www.exabeam.com Open in urlscan Pro
2620:12a:8000::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Submission: On March 23 via api (March 23rd 2020, 5:36:47 pm UTC) from US

Summary HTTP 109 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 28 IPs in 8 countries across 25 domains to perform 109 HTTP transactions. The main IP is 2620:12a:8000::3, located in United States and belongs to FASTLY, US. The main domain is www.exabeam.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 4th 2020. Valid for: 3 months.

This is the only time www.exabeam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
45	2620:12a:8000::3 2620:12a:8000::3	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE)
3	93.184.220.178 93.184.220.178	15133 (EDGECAST) (EDGECAST)
26	95.100.67.47 95.100.67.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:20:... 2606:4700:20::6818:b107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.3.62 99.86.3.62	16509 (AMAZON-02) (AMAZON-02)
3	52.222.143.33 52.222.143.33	16509 (AMAZON-02) (AMAZON-02)
1	13.227.223.172 13.227.223.172	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:6e27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	88.221.60.75 88.221.60.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1 6	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
1	147.75.32.105 147.75.32.105	54825 (PACKET) (PACKET)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	52.216.143.118 52.216.143.118	16509 (AMAZON-02) (AMAZON-02)
2 2	34.252.71.88 34.252.71.88	16509 (AMAZON-02) (AMAZON-02)
1	35.174.253.39 35.174.253.39	14618 (AMAZON-AES) (AMAZON-AES)
1	147.75.84.91 147.75.84.91	54825 (PACKET) (PACKET)
1	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE)
1	147.75.100.245 147.75.100.245	54825 (PACKET) (PACKET)
1	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1 2	107.23.236.161 107.23.236.161	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY)
1	99.81.228.121 99.81.228.121	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
2	162.247.242.18 162.247.242.18	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	143.204.201.41 143.204.201.41	16509 (AMAZON-02) (AMAZON-02)
109	28

45 2620:12a:8000::3 (United States)

ASN54113 (FASTLY, US)

www.exabeam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.184.220.178 (London, United Kingdom)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 95.100.67.47 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-67-47.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6818:b107 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.62 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-62.fra6.r.cloudfront.net

www.gartner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.143.33 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-143-33.ams50.r.cloudfront.net

vidassets.terminus.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.223.172 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-223-172.ams54.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:6e27 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.60.75 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-60-75.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:817::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.32.105 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress5

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.143.118 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.71.88 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-71-88.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.174.253.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-253-39.compute-1.amazonaws.com

t.sf14g.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.91 (Parsippany, United States)

ASN54825 (PACKET, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.100.245 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress15

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.23.236.161 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-236-161.compute-1.amazonaws.com

tracking.leadlander.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.228.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-228-121.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.18 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.201.41 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-41.fra53.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	exabeam.com www.exabeam.com	2 MB
26	typekit.net use.typekit.net p.typekit.net	587 KB
6	google-analytics.com 1 redirects www.google-analytics.com	94 KB
4	adsrvr.org 2 redirects js.adsrvr.org match.adsrvr.org insight.adsrvr.org	3 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	76 KB
3	terminus.services vidassets.terminus.services	4 KB
3	bizible.com cdn.bizible.com	34 KB
2	driftt.com js.driftt.com	45 KB
2	nr-data.net bam.nr-data.net	456 B
2	leadlander.com 1 redirects tracking.leadlander.com	497 B
2	google.de www.google.de	219 B
2	google.com 1 redirects www.google.com	302 B
2	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	1 KB
2	youtube.com www.youtube.com	924 B
1	ytimg.com s.ytimg.com	13 KB
1	newrelic.com js-agent.newrelic.com	10 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	sf14g.com t.sf14g.com	37 KB
1	amazonaws.com s3.amazonaws.com	140 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
1	marketo.net munchkin.marketo.net	1 KB
1	addtoany.com static.addtoany.com	26 KB
1	gartner.com www.gartner.com	3 KB
1	cdnjs.com cdnjs.com
1	googleapis.com fonts.googleapis.com	640 B
109	25

	Domain	Requested by
45	www.exabeam.com	www.exabeam.com
25	use.typekit.net	www.exabeam.com use.typekit.net
6	www.google-analytics.com	1 redirects www.exabeam.com www.google-analytics.com www.googletagmanager.com
3	vidassets.terminus.services	www.exabeam.com
3	cdn.bizible.com	www.exabeam.com cdn.bizible.com
2	js.driftt.com	www.exabeam.com js.driftt.com
2	bam.nr-data.net	js-agent.newrelic.com cdn.bizible.com
2	tracking.leadlander.com	1 redirects www.exabeam.com
2	www.google.de	www.exabeam.com
2	www.google.com	1 redirects www.exabeam.com
2	match.adsrvr.org	2 redirects
2	www.youtube.com	www.exabeam.com www.googletagmanager.com
1	s.ytimg.com	www.youtube.com
1	insight.adsrvr.org	js.adsrvr.org
1	js-agent.newrelic.com	www.exabeam.com
1	stats.g.doubleclick.net	1 redirects
1	p.typekit.net	www.exabeam.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	vars.hotjar.com	static.hotjar.com
1	www.googleadservices.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	t.sf14g.com	www.exabeam.com
1	s3.amazonaws.com	www.exabeam.com
1	www.googletagmanager.com	www.exabeam.com
1	static.hotjar.com	www.exabeam.com
1	munchkin.marketo.net	www.exabeam.com
1	static.addtoany.com	www.exabeam.com
1	js.adsrvr.org	www.exabeam.com
1	www.gartner.com	www.exabeam.com
1	cdnjs.com	www.exabeam.com
1	fonts.googleapis.com	www.exabeam.com
109	31

This site contains links to these domains. Also see Links.

Domain
community.exabeam.com
www.facebook.com
www.linkedin.com
twitter.com
www.youtube.com
www.instagram.com
threatpost.com
www.scmagazine.com
enterprise.verizon.com
exabeam.com

Subject Issuer	Validity	Valid
5676582576324608-fe3.pantheonsite.io Let's Encrypt Authority X3	`2020-03-04` - `2020-06-02`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
cdn.bizible.com Go Daddy Secure Certificate Authority - G2	`2019-03-14` - `2021-04-13`	2 years	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-19` - `2020-10-09`	7 months	crt.sh
www.gartner.com Amazon	`2020-03-06` - `2021-04-06`	a year	crt.sh
*.terminus.services Amazon	`2020-01-13` - `2021-02-13`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
ssl472428.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-10` - `2020-06-17`	6 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-02`	a year	crt.sh
t.sf14g.com Go Daddy Secure Certificate Authority - G2	`2019-07-09` - `2020-09-07`	a year	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.leadlander.com Go Daddy Secure Certificate Authority - G2	`2019-07-09` - `2020-09-07`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-03-17` - `2021-03-18`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
drift.com Amazon	`2019-10-03` - `2020-11-03`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Frame ID: 81813E2C1319F90C4533EA66C8259D85
Requests: 105 HTTP requests in this frame

Frame: https://www.youtube.com/embed/1zzJIluH268?feature=oembed
Frame ID: 5B3756F7A1E3944FA501EC9F95F462ED
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: C8C4CD485BCDCF3F36B08A5CA7758032
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=btthng2&ref=https%3A%2F%2Fwww.exabeam.com%2Fsiem%2Fphishing-scams-remote-workforce%2F&upid=voqp5fv&upv=1.1.0
Frame ID: D329C71DD85AEDB45F74A80BF0DF8E89
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: A934C995C66EE6FC0762EF261FBAE5CD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /addtoany\.com\/menu\/page\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

109
Requests

100 %
HTTPS

40 %
IPv6

25
Domains

31
Subdomains

28
IPs

8
Countries

3046 kB
Transfer

4580 kB
Size

16
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://community.exabeam.com/login
Title: Support

Search URL Search Domain Scan URL

URL: https://www.facebook.com/exabeam/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/exabeam/

Search URL Search Domain Scan URL

URL: https://twitter.com/exabeam

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC8Ur9wIfXAtFNB-cMCPNY2g

Search URL Search Domain Scan URL

URL: https://www.instagram.com/exabeam/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https://www.exabeam.com/siem/phishing-scams-remote-workforce/&t=Securing%20Your%20Remote%20Workforce,%20Part%201:%20Detecting%20Phishing%20Scams%20Disguised%20as%20Updates

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.exabeam.com/siem/phishing-scams-remote-workforce/&title=Securing%20Your%20Remote%20Workforce,%20Part%201:%20Detecting%20Phishing%20Scams%20Disguised%20as%20Updates

Search URL Search Domain Scan URL

URL: http://twitter.com/share?url=https://www.exabeam.com/siem/phishing-scams-remote-workforce/&text=Securing%20Your%20Remote%20Workforce,%20Part%201:%20Detecting%20Phishing%20Scams%20Disguised%20as%20Updates

Search URL Search Domain Scan URL

URL: https://threatpost.com/coronavirus-apt-attack-malware/153697/
Title: phishing

Search URL Search Domain Scan URL

URL: https://www.scmagazine.com/home/security-news/news-archive/coronavirus/russian-cybercrime-forums-seen-selling-malware-sabotaged-covid-19-map/
Title: targeted malware campaigns

Search URL Search Domain Scan URL

URL: https://enterprise.verizon.com/resources/reports/dbir/
Title: 2019 Verizon DBIR

Search URL Search Domain Scan URL

URL: https://www.scmagazine.com/home/security-news/news-archive/coronavirus/malicious-coronavirus-map-hides-azorult-info-stealing-malware/
Title: weaponized coronavirus map app

Search URL Search Domain Scan URL

URL: https://www.scmagazine.com/?s=AZORult
Title: AZORult

Search URL Search Domain Scan URL

URL: https://exabeam.com/integrations
Title: variety of technologies

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=1zzJIluH268
Title: demo on investigating a phishing incident

Search URL Search Domain Scan URL

URL: https://exabeam.com/blog-subscription/
Title: Subscribe

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://match.adsrvr.org/track/cmf/generic?ttd_pid=terminus&ttd_tpi=1&ttd_puid=158b1d7d-074f-45ce-82c4-231d9eba5894|c22c33cc-abdf-4eed-91b8-0c9658876071 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=terminus&ttd_tpi=1&ttd_puid=158b1d7d-074f-45ce-82c4-231d9eba5894|c22c33cc-abdf-4eed-91b8-0c9658876071 HTTP 302
https://vidassets.terminus.services/s.gif?d=158b1d7d-074f-45ce-82c4-231d9eba5894|c22c33cc-abdf-4eed-91b8-0c9658876071&t=52fd0a6f-b7d1-4661-890e-32ccbce8b9ca

Request Chain 98

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=441611617&t=pageview&_s=1&dl=https%3A%2F%2Fwww.exabeam.com%2Fsiem%2Fphishing-scams-remote-workforce%2F&ul=en-us&de=UTF-8&dt=Securing%20Your%20Remote%20Workforce%3A%20Detecting%20Phishing%20Scams%20Disguised%20as%20Updates&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KGBAAEADQ~&jid=599256381&gjid=1226993403&cid=1480073945.1584984987&tid=UA-41755658-1&_gid=1912840460.1584984987&_r=1&z=1820189517 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-41755658-1&cid=1480073945.1584984987&jid=599256381&_gid=1912840460.1584984987&gjid=1226993403&_v=j81&z=1820189517 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41755658-1&cid=1480073945.1584984987&jid=599256381&_v=j81&z=1820189517 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41755658-1&cid=1480073945.1584984987&jid=599256381&_v=j81&z=1820189517&slf_rd=1&random=1516758132

Request Chain 99

https://tracking.leadlander.com/api/tracking?accountId=27705&page=https%3A%2F%2Fwww.exabeam.com%2Fsiem%2Fphishing-scams-remote-workforce%2F&referer=&fp=d2fff768385a51f6e295620ea70f0269 HTTP 302
https://tracking.leadlander.com/tracking.png

109 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.exabeam.com/siem/phishing-scams-remote-workforce/ 111 KB
31 KB 2011ms
1874ms Document
text/html 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 633b5525fea6bc3eb661301152bfecac3dc4e8662729ed89999d35edda571bf1

Request headers

:method: GET
:authority: www.exabeam.com
:scheme: https
:path: /siem/phishing-scams-remote-workforce/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
content-encoding: gzip
content-type: text/html; charset=UTF-8
link: <https://www.exabeam.com/wp-json/>; rel="https://api.w.org/"
server: nginx
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-wt5vd
x-pingback: https://www.exabeam.com/xmlrpc.php
x-styx-req-id: d1903446-6d2c-11ea-a85c-4e10190adc96
date: Mon, 23 Mar 2020 17:36:26 GMT
x-served-by: cache-mdw17337-MDW, cache-fra19122-FRA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1584984985.949270,VS0,VE1868
vary: Accept-Encoding, Cookie, Cookie
age: 0
accept-ranges: bytes
via: 1.1 varnish
content-length: 31034

GET
H2 200 style.min.css
www.exabeam.com/wp-includes/css/dist/block-library/ 40 KB
8 KB 9ms
8ms Stylesheet
text/css 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
content-encoding: gzip
age: 336488
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-wt5vd
x-cache: HIT, HIT
status: 200
content-length: 7582
x-served-by: cache-mdw17376-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:26 GMT
server: nginx
x-timer: S1584984987.829177,VS0,VE1
etag: W/"5e73d0c2-a1fb"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
expires: Sat, 20 Mar 2021 20:08:18 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 600d887d-6a1d-11ea-a85c-4e10190adc96
x-cache-hits: 1, 1

GET
H2 200 pum-site.min.css
www.exabeam.com/wp-content/plugins/popup-maker/assets/css/ 7 KB
2 KB 8ms
7ms Stylesheet
text/css 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-content/plugins/popup-maker/assets/css/pum-site.min.css?ver=1.9.1
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cf3756a3afb8fd0b6756114d8ca8d62750b7830defd148a983ba186cf10a2d3e

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
content-encoding: gzip
age: 336488
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-twlfl
x-cache: HIT, HIT
status: 200
content-length: 2108
x-served-by: cache-mdw17377-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:25 GMT
server: nginx
x-timer: S1584984987.829144,VS0,VE1
etag: W/"5e73d0c1-1c85"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
expires: Sat, 20 Mar 2021 20:08:18 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 600e09a1-6a1d-11ea-b819-2220791eb2c4
x-cache-hits: 1, 1

GET
H2 200 css
fonts.googleapis.com/ 2 KB
640 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100

Requested by

Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17c51ac58ed9ea4d78cccb908d7393b2360106b9772381e200ee64faef3c04b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 23 Mar 2020 17:36:26 GMT
server: ESF
date: Mon, 23 Mar 2020 17:36:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Mar 2020 17:36:26 GMT

GET
H2 200 main.min.css
www.exabeam.com/wp-content/themes/exabeam/css/ 446 KB
84 KB 15ms
14ms Stylesheet
text/css 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-content/themes/exabeam/css/main.min.css?ver=200323-40551
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 057b5d760571deb7317b266fafe4b831b2b5cdc82fcf2642ac3043f404760721

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
content-encoding: gzip
age: 48545
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-kqqbj
x-cache: HIT, HIT
status: 200
content-length: 85913
x-served-by: cache-mdw17362-MDW, cache-fra19122-FRA
last-modified: Sun, 22 Mar 2020 23:55:44 GMT
server: nginx
x-timer: S1584984987.829857,VS0,VE2
etag: W/"5e77fb00-6f656"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
expires: Wed, 24 Mar 2021 04:07:22 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: cbc5b7b4-6cbb-11ea-ac17-ce54a8e2d533
x-cache-hits: 1, 1

GET
H2 200 jquery.js Show response
www.exabeam.com/wp-includes/js/jquery/ 95 KB
39 KB 10ms
9ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
content-encoding: gzip
age: 336488
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-kqqbj
x-cache: HIT, HIT
status: 200
content-length: 39399
x-served-by: cache-mdw17368-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:26 GMT
server: nginx
x-timer: S1584984987.829774,VS0,VE1
etag: W/"5e73d0c2-17a69"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish
expires: Sat, 20 Mar 2021 20:08:18 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 600e9aa8-6a1d-11ea-ac17-ce54a8e2d533
x-cache-hits: 1, 1

GET
H2 200 jquery-migrate.min.js Show response
www.exabeam.com/wp-includes/js/jquery/ 10 KB
4 KB 8ms
7ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
content-encoding: gzip
age: 336488
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-d5nck
x-cache: HIT, HIT
status: 200
content-length: 4306
x-served-by: cache-mdw17324-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:28 GMT
server: nginx
x-timer: S1584984987.829752,VS0,VE1
etag: W/"5e73d0c4-2748"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish
expires: Sat, 20 Mar 2021 20:08:18 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 600f31a7-6a1d-11ea-b0df-de3269d091fb
x-cache-hits: 1, 1

GET
H2 200 load_asset.js Show response
www.exabeam.com/wp-content/plugins/exabeam-library/scripts/ 3 KB
2 KB 8ms
7ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-content/plugins/exabeam-library/scripts/load_asset.js?ver=1
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d8eed1102b26c88e769bb440875246520bc79dc9fa28fc8061c764b846858746

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
content-encoding: gzip
age: 336488
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-vl9jb
x-cache: HIT, HIT
status: 200
content-length: 1402
x-served-by: cache-mdw17357-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:25 GMT
server: nginx
x-timer: S1584984987.830175,VS0,VE0
etag: W/"5e73d0c1-c9f"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish
expires: Sat, 20 Mar 2021 20:08:18 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 600ffee3-6a1d-11ea-a688-1e0f543bb8cf
x-cache-hits: 1, 122

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 87 KB
33 KB 77ms
17ms Script
application/x-javascript 93.184.220.178
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA7) / ASP.NET
Resource Hash: 0b80a19b64d36f5d981598de85165b58f966a836ed2cfdb2de80cdf943f87e9b

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
content-encoding: gzip
last-modified: Fri, 20 Mar 2020 21:01:36 GMT
server: ECS (amb/6BA7)
age: 246183
x-powered-by: ASP.NET
etag: "fe918befafed51:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
accept-ranges: bytes
content-length: 33642

GET
H2 200 exabeam.png
www.exabeam.com/wp-content/themes/exabeam/img/ 3 KB
3 KB 12ms
11ms Image
image/png 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exabeam.com/wp-content/themes/exabeam/img/exabeam.png
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fd58d9bda5b18eac6cd5eb20c7c0100b132ea0dd72a6145455681c0126161bb6

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 336537
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-cqbw6
x-cache: HIT, HIT
status: 200
content-length: 3000
x-served-by: cache-mdw17336-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:27 GMT
server: nginx
x-timer: S1584984987.837900,VS0,VE0
etag: "5e73d0c3-bb8"
content-type: image/png
x-styx-req-id: 42cee318-6a1d-11ea-9231-eec98c31dec4
expires: Sat, 20 Mar 2021 20:07:29 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 3, 4

GET
H2 200 Exabeam-SIEM@3x.png
www.exabeam.com/wp-content/uploads/2019/01/ 2 KB
2 KB 9ms
8ms Image
image/png 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exabeam.com/wp-content/uploads/2019/01/Exabeam-SIEM@3x.png
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8df116505b186ca6f03c6419d2aa549869518dbcc59580e6e70830dc9b824372

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 336489
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-jp5mj
x-cache: HIT, HIT
status: 200
content-length: 1806
x-served-by: cache-mdw17335-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Dec 2019 00:18:39 GMT
server: nginx
x-timer: S1584984987.888637,VS0,VE1
etag: "5dfac1df-70e"
content-type: image/png
x-styx-req-id: 60120edc-6a1d-11ea-a1e5-f2cc0323dd98
expires: Sat, 20 Mar 2021 20:08:18 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 Threat-Detection@3x.png
www.exabeam.com/wp-content/uploads/2019/01/ 3 KB
3 KB 9ms
9ms Image
image/png 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exabeam.com/wp-content/uploads/2019/01/Threat-Detection@3x.png
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 53619608ff0bf2af2109670b2a8ca7b568f40de56beeceae2abd61cfb57742ee

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 336489
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-twlfl
x-cache: HIT, HIT
status: 200
content-length: 2616
x-served-by: cache-mdw17350-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Dec 2019 00:18:39 GMT
server: nginx
x-timer: S1584984987.898175,VS0,VE1
etag: "5dfac1df-a38"
content-type: image/png
x-styx-req-id: 6012edc5-6a1d-11ea-b819-2220791eb2c4
expires: Sat, 20 Mar 2021 20:08:18 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 Insider-Threats@3x.png
www.exabeam.com/wp-content/uploads/2019/01/ 2 KB
2 KB 9ms
9ms Image
image/png 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exabeam.com/wp-content/uploads/2019/01/Insider-Threats@3x.png
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ba117db500fc4fc3d26a54a174dce0878a96010e16b0c9cb6891d46c8a78c330

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 336488
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-twlfl
x-cache: HIT, HIT
status: 200
content-length: 1955
x-served-by: cache-mdw17365-MDW, cache-fra19122-FRA
last-modified: Thu, 08 Aug 2019 19:35:40 GMT
server: nginx
x-timer: S1584984987.898149,VS0,VE1
etag: "5d4c798c-7a3"
content-type: image/png
x-styx-req-id: 60153a73-6a1d-11ea-b819-2220791eb2c4
expires: Sat, 20 Mar 2021 20:08:18 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 Cloud-Security@3x.png
www.exabeam.com/wp-content/uploads/2019/01/ 1 KB
1 KB 9ms
9ms Image
image/png 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exabeam.com/wp-content/uploads/2019/01/Cloud-Security@3x.png
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 84ff3fb28c71c90659c956e136f415a111651beb0f762acf6e0af1fe8825765f

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 336489
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-fbvmm
x-cache: HIT, HIT
status: 200
content-length: 1077
x-served-by: cache-mdw17344-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Dec 2019 00:18:39 GMT
server: nginx
x-timer: S1584984987.898151,VS0,VE1
etag: "5dfac1df-435"
content-type: image/png
x-styx-req-id: 6015a85d-6a1d-11ea-ba5b-56edce95bef9
expires: Sat, 20 Mar 2021 20:08:18 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 Federal@3x.png
www.exabeam.com/wp-content/uploads/2019/01/ 816 B
1 KB 9ms
8ms Image
image/png 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exabeam.com/wp-content/uploads/2019/01/Federal@3x.png
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e7d541cf29b849e542714dcc76eaf410743c4c371e8a797cfbaaf73dff69c02c

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 336488
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-v9r68
x-cache: HIT, HIT
status: 200
content-length: 816
x-served-by: cache-mdw17380-MDW, cache-fra19122-FRA
last-modified: Thu, 08 Aug 2019 19:35:00 GMT
server: nginx
x-timer: S1584984987.898133,VS0,VE1
etag: "5d4c7964-330"
content-type: image/png
x-styx-req-id: 60165983-6a1d-11ea-b887-6a1152825a03
expires: Sat, 20 Mar 2021 20:08:18 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 Get-a-Demo@3x.png
www.exabeam.com/wp-content/uploads/2019/01/ 846 B
1 KB 10ms
9ms Image
image/png 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exabeam.com/wp-content/uploads/2019/01/Get-a-Demo@3x.png
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9add757a6b25508be1bf0d069aed4f4525b3d2cbe08308e81c58f33f91c42b24

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 336488
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-bjn8m
x-cache: HIT, HIT
status: 200
content-length: 846
x-served-by: cache-mdw17356-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Dec 2019 00:18:39 GMT
server: nginx
x-timer: S1584984987.902404,VS0,VE1
etag: "5dfac1df-34e"
content-type: image/png
x-styx-req-id: 601661c4-6a1d-11ea-871a-e6da94cc292b
expires: Sat, 20 Mar 2021 20:08:18 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 ffc6pda.js Show response
use.typekit.net/ 25 KB
8 KB 109ms
51ms Script
text/javascript 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ffc6pda.js

Requested by

Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-67-47.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

c2be8f379351de1c6e3083916404d29ce398de840662f87f7fd9bbfcd34ae6f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
access-control-allow-origin: *
date: Mon, 23 Mar 2020 17:36:26 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
status: 200
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 8089

GET
H2 200 wp-emoji-release.min.js Show response
www.exabeam.com/wp-includes/js/ 14 KB
5 KB 9ms
9ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
content-encoding: gzip
age: 336488
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-cqbw6
x-cache: HIT, HIT
status: 200
content-length: 5221
x-served-by: cache-mdw17326-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:28 GMT
server: nginx
x-timer: S1584984987.923607,VS0,VE1
etag: W/"5e73d0c4-362a"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish
expires: Sat, 20 Mar 2021 20:08:19 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 604b7a71-6a1d-11ea-9231-eec98c31dec4
x-cache-hits: 1, 1

GET
H2 200 logo.png
www.exabeam.com/wp-content/themes/exabeam/img/ 926 B
1 KB 7ms
7ms Image
image/png 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exabeam.com/wp-content/themes/exabeam/img/logo.png
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dc4ea1d825b6ec671e0402126d9aa20688c2a8e57de560cfc05df2b40f4eeb4b

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 336488
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-bjn8m
x-cache: HIT, HIT
status: 200
content-length: 926
x-served-by: cache-mdw17335-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:26 GMT
server: nginx
x-timer: S1584984987.931477,VS0,VE1
etag: "5e73d0c2-39e"
content-type: image/png
x-styx-req-id: 60174681-6a1d-11ea-871a-e6da94cc292b
expires: Sat, 20 Mar 2021 20:08:18 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 EXA_Photo_Library_Incident_Response-1.png
www.exabeam.com/wp-content/uploads/2019/07/ 287 KB
288 KB 8ms
8ms Image
image/png 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exabeam.com/wp-content/uploads/2019/07/EXA_Photo_Library_Incident_Response-1.png
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 31d32674d25ef6811553b0564ff625f885db728ab36ec2fe06e7e8c479e29f6e

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 336202
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-kqqbj
x-cache: HIT, HIT
status: 200
content-length: 294351
x-served-by: cache-mdw17328-MDW, cache-fra19122-FRA
last-modified: Thu, 08 Aug 2019 17:24:42 GMT
server: nginx
x-timer: S1584984987.933093,VS0,VE2
etag: "5d4c5ada-47dcf"
content-type: image/png
x-styx-req-id: 0ab5d2f8-6a1e-11ea-ac17-ce54a8e2d533
expires: Sat, 20 Mar 2021 20:13:04 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 ShRQsBY4_400x400.jpg
www.exabeam.com/wp-content/uploads/2018/04/ 3 KB
4 KB 24ms
23ms Image
image/jpeg 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exabeam.com/wp-content/uploads/2018/04/ShRQsBY4_400x400.jpg
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7f8f0b78c9393ec09e4d494c5d86a8b7192ed165f99921f52e6c551d1737873c

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 336366
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-twlfl
x-cache: HIT, HIT
status: 200
content-length: 3578
x-served-by: cache-mdw17367-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Dec 2019 00:18:38 GMT
server: nginx
x-timer: S1584984987.939142,VS0,VE1
etag: "5dfac1de-dfa"
content-type: image/jpeg
x-styx-req-id: a86cc9c8-6a1d-11ea-b819-2220791eb2c4
expires: Sat, 20 Mar 2021 20:10:20 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 Screen-Shot-2020-03-20-at-9.35.26-AM-1168x635.png
www.exabeam.com/wp-content/uploads/2020/05/ 588 KB
588 KB 21ms
21ms Image
image/png 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exabeam.com/wp-content/uploads/2020/05/Screen-Shot-2020-03-20-at-9.35.26-AM-1168x635.png
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c83fd5a93e688420b418a7fd6521f6fc53f101169152d39558cbffc6f04b08de

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 262825
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-twlfl
x-cache: HIT, HIT
status: 200
content-length: 602014
x-served-by: cache-mdw17362-MDW, cache-fra19122-FRA
last-modified: Fri, 20 Mar 2020 16:35:53 GMT
server: nginx
x-timer: S1584984987.941990,VS0,VE7
etag: "5e74f0e9-92f9e"
content-type: image/png
x-styx-req-id: e2b7ed7d-6ac8-11ea-b819-2220791eb2c4
expires: Sun, 21 Mar 2021 16:36:01 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 Phishing-alert-1168x887.png
www.exabeam.com/wp-content/uploads/2020/05/ 301 KB
302 KB 26ms
26ms Image
image/png 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exabeam.com/wp-content/uploads/2020/05/Phishing-alert-1168x887.png
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fbfae3bfa9452ccb4081af44794f096decc03cf64a2ac460a72db92b0385fad0

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 259706
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-v9r68
x-cache: HIT, HIT
status: 200
content-length: 308432
x-served-by: cache-mdw17343-MDW, cache-fra19122-FRA
last-modified: Fri, 20 Mar 2020 17:27:38 GMT
server: nginx
x-timer: S1584984987.950842,VS0,VE3
etag: "5e74fd0a-4b4d0"
content-type: image/png
x-styx-req-id: 25f01ed6-6ad0-11ea-b887-6a1152825a03
expires: Sun, 21 Mar 2021 17:28:01 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 EXA_Photo_Library_AI_Machine_Learning-376x197.png
www.exabeam.com/wp-content/uploads/2019/09/ 32 KB
32 KB 28ms
27ms Image
image/png 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exabeam.com/wp-content/uploads/2019/09/EXA_Photo_Library_AI_Machine_Learning-376x197.png
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 16836de9f676ebae7237da679559b7ccc963752bbe104e1056a92a89b875db91

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 336443
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-kqqbj
x-cache: HIT, HIT
status: 200
content-length: 32727
x-served-by: cache-mdw17381-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Dec 2019 00:18:39 GMT
server: nginx
x-timer: S1584984987.957014,VS0,VE2
etag: "5dfac1df-7fd7"
content-type: image/png
x-styx-req-id: 7b397601-6a1d-11ea-ac17-ce54a8e2d533
expires: Sat, 20 Mar 2021 20:09:04 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 EXA_Photo_Library_Cloud_Security-376x197.png
www.exabeam.com/wp-content/uploads/2019/07/ 40 KB
40 KB 24ms
23ms Image
image/png 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exabeam.com/wp-content/uploads/2019/07/EXA_Photo_Library_Cloud_Security-376x197.png
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d195f41f82d0fd79b7677610065d8b3b73faf6c6da45a79a1012c4d00f689a19

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 336442
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-d5nck
x-cache: HIT, HIT
status: 200
content-length: 40895
x-served-by: cache-mdw17328-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Dec 2019 00:18:39 GMT
server: nginx
x-timer: S1584984987.965958,VS0,VE2
etag: "5dfac1df-9fbf"
content-type: image/png
x-styx-req-id: 7b40e1ff-6a1d-11ea-b0df-de3269d091fb
expires: Sat, 20 Mar 2021 20:09:04 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 Deakin_SocialBlog_Blue_09.06_L1R1-376x197.png
www.exabeam.com/wp-content/uploads/2019/09/ 37 KB
37 KB 124ms
123ms Image
image/png 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exabeam.com/wp-content/uploads/2019/09/Deakin_SocialBlog_Blue_09.06_L1R1-376x197.png
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3faec91f0bd925090b2aac53fcf3da6332dd92388ad04906864150ef8b1ef16c

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
via: 1.1 varnish
age: 336443
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-kqqbj
x-cache: HIT, MISS
status: 200
content-length: 38092
x-served-by: cache-mdw17338-MDW, cache-fra19122-FRA
last-modified: Fri, 06 Sep 2019 18:09:16 GMT
server: nginx
x-timer: S1584984987.965965,VS0,VE117
etag: "5d72a0cc-94cc"
content-type: image/png
x-styx-req-id: 7b5714bd-6a1d-11ea-ac17-ce54a8e2d533
expires: Sat, 20 Mar 2021 20:09:04 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 EXA_Press_Release_Template_Twitter_P1R1.png
www.exabeam.com/wp-content/uploads/2020/01/ 149 KB
149 KB 25ms
25ms Image
image/png 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exabeam.com/wp-content/uploads/2020/01/EXA_Press_Release_Template_Twitter_P1R1.png
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 46517e9a650b755fddb4a1f98ef4c65ed844ce00f71ff83745226d6731c50d5d

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 336488
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-cqbw6
x-cache: HIT, HIT
status: 200
content-length: 152068
x-served-by: cache-mdw17377-MDW, cache-fra19122-FRA
last-modified: Tue, 21 Jan 2020 17:26:25 GMT
server: nginx
x-timer: S1584984987.986832,VS0,VE1
etag: "5e273441-25204"
content-type: image/png
x-styx-req-id: 603d04ca-6a1d-11ea-9231-eec98c31dec4
expires: Sat, 20 Mar 2021 20:08:18 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 mq2.png
www.exabeam.com/wp-content/uploads/2020/02/ 8 KB
8 KB 10ms
10ms Image
image/png 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exabeam.com/wp-content/uploads/2020/02/mq2.png
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f1010f7d28c3b9e4e339d1b7d4b82d7abaf933e7523a1bed85f5143a6a2918c7

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
via: 1.1 varnish
age: 336488
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-twlfl
x-cache: HIT, HIT
status: 200
content-length: 8091
x-served-by: cache-mdw17375-MDW, cache-fra19122-FRA
last-modified: Thu, 20 Feb 2020 17:51:37 GMT
server: nginx
x-timer: S1584984987.007698,VS0,VE1
etag: "5e4ec729-1f9b"
content-type: image/png
x-styx-req-id: 60401088-6a1d-11ea-b819-2220791eb2c4
expires: Sat, 20 Mar 2021 20:08:19 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 cyber_predictions.png
www.exabeam.com/wp-content/uploads/2019/11/ 14 KB
14 KB 9ms
9ms Image
image/png 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exabeam.com/wp-content/uploads/2019/11/cyber_predictions.png
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7817f666fd0735919505524261672679a87b6c808d2568eb1f7b6714b7d5c472

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
via: 1.1 varnish
age: 336488
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-d5nck
x-cache: HIT, HIT
status: 200
content-length: 13956
x-served-by: cache-mdw17360-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Dec 2019 00:18:39 GMT
server: nginx
x-timer: S1584984987.008685,VS0,VE1
etag: "5dfac1df-3684"
content-type: image/png
x-styx-req-id: 604074f9-6a1d-11ea-b0df-de3269d091fb
expires: Sat, 20 Mar 2021 20:08:19 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 exabeamLight@3x.png
www.exabeam.com/wp-content/uploads/2018/05/ 3 KB
3 KB 9ms
9ms Image
image/png 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exabeam.com/wp-content/uploads/2018/05/exabeamLight@3x.png
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0c532402cbde8107e1284b2ab448d8cb72d5941ee20b7e7492363de918a688bd

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
via: 1.1 varnish
age: 336488
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-twlfl
x-cache: HIT, HIT
status: 200
content-length: 2933
x-served-by: cache-mdw17355-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Dec 2019 00:18:38 GMT
server: nginx
x-timer: S1584984987.012682,VS0,VE1
etag: "5dfac1de-b75"
content-type: image/png
x-styx-req-id: 60414571-6a1d-11ea-b819-2220791eb2c4
expires: Sat, 20 Mar 2021 20:08:18 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 scripts.js Show response
www.exabeam.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
5 KB 7ms
7ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
content-encoding: gzip
age: 336487
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-wt5vd
x-cache: HIT, HIT
status: 200
content-length: 4724
x-served-by: cache-mdw17324-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:25 GMT
server: nginx
x-timer: S1584984987.850416,VS0,VE1
etag: W/"5e73d0c1-3868"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish
expires: Sat, 20 Mar 2021 20:08:19 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 604211e3-6a1d-11ea-a85c-4e10190adc96
x-cache-hits: 3, 1

GET
H2 200 core.min.js Show response
www.exabeam.com/wp-includes/js/jquery/ui/ 4 KB
2 KB 13ms
10ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 46e6f42a22054a793841935920cbbc723856e339fead50fa33c1f1bb3ec5a251

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
content-encoding: gzip
age: 336488
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-twlfl
x-cache: HIT, HIT
status: 200
content-length: 1906
x-served-by: cache-mdw17363-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:26 GMT
server: nginx
x-timer: S1584984987.875712,VS0,VE1
etag: W/"5e73d0c2-f5b"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish
expires: Sat, 20 Mar 2021 20:08:19 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 6042993a-6a1d-11ea-b819-2220791eb2c4
x-cache-hits: 1, 1

GET
H2 200 position.min.js Show response
www.exabeam.com/wp-includes/js/jquery/ui/ 6 KB
3 KB 14ms
11ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e3bd23f892a7823c8419303360e545aa10d63f307d8117abf1fb1b1f756f58a

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
content-encoding: gzip
age: 336488
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-jp5mj
x-cache: HIT, HIT
status: 200
content-length: 2675
x-served-by: cache-mdw17330-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:26 GMT
server: nginx
x-timer: S1584984987.876057,VS0,VE1
etag: W/"5e73d0c2-1952"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish
expires: Sat, 20 Mar 2021 20:08:19 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 60442eb5-6a1d-11ea-a1e5-f2cc0323dd98
x-cache-hits: 1, 1

GET
H2 200 site.min.js Show response
www.exabeam.com/wp-content/plugins/popup-maker/assets/js/ 48 KB
16 KB 14ms
11ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-content/plugins/popup-maker/assets/js/site.min.js?defer&ver=1.9.1
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 531fbe96f6421d5d9555519ec95bcb0528def1b0bd9f2f1e87ea4a2ecdfec7f6

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
content-encoding: gzip
age: 336488
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-cqbw6
x-cache: HIT, HIT
status: 200
content-length: 16117
x-served-by: cache-mdw17320-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:25 GMT
server: nginx
x-timer: S1584984987.876080,VS0,VE1
etag: W/"5e73d0c1-c072"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish
expires: Sat, 20 Mar 2021 20:08:19 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 60464dbc-6a1d-11ea-9231-eec98c31dec4
x-cache-hits: 1, 1

GET
H2 200 mobile-detect.min.js Show response
www.exabeam.com/wp-content/plugins/popup-maker/assets/js/vendor/ 38 KB
18 KB 13ms
10ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-content/plugins/popup-maker/assets/js/vendor/mobile-detect.min.js?ver=1.3.3
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
content-encoding: gzip
age: 336489
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-twlfl
x-cache: HIT, HIT
status: 200
content-length: 18042
x-served-by: cache-mdw17337-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:25 GMT
server: nginx
x-timer: S1584984987.876005,VS0,VE1
etag: W/"5e73d0c1-981e"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish
expires: Sat, 20 Mar 2021 20:08:19 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 6045c836-6a1d-11ea-b819-2220791eb2c4
x-cache-hits: 2, 1

GET
H2 200 pum-eip-site.min.js Show response
www.exabeam.com/wp-content/plugins/popup-maker-exit-intent-popups//assets/js/ 4 KB
2 KB 14ms
11ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-content/plugins/popup-maker-exit-intent-popups//assets/js/pum-eip-site.min.js?ver=1.4.0
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 55cd1a7749037c7a649a4f5aea2c1f87811534a5cf9dbf36be1960684d89e8e3

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
content-encoding: gzip
age: 336487
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-bjn8m
x-cache: HIT, HIT
status: 200
content-length: 1624
x-served-by: cache-mdw17360-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:26 GMT
server: nginx
x-timer: S1584984987.875944,VS0,VE1
etag: W/"5e73d0c2-f4e"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish
expires: Sat, 20 Mar 2021 20:08:19 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 6046bf91-6a1d-11ea-871a-e6da94cc292b
x-cache-hits: 1, 1

GET
H2 200 main.js Show response
www.exabeam.com/wp-content/themes/exabeam/js/ 80 KB
26 KB 26ms
23ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-content/themes/exabeam/js/main.js?ver=700101-00000
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b3c125312e4116db1cd6b5644144f4ab0ce2ff97857573782f3277ad1fc12a88

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
content-encoding: gzip
age: 336488
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-vl9jb
x-cache: HIT, HIT
status: 200
content-length: 25950
x-served-by: cache-mdw17336-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:27 GMT
server: nginx
x-timer: S1584984987.876161,VS0,VE14
etag: W/"5e73d0c3-13e5c"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish
expires: Sat, 20 Mar 2021 20:08:19 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 6046b090-6a1d-11ea-a688-1e0f543bb8cf
x-cache-hits: 1, 1

GET
H2 200 cookie-adder.js Show response
www.exabeam.com/wp-content/themes/exabeam/js/ 518 B
468 B 9ms
8ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-content/themes/exabeam/js/cookie-adder.js?ver=18.7.18
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d1f971b8bf11f93a551419b442997d7bfc7b4498fcc6e5c759381a2d122c27a

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
content-encoding: gzip
age: 336488
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-cqbw6
x-cache: HIT, HIT
status: 200
content-length: 225
x-served-by: cache-mdw17331-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:26 GMT
server: nginx
x-timer: S1584984987.888555,VS0,VE1
etag: W/"5e73d0c2-206"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish
expires: Sat, 20 Mar 2021 20:08:19 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 6046a92a-6a1d-11ea-9231-eec98c31dec4
x-cache-hits: 1, 1

GET
H2 200 object-fit-images Show response
cdnjs.com/libraries/ 0
0 91ms
60ms Script
text/html 2606:4700:20::6818:b107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnjs.com/libraries/object-fit-images?ver=28.03.19
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:b107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

GET
H2 200 readtime.min.js Show response
www.exabeam.com/wp-content/themes/exabeam/js/ 965 B
825 B 9ms
8ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-content/themes/exabeam/js/readtime.min.js?ver=700101-00000
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d06976b8bb89ce034ebc4d3d81c01dad743e1badac88f10db92123b08ebc329

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
content-encoding: gzip
age: 336474
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-kqqbj
x-cache: HIT, HIT
status: 200
content-length: 576
x-served-by: cache-mdw17346-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:27 GMT
server: nginx
x-timer: S1584984987.888539,VS0,VE1
etag: W/"5e73d0c3-3c5"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish
expires: Sat, 20 Mar 2021 20:08:32 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 6839c63b-6a1d-11ea-ac17-ce54a8e2d533
x-cache-hits: 1, 1

GET
H2 200 wp-embed.min.js Show response
www.exabeam.com/wp-includes/js/ 1 KB
962 B 9ms
8ms Script
application/x-javascript 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-includes/js/wp-embed.min.js?ver=5.3.2
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
content-encoding: gzip
age: 336488
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-d5nck
x-cache: HIT, HIT
status: 200
content-length: 754
x-served-by: cache-mdw17355-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:26 GMT
server: nginx
x-timer: S1584984987.888569,VS0,VE1
etag: W/"5e73d0c2-577"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish
expires: Sat, 20 Mar 2021 20:08:19 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 60478044-6a1d-11ea-b0df-de3269d091fb
x-cache-hits: 1, 1

GET
H2 200 widget.js Show response
www.gartner.com/reviews/public/Widget/js/ 6 KB
3 KB 183ms
125ms Script
application/javascript 99.86.3.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gartner.com/reviews/public/Widget/js/widget.js

Requested by

Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.86.3.62 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-62.fra6.r.cloudfront.net

Software

Apache / Express

Resource Hash

9dbc10d42889718ee6f993f56d020ca36d6984a80320ffcc384996249476b8e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: FRA6-C1
x-powered-by: Express
x-cache: Miss from cloudfront
status: 200
last-modified: Thu, 19 Mar 2020 21:03:45 GMT
server: Apache
etag: W/"174a-170f49bef68"
strict-transport-security: max-age=15768000
content-type: application/javascript; charset=UTF-8
via: 1.1 507b5edb20d0e1a0b73c8687f53defa9.cloudfront.net (CloudFront)
cache-control: public, max-age=0, private
accept-ranges: bytes
x-amz-cf-id: hbU1-mne1durW4aOXlfySQaJEddF5aWIlMnHQjPnrbChju4lTbpFog==

GET
H2 200 t.js Show response
vidassets.terminus.services/158b1d7d-074f-45ce-82c4-231d9eba5894/ 4 KB
2 KB 68ms
25ms Script
application/javascript 52.222.143.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vidassets.terminus.services/158b1d7d-074f-45ce-82c4-231d9eba5894/t.js

Requested by

Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.222.143.33 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-143-33.ams50.r.cloudfront.net

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

c69eb119b983703d62529c34d31f04ac767398e1fde9cff6764f8b03b57436c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 913
x-cache: Hit from cloudfront
status: 200
via: 1.1 0b3cd120321973f1462a42e82c43c1cd.cloudfront.net (CloudFront)
last-modified: Thu, 19 Mar 2020 20:00:51 GMT
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
cache-control: public, s-maxage=2700
x-amz-cf-pop: AMS50-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
x-amz-cf-id: XofnFaEyPFd-IPDfa9_2sLN6LJw6bDEUF8Za-PyXshZZ0hI2iT2hjA==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 76ms
22ms Script
application/x-javascript 13.227.223.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.227.223.172 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-223-172.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0615974c40d602afdbf9759533e352bc17b0458c85aad6694b1a1ad20659625b

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 22 Mar 2020 17:51:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Jan 2020 19:16:48 GMT
Server: AmazonS3
Age: 85482
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 b61409af370dbf025ffc910b1252c65f.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
X-Amz-Cf-Pop: AMS54-C1
Connection: keep-alive
X-Amz-Cf-Id: N0GbIyRef2sUb0hYKx4aEZzNAfnyLLf1AhTfQB5Eo2KyTAKa37-Rqg==

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 80 KB
26 KB 43ms
18ms Script
application/javascript 2606:4700:10::6814:6e27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:6e27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fdc62b86bb13c8c4776c372bf18e06356fed78dc785c2bb7f361be072453056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: e5s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 114839
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
last-modified: Sat, 01 Feb 2020 08:08:40 GMT
server: cloudflare
etag: W/"13f93-59d7f32b0419d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-ray: 5789ea285f1b9754-FRA
cf-bgj: minify

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 23ms
22ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.60.75 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6de8549645c339a95031df376cb1dc18490a258edb6a0892bb4c322b3bd5481f

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 23 Mar 2020 17:36:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Mar 2020 02:11:06 GMT
Server: Apache
ETag: "a97244e012764b34cb1bd3468d3e10b8:1584670266"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 759

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 3471
date: Mon, 23 Mar 2020 16:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Mon, 23 Mar 2020 18:38:35 GMT

GET
H2 200 hotjar-706092.js Show response
static.hotjar.com/c/ 4 KB
2 KB 103ms
103ms Script
application/javascript 147.75.32.105
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-706092.js?sv=6

Requested by

Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.32.105 Amsterdam, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress5

Software

Resource Hash

b8f5ea592d86a5cae0475be551a660ced2aa85c70f9c332c4b52da8f3bb4a4aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
section-io-tag: hotjar
age: 0
status: 200
access-control-max-age: 600
section-io-origin-status: 304
section-io-cache: Miss
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/13066d295ceabf17dc4ba15c01e14d73
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.084
accept-ranges: bytes
section-io-id: 12abce2b093ecac662e7b8531c4f78eb
section-origin-responded: true

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 125 KB
33 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TGMHXV

Requested by

Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b92ba00a4fb4cf0222faf6161a0740fffd1cfca77c06d7e9d9da0c7730517d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Cache-Control
content-length: 33893
x-xss-protection: 0
expires: Mon, 23 Mar 2020 17:36:26 GMT

GET
H2 200 1zzJIluH268
www.youtube.com/embed/ Frame 5B37 0
0 193ms
192ms Document
text/html 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/1zzJIluH268?feature=oembed

Requested by

Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/1zzJIluH268?feature=oembed
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/

Response headers

status: 200
expires: Tue, 27 Apr 1971 19:44:06 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: no-cache
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
content-encoding: br
strict-transport-security: max-age=31536000
date: Mon, 23 Mar 2020 17:36:27 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=3mLZ4dZzBE4; path=/; domain=.youtube.com; secure; expires=Sat, 19-Sep-2020 17:36:26 GMT; httponly; samesite=None YSC=GGT9GOnXkc0; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Mon, 23-Mar-2020 18:06:26 GMT VISITOR_INFO1_LIVE=3mLZ4dZzBE4; path=/; domain=.youtube.com; secure; expires=Sat, 19-Sep-2020 17:36:26 GMT; httponly; samesite=None
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 blog-single-cta@3x.png
www.exabeam.com/wp-content/themes/exabeam/img/ 5 KB
5 KB 19ms
19ms Image
image/png 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.exabeam.com/wp-content/themes/exabeam/img/blog-single-cta@3x.png
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 24ad97fd6eb89dec77dc9d15f13240ef12f8d907dfed8b24c77125c34b92256b

Request headers

Referer: https://www.exabeam.com/wp-content/themes/exabeam/css/main.min.css?ver=200323-40551
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 336474
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-twlfl
x-cache: HIT, HIT
status: 200
content-length: 4669
x-served-by: cache-mdw17346-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:27 GMT
server: nginx
x-timer: S1584984987.965945,VS0,VE1
etag: "5e73d0c3-123d"
content-type: image/png
x-styx-req-id: 6855b8e3-6a1d-11ea-b819-2220791eb2c4
expires: Sat, 20 Mar 2021 20:08:32 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 DINNextLTPro-Regular.woff2
www.exabeam.com/wp-content/themes/exabeam/fonts/DinNextLTPro/ 34 KB
34 KB 12ms
11ms Font
font/woff2 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-content/themes/exabeam/fonts/DinNextLTPro/DINNextLTPro-Regular.woff2
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: efea7da1bb403ad8a646a9924c8fb0c8e2bf1472571fe7ace9382e762e2715be

Request headers

Referer: https://www.exabeam.com/wp-content/themes/exabeam/css/main.min.css?ver=200323-40551
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 336488
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-wt5vd
x-cache: HIT, HIT
status: 200
content-length: 35092
x-served-by: cache-mdw17320-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:27 GMT
server: nginx
x-timer: S1584984987.904561,VS0,VE1
etag: "5e73d0c3-8914"
content-type: font/woff2
access-control-allow-origin: *
expires: Sat, 20 Mar 2021 20:08:19 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 6062a5bf-6a1d-11ea-a85c-4e10190adc96
x-cache-hits: 2, 1

GET
H2 200 icomoon.woff2
www.exabeam.com/wp-content/themes/exabeam/fonts/icomoon/ 3 KB
3 KB 18ms
17ms Font
font/woff2 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-content/themes/exabeam/fonts/icomoon/icomoon.woff2?t6psql
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 30bb414a6af8f4058e66287b03a52959d6c25398ed5b57d11f99f4e7321f9863

Request headers

Referer: https://www.exabeam.com/wp-content/themes/exabeam/css/main.min.css?ver=200323-40551
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 336488
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-cqbw6
x-cache: HIT, HIT
status: 200
content-length: 3104
x-served-by: cache-mdw17372-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:27 GMT
server: nginx
x-timer: S1584984987.904562,VS0,VE1
etag: "5e73d0c3-c20"
content-type: font/woff2
access-control-allow-origin: *
expires: Sat, 20 Mar 2021 20:08:19 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 60736611-6a1d-11ea-9231-eec98c31dec4
x-cache-hits: 1, 1

GET
H2 200 DINNextLTPro-Bold.woff2
www.exabeam.com/wp-content/themes/exabeam/fonts/DinNextLTPro/ 26 KB
27 KB 10ms
9ms Font
font/woff2 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-content/themes/exabeam/fonts/DinNextLTPro/DINNextLTPro-Bold.woff2
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8b3961551f100b14c5e7f437f041bb4f440d81cee598f077961c8a44cd48e655

Request headers

Referer: https://www.exabeam.com/wp-content/themes/exabeam/css/main.min.css?ver=200323-40551
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 336488
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-d5nck
x-cache: HIT, HIT
status: 200
content-length: 27012
x-served-by: cache-mdw17356-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:26 GMT
server: nginx
x-timer: S1584984987.904534,VS0,VE1
etag: "5e73d0c2-6984"
content-type: font/woff2
access-control-allow-origin: *
expires: Sat, 20 Mar 2021 20:08:19 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 6060c037-6a1d-11ea-b0df-de3269d091fb
x-cache-hits: 1, 1

GET
H2 200 DINNextLTPro-Medium.woff2
www.exabeam.com/wp-content/themes/exabeam/fonts/DinNextLTPro/ 34 KB
34 KB 12ms
11ms Font
font/woff2 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-content/themes/exabeam/fonts/DinNextLTPro/DINNextLTPro-Medium.woff2
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d9676861585eb1c5089f453e991677710025b19b16ac05e137445793f4f7f625

Request headers

Referer: https://www.exabeam.com/wp-content/themes/exabeam/css/main.min.css?ver=200323-40551
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 336488
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-v9r68
x-cache: HIT, HIT
status: 200
content-length: 34628
x-served-by: cache-mdw17341-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:27 GMT
server: nginx
x-timer: S1584984987.904525,VS0,VE1
etag: "5e73d0c3-8744"
content-type: font/woff2
access-control-allow-origin: *
expires: Sat, 20 Mar 2021 20:08:19 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 6063150b-6a1d-11ea-b887-6a1152825a03
x-cache-hits: 1, 1

GET
H2 200 DINNextLTPro-Condensed.woff2
www.exabeam.com/wp-content/themes/exabeam/fonts/DinNextLTPro/ 34 KB
34 KB 20ms
20ms Font
font/woff2 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-content/themes/exabeam/fonts/DinNextLTPro/DINNextLTPro-Condensed.woff2
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 07ff7567db5ae88bd35aabaa8695e9cb7fd23af0b91a20b8953eff267c525352

Request headers

Referer: https://www.exabeam.com/wp-content/themes/exabeam/css/main.min.css?ver=200323-40551
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 336474
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-vl9jb
x-cache: HIT, HIT
status: 200
content-length: 34404
x-served-by: cache-mdw17321-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:26 GMT
server: nginx
x-timer: S1584984987.904515,VS0,VE2
etag: "5e73d0c2-8664"
content-type: font/woff2
access-control-allow-origin: *
expires: Sat, 20 Mar 2021 20:08:32 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 6856a051-6a1d-11ea-a688-1e0f543bb8cf
x-cache-hits: 1, 1

GET
H2 200 DINNextLTPro-Light.woff2
www.exabeam.com/wp-content/themes/exabeam/fonts/DinNextLTPro/ 34 KB
35 KB 11ms
11ms Font
font/woff2 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-content/themes/exabeam/fonts/DinNextLTPro/DINNextLTPro-Light.woff2
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1779f50a5c2486b9635e77762f9a8bb845888204b481292bf39fcb2c27c13d07

Request headers

Referer: https://www.exabeam.com/wp-content/themes/exabeam/css/main.min.css?ver=200323-40551
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 336487
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-cqbw6
x-cache: HIT, HIT
status: 200
content-length: 35296
x-served-by: cache-mdw17320-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:26 GMT
server: nginx
x-timer: S1584984987.904509,VS0,VE1
etag: "5e73d0c2-89e0"
content-type: font/woff2
access-control-allow-origin: *
expires: Sat, 20 Mar 2021 20:08:19 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 6062bed0-6a1d-11ea-9231-eec98c31dec4
x-cache-hits: 1, 1

GET
H2 200 DINNextLTPro-Italic.woff2
www.exabeam.com/wp-content/themes/exabeam/fonts/DinNextLTPro/ 27 KB
27 KB 17ms
16ms Font
font/woff2 2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exabeam.com/wp-content/themes/exabeam/fonts/DinNextLTPro/DINNextLTPro-Italic.woff2
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a5e1ce206bd9007f7950bbc4fb5a8c442cc4f2c443a1d63fdc5a56f5d45ab080

Request headers

Referer: https://www.exabeam.com/wp-content/themes/exabeam/css/main.min.css?ver=200323-40551
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
via: 1.1 varnish
age: 336486
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-bjn8m
x-cache: HIT, HIT
status: 200
content-length: 27604
x-served-by: cache-mdw17335-MDW, cache-fra19122-FRA
last-modified: Thu, 19 Mar 2020 20:06:26 GMT
server: nginx
x-timer: S1584984987.904480,VS0,VE2
etag: "5e73d0c2-6bd4"
content-type: font/woff2
access-control-allow-origin: *
expires: Sat, 20 Mar 2021 20:08:20 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 61346ebe-6a1d-11ea-871a-e6da94cc292b
x-cache-hits: 1, 1

GET
H/1.1 200
OK mc-validate.js Show response
s3.amazonaws.com/downloads.mailchimp.com/js/ 140 KB
140 KB 426ms
112ms Script
application/javascript 52.216.143.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js?_=1584984986868
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.143.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 23 Mar 2020 17:36:28 GMT
Last-Modified: Mon, 20 Aug 2018 17:42:38 GMT
Server: AmazonS3
x-amz-request-id: 3C9AE807963E3085
ETag: "6465dd4a8331265e6629cd069e03504c"
Content-Type: application/javascript
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
Content-Length: 143249
x-amz-id-2: h+WVmj1c0qHHP3xyI9KBeZ0v413r32zYcCw/5CMQ2uKaFeIUwWCKVkuWibx1raTCotoVjDHgy/M=

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 63 KB
24 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KLJKVTH&cid=1480073945.1584984987

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c91f2989661521fc2f81b2ea50267d1722deddd6e6bffc05dafc14fb72c7e4b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Cache-Control
content-length: 24223
x-xss-protection: 0
expires: Mon, 23 Mar 2020 17:36:27 GMT

GET
H2

200

s.gif
vidassets.terminus.services/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=terminus&ttd_tpi=1&ttd_puid=158b1d7d-074f-45ce-82c4-231d9eba5894|c22c33cc-abdf-4eed-91b8-0c9658876071
https://match.adsrvr.org/track/cmb/generic?ttd_pid=terminus&ttd_tpi=1&ttd_puid=158b1d7d-074f-45ce-82c4-231d9eba5894|c22c33cc-abdf-4eed-91b8-0c9658876071
https://vidassets.terminus.services/s.gif?d=158b1d7d-074f-45ce-82c4-231d9eba5894|c22c33cc-abdf-4eed-91b8-0c9658876071&t=52fd0a6f-b7d1-4661-890e-32ccbce8b9ca

42 B
691 B

19ms
18ms

Image
image/gif

52.222.143.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vidassets.terminus.services/s.gif?d=158b1d7d-074f-45ce-82c4-231d9eba5894|c22c33cc-abdf-4eed-91b8-0c9658876071&t=52fd0a6f-b7d1-4661-890e-32ccbce8b9ca

Requested by

Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.222.143.33 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-143-33.ams50.r.cloudfront.net

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:04:31 GMT
via: 1.1 0b3cd120321973f1462a42e82c43c1cd.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1916
x-cache: Hit from cloudfront
status: 200
content-length: 42
last-modified: Thu, 19 Mar 2020 20:00:51 GMT
server: nginx/1.10.3 (Ubuntu)
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
cache-control: public, s-maxage=2700
x-amz-cf-pop: AMS50-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
x-amz-cf-id: vfkli5tlbWTwnRtOzQA2MPXVpX5Xk2tnMbYmG1WwNpbxdUExpoNHbw==

Redirect headers

pragma: no-cache
date: Mon, 23 Mar 2020 17:36:27 GMT
x-aspnet-version: 4.0.30319
location: https://vidassets.terminus.services/s.gif?d=158b1d7d-074f-45ce-82c4-231d9eba5894|c22c33cc-abdf-4eed-91b8-0c9658876071&t=52fd0a6f-b7d1-4661-890e-32ccbce8b9ca
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 302
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 343

GET
H2 200 t.gif
vidassets.terminus.services/158b1d7d-074f-45ce-82c4-231d9eba5894/ 42 B
692 B 20ms
19ms Image
image/gif 52.222.143.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vidassets.terminus.services/158b1d7d-074f-45ce-82c4-231d9eba5894/t.gif?d=c22c33cc-abdf-4eed-91b8-0c9658876071&s=945d0d5f-2dc6-4ef7-a455-e9b8a611d3f1&p=https%3A%2F%2Fwww.exabeam.com%2Fsiem%2Fphishing-scams-remote-workforce%2F&cb=1584984987114

Requested by

Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.222.143.33 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-143-33.ams50.r.cloudfront.net

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:21:13 GMT
via: 1.1 0b3cd120321973f1462a42e82c43c1cd.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2237
x-cache: Hit from cloudfront
status: 200
content-length: 42
last-modified: Thu, 19 Mar 2020 20:00:51 GMT
server: nginx/1.10.3 (Ubuntu)
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
cache-control: public, s-maxage=2700
x-amz-cf-pop: AMS50-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
x-amz-cf-id: JHnlimmYgWgzjLNf1LGICy4FN4yVo_YCl9qYxABQ-lhDpQkqi-hG6A==

GET
H2 200 sf14g.js Show response
t.sf14g.com/ 37 KB
37 KB 322ms
104ms Script
application/javascript 35.174.253.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sf14g.com/sf14g.js

Requested by

Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.253.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-174-253-39.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

86ecafc33ecb5976760d6b5f13a2874525e3f4bfa8b12a0e14d6c98ae9e727cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 17:36:27 GMT
last-modified: Tue, 16 Oct 2018 18:33:02 GMT
server: Kestrel
etag: "1d4657eab9c909b"
strict-transport-security: max-age=2592000
content-type: application/javascript
status: 200
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 37787
expires: -1

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
370 B 20ms
19ms Image
image/gif 93.184.220.178
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=e803aeb79f1d436aa39d23393ef8070b&_biz_s=220f61&_biz_l=https%3A%2F%2Fwww.exabeam.com%2Fsiem%2Fphishing-scams-remote-workforce%2F&_biz_t=1584984987082&_biz_i=Securing%20Your%20Remote%20Workforce%3A%20Detecting%20Phishing%20Scams%20Disguised%20as%20Updates&_biz_n=0&rnd=950765&cdn_o=a&_biz_z=1584984987141
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B75) / ASP.NET
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
x-aspnet-version: 4.0.30319
age: 316731
x-powered-by: ASP.NET
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
content-length: 43
pragma: no-cache
x-aspnetmvc-version: 5.2
last-modified: Fri, 20 Mar 2020 01:37:36 GMT
server: ECS (amb/6B75)
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
expires: -1

GET
H2 200 modules.5366b7bc7306ec7916c3.js Show response
script.hotjar.com/ 405 KB
74 KB 20ms
20ms Script
application/javascript 147.75.84.91
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.5366b7bc7306ec7916c3.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-706092.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.84.91 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: /
Resource Hash: e48aa7bf8cb05a243b46adc58419acec34fcb13e97ee94d197c818cef33f7cad

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
content-encoding: br
content-type: application/javascript
age: 21121
status: 200
section-io-cache: Hit
content-length: 74866
last-modified: Mon, 23 Mar 2020 11:44:27 GMT
etag: "f41ee12c518ee4b67cd86020a7ed8e22"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.027
accept-ranges: bytes
section-io-id: a58b1d4b26a94caacbe6d4a3d375c9cd
section-origin-responded: true

GET
H2 200 l
use.typekit.net/af/ac6334/000000000000000000012059/27/ 19 KB
19 KB 75ms
27ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ac6334/000000000000000000012059/27/l?subset_id=2&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 300ed4edb53d9883a9eecbec80f13ef632460c9f16337216263a297f7e530e8d

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "979fbf744ee7437fca444099255224ce64ccdbb8"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19304

GET
H2 200 l
use.typekit.net/af/5464d5/00000000000000000001205a/27/ 19 KB
19 KB 95ms
47ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5464d5/00000000000000000001205a/27/l?subset_id=2&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0b09bb6dcf27e7ac8016b8c6db5350dff907b9ea8ce1c558866e7b657e0f171f

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "a4f819944789113f56596345edd8292038b9a887"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19260

GET
H2 200 l
use.typekit.net/af/04ec74/00000000000000000001205b/27/ 19 KB
19 KB 106ms
58ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/04ec74/00000000000000000001205b/27/l?subset_id=2&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bad97d1a40024bbad968d94d8152a5b1387ec08c37ba11e3da0dd484aecb04bd

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "97a0f780f9ee4a46933aed974482ff8cfe22f593"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19064

GET
H2 200 l
use.typekit.net/af/8cf83d/00000000000000000001205c/27/ 19 KB
19 KB 100ms
52ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8cf83d/00000000000000000001205c/27/l?subset_id=2&fvd=i7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 970f7a0f5f38eedfb8dd6e15d89b8f77eb7d382fc5429e865037a24a1ab66805

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "1e32d1e7518152300b89835bcea9355bbc62dad0"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19348

GET
H2 200 l
use.typekit.net/af/1aea0d/000000000000000000012106/27/ 16 KB
16 KB 103ms
56ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1aea0d/000000000000000000012106/27/l?subset_id=2&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9da082f78e93f4631b27f391f909657569db989069221e84168a6539b05b9413

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "b56be0797072a43eaeabb9f8d09565558f02dd9c"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 15916

GET
H2 200 l
use.typekit.net/af/2d5f33/000000000000000000012107/27/ 15 KB
15 KB 109ms
62ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2d5f33/000000000000000000012107/27/l?subset_id=2&fvd=i3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7360f6f3d77229843042759323d66429c924b6c21b6b5d49b22793963bfe418d

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "7519a37ff48b287ef5bc92f6e667da20b379fecd"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 15628

GET
H2 200 l
use.typekit.net/af/6469f1/000000000000000000012108/27/ 16 KB
16 KB 94ms
47ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6469f1/000000000000000000012108/27/l?subset_id=2&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3f415bdcdb16ec8f12a7a3df86cbf9aabab52d4eac24b48228bc2a012e2e3fd3

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "a969cc584e9b5e554dc55c8cf936d2bdb8c78717"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 16012

GET
H2 200 l
use.typekit.net/af/ee7e95/000000000000000000012109/27/ 15 KB
16 KB 114ms
68ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ee7e95/000000000000000000012109/27/l?subset_id=2&fvd=i5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a58426393551df2ed80742e9d6c41899cb77ed4c4645fba196e5f005706bf690

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "01438f356e9e2b36b2572af36172b532cab48258"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 15844

GET
H2 200 l
use.typekit.net/af/294d74/00000000000000000001210a/27/ 16 KB
16 KB 111ms
64ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/294d74/00000000000000000001210a/27/l?subset_id=2&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c29f96ba68d207839289888311e2e30b7ebb69097ce7ed8313d9afd3712c9111

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "1a0cc7f7896513d267aa4885a72fa701369b224c"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 16036

GET
H2 200 l
use.typekit.net/af/75d1db/00000000000000000001210b/27/ 26 KB
26 KB 121ms
75ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/75d1db/00000000000000000001210b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b1b8219c6e5d42e630baac5509bc6f5069c8471a6f7849c983333a7a6e6b98d1

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "f3bfadd7b59be1dfac458e31566992ed4e9597a2"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 26840

GET
H2 200 l
use.typekit.net/af/f8d42c/00000000000000000001210c/27/ 15 KB
16 KB 120ms
74ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f8d42c/00000000000000000001210c/27/l?subset_id=2&fvd=n9&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0674530f6ff219330d2405d1e62ff05548f564e76d7949ddd51a8ef0df38c7f2

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "a31be08f428c55cffc9422a311206b83d270ffb8"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 15756

GET
H2 200 l
use.typekit.net/af/ffd27e/00000000000000000001210d/27/ 16 KB
16 KB 118ms
72ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ffd27e/00000000000000000001210d/27/l?subset_id=2&fvd=i9&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d0d3ac9872e906c7ba665c08b2b71166d9bdd2f6abe607c4c52ab2411c7a5bf0

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "4304fcf76976d49bc8452083b53e7850ed3470b9"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 15872

GET
H2 200 l
use.typekit.net/af/61f808/00000000000000003b9b3d63/27/ 34 KB
34 KB 115ms
69ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/61f808/00000000000000003b9b3d63/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8c8bd8d99b05c8348e32644b8e25cc70efce41c396b5958727178611856c6c2c

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "ac5f07169afed1f853206bdc2309dfaf2c118db1"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 34560

GET
H2 200 l
use.typekit.net/af/860e41/00000000000000003b9b3d69/27/ 32 KB
33 KB 125ms
79ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/860e41/00000000000000003b9b3d69/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b5189ff37424eb9a69954fe0b877905b66281c23f54eadc28dbf22d2bf23e3d9

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "1a8b9007d059a12e3248f0f6b7b7fd4cd52eb66d"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 33068

GET
H2 200 l
use.typekit.net/af/422d60/00000000000000003b9b3d67/27/ 33 KB
34 KB 123ms
77ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/422d60/00000000000000003b9b3d67/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c25b5762336d9578b4e7497e5688ceae44a63b30bfa77a9ea03cce10ed2e912e

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "4e6bbf222d840839472a8449ffe23ff5d61836c0"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 34220

GET
H2 200 l
use.typekit.net/af/9373a0/00000000000000003b9b3d68/27/ 28 KB
28 KB 137ms
91ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/9373a0/00000000000000003b9b3d68/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9835c87f7bb1117a82d56b47914a180c3011720f4bd41891b229edbdcf52de2e

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "765e4747c6cbd6557fc82aee8b756847624070f4"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 28656

GET
H2 200 l
use.typekit.net/af/ffb1e2/00000000000000003b9b3d64/27/ 28 KB
28 KB 136ms
90ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ffb1e2/00000000000000003b9b3d64/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5efc5dfd683b93e41cf5c563bd121060d7d6e79fb85cea91fdcdd2390fbd870f

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "5cd645e6a581dd931c7039df4868b37bf0abdeb2"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 28392

GET
H2 200 l
use.typekit.net/af/b6c887/00000000000000003b9b3d61/27/ 33 KB
34 KB 135ms
89ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b6c887/00000000000000003b9b3d61/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2a583beb7dc5bbc4dd92bbcf1131a74cad6f8c849d9f6d1f1eb1c996e52b4cc9

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "faa3730a81f608e25c5d6495717914979e9677dd"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 34104

GET
H2 200 l
use.typekit.net/af/524796/00000000000000003b9b3d62/27/ 28 KB
28 KB 133ms
88ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/524796/00000000000000003b9b3d62/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e638bd7f97fa9f214c017f0f28a8bb3770294ffae1b3e6d0cdbedf4eb2a96dfa

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "08c9a1f56dd4778b8e7cf2cde0e142a05525d20a"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 28456

GET
H2 200 l
use.typekit.net/af/348732/00000000000000003b9b3d65/27/ 34 KB
34 KB 131ms
86ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/348732/00000000000000003b9b3d65/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 41ce95787d5ef41ae99ec194d007db1b9af4df207b9242bb2684d86f3aae1723

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "f79b39a253aa819d49c056767a8349a078dc7a5f"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 34436

GET
H2 200 l
use.typekit.net/af/31c386/00000000000000003b9b3d66/27/ 28 KB
28 KB 130ms
85ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/31c386/00000000000000003b9b3d66/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 258f61d815afdb2c64f5cc9ee767813f71755f2f304efc9a7e2a7c87eb88c004

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "c84beaee2ea71b326a8dcae6d9483c050f0076bc"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 28580

GET
H2 200 l
use.typekit.net/af/8b9a4a/00000000000000003b9b3d6a/27/ 27 KB
27 KB 128ms
83ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8b9a4a/00000000000000003b9b3d6a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i9&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4646827eb2f9531a03f7a0d423b7eaa13a2026d89d85f079dc25211acb9f6648

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "d49285a4ab88828d3f3888eced436941123be30a"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 27684

GET
H2 200 l
use.typekit.net/af/ca3a3d/00000000000000003b9b3d5f/27/ 32 KB
33 KB 127ms
82ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ca3a3d/00000000000000003b9b3d5f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n2&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bc458ec1133cfad02713795c9e955be57aac849e9a2145ab26b83a2836db58e3

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "196674b91a9837ea13aba5d5e101950fd9287b6f"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 33136

GET
H2 200 l
use.typekit.net/af/2d1b09/00000000000000003b9b3d60/27/ 27 KB
27 KB 137ms
92ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2d1b09/00000000000000003b9b3d60/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i2&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ffc6pda.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2b1b2be4fc1a8618dba8a9dfccee6a2e36024fe8b4d6fe9e9736ffbe44f8904a

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
server: nginx
access-control-allow-origin: *
etag: "c0b64ae0b6eaa3532188e9fb5c53c5981b3f90d9"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 27468

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 35ms
35ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGMHXV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

ea399158ef2d93ca8c14598e1ee6bfddf924d4b877c8972928d30ff23bcf1a30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 9947
x-xss-protection: 0
server: cafe
etag: 2742097851886756974
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 23 Mar 2020 17:36:27 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame C8C4 0
0 21ms
21ms Document
text/html 147.75.100.245
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-706092.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.100.245 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress15
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/

Response headers

status: 200
date: Mon, 23 Mar 2020 17:36:26 GMT
content-type: text/html
content-length: 851
last-modified: Mon, 23 Mar 2020 09:05:24 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.105
section-origin-responded: true
age: 27493
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: ae3ab726709f888577955ba38a4cce63

GET
H2 200 analytics_debug.js Show response
www.google-analytics.com/u/ 58 KB
23 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/u/analytics_debug.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGMHXV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2969a2655ba343d539f3461edebf743be26ab841cde4c0a88b3d6c1ba37750c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 15:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 6893
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 23404
expires: Mon, 23 Mar 2020 17:41:34 GMT

GET
H2 200 BizibleAcct.js Show response
cdn.bizible.com/ 378 B
523 B 125ms
125ms Script
text/javascript 93.184.220.178
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/BizibleAcct.js?_biz_u=e803aeb79f1d436aa39d23393ef8070b&_biz_h=-1906410348&cdn_o=a&jsVer=4.20.03.19
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: caf7b9c317224013700e7af764f5bbed2e3b75a911e6c06938da6a2b7b7711bb

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:26 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
etag: 62F44E5A
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
cache-control: private, must-revalidate, max-age=21600
content-type: text/javascript; charset=utf-8
content-length: 325

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/970051432/ 2 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/970051432/?random=1584984987257&cv=9&fst=1584984987257&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3b2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.exabeam.com%2Fsiem%2Fphishing-scams-remote-workforce%2F&tiba=Securing%20Your%20Remote%20Workforce%3A%20Detecting%20Phishing%20Scams%20Disguised%20as%20Updates&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32c38c21685541042524c1c1ba461ab8452e14a6e8457691f3be05af9a0982b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 17:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1048
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 98 KB
29 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-5WKWPT4&cid=1480073945.1584984987

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

51ae3c96c696546249fc0774a8e8117c0d57b2558e752a9f220f64eb6f881f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Cache-Control
content-length: 30062
x-xss-protection: 0
expires: Mon, 23 Mar 2020 17:36:27 GMT

GET
H2 200 p.gif
p.typekit.net/ 35 B
201 B 24ms
23ms Image
image/gif 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=ffc6pda&ht=tk&h=www.exabeam.com&f=13464.13465.13466.13467.13468.13469.13470.13471.13472.13473.13474.13475.17265.17266.17267.17268.17269.17270.17271.17272.17273.17274.17275.17276&a=37476735&js=1.19.2&app=typekit&e=js&_=1584984987374
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 17:36:27 GMT
last-modified: Thu, 07 Feb 2019 19:30:27 GMT
server: nginx
access-control-allow-origin: *
etag: "5c5c8753-23"
content-type: image/gif
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 35
expires: Fri, 16 Aug 2019 08:20:58 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/970051432/ 42 B
115 B 23ms
22ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/970051432/?random=1584984987257&cv=9&fst=1584982800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3b2&sendb=1&frm=0&url=https%3A%2F%2Fwww.exabeam.com%2Fsiem%2Fphishing-scams-remote-workforce%2F&tiba=Securing%20Your%20Remote%20Workforce%3A%20Detecting%20Phishing%20Scams%20Disguised%20as%20Updates&async=1&fmt=3&is_vtc=1&random=4534937&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 17:36:27 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/970051432/ 42 B
110 B 20ms
20ms Image
image/gif 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/970051432/?random=1584984987257&cv=9&fst=1584982800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3b2&sendb=1&frm=0&url=https%3A%2F%2Fwww.exabeam.com%2Fsiem%2Fphishing-scams-remote-workforce%2F&tiba=Securing%20Your%20Remote%20Workforce%3A%20Detecting%20Phishing%20Scams%20Disguised%20as%20Updates&async=1&fmt=3&is_vtc=1&random=4534937&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 17:36:27 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/r/ 35 B
120 B 26ms
25ms Other
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/r/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 17:36:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: https://www.exabeam.com
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=441611617&t=pageview&_s=1&dl=https%3A%2F%2Fwww.exabeam.com%2Fsiem%2Fphishing-scams-remote-workforce%2F&ul=en-us&de=UTF-8&dt=Securing%20Your%2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-41755658-1&cid=1480073945.1584984987&jid=599256381&_gid=1912840460.1584984987&gjid=1226993403&_v=j81&z=1820189517
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41755658-1&cid=1480073945.1584984987&jid=599256381&_v=j81&z=1820189517
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41755658-1&cid=1480073945.1584984987&jid=599256381&_v=j81&z=1820189517&slf_rd=1&random=1516758132

42 B
109 B

22ms
22ms

Image
image/gif

2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41755658-1&cid=1480073945.1584984987&jid=599256381&_v=j81&z=1820189517&slf_rd=1&random=1516758132

Requested by

Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 17:36:27 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 Mar 2020 17:36:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41755658-1&cid=1480073945.1584984987&jid=599256381&_v=j81&z=1820189517&slf_rd=1&random=1516758132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

tracking.png
tracking.leadlander.com/
Redirect Chain

https://tracking.leadlander.com/api/tracking?accountId=27705&page=https%3A%2F%2Fwww.exabeam.com%2Fsiem%2Fphishing-scams-remote-workforce%2F&referer=&fp=d2fff768385a51f6e295620ea70f0269
https://tracking.leadlander.com/tracking.png

68 B
296 B

103ms
102ms

Image
image/png

107.23.236.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracking.leadlander.com/tracking.png

Requested by

Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.23.236.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-236-161.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 17:36:28 GMT
last-modified: Wed, 26 Sep 2018 16:48:51 GMT
server: Kestrel
etag: "1d455b8cd761bc4"
strict-transport-security: max-age=2592000
content-type: image/png
status: 200
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 68
expires: -1

Redirect headers

status: 302
date: Mon, 23 Mar 2020 17:36:27 GMT
server: Kestrel
strict-transport-security: max-age=2592000
content-length: 0
location: /tracking.png

GET
H2 200 nr-1167.min.js Show response
js-agent.newrelic.com/ 26 KB
10 KB 69ms
22ms Script
application/javascript 151.101.14.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1167.min.js
Requested by: Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:28 GMT
content-encoding: gzip
x-amz-request-id: 3F6B13CD94955BD2
x-cache: HIT
status: 200
content-length: 10178
x-amz-id-2: owq7LTC2ddnOfWY1uKv5BtBpowDIkcMDm/PvX4TjjjLvjnZV9HT8nBCSuZA0UK8UjkDDMb8Gv+k=
x-served-by: cache-fra19172-FRA
last-modified: Fri, 07 Feb 2020 23:39:55 GMT
server: AmazonS3
x-timer: S1584984988.168145,VS0,VE0
etag: "8155781ab74e51eee2ead2c1d5902e63"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 19995

GET
H2 200 up
insight.adsrvr.org/track/ Frame D329 0
0 116ms
38ms Document
text/html 99.81.228.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=btthng2&ref=https%3A%2F%2Fwww.exabeam.com%2Fsiem%2Fphishing-scams-remote-workforce%2F&upid=voqp5fv&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.228.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-228-121.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=btthng2&ref=https%3A%2F%2Fwww.exabeam.com%2Fsiem%2Fphishing-scams-remote-workforce%2F&upid=voqp5fv&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=52fd0a6f-b7d1-4661-890e-32ccbce8b9ca; TDCPM=CAEYBSABKAIyCwj-9JSi7tanOBAFOAE.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/

Response headers

status: 200
date: Mon, 23 Mar 2020 17:36:28 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
924 B 24ms
23ms Script
application/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGMHXV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

f72646b4c3231ab96d39d3d08ce0b58846f2f31a05bb7d9044d41de74da2aa1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:28 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 GMT

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflHFEBmg/ 37 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflHFEBmg/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6513766c0974fcef7b28cd5adceb151659a74a329197f96ce33b53f8bfbec14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 13:36:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14413
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 13475
x-xss-protection: 0
last-modified: Thu, 19 Mar 2020 02:17:21 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 31 Mar 2020 13:36:15 GMT

GET
H/1.1 200
OK 6658b13311 Show response
bam.nr-data.net/1/ 57 B
274 B 442ms
112ms Script
text/javascript 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/6658b13311?a=239335233&v=1167.2a4546b&to=YwcBZkVZCkNZVhBRW1pNIlFDUQteF0YNVlNYBw%3D%3D&rst=3373&ref=https://www.exabeam.com/siem/phishing-scams-remote-workforce/&ap=1617&be=2019&fe=3300&dc=2304&perf=%7B%22timing%22:%7B%22of%22:1584984984812,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:119,%22c%22:119,%22s%22:124,%22ce%22:136,%22rq%22:137,%22rp%22:2011,%22rpe%22:2018,%22dl%22:2013,%22di%22:2304,%22ds%22:2304,%22de%22:2333,%22dc%22:3300,%22l%22:3300,%22le%22:3304%7D,%22navigation%22:%7B%7D%7D&fp=2157&fcp=2157&at=T0ACEA1DGU0%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1167.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Content-Type: text/javascript;charset=ISO-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 vuzcm9wwshsk.js Show response
js.driftt.com/include/1584985200000/ 136 KB
45 KB 180ms
129ms Script
application/javascript 143.204.201.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1584985200000/vuzcm9wwshsk.js

Requested by

Host: www.exabeam.com
URL: https://www.exabeam.com/siem/phishing-scams-remote-workforce/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.201.41 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-201-41.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

2e15a72f58fd09726c5af078b4db781e4a17fafd361a61b8ecce888d5643d46d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 17:36:29 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Thu, 19 Mar 2020 21:46:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uHvLdzP2Drbwl9hOJWj0LAvPU8rctZekJdL7miWvqtOnkN14lfXrfg==

GET
H2 200 index.html
js.driftt.com/deploy/assets/ Frame A934 0
0 65ms
65ms Document
text/html 143.204.201.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/index.html

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1584985200000/vuzcm9wwshsk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.201.41 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-201-41.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /deploy/assets/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 894
server: nginx
last-modified: Thu, 19 Mar 2020 21:46:47 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 23 Mar 2020 17:36:30 GMT
etag: "a7ba8187cce22fc503c7bba828524ff4"
cache-control: max-age=10
x-cache: Hit from cloudfront
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: NwGoE9StqrYCd8bfO_P_Dnr86Qi-5SEcd1oNT-JtAZluYbJBPbxYwA==

POST
H/1.1 200
OK 6658b13311 Show response
bam.nr-data.net/events/1/ 24 B
182 B 111ms
110ms XHR
image/gif 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/6658b13311?a=239335233&v=1167.2a4546b&to=YwcBZkVZCkNZVhBRW1pNIlFDUQteF0YNVlNYBw%3D%3D&rst=13373&ref=https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.exabeam.com/siem/phishing-scams-remote-workforce/
Origin: https://www.exabeam.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.exabeam.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 12:35:36	Name: VISITOR_INFO1_LIVE Value: 3mLZ4dZzBE4
.exabeam.com/	1970-01-19 08:16:25	Name: _gat_UA-41755658-1 Value: 1
.youtube.com/	1970-01-19 08:16:26	Name: GPS Value: 1
.exabeam.com/	1970-01-19 08:16:25	Name: _gat Value: 1
.exabeam.com/	1970-01-19 16:49:03	Name: _hjid Value: 5285b873-d505-4129-a38b-5cfdab67e102
.exabeam.com/	1970-01-19 10:26:00	Name: _gcl_au Value: 1.1.2110297782.1584984987
www.exabeam.com/	1970-01-19 08:16:25	Name: s-9da4 Value: 945d0d5f-2dc6-4ef7-a455-e9b8a611d3f1
www.exabeam.com/	1970-01-19 08:59:33	Name: d-a8e6 Value: c22c33cc-abdf-4eed-91b8-0c9658876071
.exabeam.com/	1970-01-19 17:02:00	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22XDomain%22%3A%221%22%7D
.exabeam.com/	1970-01-19 17:02:00	Name: _biz_pendingA Value: %5B%5D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: GGT9GOnXkc0
.exabeam.com/	1970-01-19 17:02:00	Name: _biz_uid Value: e803aeb79f1d436aa39d23393ef8070b
.exabeam.com/	1970-01-19 08:17:51	Name: _gid Value: GA1.2.1912840460.1584984987
.exabeam.com/	1970-01-19 17:02:00	Name: _biz_nA Value: 1
.exabeam.com/	1970-01-19 08:16:26	Name: _biz_sid Value: 220f61
.exabeam.com/	1970-01-20 01:47:36	Name: _ga Value: GA1.2.1480073945.1584984987

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.exabeam.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://www.google-analytics.com/u/analytics_debug.js(Line 25) Message: _ _ _ _ \| \| \| \| \| \| (_) __ _ ___ ___ __ _\| \| ___ __ _ _ __ __ _\| \|_ _\| \|_ _ ___ ___ / _` \|/ _ \ / _ \ / _` \| \|/ _ \ / _` \| '_ \ / _` \| \| \| \| \| __\| \|/ __/ __\| \| (_\| \| (_) \| (_) \| (_\| \| \| __/ \| (_\| \| \| \| \| (_\| \| \| \|_\| \| \|_\| \| (__\__ \ \__, \|\___/ \___/ \__, \|_\|\___\| \__,_\|_\| \|_\|\__,_\|_\|\__, \|\__\|_\|\___\|___/ __/ \| __/ \| __/ \| \|___/ \|___/ \|___/
console-api	warning	URL: https://www.google-analytics.com/u/analytics_debug.js(Line 25) Message: Running analytics_debug.js. This script is intended for testing and debugging only.
console-api	log	URL: https://www.google-analytics.com/u/analytics_debug.js(Line 25) Message: Initializing Google Analytics.
console-api	warning	URL: https://www.google-analytics.com/u/analytics_debug.js(Line 25) Message: Tracking script already loaded. Abandoning initialization.
console-api	log	URL: https://www.google-analytics.com/u/analytics_debug.js(Line 25) Message:
console-api	info	URL: https://www.google-analytics.com/u/analytics_debug.js(Line 25) Message: Registered new plugin: ga(provide, "render", Function)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn.bizible.com
cdnjs.com
fonts.googleapis.com
googleads.g.doubleclick.net
insight.adsrvr.org
js-agent.newrelic.com
js.adsrvr.org
js.driftt.com
match.adsrvr.org
munchkin.marketo.net
p.typekit.net
s.ytimg.com
s3.amazonaws.com
script.hotjar.com
static.addtoany.com
static.hotjar.com
stats.g.doubleclick.net
t.sf14g.com
tracking.leadlander.com
use.typekit.net
vars.hotjar.com
vidassets.terminus.services
www.exabeam.com
www.gartner.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
107.23.236.161
13.227.223.172
143.204.201.41
147.75.100.245
147.75.32.105
147.75.84.91
151.101.14.110
162.247.242.18
172.217.22.2
2606:4700:10::6814:6e27
2606:4700:20::6818:b107
2620:12a:8000::3
2a00:1450:4001:800::2008
2a00:1450:4001:806::2004
2a00:1450:4001:816::200e
2a00:1450:4001:817::200e
2a00:1450:4001:818::200a
2a00:1450:4001:81e::2002
2a00:1450:4001:81e::2003
2a00:1450:4001:824::200e
2a00:1450:400c:c06::9c
34.252.71.88
35.174.253.39
52.216.143.118
52.222.143.33
88.221.60.75
93.184.220.178
95.100.67.47
99.81.228.121
99.86.3.62
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
057b5d760571deb7317b266fafe4b831b2b5cdc82fcf2642ac3043f404760721
0615974c40d602afdbf9759533e352bc17b0458c85aad6694b1a1ad20659625b
0674530f6ff219330d2405d1e62ff05548f564e76d7949ddd51a8ef0df38c7f2
07ff7567db5ae88bd35aabaa8695e9cb7fd23af0b91a20b8953eff267c525352
0b09bb6dcf27e7ac8016b8c6db5350dff907b9ea8ce1c558866e7b657e0f171f
0b80a19b64d36f5d981598de85165b58f966a836ed2cfdb2de80cdf943f87e9b
0c532402cbde8107e1284b2ab448d8cb72d5941ee20b7e7492363de918a688bd
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d1f971b8bf11f93a551419b442997d7bfc7b4498fcc6e5c759381a2d122c27a
16836de9f676ebae7237da679559b7ccc963752bbe104e1056a92a89b875db91
1779f50a5c2486b9635e77762f9a8bb845888204b481292bf39fcb2c27c13d07
17c51ac58ed9ea4d78cccb908d7393b2360106b9772381e200ee64faef3c04b5
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e3bd23f892a7823c8419303360e545aa10d63f307d8117abf1fb1b1f756f58a
24ad97fd6eb89dec77dc9d15f13240ef12f8d907dfed8b24c77125c34b92256b
258f61d815afdb2c64f5cc9ee767813f71755f2f304efc9a7e2a7c87eb88c004
2969a2655ba343d539f3461edebf743be26ab841cde4c0a88b3d6c1ba37750c5
2a583beb7dc5bbc4dd92bbcf1131a74cad6f8c849d9f6d1f1eb1c996e52b4cc9
2b1b2be4fc1a8618dba8a9dfccee6a2e36024fe8b4d6fe9e9736ffbe44f8904a
2e15a72f58fd09726c5af078b4db781e4a17fafd361a61b8ecce888d5643d46d
300ed4edb53d9883a9eecbec80f13ef632460c9f16337216263a297f7e530e8d
30bb414a6af8f4058e66287b03a52959d6c25398ed5b57d11f99f4e7321f9863
31d32674d25ef6811553b0564ff625f885db728ab36ec2fe06e7e8c479e29f6e
32c38c21685541042524c1c1ba461ab8452e14a6e8457691f3be05af9a0982b2
3f415bdcdb16ec8f12a7a3df86cbf9aabab52d4eac24b48228bc2a012e2e3fd3
3faec91f0bd925090b2aac53fcf3da6332dd92388ad04906864150ef8b1ef16c
41ce95787d5ef41ae99ec194d007db1b9af4df207b9242bb2684d86f3aae1723
4646827eb2f9531a03f7a0d423b7eaa13a2026d89d85f079dc25211acb9f6648
46517e9a650b755fddb4a1f98ef4c65ed844ce00f71ff83745226d6731c50d5d
46e6f42a22054a793841935920cbbc723856e339fead50fa33c1f1bb3ec5a251
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
51ae3c96c696546249fc0774a8e8117c0d57b2558e752a9f220f64eb6f881f39
531fbe96f6421d5d9555519ec95bcb0528def1b0bd9f2f1e87ea4a2ecdfec7f6
53619608ff0bf2af2109670b2a8ca7b568f40de56beeceae2abd61cfb57742ee
55cd1a7749037c7a649a4f5aea2c1f87811534a5cf9dbf36be1960684d89e8e3
5efc5dfd683b93e41cf5c563bd121060d7d6e79fb85cea91fdcdd2390fbd870f
5fdc62b86bb13c8c4776c372bf18e06356fed78dc785c2bb7f361be072453056
633b5525fea6bc3eb661301152bfecac3dc4e8662729ed89999d35edda571bf1
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6d06976b8bb89ce034ebc4d3d81c01dad743e1badac88f10db92123b08ebc329
6de8549645c339a95031df376cb1dc18490a258edb6a0892bb4c322b3bd5481f
7360f6f3d77229843042759323d66429c924b6c21b6b5d49b22793963bfe418d
7817f666fd0735919505524261672679a87b6c808d2568eb1f7b6714b7d5c472
7f8f0b78c9393ec09e4d494c5d86a8b7192ed165f99921f52e6c551d1737873c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ff3fb28c71c90659c956e136f415a111651beb0f762acf6e0af1fe8825765f
86ecafc33ecb5976760d6b5f13a2874525e3f4bfa8b12a0e14d6c98ae9e727cd
8b3961551f100b14c5e7f437f041bb4f440d81cee598f077961c8a44cd48e655
8c8bd8d99b05c8348e32644b8e25cc70efce41c396b5958727178611856c6c2c
8df116505b186ca6f03c6419d2aa549869518dbcc59580e6e70830dc9b824372
970f7a0f5f38eedfb8dd6e15d89b8f77eb7d382fc5429e865037a24a1ab66805
9835c87f7bb1117a82d56b47914a180c3011720f4bd41891b229edbdcf52de2e
9add757a6b25508be1bf0d069aed4f4525b3d2cbe08308e81c58f33f91c42b24
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9da082f78e93f4631b27f391f909657569db989069221e84168a6539b05b9413
9dbc10d42889718ee6f993f56d020ca36d6984a80320ffcc384996249476b8e6
a58426393551df2ed80742e9d6c41899cb77ed4c4645fba196e5f005706bf690
a5e1ce206bd9007f7950bbc4fb5a8c442cc4f2c443a1d63fdc5a56f5d45ab080
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b1b8219c6e5d42e630baac5509bc6f5069c8471a6f7849c983333a7a6e6b98d1
b3c125312e4116db1cd6b5644144f4ab0ce2ff97857573782f3277ad1fc12a88
b5189ff37424eb9a69954fe0b877905b66281c23f54eadc28dbf22d2bf23e3d9
b6513766c0974fcef7b28cd5adceb151659a74a329197f96ce33b53f8bfbec14
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b8f5ea592d86a5cae0475be551a660ced2aa85c70f9c332c4b52da8f3bb4a4aa
b92ba00a4fb4cf0222faf6161a0740fffd1cfca77c06d7e9d9da0c7730517d93
ba117db500fc4fc3d26a54a174dce0878a96010e16b0c9cb6891d46c8a78c330
bad97d1a40024bbad968d94d8152a5b1387ec08c37ba11e3da0dd484aecb04bd
bc458ec1133cfad02713795c9e955be57aac849e9a2145ab26b83a2836db58e3
c25b5762336d9578b4e7497e5688ceae44a63b30bfa77a9ea03cce10ed2e912e
c29f96ba68d207839289888311e2e30b7ebb69097ce7ed8313d9afd3712c9111
c2be8f379351de1c6e3083916404d29ce398de840662f87f7fd9bbfcd34ae6f3
c69eb119b983703d62529c34d31f04ac767398e1fde9cff6764f8b03b57436c7
c83fd5a93e688420b418a7fd6521f6fc53f101169152d39558cbffc6f04b08de
c91f2989661521fc2f81b2ea50267d1722deddd6e6bffc05dafc14fb72c7e4b0
caf7b9c317224013700e7af764f5bbed2e3b75a911e6c06938da6a2b7b7711bb
cf3756a3afb8fd0b6756114d8ca8d62750b7830defd148a983ba186cf10a2d3e
d0d3ac9872e906c7ba665c08b2b71166d9bdd2f6abe607c4c52ab2411c7a5bf0
d195f41f82d0fd79b7677610065d8b3b73faf6c6da45a79a1012c4d00f689a19
d8eed1102b26c88e769bb440875246520bc79dc9fa28fc8061c764b846858746
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
d9676861585eb1c5089f453e991677710025b19b16ac05e137445793f4f7f625
dc4ea1d825b6ec671e0402126d9aa20688c2a8e57de560cfc05df2b40f4eeb4b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48aa7bf8cb05a243b46adc58419acec34fcb13e97ee94d197c818cef33f7cad
e638bd7f97fa9f214c017f0f28a8bb3770294ffae1b3e6d0cdbedf4eb2a96dfa
e7d541cf29b849e542714dcc76eaf410743c4c371e8a797cfbaaf73dff69c02c
ea399158ef2d93ca8c14598e1ee6bfddf924d4b877c8972928d30ff23bcf1a30
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efea7da1bb403ad8a646a9924c8fb0c8e2bf1472571fe7ace9382e762e2715be
f1010f7d28c3b9e4e339d1b7d4b82d7abaf933e7523a1bed85f5143a6a2918c7
f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f72646b4c3231ab96d39d3d08ce0b58846f2f31a05bb7d9044d41de74da2aa1d
fbfae3bfa9452ccb4081af44794f096decc03cf64a2ac460a72db92b0385fad0
fd58d9bda5b18eac6cd5eb20c7c0100b132ea0dd72a6145455681c0126161bb6

www.exabeam.com Open in urlscan Pro 2620:12a:8000::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

109 Requests

100 %HTTPS

40 %IPv6

25 Domains

31 Subdomains

28 IPs

8 Countries

3046 kBTransfer

4580 kBSize

16 Cookies

17 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.exabeam.com Open in urlscan Pro
2620:12a:8000::3 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

100 %
HTTPS

40 %
IPv6

25
Domains

31
Subdomains

28
IPs

8
Countries

3046 kB
Transfer

4580 kB
Size

16
Cookies

109 HTTP transactions
0 data transactions