.clarity.ms
obs.esnchocco.com
okt.to
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
qualified-production.s3.us-east-1.amazonaws.com
region1.analytics.google.com
secure.adnxs.com
sentry.io
snap.licdn.com
static.oktopost.com
stats.g.doubleclick.net
trk.techtarget.com
ws.zoominfo.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
13.107.42.14
141.193.213.21
143.204.98.123
146.75.122.109
192.28.144.124
2.17.100.193
2001:4860:4802:32::36
2400:52e0:1a01::1000:1
2600:1f18:e8a:cd02:882c:d916:bae1:7722
2600:9000:20eb:4800:2:53b2:240:93a1
2606:4700:4400::ac40:973c
2606:4700::6810:880f
2606:4700::6812:1105
2620:1ec:21::14
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:811::2004
2a00:1450:4001:828::200e
2a00:1450:400c:c0c::9d
2a02:26f0:3500:16::215:149b
2a02:26f0:480:23::1726:629c
2a02:26f0:480:f::213:7ed3
3.216.46.62
34.111.208.231
34.199.134.194
34.200.97.200
35.157.162.42
35.186.247.156
37.252.171.52
52.152.143.207
52.216.44.106
68.219.88.97
88.221.60.75
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
048d136d592e66896cccc1fe4fada4feb16b7f6af671cd49a2fe6ed6b2276c6c
06c5b21ed6beb8535987a718d67db031fd8f9658a06e347946420fece8a2d845
0800c1bcae9fd7a9ab8bb0fc08bb60392cde06279906b58ba73a9d32c0ef0f8d
08d9e28e5a3cf2a632f0a595610c79ae90f8dc50f3dd17914f2e6ef324b100bf
09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84
09b473616cc3968b02955334217fe0e733d560ecd4d8ba7bcce92a89576c00c6
0a828dbd42b518c042d31e8c907ce91c852f06759f79a659341c8c4fa74492b3
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0cf7b49bc1c6290e31b40e48eab4d0ae6b86bf45f156ccd30a926b6da0553839
12c3f7bc60c99d1b6b634d6cd16fbb0e26ae75ddda15d7a6e5106cd5dad83f14
136ae09fa1a7c5fc9e017fef8c19b4408a8f4fdf9c9df542652a9746ee3e9b8a
138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47
13aca15552884d3dc240df277770e2caa6088f66c721a7089d921599f67dfbdd
13ba7d85cedf2d5b14f9091119f9067689bdc33edde1d37a654787d416fbca34
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
18e34d3eda4a30d1db7bd21d39ba64cb7b6fe1243a976c829fc4c6df031bc80c
1977c35b33222488f8980b145f71443084dc5620a4a88f89c2fb11cfe8be6520
19fb8fd435c0bce0c7b49c24d128cce686d4a6bba0de63d34d5effa4e1f644f4
1b88a666ea0dc1a5cc7c9da8f2bf4b4cf36cb4ef1fe0480572d51cd86962f2e2
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c5062c716f15143dd0a8f6f6993a6f8db2900afc49e6193a9664a782a2e1686
21a8d9de57277a54200a816f7c852e39febfb766f6fcecd3d7e8d4c90dd5f55f
234cbce3c37318c0a714729e1340c5bbdde1e9ebf444c5480db3ffe149ca9ee8
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
2cb2dbcaef23560aab640aaa379e55b607c905a3f8f41b813679e5e503ecdf17
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30db81ee3fd2296a2f5d01bb41c96067068327115900e2bdb865ffcfed6fdf8b
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
35f2fd2da69d4fb87275d7ce76117c573c18ab9c6dbbd08429712af6346c26a3
365b620ba7cfdf23e9c6f78bfda3004c9ae0c8deb6605fe0b069c0ae992981b7
39c436c1d5dc63d9437c8eb0ff081e7267d313bee370a58476343e7fab4114ba
39c5b9da29291f6b37c7e9428f2de883301f85f5e9cbfce66712875fb7c45d7a
39eeb47a5d22f99100deb70fc52831d17942755c4e48e1b41f69274c924f3128
3ac0c589d242920586289eabdd93bf71f3d85bb1c6c8333d3e2deb4e173b61a4
3c1a5c4b5574a4104a92b2e700e6f0fc5b001c4297ebc5a1e76d67b1fbeb1c2d
3c60f28ac63eb4fed3d219aba2496cb5da8b96a1db54a8d9b5c87ada17e42c00
3eb6ad26fc445486c33ba095573c96126e6905a49d58dca05b14b1e88aa27f38
40866ec78876a63fea371c77acbb0cf7586aff4bd46a0fb5e801d5f442f62c42
42b4c874dffcf22341dc94e183d251784e1c2051781c626ee0c437123038179b
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46ade2015c8f9b9cabbf67dfde5da6664f4690725cd94ee6215eeacfe9b19b3f
4902421a8e4268518e9435b729b6a50ce42d76cf3afd2a6ed6d1db87b565cc66
49ee63b69dc7a6c2b17d9dac95356cbf9f89427710695cf51b37d08dac616a4c
4b9257e3e9c959214ddfab833a69a021ae6557403efe76afcbee259621175274
4d8f302eda9307bb0c244cc89f76f5d4eccd84380f4d04d47c49115ca989a983
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
5231072de27cfe7ed0a432f3068a71ae38c8194cfb0f42b2126023fa7c99dc4c
55a584b426a4c83b14dc79e65c48e065d826852bbbd32814c0127f6ac70a922e
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58f8be459c8d1062283ac072740cb4504fc4b3c06f7f6f1e6b17643115cf2cce
5ae1d0795901f709b38e3a8afa9b791fed006d781b5161bd4ac921c5d4a73c5a
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5c9c75fffdaf3ed3272dd1b83e9143ad5c33c8d9d58195ef6f9bff1e3591c216
5ec0edcab83d68a0bbdaaa014ca2eb993bf8bb3eb9eb5291be25e602a0d50e2b
5fde6eacc077ab58c0a3e25657dcc7bb8c2c21469b7223f8135dd46da6beee25
65d8dd786920a8a2fa4df78fdcb708f06cf67c5febe9cfd5ca83c479a66fdad2
6844ea1d998d79155a0763c9946da7c064a293e776d2142c8e91fcacee8542e9
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6b8f5e0248d13985550a57857f4f871e49ca9ec45354630c4039feb6850478c7
6c649cc3d4aee7683250622541a6045ad4ac3beb93df1fcdd3ec1f7f12a1ff44
6c64f1f61427b7aff7961cee93a0ee95c454274084a3a9e10aed8496929450d5
6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb
6f22c76ad8895de2c15b58688a9a5a8df753bcacc03448aa94706ac70e6b2fa7
721afdec05c82200e4aa75b494bbc990d1581970e2139d409749a6f78112f567
7794720ccdd371782c33a11505639e48315d2288f5e14d200fba50ba50275368
7aa61aaaee334a216bfd3a14ecdc865013ebf98deadb0ab891f39563c951148e
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7dcdd6d49205a7b8a0b5d35b65b6d70c7675bd653e29e18992d6470ece0c3d1b
7e6c5c59d177113846e655959502bd5e445e0d96eef497d22d2b167fae3c8bec
7f593e1de91b7e12418fbf5c6efec63fc1eee75e7d7767029a2942721550a9f2
80ae295e1e684f6903ca3b3896fb69550a5051c018482eae7d601f5a270c5f83
848ebbe22f48bb9cbdef963602e58e60688e934f430b6839500232159560c6de
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
880bd0c057b2118ce8870a412c9bbc9c744ecc1ffc2e0cec852f0822467a5468
89b87d53f74bf77c35b63352937c490fa8e07f70eb549d9307ea8e945fc00bc4
8cbc49b1385bf29debe95333f04795a6e3a2cf218d88b415b29872d06491fd1c
8f4c09812f9c894f72ff20508072b8d4101bef0170fd6d9ac97552dd208380bf
8f9de5ce0bd559fccdcf15f73bef8d60af03428ea4c33222985a6644d1351b35
9229325856a60fe3abf028e558871b71587d0fba6f8a5f12fd9bc1ede7610429
94b0e9b4abbe9e99299038ddeace0340091f244ec3da58d079620ed8d81ce591
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99ffd388dcb86ec240b34b5df09b4f0b93877955590507d59b364d8e86f354fc
a0eb0368e9e7b3ceaf152e2ef2212e6c2f1b924e34faa7f9841a4ef702a09da4
a144b7eb90f5589866d0546b15df7c4473c9ff44b079490e449c0ad96bb82511
a5b92372018c41010f3abc7e2508e4f4e1be30c6aa4bad99ae72504ad3e105a7
a610dabbe44fa30b1c049bc58af7602792119a73f01b06021e66f11b34883f3b
a7c3b69070e18da88843ce5865aae332f74fae0ada9c0a6004c6615c9813b4d6
a8642bcd147ba3528345f5bd17f788cd524931e093255b2c1c8344677a1ab505
a9979d70d8cbb8fe7ee74247da30eb3e1f0b70ac937f7f5f6113166b3cc02ca0
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
ad2364119e81655c5452420dd9a2e2a488dd6658012ae9db392d4ee441c1e6a9
b1de39e677dcddced11ca33847341c52dfba355e979cd15bb02a6d09c73fe8e9
b27499a493a4a5b6179b62c1c27aa8e9b22d8ca964123da47caecd21f578577e
b2e6635e04d9963d4ac52e813fb7c3da30dbc68d68cbd2b5d5e41dd13433f302
b4234e7878e78bc3463dee60b74dabc4249a8858550b89c4f5c23235d033c2d5
b4d6f31b12061ce5f7eb43054704209c45634f84c8dcfd0666907f33fa527401
b56b366f67c5c49beade9a2c61c6673272fb4fc57f165b1f9d68d255cfa2e7e0
b5fa21b85bd484e42940368b586b409f970f2415eb1add4abad16dbf8ee8c1f1
b7aa6ab9df6a0e844f86c52f547756342afab7b158a51c6c54ec5c10ba9e3773
ba537e3957077fcc988d30e467e3464ef916baecec231691a65fd7d66a99c1f8
bab206232a7ed22b16328f93b591887cf8e69c92871ee89fd421c94407b4f9a4
bf685e293d51dc7a9ca630e387c90e436811766ab6a41df5dd0dd660b91f9eaf
c3dfc3f03106f85ab56ceaadf44433f35cca4209d64922d50a1c650c90aa60ad
c45f781964e97c179059fb620032eddab4a86bf8af6cd3f7460b2fa839fedb10
c4d8793b26771cfceea1f795546896b7eb2f1e7af8cf6c9b77df286ddf4a9bcc
c770a9bc7198791c47df8309ed2cd1153470fe6bb822e9f335583bfd3b5098aa
c8a01932eab48cbd7c37c45597b2f55f41aa471f4add6de56c0e301cdea9c8a9
c9ee8bc4ce11ed07c91f2c1ed09e6faa746e2a3458d8b4bfcd28a639ac04b6fe
ced2d8e02e2fbf08d2edec9b5f13648ed8348588a05f7181632f3c1dd6e1f5c3
cf7e7bef418e30a1109043d1ce9bd96d95871973d9f0f48f453ed8d2e070d3c6
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d16687a04944f1fe7b82f081d4267457122bc36b26de671c1132ca5fdc938f41
d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f
d96ac3de06de0a5a49356221469a414db632cd4486a405940cd839f8e23c1f83
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2ac5ea7f5449806fb65e42f8c0c97ac9d4c3e83da641340767ab071526da96e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ba3d0c5d5408e00becd36ad394fa9ad9c0616741ebdd6dddc8e837db3605ba
eb3487cae40a55bf31dc6e6191ab0d88ec8c8f85c62bf28ad25ad0a40c16a611
ed2134aee1410a2bf4c01a39bce276aa5f154897feaebe85b9767ee834b2ff92
edf0c45100bd76408c47b7a27b7cc7a85d776b1baf46de9e33f5b90bff9d5ea2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00ae8ae2fcc7db180e3d5a5cf613917a3eb9497ad1eeb32b335281ca2556f82
f03862d228db601d224f174dce063ad21b8f70f2a27ccaa7fda525cf06df955a
f18d03ea1db25769e0297f023bbb4f700a35027e4b26c8ce2cea90dd91956cef
f22f932d4024701930979deb0996cc5919e760b0a39fb638fd2d93c13be84305
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f4221e726cd903ea62b23099982f627213f319bad4697da681b33ec82d613500
f620b8e096348901c9db9096e8e0cd25d19a5c3bac267828913b86fe9c3e70e0
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fcfdcd4cb2d6b031d35a9afc9f38c7873268c65874d0f8cd2129a8944a8c8030
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
ff0ef2b4514a9a824e24181bd336b7b282a0ff614b16dcc9484470aa337c15a2

cofense.com Open in urlscan Pro 141.193.213.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

164 Requests

97 %HTTPS

51 %IPv6

28 Domains

39 Subdomains

34 IPs

6 Countries

2234 kBTransfer

6035 kBSize

40 Cookies

9 Outgoing links

Redirected requests

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cofense.com Open in urlscan Pro
141.193.213.21 Public Scan

Screenshot
Live screenshot

Full Image

164
Requests

97 %
HTTPS

51 %
IPv6

28
Domains

39
Subdomains

34
IPs

6
Countries

2234 kB
Transfer

6035 kB
Size

40
Cookies

164 HTTP transactions
9 data transactions