cofense.com Open in urlscan Pro
141.193.213.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/
Submission: On November 02 via api (November 2nd 2023, 2:12:01 am UTC) from TR — Scanned from DE

Summary HTTP 153 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 31 IPs in 4 countries across 25 domains to perform 153 HTTP transactions. The main IP is 141.193.213.21, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is cofense.com. The Cisco Umbrella rank of the primary domain is 504851.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2023. Valid for: a year.

This is the only time cofense.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	141.193.213.21 141.193.213.21	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
82	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
8	2606:4700::68... 2606:4700::6812:1005	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
10	95.101.111.184 95.101.111.184	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.230.138.115 34.230.138.115	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:880f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.210.118.178 23.210.118.178	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.245.60.43 18.245.60.43	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:24c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	146.75.122.109 146.75.122.109	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.200.97.200 34.200.97.200	14618 (AMAZON-AES) (AMAZON-AES)
1	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a02:26f0:710... 2a02:26f0:7100::210:172	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	3.65.57.16 3.65.57.16	16509 (AMAZON-02) (AMAZON-02)
3	20.119.174.243 20.119.174.243	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	44.198.203.156 44.198.203.156	14618 (AMAZON-AES) (AMAZON-AES)
1	35.186.247.156 35.186.247.156	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
153	31

8 141.193.213.21 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

cofense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

82 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

ehhbozgsut3.exactdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:1005 (United States)

ASN13335 (CLOUDFLARENET, US)

js.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 95.101.111.184 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-184.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.230.138.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-138-115.compute-1.amazonaws.com

lltrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:880f (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.118.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-118-178.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-43.fra60.r.cloudfront.net

static.oktopost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:24c4 (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.122.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

extend.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.200.97.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-97-200.compute-1.amazonaws.com

okt.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100::210:172 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

404-jhu-612.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.65.57.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-57-16.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

r.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.198.203.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-203-156.compute-1.amazonaws.com

app.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.247.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
82	exactdn.com ehhbozgsut3.exactdn.com	772 KB
12	6sc.co j.6sc.co — Cisco Umbrella Rank: 5465 c.6sc.co — Cisco Umbrella Rank: 8564 ipv6.6sc.co — Cisco Umbrella Rank: 5738 b.6sc.co — Cisco Umbrella Rank: 3759	21 KB
9	qualified.com js.qualified.com — Cisco Umbrella Rank: 20121 app.qualified.com — Cisco Umbrella Rank: 20979 assets.qualified.com — Cisco Umbrella Rank: 22489	861 KB
8	cofense.com cofense.com — Cisco Umbrella Rank: 504851	36 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 827 r.clarity.ms — Cisco Umbrella Rank: 7598 c.clarity.ms — Cisco Umbrella Rank: 1405	28 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 377 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6003	5 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	730 B
3	google.de www.google.de — Cisco Umbrella Rank: 6862	578 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	456 B
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 24529 ibc-flow.techtarget.com — Cisco Umbrella Rank: 22103	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	298 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 9302	591 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3497	7 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 778	7 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	766 B
1	sentry.io sentry.io — Cisco Umbrella Rank: 171	324 B
1	mktoresp.com 404-jhu-612.mktoresp.com	318 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 495	571 B
1	okt.to okt.to — Cisco Umbrella Rank: 29607	100 B
1	vimeocdn.com extend.vimeocdn.com — Cisco Umbrella Rank: 10034	6 KB
1	oktopost.com static.oktopost.com — Cisco Umbrella Rank: 36317	4 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4272	2 KB
1	lltrck.com lltrck.com — Cisco Umbrella Rank: 35178
1	typekit.net p.typekit.net — Cisco Umbrella Rank: 621	172 B
153	25

	Domain	Requested by
82	ehhbozgsut3.exactdn.com	cofense.com ehhbozgsut3.exactdn.com
8	cofense.com	ehhbozgsut3.exactdn.com
7	assets.qualified.com	cofense.com app.qualified.com
7	b.6sc.co	cofense.com
3	r.clarity.ms	www.clarity.ms
3	px.ads.linkedin.com	3 redirects
3	www.google.de	cofense.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	region1.analytics.google.com	www.googletagmanager.com
3	www.googletagmanager.com	cofense.com www.googletagmanager.com www.google-analytics.com
2	c.clarity.ms	1 redirects
2	epsilon.6sense.com	j.6sc.co
2	ipv6.6sc.co	j.6sc.co
2	c.6sc.co	j.6sc.co
2	ibc-flow.techtarget.com	trk.techtarget.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.clarity.ms	cofense.com www.clarity.ms
2	munchkin.marketo.net	cofense.com munchkin.marketo.net
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
1	c.bing.com	1 redirects
1	sentry.io	assets.qualified.com
1	app.qualified.com	js.qualified.com
1	px4.ads.linkedin.com	cofense.com
1	www.linkedin.com	1 redirects
1	www.google.com	cofense.com
1	404-jhu-612.mktoresp.com	munchkin.marketo.net
1	secure.adnxs.com	j.6sc.co
1	okt.to	static.oktopost.com
1	extend.vimeocdn.com	www.googletagmanager.com
1	trk.techtarget.com	cofense.com
1	static.oktopost.com	cofense.com
1	ws.zoominfo.com	cofense.com
1	lltrck.com	cofense.com
1	j.6sc.co	cofense.com
1	p.typekit.net	ehhbozgsut3.exactdn.com
1	js.qualified.com	cofense.com
153	36

This site contains links to these domains. Also see Links.

Domain
cofense.zendesk.com
go.cofense.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
wpml.org

Subject Issuer	Validity	Valid
cofense.com Cloudflare Inc ECC CA-3	`2023-06-16` - `2024-06-14`	a year	crt.sh
*.exactdn.com R3	`2023-09-11` - `2023-12-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
6sc.co R3	`2023-08-19` - `2023-11-17`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
lltrck.com Amazon RSA 2048 M02	`2023-07-26` - `2024-08-23`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.oktopost.com Amazon RSA 2048 M01	`2023-08-29` - `2024-09-26`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-18` - `2024-03-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
ibc-flow.techtarget.com GTS CA 1D4	`2023-09-21` - `2023-12-20`	3 months	crt.sh
okt.to R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.6sense.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
app.qualified.com R3	`2023-09-21` - `2023-12-20`	3 months	crt.sh
sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2024-09-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/
Frame ID: DD0CDD903A20C67880233C6D70758BEC
Requests: 145 HTTP requests in this frame

Frame: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=ad3df54e-076d-42f0-9753-0a802b3ea9f2
Frame ID: 9ED118048606B3C3C00BE20CCC8E3677
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Credential Phishing IOCs Jump 45% in Q3 | Cofense

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

153
Requests

97 %
HTTPS

50 %
IPv6

25
Domains

36
Subdomains

31
IPs

4
Countries

2068 kB
Transfer

5897 kB
Size

36
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://cofense.zendesk.com/auth/v2/login/signin
Title: Customer Resource Center

Search URL Search Domain Scan URL

URL: https://go.cofense.com/live-demo/
Title: Get a Demo

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Cofense/
Title: Facebook-f

Search URL Search Domain Scan URL

URL: https://twitter.com/cofense
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/11500065/
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCbvJmFk-Pwf85UbGI9-EGxw
Title: Youtube

Search URL Search Domain Scan URL

URL: https://wpml.org/
Title: wpml.org

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 124

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1698891116660&url=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1698891116660&url=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D300721%26time%3D1698891116660%26url%3Dhttps%253A%252F%252Fcofense.com%252Fblog%252Fcredential-phishing-iocs-increased-in-q3%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1698891116660&url=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1698891116660&url=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJGHiHlxIZMxgAAAYuNzTJkELvuxMsVSLiB6RE-CGMJBhhZfrD1oOARbqwUEaxTXWKt7fYSbWE_

Request Chain 148

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4B861917D33E4C4F9F4FBE5F45977FDF&RedC=c.clarity.ms&MXFR=03D5B76B1A88690332ABA4D61E88679A HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4B861917D33E4C4F9F4FBE5F45977FDF&MUID=08BDF82B0FEB66A1391FEB960E6067B8

153 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cofense.com/blog/credential-phishing-iocs-increased-in-q3/ 132 KB
24 KB 497ms
188ms Document
text/html 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: f8c5474581785b420fc49ffb978c96ccfdc289159bc9464c7e985003b94803fb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=2419200, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81f8d97f5e16bb56-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 02 Nov 2023 02:11:55 GMT
last-modified: Tue, 31 Oct 2023 11:16:05 GMT
link: <https://cofense.com/wp-json/>; rel="https://api.w.org/" <https://cofense.com/wp-json/wp/v2/posts/104758>; rel="alternate"; type="application/json" <https://cofense.com/?p=104758>; rel=shortlink
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 180
x-cache-group: normal
x-cacheable: YES:2419200.000
x-powered-by: WP Engine

GET
H2 200 styles.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/ 57 KB
9 KB 159ms
21ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=1698872867

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

30db81ee3fd2296a2f5d01bb41c96067068327115900e2bdb865ffcfed6fdf8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:26 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 11/01/2023 21:50:25
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:46 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: d634c3078f57a73a152b8308baaffd5f
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=1698872867>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 style.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/ 906 B
1 KB 160ms
21ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1698872868

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

19fb8fd435c0bce0c7b49c24d128cce686d4a6bba0de63d34d5effa4e1f644f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:26 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/01/2023 21:50:25
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:46 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 9ed1cb299a50e04d3ab5cf97942a8b0d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1698872868>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 style.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/ 258 B
1007 B 202ms
64ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1698872868

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

4b9257e3e9c959214ddfab833a69a021ae6557403efe76afcbee259621175274

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:26 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 11/01/2023 21:50:25
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:46 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: b35d33b0893887c7055c7737932d2987
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1698872868>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 style.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/themes/cofense/ 8 KB
4 KB 202ms
64ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/themes/cofense/style.css?ver=1698872868

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

c3dfc3f03106f85ab56ceaadf44433f35cca4209d64922d50a1c650c90aa60ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:26 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 11/01/2023 21:50:26
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:46 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: a2d782cae2275f369262c7f6b785916b
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/themes/cofense/style.css?ver=1698872868>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 elementor-icons.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/ 20 KB
5 KB 204ms
66ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1698872868

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

bf685e293d51dc7a9ca630e387c90e436811766ab6a41df5dd0dd660b91f9eaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:26 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/01/2023 21:50:25
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:46 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 8653ef86164bed026650162efe23ce8b
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1698872868>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend-lite.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/css/ 115 KB
16 KB 196ms
58ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=1698872869

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

f2505437c541fbb54d3381687c49fded570dbc01ef97032d3db827f11825e971

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:27 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 11/01/2023 21:50:25
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:46 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 2012fc8f2ca6bfae868e53e4835fb75e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=1698872869>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 swiper.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/swiper/css/ 13 KB
3 KB 204ms
67ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=1698872869

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:26 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 11/01/2023 21:50:26
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:56 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: dd3ea876618969163d06f248af4c9feb
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=1698872869>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-15.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 6 KB
2 KB 192ms
55ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-15.css?ver=1698872825

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

b7aa6ab9df6a0e844f86c52f547756342afab7b158a51c6c54ec5c10ba9e3773

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:07:35 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/01/2023 21:50:26
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:35 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 353af3257e483880892c5918e7c8d398
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-15.css?ver=1698872825>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend-lite.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/css/ 11 KB
3 KB 187ms
50ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=1698872869

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

41eac43c1137e23dc691d5605126f42c477b739d40867c3022a1c9a857dd3194

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:33 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 11/01/2023 21:50:26
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:46 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: a3cc1e1a75705d12be0fb676812e6c1e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=1698872869>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-104758.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 1 KB
1 KB 185ms
49ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-104758.css?ver=1698872827

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

2fe56e261192908744e52e92bab008ccba8e67aec2f3d26361837e5e4c49208c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:11:08 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/02/2023 02:03:57
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:11:08 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 27098a8b6e1cec4f762aa511fc6b9ebe
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-104758.css?ver=1698872827>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-93807.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 3 KB
1 KB 203ms
67ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-93807.css?ver=1698872825

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

f4221e726cd903ea62b23099982f627213f319bad4697da681b33ec82d613500

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:26 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 11/01/2023 21:50:26
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:25 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: f58e78817a53e6d8488cfa1ccdcba13e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-93807.css?ver=1698872825>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-1266.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 18 KB
3 KB 177ms
40ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-1266.css?ver=1698872825

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

ae549261b91e3e9a5b932de75d605c5a831db2d3793f1c2e7b48c6fd2f811edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:07:35 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 11/01/2023 21:50:26
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:35 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 9dcf46b9057dc6739eb28bdb31576801
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-1266.css?ver=1698872825>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-1271.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 15 KB
3 KB 204ms
68ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-1271.css?ver=1698872825

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

0a828dbd42b518c042d31e8c907ce91c852f06759f79a659341c8c4fa74492b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:07:35 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 11/01/2023 21:50:26
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:35 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: d4cddb7262c3a0806fe7946c9de213be
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-1271.css?ver=1698872825>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-1386.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 12 KB
3 KB 201ms
65ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-1386.css?ver=1698872826

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

f22f932d4024701930979deb0996cc5919e760b0a39fb638fd2d93c13be84305

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:09:48 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 11/01/2023 21:50:26
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:09:47 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 946e6dcb620a1fc006d85d37c5f5b1cf
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-1386.css?ver=1698872826>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 widget-styles.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/ 435 KB
57 KB 202ms
65ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=1698872869

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

4d8f302eda9307bb0c244cc89f76f5d4eccd84380f4d04d47c49115ca989a983

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:33 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/01/2023 21:50:26
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:56 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: bf54c66c225a1b271d0156a85577f5e8
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=1698872869>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 responsive.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/ 30 KB
5 KB 200ms
64ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=1698872869

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

12c3f7bc60c99d1b6b634d6cd16fbb0e26ae75ddda15d7a6e5106cd5dad83f14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:33 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/01/2023 21:50:26
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:46 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: f8af767159fb2d3bec0180d3ed5f5a76
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=1698872869>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 ecs-style.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/css/ 6 KB
2 KB 200ms
65ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/css/ecs-style.css?ver=1698872869

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

8cbc49b1385bf29debe95333f04795a6e3a2cf218d88b415b29872d06491fd1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:27 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 11/01/2023 21:50:26
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:46 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 1bd6de62de058d676320c58ae6dbbbe9
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/css/ecs-style.css?ver=1698872869>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-1444.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 172ms
36ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-1444.css?ver=1678361574

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

0800c1bcae9fd7a9ab8bb0fc08bb60392cde06279906b58ba73a9d32c0ef0f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:59:08 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:59:08 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 1b8601486254cf7be6bd6d41db186312
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-1444.css?ver=1678361574>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-1462.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 159ms
23ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-1462.css?ver=1671033592

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

880bd0c057b2118ce8870a412c9bbc9c744ecc1ffc2e0cec852f0822467a5468

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:57 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:57 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 71adbba7fa7be439650584afc86d6292
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-1462.css?ver=1671033592>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-86702.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 878 B
1 KB 201ms
66ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-86702.css?ver=1666612343

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

08d9e28e5a3cf2a632f0a595610c79ae90f8dc50f3dd17914f2e6ef324b100bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:57 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:57 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 91daf22e61337c24991726d9bf13c288
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-86702.css?ver=1666612343>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-86773.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 189ms
54ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-86773.css?ver=1666885690

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

06c5b21ed6beb8535987a718d67db031fd8f9658a06e347946420fece8a2d845

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:57 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:57 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: d4e18557bb9d8b509a1fb55c1138d3aa
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-86773.css?ver=1666885690>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-94275.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 1 KB
1 KB 198ms
63ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-94275.css?ver=1666870708

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

21a8d9de57277a54200a816f7c852e39febfb766f6fcecd3d7e8d4c90dd5f55f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:57 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:57 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: e680e1d4dc28f45ceba1ef3aebda8c76
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-94275.css?ver=1666870708>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-96442.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 199ms
65ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-96442.css?ver=1680173529

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

5ec0edcab83d68a0bbdaaa014ca2eb993bf8bb3eb9eb5291be25e602a0d50e2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:57 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:57 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: fe978d37f837a8b73c56ba9f5b40c78d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-96442.css?ver=1680173529>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-96443.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 181ms
47ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-96443.css?ver=1684235063

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

edf0c45100bd76408c47b7a27b7cc7a85d776b1baf46de9e33f5b90bff9d5ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:57 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:57 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 2b99ae4b8b6acea944ac2c02adc595be
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-96443.css?ver=1684235063>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-96445.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 199ms
66ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-96445.css?ver=1675169689

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

6c64f1f61427b7aff7961cee93a0ee95c454274084a3a9e10aed8496929450d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:57 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:57 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: de4cf3912aa345f5a38da9004ee41d6d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-96445.css?ver=1675169689>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 css
ehhbozgsut3.exactdn.com/easyio-fonts/ 26 KB
2 KB 187ms
54ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/easyio-fonts/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=464d7fa7aea065b8ccc66b6fb1e3f432

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

5fde6eacc077ab58c0a3e25657dcc7bb8c2c21469b7223f8135dd46da6beee25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 24 Oct 2024 14:20:40 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 10/25/2023 20:31:12
cdn-pullzone: 1418769
last-modified: Wed, 25 Oct 2023 14:20:40 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: b984977582b4b5d1056f71dc9c95db18
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/easyio-fonts/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=464d7fa7aea065b8ccc66b6fb1e3f432>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 fontawesome.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
13 KB 180ms
48ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=1698872870

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:27 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 11/01/2023 21:50:27
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:46 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 1860b27ea9de457a978fe0370fcd4deb
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=1698872870>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 solid.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 1 KB
1 KB 187ms
54ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1698872870

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

d16687a04944f1fe7b82f081d4267457122bc36b26de671c1132ca5fdc938f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:27 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 11/01/2023 21:50:26
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:46 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 4858a89d7ba414b06dd95c72f183124d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1698872870>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 brands.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 1 KB
1 KB 170ms
38ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1698872870

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

ad2364119e81655c5452420dd9a2e2a488dd6658012ae9db392d4ee441c1e6a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:27 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/01/2023 21:50:26
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:46 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: e98125765834c39a44ef0b8d6e807498
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1698872870>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 language-cookie.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/ 239 B
1 KB 200ms
67ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=1698872871

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

848ebbe22f48bb9cbdef963602e58e60688e934f430b6839500232159560c6de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:27 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/01/2023 21:50:28
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:46 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 77459fb8daeeb9eb34480b0022072a2e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=1698872871>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ehhbozgsut3.exactdn.com/wp-includes/js/jquery/ 85 KB
33 KB 199ms
67ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:57 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:05 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: a0de8fabecc0c6d9916ae5e6f2b127da
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 jquery-migrate.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/jquery/ 13 KB
6 KB 199ms
67ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/jquery/jquery-migrate.min.js?ver=1698872871

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

a7c3b69070e18da88843ce5865aae332f74fae0ada9c0a6004c6615c9813b4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:33 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/01/2023 21:50:28
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:46 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 36e08e9deb535adda424c82026be6a43
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-includes/js/jquery/jquery-migrate.min.js?ver=1698872871>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 ecs_ajax_pagination.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/js/ 3 KB
2 KB 202ms
70ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/js/ecs_ajax_pagination.js?ver=1698872871

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

a5b92372018c41010f3abc7e2508e4f4e1be30c6aa4bad99ae72504ad3e105a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:27 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 11/01/2023 21:50:27
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:46 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 3dae6e6b1a5dfc66ed161a7585194957
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/js/ecs_ajax_pagination.js?ver=1698872871>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 ecs.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/js/ 249 B
998 B 200ms
69ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/js/ecs.js?ver=1698872871

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

58f8be459c8d1062283ac072740cb4504fc4b3c06f7f6f1e6b17643115cf2cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:28 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 11/01/2023 21:50:28
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:46 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: af61a2e9cf445640ea27097bb9584dda
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/js/ecs.js?ver=1698872871>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 zlo5wor.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/ 816 B
1 KB 171ms
40ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/zlo5wor.css?ver=1698872870

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

3c1a5c4b5574a4104a92b2e700e6f0fc5b001c4297ebc5a1e76d67b1fbeb1c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:27 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 11/01/2023 21:50:27
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:56 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 6f47c3952d8960b773fef7563e691d71
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/zlo5wor.css?ver=1698872870>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 qualified.js Show response
js.qualified.com/ 293 KB
91 KB 569ms
435ms Script
text/javascript 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.qualified.com/qualified.js?token=H3wWDXLUxD4irieG

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bb675d60a176b97d8be702bbcc80d182de2b65a06761101238a34b33eec82dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
content-encoding: gzip
via: 1.1 spaces-router (devel)
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: MISS
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 84dcb199-7acb-61c1-9e76-f0612474364d
pragma: no-cache
x-runtime: 0.020020
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"9bb675d60a176b97d8be702bbcc80d18"
x-download-options: noopen
vary: Accept,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 81f8d9830d7c03f4-FRA
expires: Thu, 02 Nov 2023 06:11:56 GMT

GET
H2 200 widget-nav-menu.min.css
ehhbozgsut3.exactdn.com/wp-content/plugins/elementor-pro/assets/css/ 26 KB
4 KB 152ms
21ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

20aad078c190cf5e3ff7c4a1471020f97a232dbc06b41b80f6a5fc782bd3493d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:15 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:15 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 3e00dbb947e814e2c234feb2c838fa55
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 widget-icon-list.min.css
ehhbozgsut3.exactdn.com/wp-content/plugins/elementor/assets/css/ 10 KB
2 KB 64ms
50ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

e0aa068ac5dfad098da734d929000446f50930d7411a075c031ea96a9352970b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:15 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:15 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 4d4d53febfb4296b7e18e48eb5c74fe9
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 widget-theme-elements.min.css
ehhbozgsut3.exactdn.com/wp-content/plugins/elementor-pro/assets/css/ 10 KB
3 KB 64ms
51ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/elementor-pro/assets/css/widget-theme-elements.min.css

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

f7c57b37232dd200e7b27fc6bfce78ec413a3a718e94818248f4fe16570780bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:57 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:15 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: f8b6fb60b3d9782621571a5abf2af039
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/css/widget-theme-elements.min.css>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 widget-share-buttons.min.css
ehhbozgsut3.exactdn.com/wp-content/plugins/elementor-pro/assets/css/ 30 KB
3 KB 63ms
51ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/elementor-pro/assets/css/widget-share-buttons.min.css

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

faddf8c3ff09bbff2375dd94286aef72d1f2816fad00c248b213e0ed4877f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:15 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:15 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: f10039dcde8d236fee4b4f6119ba6ad5
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/css/widget-share-buttons.min.css>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 widget-posts.min.css
ehhbozgsut3.exactdn.com/wp-content/plugins/elementor-pro/assets/css/ 14 KB
3 KB 64ms
51ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/elementor-pro/assets/css/widget-posts.min.css

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

1a829e1d6e41d31c49d5da4fc80f0d3a7ec3a42346706e092e19515ac518a057

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:15 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:15 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 96341efa6996c9291bf3ec4d134d9677
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/css/widget-posts.min.css>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-9276.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 4 KB
2 KB 65ms
52ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-9276.css?ver=1698872826

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

8f9de5ce0bd559fccdcf15f73bef8d60af03428ea4c33222985a6644d1351b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:07:35 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/01/2023 21:50:27
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:35 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 7d59a25b1a595cbd6813de684ded4472
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-9276.css?ver=1698872826>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-9277.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 5 KB
2 KB 65ms
53ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-9277.css?ver=1698872826

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

80ae295e1e684f6903ca3b3896fb69550a5051c018482eae7d601f5a270c5f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:27 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/01/2023 21:50:27
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:25 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 2686d9295d412317d45467a4f446051e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-9277.css?ver=1698872826>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-9907.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 64ms
52ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-9907.css?ver=1698872826

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

b4d6f31b12061ce5f7eb43054704209c45634f84c8dcfd0666907f33fa527401

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:27 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 11/01/2023 21:50:27
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:35 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 3a32d7f408371ec2847c1e377180ffcc
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-9907.css?ver=1698872826>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-94175.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 65ms
53ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-94175.css?ver=1698872826

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

f18d03ea1db25769e0297f023bbb4f700a35027e4b26c8ce2cea90dd91956cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:07:35 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/01/2023 21:50:27
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:35 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 3f91a352d2f905fe64db44162818b732
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-94175.css?ver=1698872826>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-94173.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 67ms
55ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-94173.css?ver=1698872826

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

ff0ef2b4514a9a824e24181bd336b7b282a0ff614b16dcc9484470aa337c15a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:27 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 11/01/2023 21:50:27
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:25 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 7b725f5fead2a3645835670d2df6f39e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-94173.css?ver=1698872826>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 regular.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 1 KB
1 KB 65ms
53ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=1698872881

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

65d8dd786920a8a2fa4df78fdcb708f06cf67c5febe9cfd5ca83c479a66fdad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:11:09 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 11/01/2023 21:50:27
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:08:58 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 17d0f9086e65dad19db15e7cc0b0fdc6
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=1698872881>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-96724.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 6 KB
2 KB 67ms
55ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-96724.css?ver=1698872826

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

365b620ba7cfdf23e9c6f78bfda3004c9ae0c8deb6605fe0b069c0ae992981b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:07:35 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/01/2023 21:50:27
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:35 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: ec66452f54c5fca0067c7b1829ae5b36
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-96724.css?ver=1698872826>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 animations.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
4 KB 67ms
56ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=1698872870

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

a144b7eb90f5589866d0546b15df7c4473c9ff44b079490e449c0ad96bb82511

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:33 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 11/01/2023 21:50:27
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:47 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 3d689fee2b62c173149b006b0c0aa954
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=1698872870>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 lazysizes.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ewww-image-optimizer/includes/ 15 KB
7 KB 67ms
56ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=1698872871

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

136ae09fa1a7c5fc9e017fef8c19b4408a8f4fdf9c9df542652a9746ee3e9b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:28 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 11/01/2023 21:50:28
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:47 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 22ccb9238a400fa12f7b1aec2a0befbb
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=1698872871>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 navigation.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/themes/cofense/js/ 2 KB
1 KB 66ms
55ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/themes/cofense/js/navigation.js?ver=1698872871

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

3c60f28ac63eb4fed3d219aba2496cb5da8b96a1db54a8d9b5c87ada17e42c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:28 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 11/01/2023 21:50:28
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:47 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 3f2e798d50da61cf84f63b3e0f1b6b71
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/themes/cofense/js/navigation.js?ver=1698872871>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend-script.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/libs/framework/assets/js/ 39 B
882 B 66ms
54ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=1698872872

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

89b87d53f74bf77c35b63352937c490fa8e07f70eb549d9307ea8e945fc00bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:28 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/01/2023 21:50:28
cdn-pullzone: 1418769
content-length: 39
last-modified: Wed, 01 Nov 2023 21:07:47 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: f355fed06788b1a30eff7b00afd0ef37
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=1698872872>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 widget-scripts.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 134 KB
39 KB 67ms
56ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=1698872872

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

234cbce3c37318c0a714729e1340c5bbdde1e9ebf444c5480db3ffe149ca9ee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:28 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 11/01/2023 21:50:28
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:47 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 30945d53cfb8e98347b4bda0c0bd52ba
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=1698872872>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 jquery.smartmenus.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/lib/smartmenus/ 25 KB
9 KB 67ms
56ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1698872872

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

bab206232a7ed22b16328f93b591887cf8e69c92871ee89fd421c94407b4f9a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:28 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/01/2023 21:50:28
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:47 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 4193f82f8ebd71da027751fdeb65e796
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1698872872>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 imagesloaded.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/ 5 KB
3 KB 66ms
55ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/imagesloaded.min.js?ver=1698872872

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

4902421a8e4268518e9435b729b6a50ce42d76cf3afd2a6ed6d1db87b565cc66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:09:47 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 11/01/2023 21:50:28
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:47 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: d7eb72787349d9b8706bac185a314aa5
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-includes/js/imagesloaded.min.js?ver=1698872872>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 webpack-pro.runtime.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/ 6 KB
3 KB 66ms
55ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=1698872872

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

79511acd0ccdbd49e4ece99044497e5de1befd1298f9184d7c3f4f68d04960c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:28 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/01/2023 21:50:28
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:47 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: f802ecd81ae17dfb93e1fbca91a0e15d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=1698872872>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 webpack.runtime.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/ 5 KB
3 KB 67ms
57ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=1698872872

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

6395d758d0ce608e17c063bcb631df55129fbdd005e4d9059b465ab433e5d3fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:28 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 11/01/2023 21:50:28
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:47 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 55660e47efbb36320fdc3c122b3f02d2
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=1698872872>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend-modules.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/ 57 KB
19 KB 67ms
57ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=1698872872

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

dfed2068b0898ac70605110ec1c8170a0aab611763ed5591c72196817d0b1282

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:34 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/01/2023 21:50:28
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:57 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 7d58866eb3cccb7be1bb9cf05d9bc698
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=1698872872>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 wp-polyfill-inert.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/ 8 KB
3 KB 68ms
57ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=1698872873

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

cf7e7bef418e30a1109043d1ce9bd96d95871973d9f0f48f453ed8d2e070d3c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:28 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 11/01/2023 21:50:28
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:47 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 1c261acd17c66c112727db45a0eab54a
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=1698872873>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 regenerator-runtime.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/ 6 KB
3 KB 67ms
57ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=1698872873

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:28 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 11/01/2023 21:50:29
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:47 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: d01b2b52056d08ba40d476739dce65e9
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=1698872873>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 wp-polyfill.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/ 16 KB
7 KB 68ms
58ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=1698872873

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

94b0e9b4abbe9e99299038ddeace0340091f244ec3da58d079620ed8d81ce591

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:28 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/01/2023 21:50:29
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:47 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 78b4b69435700598f4ec2e3ebca35926
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=1698872873>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 hooks.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/ 5 KB
2 KB 67ms
57ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/hooks.min.js?ver=1698872873

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

b4234e7878e78bc3463dee60b74dabc4249a8858550b89c4f5c23235d033c2d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:28 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 11/01/2023 21:50:29
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:47 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 8c22c490cc6d2228e178ffe388665f22
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-includes/js/dist/hooks.min.js?ver=1698872873>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 i18n.min.js Show response
ehhbozgsut3.exactdn.com/wp-includes/js/dist/ 9 KB
5 KB 68ms
59ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:15 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:15 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 782eb444b2ceb705448a70ce44e51983
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/ 24 KB
8 KB 68ms
58ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=1698872873

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

82915a46f223be695a3255845ad875c54ae0bebd58cb30b6e2a2aaa0ef6b06e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:28 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 11/01/2023 21:50:29
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:47 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 3e791866b5dd9e023c8e5e299293a119
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=1698872873>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 waypoints.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
4 KB 70ms
61ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=1698872873

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

e2ac5ea7f5449806fb65e42f8c0c97ac9d4c3e83da641340767ab071526da96e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:29 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 11/01/2023 21:50:28
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:57 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 3e7ea8450de8c4d88f4b5098e728ff47
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=1698872873>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 core.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/jquery/ui/ 21 KB
8 KB 68ms
59ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/jquery/ui/core.min.js?ver=1698872873

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

ba537e3957077fcc988d30e467e3464ef916baecec231691a65fd7d66a99c1f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:29 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/01/2023 21:50:29
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:47 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 3efc3b0568f5eb3734d6cd7d3ab391ab
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-includes/js/jquery/ui/core.min.js?ver=1698872873>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/ 39 KB
14 KB 67ms
58ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=1698872873

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

1f658d477bca6e8ce0f56bd251d86fdc170fa3267ee10c916406f78645624e91

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:29 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 11/01/2023 21:50:28
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:47 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 47feb223beb9646a832d53060846fcf6
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=1698872873>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 elements-handlers.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/ 35 KB
10 KB 70ms
61ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=1698872874

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

d55538fba2c0b897ef503920ead14ca39c62396d2a03456ebafd55a82ed8e0b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:29 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 11/01/2023 21:50:29
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:57 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 410b4468a8b812444f4f5179896a2c90
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=1698872874>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 animate-circle.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 681 B
1 KB 67ms
58ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.min.js?ver=1698872874

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

a8642bcd147ba3528345f5bd17f788cd524931e093255b2c1c8344677a1ab505

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:29 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/01/2023 21:50:29
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:57 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 937f894c729b621bf8a07d57dcb4da7b
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.min.js?ver=1698872874>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 elementor.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 18 KB
6 KB 68ms
59ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=1698872874

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

1c5062c716f15143dd0a8f6f6993a6f8db2900afc49e6193a9664a782a2e1686

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:29 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/01/2023 21:50:29
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:57 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 3e38ee3343b8fc45d9a25dc38cd29e3f
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=1698872874>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 jquery.sticky.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/lib/sticky/ 4 KB
2 KB 70ms
62ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=1698872874

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

a0eb0368e9e7b3ceaf152e2ef2212e6c2f1b924e34faa7f9841a4ef702a09da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 21:08:29 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/01/2023 21:50:29
cdn-pullzone: 1418769
last-modified: Wed, 01 Nov 2023 21:07:47 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: e095124222601943ed73546edd9c79b9
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=1698872874>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 lazyload.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
4 KB 20ms
20ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:16 GMT
date: Thu, 02 Nov 2023 02:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 09/29/2023 14:44:42
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:16 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 2cb40ddf6894a6d197c66cbd4ede5302
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 159ms
34ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=zlo5wor&ht=tk&f=26014&a=103167865&app=typekit&e=css
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/zlo5wor.css?ver=1698872870
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ehhbozgsut3.exactdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 340 KB
109 KB 113ms
45ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

13a3d3f82bfef4f8c02498d6a0bf3d92299e2a5ae21e4eb574d322cd46ec8f09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111496
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 00:23:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Nov 2023 02:11:56 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13ba7d85cedf2d5b14f9091119f9067689bdc33edde1d37a654787d416fbca34

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5231072de27cfe7ed0a432f3068a71ae38c8194cfb0f42b2126023fa7c99dc4c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d7ff0a7fba7e326e4031e4c9bc85229763150ff258655f02cc2673d7dac1e39

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 NETWORKHEADERBG-1.png
ehhbozgsut3.exactdn.com/wp-content/uploads/2022/06/ 40 KB
41 KB 29ms
28ms Image
image/webp 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/2022/06/NETWORKHEADERBG-1.png?strip=all&lossy=1&ssl=1

Requested by

Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-1386.css?ver=1698872826

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

2cb2dbcaef23560aab640aaa379e55b607c905a3f8f41b813679e5e503ecdf17

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-1386.css?ver=1698872826
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:54 GMT
date: Thu, 02 Nov 2023 02:11:56 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 09/29/2023 14:44:42
cdn-pullzone: 1418769
content-length: 40664
last-modified: Fri, 29 Sep 2023 13:58:53 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: df2eeb1e2e3c901748e7f64267d81de5
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/2022/06/NETWORKHEADERBG-1.png>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 inter-latin-500-normal.woff2
ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/ 17 KB
18 KB 87ms
39ms Font
font/woff2 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/inter-latin-500-normal.woff2

Requested by

Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/easyio-fonts/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=464d7fa7aea065b8ccc66b6fb1e3f432

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ehhbozgsut3.exactdn.com/easyio-fonts/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=464d7fa7aea065b8ccc66b6fb1e3f432
Origin: https://cofense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:59:09 GMT
date: Thu, 02 Nov 2023 02:11:56 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 09/29/2023 14:44:42
cdn-pullzone: 1418769
content-length: 17552
last-modified: Fri, 29 Sep 2023 13:58:58 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 63b8ccb8b8f7087bdae08830e2e1c930
link: <https://cofense2022stg.wpengine.com/easyio-bfont/inter/files/inter-latin-500-normal.woff2>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 inter-latin-700-normal.woff2
ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/ 17 KB
18 KB 97ms
49ms Font
font/woff2 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/inter-latin-700-normal.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

ced2d8e02e2fbf08d2edec9b5f13648ed8348588a05f7181632f3c1dd6e1f5c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ehhbozgsut3.exactdn.com/easyio-fonts/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=464d7fa7aea065b8ccc66b6fb1e3f432
Origin: https://cofense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:58 GMT
date: Thu, 02 Nov 2023 02:11:56 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 09/29/2023 14:44:42
cdn-pullzone: 1418769
content-length: 17784
last-modified: Fri, 29 Sep 2023 13:58:58 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: efaff726c35cec8ab8bfb384d7689366
link: <https://cofense2022stg.wpengine.com/easyio-bfont/inter/files/inter-latin-700-normal.woff2>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 inter-latin-400-normal.woff2
ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/ 16 KB
17 KB 114ms
66ms Font
font/woff2 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/inter-latin-400-normal.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ehhbozgsut3.exactdn.com/easyio-fonts/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=464d7fa7aea065b8ccc66b6fb1e3f432
Origin: https://cofense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:58 GMT
date: Thu, 02 Nov 2023 02:11:56 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 09/29/2023 14:44:42
cdn-pullzone: 1418769
content-length: 16708
last-modified: Fri, 29 Sep 2023 13:58:58 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 6f3e88d48472482495c4e5f644855617
link: <https://cofense2022stg.wpengine.com/easyio-bfont/inter/files/inter-latin-400-normal.woff2>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 fa-solid-900.woff2
ehhbozgsut3.exactdn.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 106ms
59ms Font
font/woff2 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

Requested by

Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1698872870

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1698872870
Origin: https://cofense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:59:09 GMT
date: Thu, 02 Nov 2023 02:11:56 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 09/29/2023 14:44:42
cdn-pullzone: 1418769
content-length: 78196
last-modified: Fri, 29 Sep 2023 13:58:48 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 5c7eaa76237d8751a36454d1ea781523
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 inter-latin-600-normal.woff2
ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/ 17 KB
18 KB 109ms
66ms Font
font/woff2 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/inter-latin-600-normal.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

048d136d592e66896cccc1fe4fada4feb16b7f6af671cd49a2fe6ed6b2276c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ehhbozgsut3.exactdn.com/easyio-fonts/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=464d7fa7aea065b8ccc66b6fb1e3f432
Origin: https://cofense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:59:20 GMT
date: Thu, 02 Nov 2023 02:11:56 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 09/29/2023 14:44:42
cdn-pullzone: 1418769
content-length: 17660
last-modified: Fri, 29 Sep 2023 13:59:20 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: c2d1d72e4b0a837a01f4615d4661c341
link: <https://cofense2022stg.wpengine.com/easyio-bfont/inter/files/inter-latin-600-normal.woff2>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 fa-brands-400.woff2
ehhbozgsut3.exactdn.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 75 KB
76 KB 109ms
67ms Font
font/woff2 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2

Requested by

Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1698872870

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1698872870
Origin: https://cofense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:58 GMT
date: Thu, 02 Nov 2023 02:11:56 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 09/29/2023 14:44:42
cdn-pullzone: 1418769
content-length: 76764
last-modified: Fri, 29 Sep 2023 13:58:58 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 19de7072b221e4534867547e3e91dc34
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 294 KB
94 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92f4971479892b38ec8e5153a893f41ac1531fe16b7d2fb77cf347dfc3d36689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96310
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Nov 2023 02:11:56 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 60 KB
16 KB 175ms
40ms Script
application/javascript 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

e8a99c16a581c4e69330699d00aa4a7763158ed99194087bceebd232d53eb42f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Oct 2023 19:14:48 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "652edd28-f1f8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 16484
expires: Thu, 02 Nov 2023 02:11:56 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 119ms
24ms Script
application/javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

672e173a1961506da81fd51463bb8b4aeacf8be4d484d02dca74b3e3a848ab7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Oct 2023 08:37:21 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=14693
accept-ranges: bytes
content-length: 3840

GET
H2 403 lt-v3.js
lltrck.com/scripts/ 0
0 360ms
114ms Script
text/html 34.230.138.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lltrck.com/scripts/lt-v3.js?llid=19612
Requested by: Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.138.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-138-115.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H2 200 2Uq3HoQoVZEHgHXXf288 Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 305ms
239ms Script
text/javascript 2606:4700::6810:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/2Uq3HoQoVZEHgHXXf288

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

41d02801f801ebc8e931a6309cc6949278e27c6078035b23015e169e3f1f2c3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 81f8d9855c43049f-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 88ms
23ms Script
application/x-javascript 23.210.118.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.118.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-118-178.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:11:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 oktrk.js Show response
static.oktopost.com/ 9 KB
4 KB 130ms
21ms Script
application/javascript 18.245.60.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oktopost.com/oktrk.js
Requested by: Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 16:10:41 GMT
content-encoding: gzip
via: 1.1 72500140cb63ff2dee8b57e4476902e6.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jan 2020 09:47:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 77189
etag: W/"57315c24d6fec75c4d46a8cc3fa6e0d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: X6jfix2WJeVo8cZYRdgdha5yLBXQOXMeHQcs57R2OiMtGZv5V00Uyw==

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 111ms
44ms Script
text/javascript 2606:4700:4400::6812:24c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:24c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
server: cloudflare
age: 31747
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1200
cf-ray: 81f8d9855d071c32-FRA
expires: Thu, 02 Nov 2023 02:31:56 GMT

GET
H2 200 ed9ggbnvvo Show response
www.clarity.ms/tag/ 893 B
1 KB 325ms
236ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ed9ggbnvvo?ref=gtm2
Requested by: Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2ff03bb8708df58b07e7c79a9457a61ebcc55c072b7fbdae31ffa83ef49f15eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: -1
date: Thu, 02 Nov 2023 02:11:56 GMT
x-azure-ref: 20231102T021156Z-6x4bf31wk10h3bd1263fs3mfx800000002hg00000003173g
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 893
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 9017396.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 153ms
32ms Script
text/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/9017396.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 6c649cc3d4aee7683250622541a6045ad4ac3beb93df1fcdd3ec1f7f12a1ff44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-cache-hits: 49243
date: Thu, 02 Nov 2023 02:11:56 GMT
content-encoding: gzip
via: 1.1 varnish
age: 32557720
x-cache: HIT
content-length: 5579
x-served-by: cache-fra-etou8220024-FRA
last-modified: Thu, 20 Oct 2022 22:49:15 GMT
server: Apache
x-timer: S1698891116.451181,VS0,VE0
etag: "421e-5eb7f2274b0c0-gzip"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-vimeo-dc: ge
x-bapp-server: assets-769d499c7b-6rkpw
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Oct 2032 06:23:15 GMT

GET
H2 200 dialog.min.js Show response
cofense.com/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
4 KB 32ms
32ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=1698872873
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9ba3d0c5d5408e00becd36ad394fa9ad9c0616741ebdd6dddc8e837db3605ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
age: 3693
etag: W/"64405228-29fd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81f8d9851ff7bb56-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Nov 2023 01:51:32 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1224
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 02 Nov 2023 03:51:32 GMT

GET
H2 200 nav-menu.70d63d6d093f3a45a0c6.bundle.min.js Show response
cofense.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 37ms
36ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.70d63d6d093f3a45a0c6.bundle.min.js
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=1698872872
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55da41872698fcd658c8cdd6c2e70ba9f13b7fa9048f734b5891dd463501d7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 26 Oct 2023 20:20:42 GMT
server: cloudflare
age: 3693
etag: W/"653aca1a-122b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81f8d9854803bb56-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
cofense.com/wp-content/plugins/elementor/assets/js/ 1 KB
898 B 39ms
39ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=1698872872
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfb4600efca0433c0b31f001c15c014484658a3e9afd8463a1171b6fb2660239

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 Oct 2023 20:06:00 GMT
server: cloudflare
age: 10517
etag: W/"65397528-550"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81f8d9855aca2bcd-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 share-buttons.81497e7fccd4fa77b6b9.bundle.min.js Show response
cofense.com/wp-content/plugins/elementor-pro/assets/js/ 2 KB
944 B 201ms
201ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/share-buttons.81497e7fccd4fa77b6b9.bundle.min.js
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=1698872872
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42d63ab11e823ff2cdc56b50e68e1e2c7c400438801f83d9276ec1f390e8b95f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 26 Oct 2023 20:20:43 GMT
server: cloudflare
etag: W/"653aca1b-62c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81f8d9858adb2bcd-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 load-more.064e7e640e7ef9c3fc30.bundle.min.js Show response
cofense.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 199ms
199ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/load-more.064e7e640e7ef9c3fc30.bundle.min.js
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=1698872872
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbd6dc5949c20da3e9b0ce62670cb67040b646e773b60b2b721540690e2feede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 26 Oct 2023 20:20:42 GMT
server: cloudflare
etag: W/"653aca1a-151a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81f8d9858add2bcd-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 posts.e33113a212454e383747.bundle.min.js Show response
cofense.com/wp-content/plugins/elementor-pro/assets/js/ 3 KB
1 KB 180ms
179ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/posts.e33113a212454e383747.bundle.min.js
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=1698872872
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b95e9531cf6c350ef2b935f5cfa667da91e9f2688eeb21b5822b340c5d1139f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 26 Oct 2023 20:20:42 GMT
server: cloudflare
etag: W/"653aca1a-cfd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81f8d9858ade2bcd-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 cofense.png
ehhbozgsut3.exactdn.com/wp-content/uploads/2022/06/ 3 KB
4 KB 23ms
22ms Image
image/webp 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/2022/06/cofense.png?strip=all&lossy=1&ssl=1

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

c45f781964e97c179059fb620032eddab4a86bf8af6cd3f7460b2fa839fedb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:59:14 GMT
date: Thu, 02 Nov 2023 02:11:56 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 09/29/2023 14:44:42
cdn-pullzone: 1418769
content-length: 3568
last-modified: Fri, 29 Sep 2023 13:58:07 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 79070491bb8027b6b581614aae1fbe11
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/2022/06/cofense.png>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 Blog-5Insights-1200x627-1-1024x535.jpg
ehhbozgsut3.exactdn.com/wp-content/uploads/2023/08/ 39 KB
40 KB 24ms
23ms Image
image/webp 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/2023/08/Blog-5Insights-1200x627-1-1024x535.jpg?strip=all&lossy=1&ssl=1

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

41ac87644e3ddf9efed23577e4f18d57c67f292705356f2a16e1621d8f96e1fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 24 Oct 2024 21:45:35 GMT
date: Thu, 02 Nov 2023 02:11:56 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 10/27/2023 09:15:09
cdn-pullzone: 1418769
content-length: 39990
last-modified: Fri, 29 Sep 2023 19:21:08 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 05cf85267fe302663a61dd27f1cb35db
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/2023/08/Blog-5Insights-1200x627-1-1024x535.jpg>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 Blog-5Ways-1200x627-1-1024x535.jpg
ehhbozgsut3.exactdn.com/wp-content/uploads/2023/08/ 30 KB
31 KB 24ms
24ms Image
image/webp 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/2023/08/Blog-5Ways-1200x627-1-1024x535.jpg?strip=all&lossy=1&ssl=1

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

d3ee32fc17b299ee0a180174924f9d63efa9293d0ba3f93390ebc9d6bca13580

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Fri, 25 Oct 2024 13:43:56 GMT
date: Thu, 02 Nov 2023 02:11:56 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 10/27/2023 09:15:09
cdn-pullzone: 1418769
content-length: 30622
last-modified: Fri, 29 Sep 2023 19:21:14 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 72bcc4043d42c1f5a8be8e81f46ad94c
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/2023/08/Blog-5Ways-1200x627-1-1024x535.jpg>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 Figure1.png.WM-1024x761.png
ehhbozgsut3.exactdn.com/wp-content/uploads/2023/08/ 48 KB
49 KB 25ms
24ms Image
image/webp 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/2023/08/Figure1.png.WM-1024x761.png?strip=all&lossy=1&ssl=1

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

aece604fd13bbf3eba6d2313fb57d73edea2028325659002a07b5f66e87870e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 31 Oct 2024 17:30:22 GMT
date: Thu, 02 Nov 2023 02:11:56 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 11/02/2023 02:04:03
cdn-pullzone: 1418769
content-length: 49388
last-modified: Tue, 31 Oct 2023 17:58:55 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: a54c717112e2679219b5f038fb307723
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/2023/08/Figure1.png.WM-1024x761.png>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 97ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3G76T4W3LR&gtm=45je3au1v874289719z8811887192&_p=197946503&_gaz=1&gcd=11l1l1l1l1&cid=860680100.1698891116&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698891116&sct=1&seg=0&dl=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&dt=Credential%20Phishing%20IOCs%20Jump%2045%25%20in%20Q3%20%7C%20Cofense&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:11:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 97ms
28ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3G76T4W3LR&cid=860680100.1698891116&gtm=45je3au1v874289719z8811887192&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:11:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 93ms
35ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3G76T4W3LR&cid=860680100.1698891116&gtm=45je3au1v874289719z8811887192&aip=1&z=2085117833

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:11:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 26ms
25ms Script
application/x-javascript 23.210.118.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.118.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-118-178.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:11:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Sat, 10 Feb 2024 02:11:56 GMT

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
465 B 131ms
130ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17654763&r=1698891116492&ref=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&version=2.4
Requested by: Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 17654763
Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
via: 1.1 google
x-guploader-uploadid: ABPtcPqLC8QIr1AaLYMg07iR_Ft_-VjXhrOHn6V38q1aNNHdSmsKSPFc38rtAsyMjgBHOOIdnCXBNcDc134vVGgHVHIhrQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Thu, 02 Nov 2023 03:11:56 GMT

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 193ms
123ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17654763&r=1698891116492&ref=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://cofense.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 02 Nov 2023 02:11:56 GMT
expires: Thu, 02 Nov 2023 02:11:56 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ABPtcPpKw-xY8_pxYXPbWxFqdvN2IOb1RwirctyfbD2JEQsxVhXaeuWwUCR13YwnLVl8Bx1XD5s

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 22ms
22ms Script
application/x-javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 08:32:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=32384
accept-ranges: bytes
content-length: 3272

GET
H2 200 ping Show response
okt.to/ 0
100 B 364ms
123ms Script
text/javascript 34.200.97.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://okt.to/ping?uri=%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&aid=001shx33p56dsdg&ts=1698891116538

Requested by

Host: static.oktopost.com
URL: https://static.oktopost.com/oktrk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.200.97.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-97-200.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
strict-transport-security: max-age=31536000;
content-type: text/javascript;charset=UTF-8

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
218 B 28ms
28ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=197946503&t=pageview&_s=1&dl=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&ul=en-us&de=UTF-8&dt=Credential%20Phishing%20IOCs%20Jump%2045%25%20in%20Q3%20%7C%20Cofense&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgUABAAAAACAAI~&jid=879032158&gjid=1774909337&cid=860680100.1698891116&tid=UA-114787942-1&_gid=1409108641.1698891117&_slc=1&gtm=45He3au1n815RQ37KHv811887192&gcd=11l1l1l1l1&z=792888853

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

55a584b426a4c83b14dc79e65c48e065d826852bbbd32814c0127f6ac70a922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:11:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 30ms
29ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-114787942-1&cid=860680100.1698891116&jid=879032158&gjid=1774909337&_gid=1409108641.1698891117&_u=YCDAgUABAAAAAGAAI~&z=2147158852

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Nov 2023 02:11:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
571 B 119ms
33ms XHR
application/json 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:11:56 GMT
an-x-request-uuid: 6848bb8a-c22b-48bc-bac1-43459f160173
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cofense.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.22; 217.114.218.22; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
190 B 44ms
39ms XHR
text/html 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://cofense.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 23 B
312 B 102ms
21ms XHR
text/html 2a02:26f0:7100::210:172
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::210:172 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9396a03f992569985b844f39a0e20187bd4f89bd03b35137050ba22c50798297

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:11:56 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://cofense.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2001:1b60:2:240:3247::2
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698891116653_34603374_702717992_15_675_18_39_219";dur=1
content-length: 23
expires: Thu, 02 Nov 2023 02:11:56 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
190 B 41ms
39ms XHR
text/html 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://cofense.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 23 B
311 B 99ms
21ms XHR
text/html 2a02:26f0:7100::210:172
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::210:172 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9396a03f992569985b844f39a0e20187bd4f89bd03b35137050ba22c50798297

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:11:56 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://cofense.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2001:1b60:2:240:3247::2
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698891116613_34603374_702717991_18_667_18_0_219";dur=1
content-length: 23
expires: Thu, 02 Nov 2023 02:11:56 GMT

POST
H/1.1 200
OK visitWebPage
404-jhu-612.mktoresp.com/webevents/ 2 B
318 B 592ms
124ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://404-jhu-612.mktoresp.com/webevents/visitWebPage?_mchNc=1698891116568&_mchCn=&_mchId=404-JHU-612&_mchTk=_mch-cofense.com-1698891116567-60232&_mchHo=cofense.com&_mchPo=&_mchRu=%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:11:57 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: feb148c9-9c03-4eca-a86e-92b2d282f43e

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
94 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZVTRKX60MM&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16c5c852d5c392a1edf3e58bd6660f5f9e30999b3d83141c3ff422db629985d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96441
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Nov 2023 02:11:56 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 80ms
30ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-114787942-1&cid=860680100.1698891116&jid=879032158&_u=YCDAgUABAAAAAGAAI~&z=1323581873

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:11:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
32ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-114787942-1&cid=860680100.1698891116&jid=879032158&_u=YCDAgUABAAAAAGAAI~&z=1323581873

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:11:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1698891116660&url=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&tm=gtmv2
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1698891116660&url=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&tm=gtmv2&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D300721%26time%3D1698891116660%26url%3Dhttps%253A%252F%252Fcofense.com%252Fblog%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1698891116660&url=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&tm=gtmv2&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1698891116660&url=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&tm=gtmv2&cookiesTest=true&liSync=tru...

0
264 B

214ms
131ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1698891116660&url=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJGHiHlxIZMxgAAAYuNzTJkELvuxMsVSLiB6RE-CGMJBhhZfrD1oOARbqwUEaxTXWKt7fYSbWE_
Requested by: Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:57 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A02BF7728DD142E687F6EF579A085CA7 Ref B: FRAEDGE1721 Ref C: 2023-11-02T02:11:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYJIemQd/n9O7qorXoQiA==

Redirect headers

date: Thu, 02 Nov 2023 02:11:56 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 3D5E38A7566D45368D3046ED7C195E78 Ref B: FRAEDGE1219 Ref C: 2023-11-02T02:11:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1698891116660&url=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJGHiHlxIZMxgAAAYuNzTJkELvuxMsVSLiB6RE-CGMJBhhZfrD1oOARbqwUEaxTXWKt7fYSbWE_
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYJIemMvcz+Cga0uB/cPg==

GET
H3 200 share-link.min.js Show response
cofense.com/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 188ms
188ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.17.1
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=1698872873
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-a3c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81f8d9873b8c2bcd-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.13/ 59 KB
25 KB 40ms
40ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.13/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ed9ggbnvvo?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 11:58:02 GMT
etag: W/"0x8DBCF0850CC9F3D"
vary: Accept-Encoding
x-azure-ref: 20231102T021156Z-6x4bf31wk10h3bd1263fs3mfx800000002hg000000031752
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: ea3821d2-901e-007b-583c-0b6c47000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 245ms
233ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=772ce97d-1f3b-4586-8185-bd81665296e3&session=4469b96e-2b69-450a-8b0d-6f3c0b6228bb&event=ipv6&q=%7B%22address%22%3A%222001%3A1b60%3A2%3A240%3A3247%3A%3A2%22%7D&isIframe=false&m=%7B%22description%22%3A%22Find%20out%20how%20malicious%20actors%20stayed%20active%20and%20invaded%20secure%20environments%20in%20the%20third%20quarter%20of%202023.%20Get%20insight%20on%20credential%20phishing%20from%20Cofense.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Credential%20Phishing%20IOCs%20Jump%2045%25%20in%20Q3%20%7C%20Cofense%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&pageViewId=558d7bfe-620f-4a5d-82a4-b2344905c552&v=1.1.7

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 232ms
231ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=772ce97d-1f3b-4586-8185-bd81665296e3&session=4469b96e-2b69-450a-8b0d-6f3c0b6228bb&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2002%20Nov%202023%2002%3A11%3A56%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Find%20out%20how%20malicious%20actors%20stayed%20active%20and%20invaded%20secure%20environments%20in%20the%20third%20quarter%20of%202023.%20Get%20insight%20on%20credential%20phishing%20from%20Cofense.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Credential%20Phishing%20IOCs%20Jump%2045%25%20in%20Q3%20%7C%20Cofense%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&pageViewId=558d7bfe-620f-4a5d-82a4-b2344905c552&an_uid=0&v=1.1.7

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 233ms
233ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=772ce97d-1f3b-4586-8185-bd81665296e3&session=4469b96e-2b69-450a-8b0d-6f3c0b6228bb&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20Nov%202023%2002%3A11%3A56%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22b253130e4accad98012a3abe3f4b4c7a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20Nov%202023%2002%3A11%3A56%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20Nov%202023%2002%3A11%3A56%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20Nov%202023%2002%3A11%3A56%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20Nov%202023%2002%3A11%3A56%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22b253130e4accad98012a3abe3f4b4c7a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20Nov%202023%2002%3A11%3A56%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20Nov%202023%2002%3A11%3A56%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22a9e769d7d96a596f969b9dc5023033e21a69bf40%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20Nov%202023%2002%3A11%3A56%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2002%20Nov%202023%2002%3A11%3A56%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Find%20out%20how%20malicious%20actors%20stayed%20active%20and%20invaded%20secure%20environments%20in%20the%20third%20quarter%20of%202023.%20Get%20insight%20on%20credential%20phishing%20from%20Cofense.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Credential%20Phishing%20IOCs%20Jump%2045%25%20in%20Q3%20%7C%20Cofense%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&pageViewId=558d7bfe-620f-4a5d-82a4-b2344905c552&an_uid=0&v=1.1.7

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 770 B
591 B 73ms
28ms XHR
application/json 3.65.57.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.57.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-57-16.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8f747cdb56a6ab39c12ede219686c746531c30fecf37506b9d941baac2ea08c5

Request headers

Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
Authorization: Token a9e769d7d96a596f969b9dc5023033e21a69bf40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
X-6s-CustomID: WebTag1.0 b253130e4accad98012a3abe3f4b4c7a

Response headers

date: Thu, 02 Nov 2023 02:11:56 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://cofense.com
access-control-allow-credentials: true
content-length: 409

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 93ms
22ms Preflight 3.65.57.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.57.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-57-16.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://cofense.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://cofense.com
access-control-max-age: 1800
date: Thu, 02 Nov 2023 02:11:56 GMT
server: nginx

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 30ms
24ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZVTRKX60MM&gtm=45je3au1v870050076&_p=197946503&_gaz=1&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=860680100.1698891116&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&dt=Credential%20Phishing%20IOCs%20Jump%2045%25%20in%20Q3%20%7C%20Cofense&sid=1698891116&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZVTRKX60MM&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:11:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 31ms
26ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZVTRKX60MM&cid=860680100.1698891116&gtm=45je3au1v870050076&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZVTRKX60MM&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:11:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 35ms
31ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZVTRKX60MM&cid=860680100.1698891116&gtm=45je3au1v870050076&aip=1&z=2126522944

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:11:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
291 B 666ms
385ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cofense.com
Date: Thu, 02 Nov 2023 02:11:57 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
BLOB 200
OK 1f9f21a8-1abd-4a44-b3b7-39a411206350
https://cofense.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://cofense.com/1f9f21a8-1abd-4a44-b3b7-39a411206350
Requested by: Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK messenger Show response
app.qualified.com/w/1/H3wWDXLUxD4irieG/ Frame 9ED1 6 KB
3 KB 407ms
130ms Document
text/html 44.198.203.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=ad3df54e-076d-42f0-9753-0a802b3ea9f2

Requested by

Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=H3wWDXLUxD4irieG

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

44.198.203.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-198-203-156.compute-1.amazonaws.com

Software

Resource Hash

6fd517f51b1186465421de16ec42451882aaebcbc62f89139ecd2e3e11774624

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cofense.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Length: 1722
Content-Security-Policy
Content-Type: text/html; charset=utf-8
Date: Thu, 02 Nov 2023 02:11:57 GMT
Etag: W/"6fd517f51b1186465421de16ec424518"
Link: <https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css>; rel=preload; as=style; nopush,<https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css>; rel=preload; as=style; nopush
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Via: 1.1 spaces-router (devel)
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 7131815d-59f0-70f1-ae2c-6eba184ac48d
X-Runtime: 0.015438
X-Xss-Protection: 1; mode=block

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
483 B 238ms
237ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=772ce97d-1f3b-4586-8185-bd81665296e3&session=4469b96e-2b69-450a-8b0d-6f3c0b6228bb&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2002%20Nov%202023%2002%3A11%3A57%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2002%20Nov%202023%2002%3A11%3A56%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22Find%20out%20how%20malicious%20actors%20stayed%20active%20and%20invaded%20secure%20environments%20in%20the%20third%20quarter%20of%202023.%20Get%20insight%20on%20credential%20phishing%20from%20Cofense.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Credential%20Phishing%20IOCs%20Jump%2045%25%20in%20Q3%20%7C%20Cofense%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&pageViewId=558d7bfe-620f-4a5d-82a4-b2344905c552&an_uid=0&v=1.1.7

Requested by

Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:57 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 messenger-94e6eccc.chunk.css
assets.qualified.com/packs/css/vendors~widget/sandboxed/ Frame 9ED1 35 KB
7 KB 48ms
31ms Stylesheet
text/css 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css
Requested by: Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb3487cae40a55bf31dc6e6191ab0d88ec8c8f85c62bf28ad25ad0a40c16a611

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:57 GMT
x-amz-version-id: E6HYLeBtJT9W_tVmGW0Eqr.OlxotuqBf
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: TWWJG8YEJHXPZZ7S
age: 5167
x-amz-server-side-encryption: AES256
x-amz-id-2: pmVx2lEmrfr+SZw1PNz6Gk7wk5PDZjVY2mXjV0nP+pusJpO0y0ybkjWYmA8SfR0+0AgzD5IZe2g=
last-modified: Sat, 01 Jul 2023 05:07:35 GMT
server: cloudflare
etag: W/"a788ecf510f83ee517cbaf79306145dd"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 81f8d98d79f603f4-FRA
expires: Thu, 02 Nov 2023 06:11:57 GMT

GET
H2 200 messenger-ea37ea0f.chunk.css
assets.qualified.com/packs/css/widget/sandboxed/ Frame 9ED1 5 KB
1 KB 47ms
30ms Stylesheet
text/css 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css
Requested by: Host: cofense.com
URL: https://cofense.com/blog/credential-phishing-iocs-increased-in-q3/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:57 GMT
x-amz-version-id: zKXsfoKUFji0fqagux87Ct.wStXdKY3J
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: YPTJS6HB9T8VSMD1
age: 6586
x-amz-server-side-encryption: AES256
x-amz-id-2: qsW2TA9TQAk+2gK8hZbFmLuYxxrTBGhSHm3Swdok8Kfrepps5p16QA/HEFheWccqUukr+Y8EOOXDIy9jh7YNLzx9I09dPQkPoALE5MQTMW8=
last-modified: Thu, 21 Sep 2023 22:54:11 GMT
server: cloudflare
etag: W/"22d5f23e695250d3c5a5b1e76a015c5e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 81f8d98d79f803f4-FRA
expires: Thu, 02 Nov 2023 06:11:57 GMT

GET
H2 200 messenger~runtime-a9adf483e0e752500c80.js Show response
assets.qualified.com/packs/js/widget/sandboxed/ Frame 9ED1 2 KB
2 KB 42ms
29ms Script
application/javascript 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget/sandboxed/messenger~runtime-a9adf483e0e752500c80.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=ad3df54e-076d-42f0-9753-0a802b3ea9f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46a42986d8f228b1921726a19363be9eb27396e55a96a20a621ff2f7b4135a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:57 GMT
x-amz-version-id: uw8eY9znYbYwTKssq1iVjR45iixsbJdW
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: ZT71765H6VXRPBWV
age: 5607
x-amz-server-side-encryption: AES256
x-amz-id-2: ax31Sco20p79T8PRbvMykH8EYsKfFbXQG1tM27+jCA0OJ8WUyr4dWl4Fm7vEZdj+ybEbbfNstto=
last-modified: Wed, 01 Nov 2023 22:33:49 GMT
server: cloudflare
etag: W/"e05dfb15b7a4816a9061c297491e03eb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 81f8d98d79fa03f4-FRA
expires: Thu, 02 Nov 2023 06:11:57 GMT

GET
H2 200 messenger-83c07b7e99850191bc84.chunk.js Show response
assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/ Frame 9ED1 1 MB
368 KB 44ms
32ms Script
application/javascript 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-83c07b7e99850191bc84.chunk.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=ad3df54e-076d-42f0-9753-0a802b3ea9f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14f9bb014529511407bd631f998721ec41f20d0467caf87b0764db637e4ff133

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:57 GMT
x-amz-version-id: 8.q2uNf_klVw6YiynBcri1Z8CfDHC5rB
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 5416W9Q9CKD8YRZX
age: 2531
x-amz-server-side-encryption: AES256
x-amz-id-2: fpMwqt9U4RhfMZvlHUxirRf8lqv+E+CqMHzyz4kejmULqVpmmDsRC7XsejYhUt4FBcrwQ7lC+cg=
last-modified: Wed, 25 Oct 2023 22:49:20 GMT
server: cloudflare
etag: W/"33565b52135d193a2f869023311ceced"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 81f8d98d79f903f4-FRA
expires: Thu, 02 Nov 2023 06:11:57 GMT

GET
H2 200 messenger-e5e106783b13d3045077.chunk.js Show response
assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/ Frame 9ED1 841 KB
189 KB 42ms
41ms Script
application/javascript 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/messenger-e5e106783b13d3045077.chunk.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=ad3df54e-076d-42f0-9753-0a802b3ea9f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c72368f5d1f7242e45ff6160ef370ea2ea3c377199d5640e866f0d300081a04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:57 GMT
x-amz-version-id: 9ZwPbcqQ3q7wtqd.kLglLRahV0b7cwPl
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: ZT7556VESDA0JP6S
age: 5607
x-amz-server-side-encryption: AES256
x-amz-id-2: UUFHovThnPpM+15mHOlX+p/tvKqhbgdQGeAddLRbgrWeoHKsnFXcrpIIWP3sTokgU5pjioUvlbg=
last-modified: Wed, 01 Nov 2023 22:33:49 GMT
server: cloudflare
etag: W/"4dcbab9757fe862aa173e8c88856aae7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 81f8d98daa0c03f4-FRA
expires: Thu, 02 Nov 2023 06:11:57 GMT

GET
H2 200 Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame 9ED1 97 KB
97 KB 103ms
48ms Font
font/woff2 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/media/fonts/inter/Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=ad3df54e-076d-42f0-9753-0a802b3ea9f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer: https://app.qualified.com/
Origin: https://app.qualified.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:57 GMT
x-amz-version-id: E.EzxDgXHD8zBb4etoOhRF8JjuY7FP2X
cf-cache-status: HIT
x-amz-request-id: Z3MR2DKW9BRDN9A9
age: 1442
x-amz-server-side-encryption: AES256
content-length: 98868
x-amz-id-2: VrUa3AtSiB2kSKbHcw/QvY38IpcK1ujp8wzq0ON6LlRS4EIkUzKG4wTflUTI7IqCYh6idNjHJzA=
last-modified: Wed, 01 Nov 2023 22:33:50 GMT
server: cloudflare
etag: "dc131113894217b5031000575d9de002"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 81f8d98db81f9262-FRA
expires: Fri, 01 Nov 2024 08:11:57 GMT

GET
H2 200 Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame 9ED1 103 KB
104 KB 82ms
28ms Font
font/woff2 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/media/fonts/inter/Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=ad3df54e-076d-42f0-9753-0a802b3ea9f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5

Request headers

Referer: https://app.qualified.com/
Origin: https://app.qualified.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:57 GMT
x-amz-version-id: 36YvGivbsHjAoawOZR_CMZ3.HfwAMHK1
cf-cache-status: HIT
x-amz-request-id: 9HZS4C118P0GA4X3
age: 10097
x-amz-server-side-encryption: AES256
content-length: 105804
x-amz-id-2: oZUG0L0I7yFXl4nQctH4RvCcEagpLdS4oSNBMOedkulXp9M4sfRtXEj2F7mtsAcDjHJf9kfrRCBHF//9o+15NbSSsdMyIGmj
last-modified: Wed, 01 Nov 2023 22:33:50 GMT
server: cloudflare
etag: "007ad31a53f4ab3f58ee74f2308482ce"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 81f8d98db8209262-FRA
expires: Fri, 01 Nov 2024 08:11:57 GMT

POST
H2 200 / Show response
sentry.io/api/1332833/envelope/ Frame 9ED1 2 B
324 B 198ms
136ms Fetch
application/json 35.186.247.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1332833/envelope/?sentry_key=b5158ee3382d49b28a864fb2b91bcaaf&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1

Requested by

Host: assets.qualified.com
URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-83c07b7e99850191bc84.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

156.247.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.qualified.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 02 Nov 2023 02:11:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
291 B 124ms
124ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cofense.com
Date: Thu, 02 Nov 2023 02:11:57 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4B861917D33E4C4F9F4FBE5F45977FDF&RedC=c.clarity.ms&MXFR=03D5B76B1A88690332ABA4D61E88679A
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4B861917D33E4C4F9F4FBE5F45977FDF&MUID=08BDF82B0FEB66A1391FEB960E6067B8

42 B
467 B

46ms
46ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4B861917D33E4C4F9F4FBE5F45977FDF&MUID=08BDF82B0FEB66A1391FEB960E6067B8
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:11:58 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:11:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6770AA537A1A443EA7E6E5CBC0B37C6A Ref B: FRA31EDGE0207 Ref C: 2023-11-02T02:11:58Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4B861917D33E4C4F9F4FBE5F45977FDF&MUID=08BDF82B0FEB66A1391FEB960E6067B8
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
483 B 240ms
239ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=772ce97d-1f3b-4586-8185-bd81665296e3&session=4469b96e-2b69-450a-8b0d-6f3c0b6228bb&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2002%20Nov%202023%2002%3A11%3A58%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2002%20Nov%202023%2002%3A11%3A57%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Find%20out%20how%20malicious%20actors%20stayed%20active%20and%20invaded%20secure%20environments%20in%20the%20third%20quarter%20of%202023.%20Get%20insight%20on%20credential%20phishing%20from%20Cofense.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Credential%20Phishing%20IOCs%20Jump%2045%25%20in%20Q3%20%7C%20Cofense%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&pageViewId=558d7bfe-620f-4a5d-82a4-b2344905c552&an_uid=0&v=1.1.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:58 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
483 B 254ms
253ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=772ce97d-1f3b-4586-8185-bd81665296e3&session=4469b96e-2b69-450a-8b0d-6f3c0b6228bb&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2002%20Nov%202023%2002%3A11%3A59%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2002%20Nov%202023%2002%3A11%3A58%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Find%20out%20how%20malicious%20actors%20stayed%20active%20and%20invaded%20secure%20environments%20in%20the%20third%20quarter%20of%202023.%20Get%20insight%20on%20credential%20phishing%20from%20Cofense.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Credential%20Phishing%20IOCs%20Jump%2045%25%20in%20Q3%20%7C%20Cofense%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&pageViewId=558d7bfe-620f-4a5d-82a4-b2344905c552&an_uid=0&v=1.1.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:11:59 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
291 B 124ms
124ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cofense.com
Date: Thu, 02 Nov 2023 02:11:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 232ms
232ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=772ce97d-1f3b-4586-8185-bd81665296e3&session=4469b96e-2b69-450a-8b0d-6f3c0b6228bb&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2002%20Nov%202023%2002%3A12%3A00%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2002%20Nov%202023%2002%3A11%3A59%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%224009%22%7D&isIframe=false&m=%7B%22description%22%3A%22Find%20out%20how%20malicious%20actors%20stayed%20active%20and%20invaded%20secure%20environments%20in%20the%20third%20quarter%20of%202023.%20Get%20insight%20on%20credential%20phishing%20from%20Cofense.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Credential%20Phishing%20IOCs%20Jump%2045%25%20in%20Q3%20%7C%20Cofense%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&pageViewId=558d7bfe-620f-4a5d-82a4-b2344905c552&an_uid=0&v=1.1.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:12:00 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 32ms
31ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3G76T4W3LR&gtm=45je3au1v874289719z8811887192&_p=197946503&gcd=11l1l1l1l1&cid=860680100.1698891116&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1698891116&sct=1&seg=0&dl=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&dt=Credential%20Phishing%20IOCs%20Jump%2045%25%20in%20Q3%20%7C%20Cofense&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:12:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET img.gif
b.6sc.co/v1/beacon/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b.6sc.co
URL: https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=772ce97d-1f3b-4586-8185-bd81665296e3&session=4469b96e-2b69-450a-8b0d-6f3c0b6228bb&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2002%20Nov%202023%2002%3A12%3A01%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2002%20Nov%202023%2002%3A12%3A00%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225010%22%7D&isIframe=false&m=%7B%22description%22%3A%22Find%20out%20how%20malicious%20actors%20stayed%20active%20and%20invaded%20secure%20environments%20in%20the%20third%20quarter%20of%202023.%20Get%20insight%20on%20credential%20phishing%20from%20Cofense.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Credential%20Phishing%20IOCs%20Jump%2045%25%20in%20Q3%20%7C%20Cofense%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F&pageViewId=558d7bfe-620f-4a5d-82a4-b2344905c552&an_uid=0&v=1.1.7

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cofense.com/	1969-12-31 23:59:59	Name: wp-wpml_current_language Value: en
.cofense.com/	1970-01-20 18:04:27	Name: _gcl_au Value: 1.1.778455160.1698891116
.cofense.com/	1970-01-21 01:30:51	Name: attr_first Value: %7B%22source%22%3A%22(direct)%22%2C%22medium%22%3A%22(none)%22%2C%22campaign%22%3A%22(not%20set)%22%2C%22term%22%3A%22(not%20provided)%22%2C%22content%22%3A%22(not%20set)%22%2C%22lp%22%3A%22cofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F%22%2C%22date%22%3A%222023-11-2%22%2C%22timestamp%22%3A1698891116298%7D
.cofense.com/	1970-01-20 15:54:52	Name: attr_last Value: %7B%22source%22%3A%22(direct)%22%2C%22medium%22%3A%22(none)%22%2C%22campaign%22%3A%22(not%20set)%22%2C%22term%22%3A%22(not%20provided)%22%2C%22content%22%3A%22(not%20set)%22%2C%22lp%22%3A%22cofense.com%2Fblog%2Fcredential-phishing-iocs-increased-in-q3%2F%22%2C%22date%22%3A%222023-11-2%22%2C%22timestamp%22%3A1698891116298%7D
.techtarget.com/	1970-01-20 15:54:52	Name: __cf_bm Value: ibeGEoT1gZF.CHh8mZ7SkxQi5MDhpU06GZ4S8ekXKmE-1698891116-0-AS1fl7vZ0ggQtSm2MULPDgdeILXLGjvycUk+hrf2CQciI4pEmvmAIz7BltF+alwl653dgynukyfDj1ruYF1yhUg=
.cofense.com/	1970-01-21 01:30:51	Name: _ga Value: GA1.2.860680100.1698891116
.cofense.com/	1970-01-20 15:56:17	Name: _gid Value: GA1.2.1409108641.1698891117
.cofense.com/	1970-01-20 15:54:51	Name: _dc_gtm_UA-114787942-1 Value: 1
.cofense.com/	1970-01-21 01:30:51	Name: _mkto_trk Value: id:404-JHU-612&token:_mch-cofense.com-1698891116567-60232
.ws.zoominfo.com/	1970-01-21 00:40:27	Name: visitorId Value: 38f0a529fc7943dca749a0ac904d8f481c5e1afc5a2c09c29f23dd47810eaa52
.zoominfo.com/	1970-01-20 15:54:52	Name: __cf_bm Value: miQWX3UoH85l4Qkz.Vh1KE7TDX4WxKLyDXXcJLJdotw-1698891116-0-AcUJug1YZBeOkxoBzjUsICs0vltn9uhVDw9/1DMOKAAcCRfc1mjELVk/MJVWsUtgO+lr8EjpSof+StBSJP9RXy0=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: _0jcm0KgYVBoCj6j1PSgWa6f6AN6dIXuKJ05FVdS0uA-1698891116594-0-604800000
www.clarity.ms/	1970-01-21 00:40:27	Name: CLID Value: b7750b02f5574f48a4c31de41d1fd987.20231102.20241101
.cofense.com/	1970-01-21 01:30:51	Name: __q_state_H3wWDXLUxD4irieG Value: eyJ1dWlkIjoiYWQzZGY1NGUtMDc2ZC00MmYwLTk3NTMtMGE4MDJiM2VhOWYyIiwiY29va2llRG9tYWluIjoiY29mZW5zZS5jb20ifQ==
cofense.com/	1970-01-21 01:30:51	Name: _gd_visitor Value: 772ce97d-1f3b-4586-8185-bd81665296e3
cofense.com/	1970-01-20 15:55:05	Name: _gd_session Value: 4469b96e-2b69-450a-8b0d-6f3c0b6228bb
cofense.com/	1970-01-20 16:04:55	Name: _an_uid Value: 0
.cofense.com/	1970-01-21 00:40:27	Name: _clck Value: u2p7fr\|2\|fgd\|0\|1401
.cofense.com/	1970-01-21 01:30:51	Name: _ga_ZVTRKX60MM Value: GS1.2.1698891116.1.0.1698891116.60.0.0
.linkedin.com/	1970-01-20 18:04:27	Name: li_sugr Value: 2a8e1441-c7a1-4824-8ac9-3b85b1698849
.linkedin.com/	1970-01-21 00:40:27	Name: bcookie Value: "v=2&a09a40dd-1bbe-4684-827d-4bf5cc7e78bc"
.linkedin.com/	1970-01-20 15:56:17	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2695:u=1:x=1:i=1698891116:t=1698977516:v=2:sig=AQH7w6IOh2YdNFu7geT15SXM6vnATFLg"
.6sc.co/	1970-01-21 01:30:51	Name: 6suuid Value: b8d01702acca35006c0543658d0300001ac10000
.cofense.com/	1970-01-21 01:30:51	Name: _ga_3G76T4W3LR Value: GS1.1.1698891116.1.0.1698891116.60.0.0
.linkedin.com/	1970-01-20 16:38:03	Name: UserMatchHistory Value: AQKgy8J3GYtIGwAAAYuNzTFo1Z6t2TwZqVe2O9HF1HuDxIKaGHhj60_i-YcV4kJlqxx8w6ZgONbNnQ
.linkedin.com/	1970-01-20 16:38:03	Name: AnalyticsSyncHistory Value: AQIO7TvhvI6OEAAAAYuNzTFoHJa8dvd1Ncm3eenLBEAZhYTgcboSQjkO02ysLWloOmaM8CgZlLCR08E1pILkew
.www.linkedin.com/	1970-01-21 00:40:27	Name: bscookie Value: "v=1&20231102021157c54a3b9a-3179-486a-8a6e-aa349ae755eeAQF_4T55MdXhyJmezi9AWqNeCRRt-YSj"
.linkedin.com/	1970-01-20 20:14:03	Name: li_gc Value: MTswOzE2OTg4OTExMTc7MjswMjGDogwyKhQ/vM5v1HnnIG87PlVzzXdUZlvl6HyCZi5xVQ==
.cofense.com/	1970-01-20 15:56:17	Name: _clsk Value: 5yfepa\|1698891117496\|1\|1\|r.clarity.ms/collect
.bing.com/	1970-01-21 01:16:27	Name: MUID Value: 08BDF82B0FEB66A1391FEB960E6067B8
.c.bing.com/	1970-01-20 16:04:55	Name: MR Value: 0
.c.bing.com/	1970-01-21 01:16:27	Name: SRM_B Value: 08BDF82B0FEB66A1391FEB960E6067B8
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 01:16:27	Name: MUID Value: 08BDF82B0FEB66A1391FEB960E6067B8
.c.clarity.ms/	1970-01-20 16:04:55	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 15:54:51	Name: ANONCHK Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lltrck.com/scripts/lt-v3.js?llid=19612 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

404-jhu-612.mktoresp.com
app.qualified.com
assets.qualified.com
b.6sc.co
c.6sc.co
c.bing.com
c.clarity.ms
cofense.com
ehhbozgsut3.exactdn.com
epsilon.6sense.com
extend.vimeocdn.com
ibc-flow.techtarget.com
ipv6.6sc.co
j.6sc.co
js.qualified.com
lltrck.com
munchkin.marketo.net
okt.to
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
r.clarity.ms
region1.analytics.google.com
secure.adnxs.com
sentry.io
snap.licdn.com
static.oktopost.com
stats.g.doubleclick.net
trk.techtarget.com
ws.zoominfo.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
b.6sc.co
13.107.42.14
141.193.213.21
146.75.122.109
18.245.60.43
185.89.210.20
192.28.144.124
20.119.174.243
2001:4860:4802:32::36
23.210.118.178
2400:52e0:1e00::1081:1
2606:4700:4400::6812:24c4
2606:4700::6810:880f
2606:4700::6812:1005
2620:1ec:21::14
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:827::2003
2a00:1450:400c:c0c::9b
2a02:26f0:3500:16::215:148b
2a02:26f0:480:f::213:7ec6
2a02:26f0:7100::210:172
3.65.57.16
34.111.208.231
34.200.97.200
34.230.138.115
35.186.247.156
44.198.203.156
68.219.88.97
95.101.111.184
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
048d136d592e66896cccc1fe4fada4feb16b7f6af671cd49a2fe6ed6b2276c6c
06c5b21ed6beb8535987a718d67db031fd8f9658a06e347946420fece8a2d845
0800c1bcae9fd7a9ab8bb0fc08bb60392cde06279906b58ba73a9d32c0ef0f8d
08d9e28e5a3cf2a632f0a595610c79ae90f8dc50f3dd17914f2e6ef324b100bf
09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84
0a828dbd42b518c042d31e8c907ce91c852f06759f79a659341c8c4fa74492b3
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
12c3f7bc60c99d1b6b634d6cd16fbb0e26ae75ddda15d7a6e5106cd5dad83f14
136ae09fa1a7c5fc9e017fef8c19b4408a8f4fdf9c9df542652a9746ee3e9b8a
138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47
13a3d3f82bfef4f8c02498d6a0bf3d92299e2a5ae21e4eb574d322cd46ec8f09
13ba7d85cedf2d5b14f9091119f9067689bdc33edde1d37a654787d416fbca34
14f9bb014529511407bd631f998721ec41f20d0467caf87b0764db637e4ff133
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
16c5c852d5c392a1edf3e58bd6660f5f9e30999b3d83141c3ff422db629985d8
19fb8fd435c0bce0c7b49c24d128cce686d4a6bba0de63d34d5effa4e1f644f4
1a829e1d6e41d31c49d5da4fc80f0d3a7ec3a42346706e092e19515ac518a057
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c5062c716f15143dd0a8f6f6993a6f8db2900afc49e6193a9664a782a2e1686
1c72368f5d1f7242e45ff6160ef370ea2ea3c377199d5640e866f0d300081a04
1f658d477bca6e8ce0f56bd251d86fdc170fa3267ee10c916406f78645624e91
20aad078c190cf5e3ff7c4a1471020f97a232dbc06b41b80f6a5fc782bd3493d
21a8d9de57277a54200a816f7c852e39febfb766f6fcecd3d7e8d4c90dd5f55f
234cbce3c37318c0a714729e1340c5bbdde1e9ebf444c5480db3ffe149ca9ee8
2cb2dbcaef23560aab640aaa379e55b607c905a3f8f41b813679e5e503ecdf17
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fe56e261192908744e52e92bab008ccba8e67aec2f3d26361837e5e4c49208c
2ff03bb8708df58b07e7c79a9457a61ebcc55c072b7fbdae31ffa83ef49f15eb
30db81ee3fd2296a2f5d01bb41c96067068327115900e2bdb865ffcfed6fdf8b
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
365b620ba7cfdf23e9c6f78bfda3004c9ae0c8deb6605fe0b069c0ae992981b7
3c1a5c4b5574a4104a92b2e700e6f0fc5b001c4297ebc5a1e76d67b1fbeb1c2d
3c60f28ac63eb4fed3d219aba2496cb5da8b96a1db54a8d9b5c87ada17e42c00
41ac87644e3ddf9efed23577e4f18d57c67f292705356f2a16e1621d8f96e1fd
41d02801f801ebc8e931a6309cc6949278e27c6078035b23015e169e3f1f2c3e
41eac43c1137e23dc691d5605126f42c477b739d40867c3022a1c9a857dd3194
42d63ab11e823ff2cdc56b50e68e1e2c7c400438801f83d9276ec1f390e8b95f
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4902421a8e4268518e9435b729b6a50ce42d76cf3afd2a6ed6d1db87b565cc66
4b9257e3e9c959214ddfab833a69a021ae6557403efe76afcbee259621175274
4d8f302eda9307bb0c244cc89f76f5d4eccd84380f4d04d47c49115ca989a983
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
5231072de27cfe7ed0a432f3068a71ae38c8194cfb0f42b2126023fa7c99dc4c
55a584b426a4c83b14dc79e65c48e065d826852bbbd32814c0127f6ac70a922e
55da41872698fcd658c8cdd6c2e70ba9f13b7fa9048f734b5891dd463501d7e5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58f8be459c8d1062283ac072740cb4504fc4b3c06f7f6f1e6b17643115cf2cce
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5d7ff0a7fba7e326e4031e4c9bc85229763150ff258655f02cc2673d7dac1e39
5ec0edcab83d68a0bbdaaa014ca2eb993bf8bb3eb9eb5291be25e602a0d50e2b
5fde6eacc077ab58c0a3e25657dcc7bb8c2c21469b7223f8135dd46da6beee25
6395d758d0ce608e17c063bcb631df55129fbdd005e4d9059b465ab433e5d3fd
65d8dd786920a8a2fa4df78fdcb708f06cf67c5febe9cfd5ca83c479a66fdad2
672e173a1961506da81fd51463bb8b4aeacf8be4d484d02dca74b3e3a848ab7c
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6c649cc3d4aee7683250622541a6045ad4ac3beb93df1fcdd3ec1f7f12a1ff44
6c64f1f61427b7aff7961cee93a0ee95c454274084a3a9e10aed8496929450d5
6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb
6fd517f51b1186465421de16ec42451882aaebcbc62f89139ecd2e3e11774624
74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63
79511acd0ccdbd49e4ece99044497e5de1befd1298f9184d7c3f4f68d04960c8
80ae295e1e684f6903ca3b3896fb69550a5051c018482eae7d601f5a270c5f83
82915a46f223be695a3255845ad875c54ae0bebd58cb30b6e2a2aaa0ef6b06e5
848ebbe22f48bb9cbdef963602e58e60688e934f430b6839500232159560c6de
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
880bd0c057b2118ce8870a412c9bbc9c744ecc1ffc2e0cec852f0822467a5468
89b87d53f74bf77c35b63352937c490fa8e07f70eb549d9307ea8e945fc00bc4
8cbc49b1385bf29debe95333f04795a6e3a2cf218d88b415b29872d06491fd1c
8f747cdb56a6ab39c12ede219686c746531c30fecf37506b9d941baac2ea08c5
8f9de5ce0bd559fccdcf15f73bef8d60af03428ea4c33222985a6644d1351b35
92f4971479892b38ec8e5153a893f41ac1531fe16b7d2fb77cf347dfc3d36689
9396a03f992569985b844f39a0e20187bd4f89bd03b35137050ba22c50798297
94b0e9b4abbe9e99299038ddeace0340091f244ec3da58d079620ed8d81ce591
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bb675d60a176b97d8be702bbcc80d182de2b65a06761101238a34b33eec82dc
a0eb0368e9e7b3ceaf152e2ef2212e6c2f1b924e34faa7f9841a4ef702a09da4
a144b7eb90f5589866d0546b15df7c4473c9ff44b079490e449c0ad96bb82511
a5b92372018c41010f3abc7e2508e4f4e1be30c6aa4bad99ae72504ad3e105a7
a7c3b69070e18da88843ce5865aae332f74fae0ada9c0a6004c6615c9813b4d6
a8642bcd147ba3528345f5bd17f788cd524931e093255b2c1c8344677a1ab505
ad2364119e81655c5452420dd9a2e2a488dd6658012ae9db392d4ee441c1e6a9
ae549261b91e3e9a5b932de75d605c5a831db2d3793f1c2e7b48c6fd2f811edd
aece604fd13bbf3eba6d2313fb57d73edea2028325659002a07b5f66e87870e6
b4234e7878e78bc3463dee60b74dabc4249a8858550b89c4f5c23235d033c2d5
b4d6f31b12061ce5f7eb43054704209c45634f84c8dcfd0666907f33fa527401
b7aa6ab9df6a0e844f86c52f547756342afab7b158a51c6c54ec5c10ba9e3773
b95e9531cf6c350ef2b935f5cfa667da91e9f2688eeb21b5822b340c5d1139f0
ba537e3957077fcc988d30e467e3464ef916baecec231691a65fd7d66a99c1f8
bab206232a7ed22b16328f93b591887cf8e69c92871ee89fd421c94407b4f9a4
bf685e293d51dc7a9ca630e387c90e436811766ab6a41df5dd0dd660b91f9eaf
c3dfc3f03106f85ab56ceaadf44433f35cca4209d64922d50a1c650c90aa60ad
c45f781964e97c179059fb620032eddab4a86bf8af6cd3f7460b2fa839fedb10
ced2d8e02e2fbf08d2edec9b5f13648ed8348588a05f7181632f3c1dd6e1f5c3
cf7e7bef418e30a1109043d1ce9bd96d95871973d9f0f48f453ed8d2e070d3c6
cfb4600efca0433c0b31f001c15c014484658a3e9afd8463a1171b6fb2660239
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d16687a04944f1fe7b82f081d4267457122bc36b26de671c1132ca5fdc938f41
d3ee32fc17b299ee0a180174924f9d63efa9293d0ba3f93390ebc9d6bca13580
d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a
d55538fba2c0b897ef503920ead14ca39c62396d2a03456ebafd55a82ed8e0b4
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfed2068b0898ac70605110ec1c8170a0aab611763ed5591c72196817d0b1282
e0aa068ac5dfad098da734d929000446f50930d7411a075c031ea96a9352970b
e2ac5ea7f5449806fb65e42f8c0c97ac9d4c3e83da641340767ab071526da96e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a99c16a581c4e69330699d00aa4a7763158ed99194087bceebd232d53eb42f
e9ba3d0c5d5408e00becd36ad394fa9ad9c0616741ebdd6dddc8e837db3605ba
eb3487cae40a55bf31dc6e6191ab0d88ec8c8f85c62bf28ad25ad0a40c16a611
edf0c45100bd76408c47b7a27b7cc7a85d776b1baf46de9e33f5b90bff9d5ea2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18d03ea1db25769e0297f023bbb4f700a35027e4b26c8ce2cea90dd91956cef
f22f932d4024701930979deb0996cc5919e760b0a39fb638fd2d93c13be84305
f2505437c541fbb54d3381687c49fded570dbc01ef97032d3db827f11825e971
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f4221e726cd903ea62b23099982f627213f319bad4697da681b33ec82d613500
f46a42986d8f228b1921726a19363be9eb27396e55a96a20a621ff2f7b4135a2
f7c57b37232dd200e7b27fc6bfce78ec413a3a718e94818248f4fe16570780bd
f8c5474581785b420fc49ffb978c96ccfdc289159bc9464c7e985003b94803fb
faddf8c3ff09bbff2375dd94286aef72d1f2816fad00c248b213e0ed4877f441
fbd6dc5949c20da3e9b0ce62670cb67040b646e773b60b2b721540690e2feede
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
ff0ef2b4514a9a824e24181bd336b7b282a0ff614b16dcc9484470aa337c15a2

cofense.com Open in urlscan Pro 141.193.213.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

153 Requests

97 %HTTPS

50 %IPv6

25 Domains

36 Subdomains

31 IPs

4 Countries

2068 kBTransfer

5897 kBSize

36 Cookies

7 Outgoing links

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cofense.com Open in urlscan Pro
141.193.213.21 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

97 %
HTTPS

50 %
IPv6

25
Domains

36
Subdomains

31
IPs

4
Countries

2068 kB
Transfer

5897 kB
Size

36
Cookies

153 HTTP transactions
3 data transactions