urlscan.io logo urlscan.io
SecurityTrails logo

www.inky.com Open in urlscan Pro
2606:2c40::c73c:6702  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgq13pl2SV1-WJV7CgFFvW69y6yW3Y6c-4V...
Effective URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?ut...
Submission: On October 08 via api from SE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 38 IPs in 4 countries across 31 domains to perform 142 HTTP transactions. The main IP is 2606:2c40::c73c:6702, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.inky.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 7th 2021. Valid for: a year.
This is the only time www.inky.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
68 2606:2c40::c7... 209242 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
4 2606:2800:234... 15133 (EDGECAST)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 151.139.243.18 33438 (HIGHWINDS2)
1 13.225.87.55 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 142.250.185.66 15169 (GOOGLE)
1 35.168.195.200 14618 (AMAZON-AES)
4 52.205.8.225 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 8 2600:9000:225... 16509 (AMAZON-02)
2 2 2620:119:50e4... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
2 104.244.42.8 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 54.90.31.9 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 206.19.49.24 17225 (ATT-CERFN...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.48.221.73 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a03:2880:f11... 32934 (FACEBOOK)
142 38
2    2606:4700::6812:1e69 (United States)

ASN13335 (CLOUDFLARENET, US)
d11dxp04.na1.hubspotlinks.com
1    2606:4700::6812:a34 (United States)

ASN13335 (CLOUDFLARENET, US)
hubs.li
68    2606:2c40::c73c:6702 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.inky.com
5    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
1    2a02:26f0:6c00::210:ba0b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
platform.linkedin.com
1    2606:4700::6811:f4cc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn2.hubspot.net
2    2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
5    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
app.hubspot.com
forms.hubspot.com
track.hubspot.com
1    2a02:26f0:6c00::210:ba11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    151.139.243.18 (United States)

ASN33438 (HIGHWINDS2, US)
cdns.canddi.com
1    13.225.87.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-55.fra2.r.cloudfront.net
assets.convertiv.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
www.googleadservices.com
1    35.168.195.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-195-200.compute-1.amazonaws.com
cdn.callrail.com
4    52.205.8.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-8-225.compute-1.amazonaws.com
tags.srv.stackadapt.com
1    2606:4700::6812:5c (United States)

ASN13335 (CLOUDFLARENET, US)
trk.techtarget.com
8    2600:9000:225e:5c00:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
2    2620:119:50e4:101::6cae:b55 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
2    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    54.90.31.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-31-9.compute-1.amazonaws.com
sp.inky.com
3    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    206.19.49.24 (United States)

ASN17225 (ATT-CERFNET-BLOCK, US)
apt.techtarget.com
3    2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:81ab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
1    52.48.221.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-221-73.eu-west-1.compute.amazonaws.com
d.adroll.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
1    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
70 inky.com
www.inky.com
sp.inky.com
2 MB
9 adroll.com
s.adroll.com
d.adroll.com
78 KB
6 twitter.com
platform.twitter.com
syndication.twitter.com
148 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
148 KB
5 hubspot.com
app.hubspot.com
forms.hubspot.com
track.hubspot.com
3 KB
5 linkedin.com
platform.linkedin.com
px.ads.linkedin.com
www.linkedin.com
px4.ads.linkedin.com
65 KB
5 crazyegg.com
script.crazyegg.com
26 KB
4 google.de
www.google.de
1 KB
4 stackadapt.com
tags.srv.stackadapt.com
7 KB
3 hs-banner.com
js.hs-banner.com
16 KB
3 google.com
www.google.com
784 B
3 doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
4 KB
3 googletagmanager.com
www.googletagmanager.com
160 KB
2 techtarget.com
trk.techtarget.com
apt.techtarget.com
2 KB
2 googleadservices.com
www.googleadservices.com
15 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 facebook.net
connect.facebook.net
78 KB
2 fontawesome.com
use.fontawesome.com
86 KB
2 hubspotlinks.com
d11dxp04.na1.hubspotlinks.com
3 KB
1 facebook.com
www.facebook.com
2 KB
1 hsforms.com
forms.hsforms.com
519 B
1 hscollectedforms.net
js.hscollectedforms.net
26 KB
1 hs-analytics.net
js.hs-analytics.net
20 KB
1 callrail.com
cdn.callrail.com
312 B
1 cloudflare.com
cdnjs.cloudflare.com
3 KB
1 convertiv.com
assets.convertiv.com
30 KB
1 canddi.com
cdns.canddi.com
422 B
1 licdn.com
snap.licdn.com
2 KB
1 googleapis.com
fonts.googleapis.com
1 KB
1 hubspot.net
cdn2.hubspot.net
2 KB
1 hubs.li
hubs.li
632 B
142 31
Domain Requested by
68 www.inky.com d11dxp04.na1.hubspotlinks.com
www.inky.com
8 s.adroll.com 2 redirects www.googletagmanager.com
www.inky.com
s.adroll.com
5 script.crazyegg.com www.inky.com
www.googletagmanager.com
script.crazyegg.com
4 www.google.de www.inky.com
4 tags.srv.stackadapt.com d11dxp04.na1.hubspotlinks.com
tags.srv.stackadapt.com
4 platform.twitter.com www.inky.com
platform.twitter.com
4 fonts.gstatic.com fonts.googleapis.com
3 track.hubspot.com
3 js.hs-banner.com www.inky.com
js.hs-banner.com
3 www.google.com www.inky.com
3 www.googletagmanager.com www.inky.com
www.googletagmanager.com
2 www.gstatic.com www.googletagmanager.com
www.gstatic.com
2 sp.inky.com assets.convertiv.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 syndication.twitter.com platform.twitter.com
www.inky.com
2 px.ads.linkedin.com 2 redirects
2 www.googleadservices.com 1 redirects www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net www.inky.com
connect.facebook.net
2 use.fontawesome.com www.inky.com
use.fontawesome.com
2 d11dxp04.na1.hubspotlinks.com 1 redirects
1 www.facebook.com connect.facebook.net
1 forms.hsforms.com www.inky.com
1 forms.hubspot.com js.hscollectedforms.net
1 d.adroll.com s.adroll.com
1 js.hscollectedforms.net www.inky.com
1 js.hs-analytics.net www.inky.com
1 apt.techtarget.com www.inky.com
1 stats.g.doubleclick.net www.google-analytics.com
1 px4.ads.linkedin.com www.inky.com
1 www.linkedin.com 1 redirects
1 trk.techtarget.com d11dxp04.na1.hubspotlinks.com
1 cdn.callrail.com www.googletagmanager.com
1 cdnjs.cloudflare.com www.googletagmanager.com
1 assets.convertiv.com d11dxp04.na1.hubspotlinks.com
1 cdns.canddi.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 app.hubspot.com www.inky.com
1 fonts.googleapis.com www.inky.com
1 cdn2.hubspot.net www.inky.com
1 platform.linkedin.com www.inky.com
1 hubs.li 1 redirects
142 42
Subject Issuer Validity Valid
hubspotlinks.com
Cloudflare Inc ECC CA-3		 2021-06-17 -
2022-06-16		 a year crt.sh
www.inky.com
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-05-09 -
2022-05-08		 a year crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-07-03 -
2022-07-08		 2 years crt.sh
hubspot.net
Cloudflare Inc ECC CA-3		 2021-06-04 -
2022-06-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-18 -
2021-10-16		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2021-06-26 -
2022-06-25		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
cdns.canddi.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-12 -
2022-10-13		 a year crt.sh
assets.convertiv.com
Amazon		 2021-09-23 -
2022-10-22		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
cdn.callrail.com
Amazon		 2021-03-26 -
2022-04-24		 a year crt.sh
*.srv.stackadapt.com
Amazon		 2020-12-09 -
2022-01-07		 a year crt.sh
s.adroll.com
Amazon		 2021-08-02 -
2022-08-31		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-09-16 -
2022-03-16		 6 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
sp.inky.com
Amazon		 2021-02-18 -
2022-03-19		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.techtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-25 -
2021-10-24		 2 years crt.sh
adroll.mgr.consensu.org
Amazon		 2021-09-09 -
2022-10-08		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Frame ID: 0E910D55349B378641A5A5D149049251
Requests: 136 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html?origin=https%3A%2F%2Fwww.inky.com
Frame ID: 54A53EC4D3AD1C48C9959C7ABC8434A3
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.58065ae230495f5d9e4b6a916472b2c1.en.html
Frame ID: B0C6AC5A0CAA4FE5D99AC674DF4F3D31
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbc11c639392b4%26domain%3Dwww.inky.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.inky.com%252Ff35cadf41294d38%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials&layout=button&locale=en_GB&sdk=joey&share=true&show_faces=false&width=120
Frame ID: A5C65124F986964D87D95E0C7E951C38
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Attackers Impersonate U.S. Department of Transportation to Harvest Microsoft Credentials

Page URL History Show full URLs

  1. https://d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgq13pl2SV1-WJV... Page URL
  2. https://d11dxp04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW... HTTP 307
    https://hubs.li/H0XtR7G0?utm_campaign=2021%20Brand%20Awareness&utm_medium=email&_hsmi=168463... HTTP 301
    https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-micr... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • //platform\.linkedin\.com/in\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

142
Requests

100 %
HTTPS

75 %
IPv6

31
Domains

42
Subdomains

38
IPs

4
Countries

2902 kB
Transfer

5388 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgq13pl2SV1-WJV7CgFFvW69y6yW3Y6c-4V99TSk3jJT9SW79YLHh5dy04CW4h41Rd59Q-66W89cMvM1w3T-3W77gxgy7jKmcFW2_XJks2dhRtGVkRt5B45TJQsVpMkrY3TKWVkW5KpQY55FlCBBW427Y8F369ZKmW4ZrLv316qYWqW2BxhV930Y848W5Jxr8m29gNxLW7Tlpt18Zntz1W4gJth_55w1_fVkLv134n1MFjW55fHdG1CM-wKW40ydbn78M2vqN7X0Q-wK9H-1W6b9G9W7W_0jjW7MZj_d8Sb5wCW8wW6Cv1kd8ZsW84WZK53c2CnD35b61 Page URL
  2. https://d11dxp04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgq13pl2SV1-WJV7CgFFvW69y6yW3Y6c-4V99TSk3jJT9SW79YLHh5dy04CW4h41Rd59Q-66W89cMvM1w3T-3W77gxgy7jKmcFW2_XJks2dhRtGVkRt5B45TJQsVpMkrY3TKWVkW5KpQY55FlCBBW427Y8F369ZKmW4ZrLv316qYWqW2BxhV930Y848W5Jxr8m29gNxLW7Tlpt18Zntz1W4gJth_55w1_fVkLv134n1MFjW55fHdG1CM-wKW40ydbn78M2vqN7X0Q-wK9H-1W6b9G9W7W_0jjW7MZj_d8Sb5wCW8wW6Cv1kd8ZsW84WZK53c2CnD35b61?_ud=4f68361b-0cfd-4311-a1c9-974fd7fa016c&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
    https://hubs.li/H0XtR7G0?utm_campaign=2021%20Brand%20Awareness&utm_medium=email&_hsmi=168463925&_hsenc=p2ANqtz-9WcbVGcvn0FJJkudcZaPCkCH2UKWrWm92BLZXayo4X4xwtIQFwMvFplDlyDLq5qiXcIq3iHxPigtYDpzC1GMR5WK5YS7vzFZjP9DAcY3iz6p2Np1k&utm_content=168463925&utm_source=hs_email HTTP 301
    https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2665292&time=1633701993314&url=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials%3Futm_content%3D180073276%26utm_medium%3Dsocial%26utm_source%3Dlinkedin%26hss_channel%3Dlcp-10363650 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2665292%26time%3D1633701993314%26url%3Dhttps%253A%252F%252Fwww.inky.com%252Fblog%252Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials%253Futm_content%253D180073276%2526utm_medium%253Dsocial%2526utm_source%253Dlinkedin%2526hss_channel%253Dlcp-10363650%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2665292&time=1633701993314&url=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials%3Futm_content%3D180073276%26utm_medium%3Dsocial%26utm_source%3Dlinkedin%26hss_channel%3Dlcp-10363650&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2665292&time=1633701993314&url=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials%3Futm_content%3D180073276%26utm_medium%3Dsocial%26utm_source%3Dlinkedin%26hss_channel%3Dlcp-10363650&liSync=true&e_ipv6=AQI-dK-pqIN-ZgAAAXxgOh38_Hfoq_CQBPFn3BEpKd8e9dRab16W63jWwdNzht33EVL8WOc
Request Chain 103
  • https://s.adroll.com/j/exp/VE72WIA6JJAITAM4PZOSV5/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 104
  • https://s.adroll.com/j/pre/VE72WIA6JJAITAM4PZOSV5/EO6PKOTODNGPVLDZHH27JW/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js
Request Chain 127
  • https://www.googleadservices.com/pagead/conversion/829684701/wcm?cc=ZZ&dn=18337274659&cl=KSYMCJfT_oYBEN33z4sD&ct_eid=2 HTTP 302
  • https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18337274659&cl=KSYMCJfT_oYBEN33z4sD

142 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgq13pl2SV1-WJV7CgFFvW69y6yW3Y6c-4V99TSk3jJT9SW79YLHh5dy04CW4h41Rd59Q-66W89cMvM1w3T-3W77gxgy7jKmcFW2_XJks2dhRtGVkRt5B45TJQsVpMkrY3TKWVkW5KpQY55FlCBBW427Y8F3...
d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgq13pl2SV1-WJV7CgFFvW69y6yW3Y6c-4V99TSk3jJT9SW79YLHh5dy04CW4h41Rd59Q-66W89cMvM1w3T-3W77gxgy7jKmcFW2_XJks2dhRtGVkRt5B45TJQsVpMkrY3TKWVkW5KpQY55FlCBBW427Y8F369ZKmW4ZrLv316qYWqW2BxhV930Y848W5Jxr8m29gNxLW7Tlpt18Zntz1W4gJth_55w1_fVkLv134n1MFjW55fHdG1CM-wKW40ydbn78M2vqN7X0Q-wK9H-1W6b9G9W7W_0jjW7MZj_d8Sb5wCW8wW6Cv1kd8ZsW84WZK53c2CnD35b61
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39b202b9a1e28a99db343abcf496268fbb37fea43416e5099a9c2b9934183ffc

Request headers

:method
GET
:authority
d11dxp04.na1.hubspotlinks.com
:scheme
https
:path
/Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgq13pl2SV1-WJV7CgFFvW69y6yW3Y6c-4V99TSk3jJT9SW79YLHh5dy04CW4h41Rd59Q-66W89cMvM1w3T-3W77gxgy7jKmcFW2_XJks2dhRtGVkRt5B45TJQsVpMkrY3TKWVkW5KpQY55FlCBBW427Y8F369ZKmW4ZrLv316qYWqW2BxhV930Y848W5Jxr8m29gNxLW7Tlpt18Zntz1W4gJth_55w1_fVkLv134n1MFjW55fHdG1CM-wKW40ydbn78M2vqN7X0Q-wK9H-1W6b9G9W7W_0jjW7MZj_d8Sb5wCW8wW6Cv1kd8ZsW84WZK53c2CnD35b61
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 08 Oct 2021 14:06:30 GMT
content-type
text/html;charset=utf-8
x-robots-tag
none
referrer-policy
no-referrer
vary
Accept-Encoding
x-hubspot-correlation-id
4926d602-88b4-46d6-8a41-bcb1795ad6dc
access-control-allow-credentials
false
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69afee1ecfca16f2-FRA
content-encoding
br
Primary Request attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials
www.inky.com/blog/
Redirect Chain
  • https://d11dxp04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgq13pl2SV1-WJV7CgFFvW69y6yW3Y6c-4V99TSk3jJT9SW79YLHh5dy04CW4h41Rd59...
  • https://hubs.li/H0XtR7G0?utm_campaign=2021%20Brand%20Awareness&utm_medium=email&_hsmi=168463925&_hsenc=p2ANqtz-9WcbVGcvn0FJJkudcZaPCkCH2UKWrWm92BLZXayo4X4xwtIQFwMvFplDlyDLq5qiXcIq3iHxPigtYDpzC1GMR5...
  • https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
101 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Requested by
Host: d11dxp04.na1.hubspotlinks.com
URL: https://d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgq13pl2SV1-WJV7CgFFvW69y6yW3Y6c-4V99TSk3jJT9SW79YLHh5dy04CW4h41Rd59Q-66W89cMvM1w3T-3W77gxgy7jKmcFW2_XJks2dhRtGVkRt5B45TJQsVpMkrY3TKWVkW5KpQY55FlCBBW427Y8F369ZKmW4ZrLv316qYWqW2BxhV930Y848W5Jxr8m29gNxLW7Tlpt18Zntz1W4gJth_55w1_fVkLv134n1MFjW55fHdG1CM-wKW40ydbn78M2vqN7X0Q-wK9H-1W6b9G9W7W_0jjW7MZj_d8Sb5wCW8wW6Cv1kd8ZsW84WZK53c2CnD35b61
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / HubSpot
Resource Hash
78e9692792add64aa8fb3866cfe91a0336544268cbd70dd6e2c21136039cb047
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
www.inky.com
:scheme
https
:path
/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgq13pl2SV1-WJV7CgFFvW69y6yW3Y6c-4V99TSk3jJT9SW79YLHh5dy04CW4h41Rd59Q-66W89cMvM1w3T-3W77gxgy7jKmcFW2_XJks2dhRtGVkRt5B45TJQsVpMkrY3TKWVkW5KpQY55FlCBBW427Y8F369ZKmW4ZrLv316qYWqW2BxhV930Y848W5Jxr8m29gNxLW7Tlpt18Zntz1W4gJth_55w1_fVkLv134n1MFjW55fHdG1CM-wKW40ydbn78M2vqN7X0Q-wK9H-1W6b9G9W7W_0jjW7MZj_d8Sb5wCW8wW6Cv1kd8ZsW84WZK53c2CnD35b61

Response headers

date
Fri, 08 Oct 2021 14:06:32 GMT
content-type
text/html;charset=utf-8
cf-ray
69afee27bd714e79-FRA
cache-control
s-maxage=7200,max-age=5
link
</hs/hsstatic/AsyncSupport/static-1.94/js/post_listing_asset.js>; rel=preload; as=script, </hs/hsstatic/HubspotToolsMenu/static-1.109/js/index.js>; rel=preload; as=script, </hs/hsstatic/cos-i18n/static-1.37/bundles/project.js>; rel=preload; as=script, </hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>; rel=preload; as=script, </hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js>; rel=preload; as=script, </_hcms/forms/v2.js>; rel=preload; as=script
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
content-security-policy
upgrade-insecure-requests
edge-cache-tag
CT-54734389294,CG-5913297540,P-4660171,L-14051831279,CW-14051610622,CW-14053561211,CW-44231347507,DB-4024336,E-14049870587,E-14051298449,E-14051610620,E-14051612624,E-40877894021,E-44231830628,E-44244669578,E-44244669595,E-44244669625,E-44284682773,E-46932362324,E-47113205407,E-47485630295,E-47691030292,MENU-14457366733,MENU-14457367717,MENU-44285776184,MENU-44632186250,PGS-ALL,SW-2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer-when-downgrade
x-hs-cache-config
BrowserCache-5s-EdgeCache-7200s
x-hs-content-id
54734389294
x-hs-hub-id
4660171
x-hubspot-correlation-id
becbc6b9-05c5-42a8-bd9d-99fcfe05e785
x-powered-by
HubSpot
x-trace
2BA07730A885236395D06E199CAA876F9B91D432A8000000000000000000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nbhd%2FVv%2FEV6l4DPayNIlyXUUjBmtBOjgaxkc%2FLg3QJMATVC2rzIEXFreIb63ELfyUDAxYMfFPEDChjS0XEMWWaGJUDj%2BtLe%2FIJGat8bmfMJ9U9hd90gk8qD0uO%2B7xR%2B887h7AtWZtr%2FEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992; path=/; domain=.www.inky.com; HttpOnly; Secure; SameSite=None
server
cloudflare
content-encoding
br
cf-h2-pushed
</hs/hsstatic/AsyncSupport/static-1.94/js/post_listing_asset.js>,</hs/hsstatic/HubspotToolsMenu/static-1.109/js/index.js>,</hs/hsstatic/cos-i18n/static-1.37/bundles/project.js>,</hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>,</hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js>,</_hcms/forms/v2.js>

Redirect headers

date
Fri, 08 Oct 2021 14:06:31 GMT
x-trace
2BF263D7DB9D23F2EFA63583046E11D0BDBE9B2166000000000000000000
x-robots-tag
none
link
<https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650>; rel="canonical"
location
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
referrer-policy
no-referrer
x-hubspot-correlation-id
504eadce-540f-4b4d-a6e4-7b55f06ae821
access-control-allow-credentials
false
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69afee249d0c4351-FRA
post_listing_asset.js
www.inky.com/hs/hsstatic/AsyncSupport/static-1.94/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.inky.com/hs/hsstatic/AsyncSupport/static-1.94/js/post_listing_asset.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a7d6a52225baae5c38ae3c75b025f025798ab05aed480fa2d4650fb94efc90e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:32 GMT
via
1.1 24626a7ea6ae1a3cf25ff10af1f89348.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17255051
x-amz-server-side-encryption
AES256
cf-ray
69afee2f3b5c4e79-FRA
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-cf-pop
MUC50-C1
content-encoding
br
last-modified
Thu, 04 Feb 2021 19:41:00 GMT
server
cloudflare
etag
W/"a058929d27817bc3ab980554f0b7b6b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=powcunyO8psrQssmyETxEE8i87g5qU3Py4yOaohrDUBWrCc3%2BeHSb%2FWSfKzrI0PAxJvOQInBWFYpZCaYhvoM0Lf1xpKq0q4i9Lav4YAUcsuwj20Btls13sFTWWdWTmdYQ7g4hRY648XmwA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
vw6NHeRjFw2qMsQaM2YHLdRjrqNqs.9g
cache-control
public, max-age=31536000
set-cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992; path=/; domain=.www.inky.com; HttpOnly; Secure; SameSite=None
content-type
application/javascript
x-amz-cf-id
SSUK95VZ4VGcB9b7vQuND4qtWnweAiakv60LVA4b9BjMLPPIWA_IOA==
expires
Sat, 08 Oct 2022 14:06:32 GMT
index.js
www.inky.com/hs/hsstatic/HubspotToolsMenu/static-1.109/js/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.inky.com/hs/hsstatic/HubspotToolsMenu/static-1.109/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
43ac0ae9e90f01a0afabe35cc0aaa377336aac90759e74770251de89db0af44c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:32 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5164963
x-amz-server-side-encryption
AES256
cf-ray
69afee2f3b5e4e79-FRA
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA50-C1
content-encoding
br
last-modified
Fri, 06 Aug 2021 19:39:07 GMT
server
cloudflare
etag
W/"d0801ffff23e81a99fd8046c0846ba93"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5Wm6XEidWxfIqjRh6hWe0O6qtF9G2smlMhpDQatHqewqOTUL1wgktjv%2F0eJrhS%2F7CTl3O3vvFg4%2F8gXGoJ8WyD0ndGUkrwlF20JZffH4qB1Sb5HKn6PXaZClmSwdF6%2FEjkkT3rPnW23zw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
WCB.Owk3aP2vvRplDI.5pUwB8LkSH.e_
cache-control
public, max-age=31536000
set-cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992; path=/; domain=.www.inky.com; HttpOnly; Secure; SameSite=None
content-type
application/javascript
x-amz-cf-id
pSsLw65tntFDEdA1Wfzw2gZ1r1sYewn82AJ23gwJ4tbHPJEd6QN2gQ==
expires
Sat, 08 Oct 2022 14:06:32 GMT
project.js
www.inky.com/hs/hsstatic/cos-i18n/static-1.37/bundles/ 		1 KB
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.inky.com/hs/hsstatic/cos-i18n/static-1.37/bundles/project.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
69aea70ed00c6297e407afc0b1ccf6db9629eedc412bf0779467f3e462d346e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:32 GMT
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9673230
x-amz-server-side-encryption
AES256
cf-ray
69afee2f3b604e79-FRA
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA2-C2
content-encoding
br
last-modified
Mon, 14 Jun 2021 16:41:38 GMT
server
cloudflare
etag
W/"6c562b3f1d6a0148fda97d4847422c6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCbNMPqfvgqqGpO%2Fn%2FB89ASb2W6G43dTFrZXCftgYcDRVEEQqxkjgmTpQPz6qUKaNG5lWfAG1%2BI5bYDZXmQzTOZBxsBKX8cHiNVdau1J6l7GTRApIe8acBjyOtseZ11rMGzonQunSq06Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
M9oUePGbwt7hrJpARSIQzQLaIi7kmGEy
cache-control
public, max-age=31536000
set-cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992; path=/; domain=.www.inky.com; HttpOnly; Secure; SameSite=None
content-type
application/javascript
x-amz-cf-id
DUXbRLuhPxzxlhKqx2KMF2WMfvTtTR6IQDORvdAyUi-gNVGhIKhf-Q==
expires
Sat, 08 Oct 2022 14:06:32 GMT
project.js
www.inky.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.inky.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:32 GMT
via
1.1 ae3f020e2e89e632d339db198e9ba75b.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17255126
x-amz-server-side-encryption
AES256
cf-ray
69afee2f3b614e79-FRA
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-cf-pop
MUC50-C1
content-encoding
br
last-modified
Wed, 19 Aug 2020 22:24:11 GMT
server
cloudflare
etag
W/"ef84f26c310485299d6b75777414eddb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLn7e7DXTiMQ4ijx%2BgRDJcw3xK1WAuo5lk9408xLm4p7EIvYbRgSRCOsNJX5nE7r7cMs3auNyKdUvheQ6E%2Bk8LLEEekSOCmISo3G2OqG9m1CoQINp6Xq4AeskyyPTktbT8bcPafYsPs26A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
gEenO44eZUewxnIWfgj9q6LB.g9OszNv
cache-control
public, max-age=31536000
set-cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992; path=/; domain=.www.inky.com; HttpOnly; Secure; SameSite=None
content-type
application/javascript
x-amz-cf-id
cqvrxixsJGu7xknZVpeNZIIugPJs9Gybqb6Ts_bfIy_dZMvA-0Dp7A==
expires
Sat, 08 Oct 2022 14:06:32 GMT
jquery-1.7.1.js
www.inky.com/hs/hsstatic/jquery-libs/static-1.1/jquery/ 		92 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.inky.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:32 GMT
via
1.1 89a45b9ac94fb6c6e52c37fdd89a6cb1.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17255126
cf-ray
69afee2f3b624e79-FRA
x-cache
Hit from cloudfront
x-amz-cf-pop
MUC50-C1
content-encoding
br
last-modified
Tue, 25 Nov 2014 17:03:30 GMT
server
cloudflare
etag
W/"ddb84c1587287b2df08966081ef063bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7o60XBeaOfT243fefA9wj0Hzbjh%2B0cnpixSW3c3wyLmaMQLgpd2fY3KOqHZRo6FzOOmE4ropWU%2BwiecgcaSsBNfilVA%2F3BoHqGkgsnw8o1UPaR7ar4f6yU4z7dDgyuRluvSVxhqTh6ENIg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
null
cache-control
public, max-age=31536000
set-cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992; path=/; domain=.www.inky.com; HttpOnly; Secure; SameSite=None
content-type
application/javascript
x-amz-cf-id
uvar5S_Za3dK85YyzXeF9Juu2xF5FRZKLPmzTFmNHquwiPqBpBjL9A==
expires
Sat, 08 Oct 2022 14:06:32 GMT
v2.js
www.inky.com/_hcms/forms/ 		563 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.inky.com/_hcms/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b98b770ede13e084c8799f8cb498b3828fccc59369d98c94d1fa9e3ae601c3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:32 GMT
via
1.1 613faec4b883bfe2ebdd8a74d5006f4c.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
208
x-amz-server-side-encryption
AES256
cf-ray
69afee2f3b634e79-FRA
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-cf-pop
IAD89-C3
content-encoding
br
last-modified
Fri, 08 Oct 2021 09:40:13 UTC
server
cloudflare
etag
W/"7eccbdac62489e20d8aafc3562477770"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvKEtfCBt5Rt3M%2FTbY7n0OrrbsPKPmEDj9xG9LZClMc38I%2Bk66r5hbeGJJw3ysFXqWFV62UrdUAK1FSBmtugrewcgkbyAetpUm6aY8wK0%2Bi9W%2FSwptErZ2z4qvZQBP1lyKCKcS6HHwYDqA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
vRAPJlXNMJQkuMakJt1dm4JoYD3l2O9A
access-control-allow-origin
*
cache-control
s-maxage=600, max-age=0
x-hs-cache-status
HIT
set-cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992; path=/; domain=.www.inky.com; HttpOnly; Secure; SameSite=None
content-type
application/javascript; charset=utf-8
x-amz-cf-id
SQzG3giGC1B2RhCU2nH1nTOx4eoaiEjPMc9-781xt6tkQxlMMJehDw==
x-hs-target-asset
FormsNext/static-5.378/bundles/project_with_deps.js
mjfw_styles.min.css
www.inky.com/hs-fs/hub/4660171/hub_generated/template_assets/14049870587/1630090673182/Custom/page/mjfw/ 		186 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.inky.com/hs-fs/hub/4660171/hub_generated/template_assets/14049870587/1630090673182/Custom/page/mjfw/mjfw_styles.min.css
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b23385c2f8745fffba70643c884aacbfeb0fc5c9e0ac6d2bc95098b055d6ca85

Request headers

:path
/hs-fs/hub/4660171/hub_generated/template_assets/14049870587/1630090673182/Custom/page/mjfw/mjfw_styles.min.css
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1630090673591
date
Fri, 08 Oct 2021 14:06:32 GMT
via
1.1 99baebf4b5bb631267dcfa82456151cc.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2054
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
x-amz-request-id
9DPRC7MM51D8D6G9
x-amz-id-2
PaBUjmvgKDY0z1D3bwhlpEP8n92oJ6zshgTqft7OG8kUONh8jch4d+j0a32Smu0Ht/xQrf2Rwhs=
last-modified
Fri, 27 Aug 2021 18:57:54 GMT
server
cloudflare
etag
W/"fd4547ffa6c0a30f146402f84ce06108"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVNcdf5Na2Gqi03t9fSacko%2FFNL3LzEf50zUisdFIbQRg171JajOY9b9i5l%2BnZFcAFi21%2Bo7pFDSGQMbchbgxBS11Vnpl4pt7DPLYXoQhFIF9nlL7Sd8ILcrI24uBflJY1m%2BiH0npxBkFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
Ij6qnAJ8sczqsZv4eYmwV6Q5hWPZB5Ov
x-amz-cf-pop
IAD89-C1
cf-ray
69afee2f6bb44e79-FRA
x-amz-cf-id
V85LaCrXR2u8sbljJIMrjb9VgwogISmfMKOv9etcMCmjn5QWZEybOA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
mjfw_client_styles.css
www.inky.com/hs-fs/hub/4660171/hub_generated/template_assets/40877894021/1611255799871/Custom/page/mjfw/ 		0
692 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.inky.com/hs-fs/hub/4660171/hub_generated/template_assets/40877894021/1611255799871/Custom/page/mjfw/mjfw_client_styles.css
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/hs-fs/hub/4660171/hub_generated/template_assets/40877894021/1611255799871/Custom/page/mjfw/mjfw_client_styles.css
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1611255799871
date
Fri, 08 Oct 2021 14:06:32 GMT
via
1.1 dd169cfdbbafbb3da513bede6bc6640e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2054
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
cf-ray
69afee2f6bb64e79-FRA
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-length
0
x-amz-id-2
rCnSZreF7nJkVuo76UPjX8jHreX3dS4kWfg0q3bPPEMN8HPQt53jNLixA1sRQFtG4kkHAPEw3pM=
last-modified
Thu, 21 Jan 2021 19:03:20 GMT
server
cloudflare
etag
"d41d8cd98f00b204e9800998ecf8427e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yteLdpFoqd8Gx5vpXC2aFQhVAhbqTNqP2UkQL1dh9KF242Ij3%2Fm4jjbsJ4TeZJ1rxxhqHe0%2FefhCE23Mk%2FucSurVRuUF%2FOdd57qZmlMcPSKNvdCYfVaov23LGWAzEMZTnJSFtRas%2BsAXIA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
FS9XY8HH9BG8WPP6
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
Ll5i_.tfyEvBsDdD4m8_haxfgkOWFKVu
x-amz-cf-pop
IAD89-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
erGoTkkgRstLjCS0z20AgSdy41ND7-JGkRcGiRH5PhBx04PYKSSTug==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
project.css
www.inky.com/hs/hsstatic/BlogSocialSharingSupport/static-1.16/bundles/ 		720 B
884 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.inky.com/hs/hsstatic/BlogSocialSharingSupport/static-1.16/bundles/project.css
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf3e0ecae28a70c5e010c24c160321243efe54f497d49a6a8f31ca12ee7eb972
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/hs/hsstatic/BlogSocialSharingSupport/static-1.16/bundles/project.css
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:32 GMT
via
1.1 598adc26bc2de491984cda2fac7d893a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17255052
x-amz-server-side-encryption
AES256
cf-ray
69afee2f6bb74e79-FRA
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
last-modified
Wed, 19 Aug 2020 22:47:10 GMT
server
cloudflare
etag
W/"a81c70764750950eb72d4537c41e781f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JoJGdTfI7M5fs%2FzM8fkZkD4FfJNekV5eO7ozBXE1JEttTDVhDdp7vlTwT%2BYbTL%2FBLeBn6q5zwZ9jLkbz3AWzP7c%2BJb2Hqyfd7r7VucXs2u%2BTBMyzFPSNejDh7oWdYEtN7F4gN%2FOBY5YIcA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
7bzlyDLBPgFUhJmnx6rYCRN4B2XAfbkA
cache-control
public, max-age=31536000
x-amz-cf-pop
MUC50-C1
content-type
text/css
x-amz-cf-id
C1QYQzIrUr6wL_HnnXmvwId3PB9c0oHl860nzNf9NTYHpTUFTxpndA==
expires
Sat, 08 Oct 2022 14:06:32 GMT
rss_post_listing.css
www.inky.com/hs/hsstatic/AsyncSupport/static-1.94/sass/ 		910 B
851 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.inky.com/hs/hsstatic/AsyncSupport/static-1.94/sass/rss_post_listing.css
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
723fbf8d73cd4e75f64f7d21558585aa1658b11332e87bd288f6987e398ecfb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/hs/hsstatic/AsyncSupport/static-1.94/sass/rss_post_listing.css
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:32 GMT
via
1.1 dcc00cbe52c84a141576f927caec03b4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17255052
x-amz-server-side-encryption
AES256
cf-ray
69afee2f6bb84e79-FRA
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
last-modified
Thu, 04 Feb 2021 19:41:00 GMT
server
cloudflare
etag
W/"e1b521ec14a912d6d385c21388ec7d79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jv7zhKfaZN4%2B4BpFda%2F2As7Yc0qDuyAcUPKLZsmaTjQLU91vzjgD2PDGVzkcGwgfcSia1EPXmSyRrnRQv24jH7Tz9bFo%2B6lcak7%2Bu2nXR4wC8aQlHYiOK4uyB9tzdTqqx4qccw2OxkEJ9g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
poR_HfzOwGppYdgImYO54h7K5fIDNnah
cache-control
public, max-age=31536000
x-amz-cf-pop
MUC50-C1
content-type
text/css
x-amz-cf-id
E6ptRXvKKgleBu_SrTZiKJtFtjHViszYqCwwZcfSle-bFFHN5g5cZg==
expires
Sat, 08 Oct 2022 14:06:32 GMT
5986.js
script.crazyegg.com/pages/scripts/0078/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0078/5986.js
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:32 GMT
cf-cache-status
HIT
last-modified
Fri, 08 Oct 2021 12:17:05 GMT
server
cloudflare
age
6567
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
69afee30190a05ed-FRA
content-length
0
in.js
platform.linkedin.com/ 		201 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
79c1af1bac5243f1ea3b6930ffed18caa0dd80096fa54d7b56f519a2f9bf7ef5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-LI-UUID
92yUzSQRrBbQl4f+FisAAA==
Date
Fri, 08 Oct 2021 14:06:32 GMT
Content-Encoding
gzip
X-CDN-CLIENT-IP-VERSION
IPV6
Server
Play
X-Li-Pop
prod-edc2
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, max-age=3600
Connection
keep-alive
X-LI-Proto
http/1.1
Content-Length
62394
X-CDN
AKAM
X-Li-Fabric
prod-lva1
Expires
Fri, 8 Oct 2021 14:26:54 GMT
layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1633668651731/hubspot/hubspot_default/shared/responsive/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1633668651731/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1633668651801
date
Fri, 08 Oct 2021 14:06:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33008
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-edge-origin-shield-skipped
0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqgfcf1W1E5cD1i81Z9BAS7wuc3p%2Bc7OA2g%2FcQo%2FEITujsJBedmct8ryH8J5md80fZYuUAcNMxUEKsor4WsVtoSRbmAGbwSTe5S9ucsKuCCZSiDlU4dQ%2FFQos7RrK8eha3jPLbncWwWyXKnufUs%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
last-modified
Fri, 08 Oct 2021 04:50:52 GMT
server
cloudflare
etag
W/"0b0c633d59ab0af9553a98c0e7d97349"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop
IAD89-C1
cf-ray
69afee2f8f67dfcf-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
all.css
use.fontawesome.com/releases/v5.8.1/css/ 		54 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Origin
https://www.inky.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:32 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8095220
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
Z361273D01Q2ATHW
x-amz-id-2
OZEkD+AMRkzCZqMYfj+tGijWDO3knvE2gAUtJyXYi1U6D8X564jmc//K3Ao8zM5mpTeCbfrYWPY=
last-modified
Wed, 30 Jun 2021 15:46:39 GMT
server
cloudflare
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSgArceTLvCMNIwpOY7C0kZ43x1VpOruElvbE%2Bn2Y1cC03vnCUAL%2B8j482H8f1TOY9oea%2FlkmY2E3hGuN7ubUdqcV4y93HBGcWd0jsgvx11nAxxjH4A7kOj2hM9sYtauYuRis5Ely2MLVCXzPCqL8EYp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
69afee2f79554eaf-FRA
logo-on-light.svg
www.inky.com/hubfs/mjfw/logos/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/mjfw/logos/logo-on-light.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ac089f5f1fe40dc6f4279ed44a86244800edf020b5f5add666467ec026fbddf

Request headers

:path
/hubfs/mjfw/logos/logo-on-light.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-methods
GET
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-16962397085,FD-16938974358,P-4660171,FLS-ALL
age
1163300
edge-cache-tag
F-16962397085,FD-16938974358,P-4660171,FLS-ALL
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
x-amz-request-id
7A34NT9XZTYW6243
x-amz-id-2
8+AJWLVY06xWP8Wo42vEgFmo0aobbu0pPpNCczqaCO8SBT21pll3UH18ew1B3Y/1YwajKvVxfzM=
last-modified
Thu, 03 Oct 2019 14:22:49 GMT
server
cloudflare
etag
W/"327d2b8dd7e69df5e6aca1f4bbde475a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQuyRxux8KNPzFr5DOFiQ1zqIetzQ3fMtBZ5jHJwz2dGh1UQsaPOfKCvV1Qwl7hwXd12GGey6zLqrCvbuXcS0L7hTGuNpZAEyLIfZ8JT36om95MLB%2BrKu8%2F4jW0BKLSKH1q3331m%2F1lLuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
bZ9bSBaVVlbilrmPxinDr1_TYLe0TbBS
x-amz-cf-pop
FRA56-C1
cf-ray
69afee302d0a4e79-FRA
x-amz-cf-id
LVa46P3SdjjazkVEFtztU7-NR1S7scYOZiGZ9mkpxMLSU5-Iktat7A==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
logo-on-dark.svg
www.inky.com/hubfs/mjfw/logos/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/mjfw/logos/logo-on-dark.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5066eb8c5e597263405f571bf0e8ae80bab9fbe2322c2f95f0b8d76e3b1a8ca8

Request headers

:path
/hubfs/mjfw/logos/logo-on-dark.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-methods
GET
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-16962397087,FD-16938974358,P-4660171,FLS-ALL
age
1163302
edge-cache-tag
F-16962397087,FD-16938974358,P-4660171,FLS-ALL
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
x-amz-request-id
7A3FN8SR2PVYYSZ7
x-amz-id-2
5YhqNMVpfT1GBahhwa+wbxgZvP1csK93VPeWGJc7ErJWPvfgwC7VzIiJrYHVaQjkeBpoanJGtn4=
last-modified
Thu, 03 Oct 2019 14:22:49 GMT
server
cloudflare
etag
W/"d1870bfd5cc0c5ad3601986369a45cd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAmc%2FEwrpIyjKVuhjzNb7tcI3f2fbg2%2Bcl3RoCf0NGU6e6uKWJjOc9BguHE1H4ZeMKXax6h6e%2BfRBrg%2BH4JLlJngoAdjQthOeWA2MpKqD2HmD8OOcWU5%2Bom8XJVV0cqbJ1xE2uN44g438w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
BIZeU1B5ZsrfaGrz7w03QzzBrmvLk2XL
x-amz-cf-pop
FRA56-C1
cf-ray
69afee302d124e79-FRA
x-amz-cf-id
kZtF36iLMMa62D7EkDLMCXx0C0x0pjuwlbBp8hCUobNU8WkP1OPHcg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
Inky-Logo.svg
www.inky.com/hubfs/Image%20Assets/ 		7 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/Image%20Assets/Inky-Logo.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
564970ca3723a64d7b53f0013336ac0c9ce98095092b146db1d3e715af9d1bff

Request headers

:path
/hubfs/Image%20Assets/Inky-Logo.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-methods
GET
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-13284613313,FD-6467782979,P-4660171,FLS-ALL
age
379218
edge-cache-tag
F-13284613313,FD-6467782979,P-4660171,FLS-ALL
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
x-amz-request-id
TYR895ZM342C834R
x-amz-id-2
3ZTHHAgBml2rhW8QfBR/Mf3f5BPOMAFMdyIZml1ETEmmRunqee8zfWyRE7B/ESgX5kfT2YQ8ZdI=
last-modified
Fri, 13 Sep 2019 16:44:41 GMT
server
cloudflare
etag
W/"9b543ca17e2d8e55c271a5b4e68e694f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyLxVnxrmMzvTfAV%2FJEWaGwOo9ZSuNq5DG0kiAoGqTkCYNKKpz3krdpL23sU5RFDqZhlu2T8yhxjwaPmS%2BRiHahuxMmpRCWXxYb70DiGGskuej1UNP4c9hScZqe88c8P6m9ObFFPBQbGpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
SGKckX83Adno1czoPeDlKlvhkAqADBY.
x-amz-cf-pop
FRA56-C1
cf-ray
69afee302d134e79-FRA
x-amz-cf-id
Fd4avsIYMGTyxPCehlV6w4VN6Sh59gSlp1uF67F7Qs_vs7Hjj7L6uA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
inky-website-icon-svg-27.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-27.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e6b47492e567f24365b69bb93c3baeb22e28b994d8aa78c2bd6d7463a533d24

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-27.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46529105934,FD-46529105695,P-4660171,FLS-ALL
age
1163301
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46529105934,FD-46529105695,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
7A3BDZPR2TNWV1XR
etag
W/"28a404a3f7d2a40dbec29f001ca845bc"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620231182471
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
fqXaUUahCtnDWP3FRWaaHPOt29Xzza8wXLQ70ZuuZbhHntWJ/VqZWTsMEU7AQWUt/n5Qaldb0cc=
last-modified
Wed, 05 May 2021 16:14:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXP5Py%2BkSX05ypqmaUXaIvlt8Fb4a7fnQ6nYOkkfrQ7uxCb89Q85sz8do%2BmCRNSHVuNdFcWb4DVJkQlHj57B1gmJQJTTliEryYD2gay3EHrIiAF4S%2BaBLMgmDTQ7Uf0DpQuZ1CXAmbPpcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
qQhtSZy1u5YZlI9jKzW1sNF4exK3zBwE
cf-ray
69afee302d144e79-FRA
x-amz-cf-id
OHhbZlgjtQ3PYavc0Ldlm6zzoQXLWdQiA4bBXARKd6Z3QVed1wi6sQ==
inky-website-icon-svg-14.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-14.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
74f9ed2313caf906226892361688adc61b60238a59f25af65d9743355eee815a

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-14.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46528971648,FD-46529105695,P-4660171,FLS-ALL
age
1163300
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46528971648,FD-46529105695,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
7A37AG5223WT3YG6
etag
W/"6c2f036affd79d751451d53c4d9a9ac0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620231182430
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
7mv0mNEzUdll6EDQG+uWObmWH7CBcB5uv4krOYb20DsZuNNnP18HOuxjSjBeqfhMWyDh9i2gjrI=
last-modified
Wed, 05 May 2021 16:14:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZxGKB0G2gJPN8VczJNFwv5%2Bpzfn8d8Qr1QostwUaBtluPmvPI%2F1%2BGuS6LOYY5psk4qeHyZ1JYukI3woJ%2FDl7jnsByd25qyGG0dJQOLF%2FGGF3qQL5aNSAzb%2BU8dW%2B5E6ck7zWKCT4OcMhg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
Z0bmdDunA.87vV_e_RYbfYMUYpfXvr4T
cf-ray
69afee302d164e79-FRA
x-amz-cf-id
rDqLT3K4AyjsSkvgLfIsN7YWj2XHXomPMcx9YWzZ_HicWBbTP7Os8Q==
inky-website-icon-svg-8.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-8.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9f709d853d98fcc7f55df3d2d0081362c673c937379e30db281b8cf48e8fbf8

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-8.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46529010808,FD-46529105695,P-4660171,FLS-ALL
age
1163302
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46529010808,FD-46529105695,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
7A34TD0VHCEMPKQ9
etag
W/"31a80a71de8952d2a8419eeddfcb2623"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620231182667
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
CwsncCd2PO0NujmaY6vGYcNfD92J0Wlhsi/LLtdMFGAdkVkHsSi5ePr1tgh5/JZ6nJ4TLHcrrDs=
last-modified
Wed, 05 May 2021 16:14:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHXx5RvY%2BCXfyUIt2o7aBoEkYkMCUuIvylAgPwFkxgFIFXVug9W4nDSU46F7lVMbe7PHHAbvmG%2FamTxDgvfJaII3UXcCp7v4V%2FXw6HOUxcjWvVSpkO3rzF9zuLEBhxgMC2QcF6JuIutlDw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
VWXtysGcDqZw6QQMbhSDCEwkDtX6UkNc
cf-ray
69afee302d174e79-FRA
x-amz-cf-id
muoLjl7mxSIchMrlk2-U9S3gGw7iKH8lHVINPTscf3lpyweMh7SV2A==
inky-website-icon-svg-79.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-79.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
047b9b74686c6a74e926097d28820ddf0b10994f0ba0932f8edc986bf8a1d8ba

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-79.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46546800959,FD-46529010872,P-4660171,FLS-ALL
age
281878
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46546800959,FD-46529010872,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
438833RM3ZM544MC
etag
W/"a961667d00f183d1dc980e43b8e2d036"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620246348270
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA50-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
Cky1lmfj9MtvMgun8OHw6s4esoEvbYjOqGGiDlWTiFN3Xc3lmAwZb8RuazxO8yhQRbn/gNIN7AY=
last-modified
Wed, 05 May 2021 20:25:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRvtmB9U2APrOoEbmFt2qIEVRoA0OA8gB8U2Xd5UqWqG2VGkbqjsrmGw6cbF6QeEwdy62oAfD6hG%2FEdJ3nhcDABAPx9snL%2BCZTEXe7m05o5A5RGxr6wlDlOkdbbFTOYdXXHzFePdMuL0cw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
i4WUzMUCU8._e.a8pMScr8qh.Tl5fExk
cf-ray
69afee302d1b4e79-FRA
x-amz-cf-id
jczSNemMVJQiXCVWJQUFmRR5FAkYyZSXBo9pYmMZdN7ncNMFqwIWfA==
inky-website-icon-svg-119.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-119.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e668a8c0f1ed837da184d25114f1e5577af320932407a9c1b4337fea9f5cd46f

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-119.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46596776088,FD-46529010872,P-4660171,FLS-ALL
age
1163301
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46596776088,FD-46529010872,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
7A35DQDA5N3H91WB
etag
W/"90d9686ed454dc795a73649ea74457f8"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620311580582
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 f58d1aa3b3b084adbea41c7523e2047f.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
eD5K/0DUxD8tCmQUTHS0mkp6BMZnk7H79IVEwlWnJLwGqMFIwCFToRhBM4N3tny6i7Jk0GodPNQ=
last-modified
Thu, 06 May 2021 14:33:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyTJABFcYq2%2BPB98F5pZyDtxNoNtA3wlymG3ujmf1aO8wB9DR1Gbpfl9xJ6v2S0mONkzGHk6owY%2BkajEyd6ZHOzbS3hZf2OAC3K6lwN9ul3TmRaybDnexCzSKw%2F1jLYjDmDM09gcukZy5A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
oLPNJ1Gyl9.zv9TnkbzgbKpKvxu7Z5PR
cf-ray
69afee302d1d4e79-FRA
x-amz-cf-id
JSQ6xwK__6kyhXbInmUyY-Dyu85aaRMmbtnV3bl2Bs2YJw851-7GlA==
inky-website-icon-svg-101.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-101.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
92ee88f405da44cb713427ec8eda9e9c41f3f764442f98cb93c76c6329e657a2

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-101.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46596779800,FD-46529010872,P-4660171,FLS-ALL
age
1163302
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46596779800,FD-46529010872,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
7A38NPFB31XAGZ9V
etag
W/"db01002705461213934f10ece6924be8"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620311580611
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
faPwBkIp4DyJZkzVncQCcQXy4pX3zU8srlCkTOgqloYPllTHFUwQhgnyGE4eSXGH23ghOunYJZg=
last-modified
Thu, 06 May 2021 14:33:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbRUtrVgRCOphlB5BkxinEu%2FPmVkOsA%2BJdDjAjMcHbC6YwmDPLh0u7j0TfeD0kxoYg3M33K%2BD%2FAzp3aIXfkJ%2BLRK9cMjZiUQvYgKYsCYpYJeCS4Dq%2B4e3r7RGX3skzthIT0cdQ2YK%2B6hxA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
n7iWNAQXSCj650oSzFS2EUwaBfOvSC92
cf-ray
69afee302d1e4e79-FRA
x-amz-cf-id
vY8_4uu2o7CJj5NsGzA4qLottp64Ebw6Z6qtp0KryOSEGRrXbb8sgg==
inky-website-icon-svg-52.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-52.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce20bf6892926586223505a0013107cff17c27cfcf4d6064f3ec1bff95e72d20

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-52.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46528971657,FD-46529105695,P-4660171,FLS-ALL
age
379218
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46528971657,FD-46529105695,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
AGGXFP998Y2H6YTE
etag
W/"31ea624ce84a927ae13fb203b4bf854a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620231182806
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc1.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
hFYpjBmPzjtc3H/CqlRwl03hOaI08hnqOvPA0ENUc1JK22baI/KV0kkP7ZA6byisfGJUIxFghGY=
last-modified
Wed, 05 May 2021 16:14:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3%2BZAy4EL3%2F%2FJv3cumqxxqCii2ziK%2FJ96kW1Ehe3inUUbggL8YbJB6F38ASoyCC7t3tGgLdVYV0fH8PIMp%2BOPdT9HgJIC%2BfY1Xh2zv3I3rsHnrGsVvL2TAnyxH0n%2F6zIWD1%2FRJFUdFQYaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
ZZSSfJOiOEin0Q9FUTwHAcPkFIgO3ypy
cf-ray
69afee302d1f4e79-FRA
x-amz-cf-id
VGJ8jxzi69QBEBh6sPKkRilUs-Gak0opiGps2SYfsN5j4OhecZuXuA==
inky-website-icon-svg-30.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-30.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
92fe9226922b323ea1ecdfaff17d5ba6f15955730888c9fb33c6b6b3421bd6c4

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-30.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46528971655,FD-46529105695,P-4660171,FLS-ALL
age
1163301
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46528971655,FD-46529105695,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
7A3B6PWCCYQ46G5Q
etag
W/"47c08bddbb822b11809b8707821a8602"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620231182747
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
PCNIHiD1vAO6ecUfrOTqe6W5CSe/IFH1YiOXdtKl4HvE4sZd6ONkmblWuZppma7kkWi02n4uqNg=
last-modified
Wed, 05 May 2021 16:14:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzffYY9KUNM9%2FWRaK%2BAo102lrv1uMf7cppb3M%2Fn5Xgqn17HrN4JoYz2mmgvvfUD2otzutNmpXukiHvw5S3Rst256%2FZPr%2BvbqmIh8dszwtmxFeLG5jOKAh2IoLwAvZ5ymfBDWM%2B3s%2BNiakA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
dB17DgxHVL.cmi2sPPvM1DX4K9Wu9J9w
cf-ray
69afee302d214e79-FRA
x-amz-cf-id
GV9QFJxOuwPllJlPZjBPPv6gYOn5jo2goqUq9cmXmSiwvyFGjtA-wA==
inky-website-icon-svg-98.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-98.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7836e6e99b38cf5429a2780f7c5e13db1247e39503d6cd228d2fbd27ecf217c

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-98.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46596809482,FD-46529010872,P-4660171,FLS-ALL
age
741712
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46596809482,FD-46529010872,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
EWXEC37XC41ERWFD
etag
W/"83c6d046bcdb34a9e5544e04203dbc84"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620311580567
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
BJEnCJih+V4a1Ax1gAd324QLim7YPzkYjcjgAsrvbZN330A4XTeBfUYqm53uEi6EcwlGUBhnYFw=
last-modified
Thu, 06 May 2021 14:33:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1%2BsY5W0F8w6eXTVuywozwbeDg4pOMUUY0ALIFHKSiWi%2BTNlqxMHJg5sc7tnyafP5I0iRdkIrTu0AeYt6cOiGsB8tm%2F7QJWYFc%2BzNVtj56ZVC1o9%2Bu1AeCeq5ZoMZCW%2FTR98uwGdqfcKiw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
eNO7c0GIQTzT6Cg83IAnMxMiLVQAMJjz
cf-ray
69afee302d224e79-FRA
x-amz-cf-id
WqxWo02jVyFph4U77mo1fgmVtyj2HUXPRDKu-IBHOcl4jwI1GS4JfQ==
inky-website-icon-svg-16.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-16.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
51583a0cf96be11c2e6f966f1575c9804dbeb09b10c2906eca870b319dfec9e2

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-16.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46528971656,FD-46529105695,P-4660171,FLS-ALL
age
1163300
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46528971656,FD-46529105695,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
7A3DJMN3BN0727QE
etag
W/"9aecf71a8ea592ceaeba2200541d27c1"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620231182747
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
CF5xufuShISNBJkB867M2OxhOOTEPLI3O2z0gB9fYdPodfxKEFGQbtApCKDGGQlAmC5plHRucLc=
last-modified
Wed, 05 May 2021 16:14:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lfO3MgKnzIREmT70CY8MMcvUNiuTl5GApWAHKTHwZRZ7x9bmSoErazIWsVbIKwA78Jc1ms08GxxUXmMsWJRBwV4O5lufMX7v4um238DtK19fmAyAmsjIC%2BqeH6zuCeavb88WDHHZvXjdw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
i1iXtKdheAgmgfpGeTu28Tn7QSjvDMhY
cf-ray
69afee302d2e4e79-FRA
x-amz-cf-id
3rTYDakXQFAqMpjZOjrfeBTUn1LcObQd8uXmO4hl6vnVWJK0_8m9hw==
inky-website-icon-svg-74.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-74.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebdd736bacc0d5ec4a229edb007d4462882f24332a949d97f5d2ac8601399e91

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-74.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46546821262,FD-46529010872,P-4660171,FLS-ALL
age
1377354
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46546821262,FD-46529010872,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
AJWWCF1RARTVAYCN
etag
W/"6444e2e0964f9b7cf6789b294a45c935"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620246348330
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P5
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
U2odT6IlddISs92SWVMZoTv8q1NJL7yM4IGtQfueW2snwp6agpMIJjDJ9cwHEQSjMXR+o07kc0Y=
last-modified
Wed, 05 May 2021 20:25:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3qozmVPA22Z7GGEKPueZOxb4idU8kl7E7PSd%2FQS7P84Rh%2BDPP4bSonJ%2BlIrZJEATrlqDd13sZJ8BPIVCopMSIK0XnABxpACIQrtFKztk6VCYVOzMGt8SGFEQxQkpolO7VSPJdUyL%2FetEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
jiX4pSgypyg10POxJQy0fZCyUwfbYmqj
cf-ray
69afee302d324e79-FRA
x-amz-cf-id
Z6NhepT9nH31E-OFQi8NbAh5WhLCg-O-x-sPOhiMJqjFdMWcVmJ55w==
inky-website-icon-svg-99.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-99.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5110806a76e601c5dae3cf1f0ccb3c8245f85c1fc45550b6794b87cafcc8b93e

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-99.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46596734210,FD-46529010872,P-4660171,FLS-ALL
age
1163300
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46596734210,FD-46529010872,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
7A3FY4FRA207QFW0
etag
W/"378d2ab0d9612556ebe6f27433426bd6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620311580605
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
VP5r13ak6XPbfsTdYyvof24VrwCWcWZH555eOxjc6fXRf/rz2wsnui9mQKKvbrOKtcP+VoWe+LA=
last-modified
Thu, 06 May 2021 14:33:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBqcNiny9ZqE21m2LilaDqsxxmpKbTvZYXT8K8oax8FTAiLCII85CRKytszoIupUJouMh84BL2ys2qChK52E%2FHkvSSpuiL7OUvm3U1bMUXCkt7Amr4a1KcFCH9VzdpzneVIwK4pnDrvfBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
fu9GKy9WmBjNKJADAxEhwipr0IKG8G_7
cf-ray
69afee302d354e79-FRA
x-amz-cf-id
popkMd4ZGbqdtM83lrm4jKeFfU2lH2oih5nFdh2gOoMp3wGPk_pTig==
inky-website-icon-svg-21.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		862 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-21.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a58db67a5dcde12662868bde321be853777eecc5a973a09a963e50dee7e8507

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-21.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46528957862,FD-46529105695,P-4660171,FLS-ALL
age
1163301
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46528957862,FD-46529105695,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
7A30R3K5E8CVQTQ7
etag
W/"886f03b85882eafd96d3947e8c9cb347"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620231182487
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
e9ACJ5PyZkjhdfT0R+lmoNZuWjp3IxfHZyJ2sm2ecwjZiw9YkWENnLozOG2cwCN2Kp5JpTj14ho=
last-modified
Wed, 05 May 2021 16:14:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2kCGiJ5B0weuurZXYgO5yULFLSk14lwoCqvpgYreqe3zzQL19idi5ecyafzDKKfZPtrtR%2FdMWWM5Tap4guF9bgOgnYlqQPDVwJxA0DJotkxokk%2BHx3xRhoE4jddnujvFK93BC4FOsrqhg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
8TrCn6.o7o3L_btsm4AXUAL3IW_E8XhZ
cf-ray
69afee302d394e79-FRA
x-amz-cf-id
grDa6zKFAmhKoWB46xspNUI_OxWRiN_ZUEdCv-sZoEnJDcNRdelPvg==
inky-website-icon-svg-34.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-34.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8689a4fccbe5d28d8091fb32c8decbed5159d30861dee3ed604426038907cf10

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-34.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46528957866,FD-46529105695,P-4660171,FLS-ALL
age
1163301
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46528957866,FD-46529105695,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
7A35R78RDD1DA093
etag
W/"7e9520ff81ae32af6eb10647dcd77f3c"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620231182641
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
dugL1/ijF625JKItA2c0sMyOxZjQPFPMhVaxXDY35/VYe9gQzcLoKwSFsKbCi8WZIlsC1Py22uY=
last-modified
Wed, 05 May 2021 16:14:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikLdjKFxbxtSBUDFvEyQ0HGy1z4U8hQFEHS7EuBYR%2Fts%2Fh%2Fwhzbwf%2B1sbLzCD9Ile52p3Xqdk1HPQ2kiYMx6xC1MwkGzQG6qBfeUWl65l3R6twx0JgZoJAD3JUhFNuq0rWT7VM8qKMHKiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
wY7OUgp88aM_cjAXUpdg4alJEQWT0UKm
cf-ray
69afee302d3b4e79-FRA
x-amz-cf-id
ABlCT4xmuIf1STh0eky34Bo9BQX6gFHrMavo8rHivNrL0Sjq6AtD4Q==
inky-website-icon-svg-12.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-12.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ecb285028473354835a3f78befd9d0dca8ea9aeea3e07f5368b565e927a7a04

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-12.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46529000011,FD-46529105695,P-4660171,FLS-ALL
age
1163300
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46529000011,FD-46529105695,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
7A3CZQ7R6C4NBH65
etag
W/"e04176568f138ff73df7c8895d2a6da6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620231182768
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
BgchUcdJQDa8z+8KEXZNuXqUiNbqtrriohCHzdK3B0ss3zbE+BzZHrdh46zSQmLvu9xsNCyRZEk=
last-modified
Wed, 05 May 2021 16:14:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBDQnEOmQRlTiTUYbypgM8GTIJvSm%2BO8RE784old3b9dwYoDY342BT%2B%2BvkCrrhcfF%2BT%2FczLaqfagZxahF40StXhd40Imz4XCUhzdeGto9U5MEOKqOlk8UbzfyVqlFEEU7sSzOeV28mMmCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
Z5R9xNtZu6gnM7ViqTv06CjDbKgekZh_
cf-ray
69afee302d3e4e79-FRA
x-amz-cf-id
27QzUR3lJflKhTXRDhNtqqIsClZIDJFRcIADzkvJM032w3KoNTeNsA==
inky-website-icon-svg-88.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-88.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5789f099c795bde2831ced3eed1236ef4a21e99cdfdd48856ef3d8205a6f1fa

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-88.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46547475205,FD-46529010872,P-4660171,FLS-ALL
age
379218
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46547475205,FD-46529010872,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
VAMQW4Y7YX40FTWY
etag
W/"6e6922bf5ceef446c91a4a9a3550a10e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620246348356
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
RmRonFQYyS+UENzxIcElqmpbcPDzfmiGQoPYwU+MEzX8JJmy1bT6ipNBIKUN5dWNLao+QtokeG0=
last-modified
Wed, 05 May 2021 20:25:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owzwNmzdWTvD5juKI%2BpoCBK1I%2BVki3RnoIOjqbrOzgqnpuDrqc4Wk3g1erh5iWjAC%2FQN%2B1SA2g22uDVOlaoVtsCpkOKU6fZQ8sU6E%2FJ%2F5OdUhfGy2dRvTPIZOYO3NKFsC8VTBiGXR2ANAw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
Copsa2R3JOuiVfX.OrApKeEgLNZ4viSq
cf-ray
69afee302d3f4e79-FRA
x-amz-cf-id
_XrI9IDRNzJ3jM4tX2p_zr8fNu2Qh1_HBI-5E55-NOiHT0AAAQGcow==
inky-website-icon-svg-76.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-76.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
54df0148d6da489c160a781a5ecb6ba67611c27405bf2c047997af62a16caede

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-76.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46546800962,FD-46529010872,P-4660171,FLS-ALL
age
1163301
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46546800962,FD-46529010872,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
WAYWS1SFR6X4VCGF
etag
W/"9062e94b58eeb77b7fbc2d43678d6db9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620246348359
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 c888f786e25e6e3c7dbb7e9da462d715.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
O3ZUTHsXxWS79WUNDmmnUQ03vyY7DtEb1u7AcMDvQSvBVnMLp5aNjXemAZUJIGD664buTR6nNcA=
last-modified
Wed, 05 May 2021 20:25:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7RFrRnmyrtP9hKKG2uzK%2FddC36LCBMiEA9RqrR4pnoC6Hm%2F4TON10%2FDxZdlvGrgyuZ%2FkjouoLva2znjR1sZVnCflnB7j2g8sKmknikIlXZrlLB9zGytkQnpEZ6PPnbewLbRrVmpT%2BHWhg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
BD5O97jlQaBGlHqAIacyPt.Ky5L09yJh
cf-ray
69afee302d414e79-FRA
x-amz-cf-id
NM0rTzc1bfbBpp2RuwUXWkkT02Mk5ucCxHBxk0AK5PRHcQY3bQGhHA==
Automotive.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/Automotive.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cc423b713042e7f031abea5d376fbe260ffe404204d006da97734cb2271f426

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/Automotive.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-54302934185,FD-46529010872,P-4660171,FLS-ALL
age
234751
x-amz-server-side-encryption
AES256
edge-cache-tag
F-54302934185,FD-46529010872,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
D74EJKHC14Q7JPA0
etag
W/"e5b4872c8eaa7d135d9088787e50653e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1630507444982
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
DE8acsPCfgxH80T9Ut2aW7mSA0n7pI4W3Dgtl6AUbAvurmc5ETeGE4mtyskPPMEz39+tsd1/Zbo=
last-modified
Wed, 01 Sep 2021 14:44:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9dPToAYvWLuU3UOz7EaG7cFmJRxDPAfqmshm7rrWY3dMAhSnv0TwM9SoiiyuHo8DQWupyeb5Uyr5c6xvg%2FydH8T2vvFY%2BUohsEQD%2Fwjn3d8MeAWAQQyKQ0H7sxo%2BE6WX9551uPhSAzQhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
kMxJaFQbujILU3IED7D07WlpgKj9_W5a
cf-ray
69afee302d424e79-FRA
x-amz-cf-id
Jf5YRxlV3Fb-YqV4S4bFFh-cWgbccPeweTNuq6563rxTDQyxCwKu8Q==
Construction.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/Construction.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a0375fbb1b1cf7fbf3ce7c5014a75ddc974325d029f2bfcac652da23b8016ef

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/Construction.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-54302398548,FD-46529010872,P-4660171,FLS-ALL
age
1377354
x-amz-server-side-encryption
AES256
edge-cache-tag
F-54302398548,FD-46529010872,P-4660171,FLS-ALL
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
S3ET773H2Z3VDD41
etag
W/"e567948a88fd821b236136f687a50eaa"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1630507444987
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA2-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
UsJaRyOTJUdclZBS9QJ01IktyS9TzpXtXEGl8KNjIYvAlP36POya6uhrc7cxMK0HOs3TyW0WtGo=
last-modified
Wed, 01 Sep 2021 14:44:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOA386KC0AcIO3LtxWXaXSaMcqxsmNqtFrhqwDp4nS24WIVSBuI3PsuOBI8oLJePN6UGA0BC3BCS5p4djRWYGqraJED4hYhaG8HwW8TAJ7I0F2EW7JolV2oLVZebJexkUt%2FunFn0P7XrTA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
eAXX9ImtfKY1jKnkQlO66GHfMD54jBfK
cf-ray
69afee302d454e79-FRA
x-amz-cf-id
tdtoTMrj11g75vYRj-aYEhg6dzOqdLZNvAqtXC6INY5G53-H20vd3w==
inky-website-icon-svg-59.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-59.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f9d91a354279ae9600088ebac84ee928b90ee6ed2d87a2d9d188747a7ff22f3

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-59.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46528971651,FD-46529105695,P-4660171,FLS-ALL
age
281878
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46528971651,FD-46529105695,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
WJNZQCZJCYC4Y35H
etag
W/"56e5c348ae70727a755554e458a2edae"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620231182479
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA50-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
1oDV4p5PhIfABLMPUgEM4ztkMDV98UPXapCOBlexSRjwM9tT2/FHDQLZ0Mg72D8DNE8QnWjcpZw=
last-modified
Wed, 05 May 2021 16:14:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nuhCNo9RbfcHKgrj1YGkY1rjS%2Bb1%2Ft5patk5vY8IuwHJg2Ngni3Q4no%2BCGfEJpxQpDnJ6Ge%2B6OK%2BkDMQO6U%2FVrNojXcXG8aX%2B4fm8sox4Jh4MW0ByiTrXLw8YFORtVLtzyCf6hrqCfhpWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
Fz63y6D3oloNPQqPunuHqwA.2xQS0Ofq
cf-ray
69afee302d474e79-FRA
x-amz-cf-id
MSpa6vEklx-gtU-E1UPKwEyJuC8v1oXRYOq5jpTHZem2RCLKvOBqNw==
hospital.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/hospital.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f35c52596780faa647385b4c22e232e3bdede90af7c80b234be63ea55d9918cf

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/hospital.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-55256503219,FD-46529010872,P-4660171,FLS-ALL
age
234751
x-amz-server-side-encryption
AES256
edge-cache-tag
F-55256503219,FD-46529010872,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
G6ZJHYDQW4NR1QA9
etag
W/"52d05323304809a66f064a70a8f859c8"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1631648093917
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
mNQ/TEcE/1ndKW90cUn5aXGy4UUAHGIfB3VnDmCOvXwztHJdsO1fFkAnC+tg/YhYeiIJVP35wwA=
last-modified
Tue, 14 Sep 2021 19:34:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=995hQj4GMjBJWbZQFI%2BpHB544ZXt8QGsjoCLNogq345PNhLgtfiRg04KRL5EcA9vEqifAoh0yYfPhqZZ6pKUHANnHbIP7NyP0Aer8OvrfXKy7iCZxJ8E1YmXCaB%2Boj5FgvGe6fbGmHLtCg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
WNsMEIAKYuwHYQy.7ouHTfhB5rz_hdlb
cf-ray
69afee302d484e79-FRA
x-amz-cf-id
pU6ja64gOwGMe2DFsGRV8VJS9x8JrDWBRhAFSkfk3WcID5YXN6ZVZQ==
inky-website-icon-svg-57.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-57.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1534e7ec1f21224f153911b3fdb3107dd589e0f46fd06b52aaaa65c51805004

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-57.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46529000006,FD-46529105695,P-4660171,FLS-ALL
age
379218
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46529000006,FD-46529105695,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
YFQPEDFVYRH40JER
etag
W/"45133be914ee3b2db675f52a11108eb0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620231182570
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
rwjGkJIzs+04qCvLqpO/Z0Gi3WDMilND8eDkyJthAJ7/NilubVlybErA3ElQPk2KvJUBaV/5YFI=
last-modified
Wed, 05 May 2021 16:14:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GnJHcLVyTGiYxbTcH3KZ93vSdYXLhLUrZsWhGU20w3cGdfURDOKlRAIq8t%2BpxJHXQyGUXM0JIaS9T4Pskst7P7mh5LG8frske1Gre5t9HEoXi%2BzxLq7NeAZUR0KYf8WOAx1hzEv7fE%2Fm0w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
5SoTMukd2Gm0cHnh42stmrrimWP5NoEY
cf-ray
69afee302d4a4e79-FRA
x-amz-cf-id
x-bVJxZ1bYPf0ZA-enO1OH4ismEa0HacnzCGf8IGBOUqeUuU8bW8xA==
inky-website-icon-svg-58.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-58.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d578112caf732d2d87102fc27471f76c5fc0ea43a2ca27e2e8500820cea5138

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-58.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46529010807,FD-46529105695,P-4660171,FLS-ALL
age
1163300
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46529010807,FD-46529105695,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
6YJDGFFDK7Y1RBPZ
etag
W/"f31ce6baaf62c217186a066a5ef2a9b8"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620231182625
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
qKgD9aHsiADMRbZEpOSZCf9Sl+qlMpAHS3BT3EaSk4AQVeuVxGa/gmK5L9dhA7waryqiz1P6ZV8=
last-modified
Wed, 05 May 2021 16:14:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSnYaotXAVqJ3dRCN9TxHrc5sUSfOCOg0c%2Bm85M40z1eLrZuD0yxQXsb%2BkZYDk6KUq3lLen1Nq20YqDAWLtILT6Sbmz1pZUUHSSQIZU5I3oaZPKMUyLYS3trA3fHcBHnZTvn1XGB7R8Alg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
AKfNAUu0PFuEIm73n5EVABJiZqcowYMf
cf-ray
69afee302d4b4e79-FRA
x-amz-cf-id
--nLHcwfoR2kgakyX2pc0CWehV_u798JPMY5ouQma36G58eNbWfBhw==
inky-website-icon-svg-65.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-65.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f06aa0c08d9c33784919876a0bf62eac35390b0d6f5d514131c209b4e05324

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-65.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46546761292,FD-46529010872,P-4660171,FLS-ALL
age
379218
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46546761292,FD-46529010872,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
PZVSTEB746KXWY58
etag
W/"43912b3beff4b44b05b55396f231e509"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620246348332
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
1vGTG8A59TEdCMsq+10DXM+4kjM2Q2+WAwuuOa62AH+ujyHMmc803MN/Zp0a7WMu8eNFlMCuPeY=
last-modified
Wed, 05 May 2021 20:25:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQvnpTUnvyFrTNtTntoBBe320cX4MUP2jvrDEUGYPzpNeyqaRGcCpBQogLzSJqhGQwNeeEtQVgocUMueugAKySZHMsWQkxVPUkoyXZyd5adpMNCBiRKLfUHvldhRMTreQiSPj0KXKc2XJA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
Gf_63eqdAWxsIdTqp55mc6SLo2LX6s6H
cf-ray
69afee302d4d4e79-FRA
x-amz-cf-id
LwFqTq4UfPXO7K40JjXQUaWiZw3_6vKG4tbrd0PYewehJcm2c6RkBQ==
office@1000x.png
www.inky.com/hubfs/Email%20Provider%20Icons/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/Email%20Provider%20Icons/office@1000x.png
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
efaae52b12a9929fdbfd305a883750ae365852ac6f031ed726c0eaa5c840ccb6

Request headers

:path
/hubfs/Email%20Provider%20Icons/office@1000x.png
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-46924787714,FD-46923782167,P-4660171,FLS-ALL
age
377313
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46924787714,FD-46923782167,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="office@1000x.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
8YBP2N3KXWYC1MNB
cf-bgj
imgq:85,h2pri
etag
"f3a9f4fa50cec01ef080febdd33be735"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620745442513
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=35697
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
content-length
16708
x-amz-id-2
RE/EgSMsgXcDz6LZUPexHgLtOAvuX0nTEIO7TCPU5MmrlbgPRXyJtVnRZJWI55etZ0vqz+wQecI=
last-modified
Tue, 11 May 2021 15:04:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxevjTHGO%2F7X5UPpp5PWTMC%2FVr1g9cTQ3GPVPzxONQwH8XAXSUT%2Bgj%2FiLGFZPi6buzRVRe7lwzHZCoFu7h8ABCyhGpFtzZJONR6KLbWLmKXwMN5ORRpZfpjJIc8KsaoIHCEutL6fyOwdyg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
f1caxXUO0AZ6nt4YreLTXSVc5Kbs1Iik
accept-ranges
bytes
cf-ray
69afee302d4e4e79-FRA
x-amz-cf-id
_aVK8ZsdYiiLMV3Q_q9rIH8gHtHnhDkuWFuTvjLKRAzBZaJCcVuQrQ==
exchange@1000x.png
www.inky.com/hubfs/Email%20Provider%20Icons/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/Email%20Provider%20Icons/exchange@1000x.png
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
33992895f60b3d46ed7f1b5d0f6e7bd5f1316a39349f7d50915eb48d766c5fa5

Request headers

:path
/hubfs/Email%20Provider%20Icons/exchange@1000x.png
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-46923783217,FD-46923782167,P-4660171,FLS-ALL
age
1367080
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46923783217,FD-46923782167,P-4660171,FLS-ALL
x-edge-origin-shield-skipped
0
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="exchange@1000x.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
0FV1982PJDF66R1G
cf-bgj
imgq:85,h2pri
etag
"844c05495bfea51528fb48634d2d6aa6"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620745442538
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA2-C1
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=64800
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
content-length
37228
x-amz-id-2
1sEebvtLaqR5PR7FI+Rkq30Y5jMqieHHdYEiG63hoVyqSmNkktOtLmqu3I3X9BuaJhRLYMC2050=
last-modified
Tue, 11 May 2021 15:04:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4ahNbw5mOELrL3gnlTTwM8qW4n1c6UYVO3CC9rKuWNBGNRiYa97NBIZBD3QuL7aWyMhWcYjkeJQ4qQMGxvfdZ%2BjhQiQ%2BUMEBhBjAyWgj35c5H4QJR9SZoFxWUpTKDs20nKt7vcgchnSOA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
wV0jtlBwgC49CSnpSd0FuSB1oL.scGO1
accept-ranges
bytes
cf-ray
69afee302d4f4e79-FRA
x-amz-cf-id
YjTWDFsYlWqt7sEs7YsTdTc3byleRKRE9WOSdy372OeO-dXooZVsGw==
google@1000x.png
www.inky.com/hubfs/Email%20Provider%20Icons/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/Email%20Provider%20Icons/google@1000x.png
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
de631a39041884e8e3e9866b8c83000ecb2e25169717870e2a41b589604d25e4

Request headers

:path
/hubfs/Email%20Provider%20Icons/google@1000x.png
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-46924683932,FD-46923782167,P-4660171,FLS-ALL
age
758065
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46924683932,FD-46923782167,P-4660171,FLS-ALL
x-edge-origin-shield-skipped
0
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="google@1000x.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
GQGQCS329S6G79A1
cf-bgj
imgq:85,h2pri
etag
"18b72402b380ce448844903bc79db36f"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620745442488
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA2-C1
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=39543
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
content-length
18650
x-amz-id-2
93fzAb5d2dpVeOzKNSwIUglq4lXTLlJDgHse7ofdKNAqyth/lvvalYncfdMc+Cu7EVfnKPK6hY4=
last-modified
Tue, 11 May 2021 15:04:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UzchgqpCQS1OuEWIJByq1thzOcFlQ%2BREPiSIuUnYXH2jM9DMG2w9KPKLuf%2B2oOcOgbb0bHedVTUnAAIIPt35TI8y2nb%2FLhdNmtN5LwipjqudCKSYBXX6KxWvBwXDayBVkhAxCYfxsJOOlw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
wj0IBr6tV31a04BJkW4OA5YPn00q5gya
accept-ranges
bytes
cf-ray
69afee302d504e79-FRA
x-amz-cf-id
3q3jNDcqr9StwhEGEHDXFr1FEISBbl1E_kYRFKZ6y20_pFFTBzMS3g==
inky-website-icon-svg-63.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-63.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
475b0d7206466f7697a94ce42f4d69d22ed7bbf34013be684093fa3393bed879

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-63.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46546821259,FD-46529010872,P-4660171,FLS-ALL
age
1163302
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46546821259,FD-46529010872,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
7A3CSQP2JC3BE60Q
etag
W/"aeb735fe38c692b1899b593243f0e528"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620246348219
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
9dknoC3kAPUNGe4aTQfu0MWBkdRCIDtmaTm4+qbWrWCPUPMSv//1aj1Hcv9vLE4w1D1j7hG7aFQ=
last-modified
Wed, 05 May 2021 20:25:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EWFX68v7eqjbJpJfadJ1NSGWSqQ7KNBD5Tf1miP8UVWGBvHzaZsor2jD%2FaKKwht5zOCcha6VnDSFVFTViE9Hfx4OFXwzhjh1EcqxXXYONXLutyhYB3mUauuug6ILlQaU0ZV6KQsBCPxDA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
qPKAtoYHA_T1gPbP.g8Z87We49Xmzb92
cf-ray
69afee302d514e79-FRA
x-amz-cf-id
9ofBercxepW5-K7XSQL1oqC3GTa7WQAkxep57CUibkdUhMOm4paa9w==
inky-website-icon-svg-83.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		1023 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-83.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7392ee4cf4273e3600833bf0c3f9b078072ebd01302b795a9d38dc622f3d455

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-83.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46546821258,FD-46529010872,P-4660171,FLS-ALL
age
1163300
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46546821258,FD-46529010872,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
WAYRZ9NKY89GKHSF
etag
W/"b5d7204fad2415ea8183733084f6fa27"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620246348217
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
5F6RixQqXr7NAXaQz3+L8oaibriOf8+1+iKlxKGy7tYMjhGhFe4NOIIWJ/Oqenxqt6beoJPk16E=
last-modified
Wed, 05 May 2021 20:25:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHzywINF0qk3BzS%2Fe9IWd3zQS008882OsaXoRlYdMSN40iXevZOY2w%2FxHBGlp9FhjIiQE%2FxB3KWdEJ8y8gEtdAAR7hcJMPR5UXNhzIHERXLFEIdZOmEDsJo3%2BtMjomJoug8Rxe14VmB5pg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
AKDehTmEfxax9Aj6Nihs9bsK58LvJm_P
cf-ray
69afee302d524e79-FRA
x-amz-cf-id
A9iFswBLPR0pBIytTqPoLBsjJEgVtnB-mfcDDCNJk2ySgE9U4IUWzQ==
inky-website-icon-svg-114.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-114.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fb2d2b4efd9725057d87e960115ff137596ca2a73723688cbf2bd502ee28bbe

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-114.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46596809483,FD-46529010872,P-4660171,FLS-ALL
age
1163300
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46596809483,FD-46529010872,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
7A3DYVH3P0DFJ5N8
etag
W/"62e790b1efd67e408640442d72fbec6d"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620311580570
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
mb9vEUGozBQSA7zMa7LP81F1n7uonn7jF5qJUiJm5BU3sxvy1DX91iaE6qDlhJwktdFlXgUurI4=
last-modified
Thu, 06 May 2021 14:33:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBPlOuPNQhaOL9%2F4IpmkcIY%2BoPfot7o7N8R0M%2F7N9t1ZC7sm7Obk85CmE9rdifg21GjFyQh9nTHbRBu0Eu9EFz7keOgiZyMQApQ%2FJPlaRe2otOg69sWXuky8VTZWvCf4IOihEINhftTMUg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
oLjzqpVfYnXxTpOLHhUVTX0_cIZuCLgA
cf-ray
69afee302d534e79-FRA
x-amz-cf-id
1ny7m3hwjS5zW3CwluHKpmZusxO5jbWn5lwQRcKuY5B9-DyZ_8z2gg==
inky-website-icon-svg-70.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-70.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
07bb44e69b9e0b890be4eb145632dfaa5c4d48cee258a7ec484f4d607b1fd16e

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-70.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46546821265,FD-46529010872,P-4660171,FLS-ALL
age
1163300
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46546821265,FD-46529010872,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
7A36PAXRHRQGVXR9
etag
W/"51bef1c6bdb15a23ed362eb37f5dc0cf"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620246348380
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
6PMQ8U/NRXMuW8xl6E7ex7BunVTQpQeOj0dH6eeUKirwAYypuX975nl8SmFAEnhjuzZG/zjVsrs=
last-modified
Wed, 05 May 2021 20:25:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYwJXsY6CfOKqVugy4T%2BveGiHtkM3hUidhkWk2EC8QYkc2s1xBzdae5QPV1oYZub5ajB84qmgxB4kbpRRbFVUy41ozjOIK24gIdI8K490k4RMPTGa5sOTiOgk8yUbk%2BLAYrbruYOqy%2B9MA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
EQ__607cEGnz5chvT9urPgOXTTspwi.3
cf-ray
69afee302d544e79-FRA
x-amz-cf-id
cZd_8CJKBBO5i_5z1rKCSDloUOw0iNlldrHybV8fbQkRWzlDAMJozQ==
inky-website-icon-svg-95.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-95.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cf469052f011566187feab5b6d3b5ca0b409998eae4900cad2f0c5ee224f076

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-95.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46546806167,FD-46529010872,P-4660171,FLS-ALL
age
1163301
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46546806167,FD-46529010872,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
7A30C1YE4HFN9K23
etag
W/"7a25247a5c59d3b8be5c9573bc504e86"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620246348389
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
0dF+6gpAqHhMnJplwhYt0ALACtXqSypur4+YVedxGkXiYlucmziufuE037Vp3/3wEq5FG2hx5fY=
last-modified
Wed, 05 May 2021 20:25:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQl5xD%2FGJVg50So%2B7VO365l3SR3TnBGibP7lqvyqOcSTqn1uPjxzOoRRCxtrpgploYFxT5epjuWPIWpMEagedKd3xZ9KgSFqDg8VHsJI8nTJQ46%2Bnc2v9onqDGTpnJZU5PAhY1ht3Sk8Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
IP8lCXjvnGxlglwYWdkBXjmp9bRl5mYs
cf-ray
69afee302d554e79-FRA
x-amz-cf-id
DUvoxLi9h456yuK0CQ7auRRUTdelflzXtOc2uoffQDZY5uifztG_LA==
inky-website-icon-svg-96.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-96.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
98c73c2f42dfd0656d5af03420c651c0d76bee43e0ca0f5ca391d47b02d8ef52

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-96.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46546821260,FD-46529010872,P-4660171,FLS-ALL
age
1163300
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46546821260,FD-46529010872,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
WAYWHFYV1CYQKSS7
etag
W/"1180ab7f1325440b12c98437f2b32888"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620246348225
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
Vz9MZBoZXNupl7HsuzHCPbf8XeynL1vv8T5GHC1KhM6/2j0NtUPftbJPfPr6kXnLwqAwivnF5vY=
last-modified
Wed, 05 May 2021 20:25:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JEI9YN7Oeph2G%2FWbGbCWQ25dJl9ke2MnD1MkCUU3YGpvTBJh4%2F19kw4i69aF8fDrJ6wqSQ%2FG6D0831SSlZyzkOtG5RTAk8RJ6Y2mZoj9DI7EJg6slNZ8PCc3NaDdWr0k%2F%2FZkfDRt%2BwnaZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
NO9Ijoulef1guw8tYOlrYpNcVsWlX8OH
cf-ray
69afee302d564e79-FRA
x-amz-cf-id
knywYNcBK1Vv-X-C_f3dswRACcM_I1Z7YwbrfnLSfk0CSQ_RD3qflg==
AdobeStock_173745162-1-2.jpeg
www.inky.com/hubfs/ 		49 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/AdobeStock_173745162-1-2.jpeg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
771324ae4a560483891a9bd337355ce91d26930c2776ef0d962af9bbe88eb901

Request headers

:path
/hubfs/AdobeStock_173745162-1-2.jpeg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-46475507882,P-4660171,FLS-ALL
age
76036
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46475507882,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="AdobeStock_173745162-1-2.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
B483DVFVPN65BZHA
cf-bgj
imgq:85,h2pri
etag
"c6d3bc9c56e729f4ed5fb33d5ea9f37c"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620159242874
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74159.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P4
x-hs-alternate-content-type
text/plain
cf-polished
qual=85, origFmt=jpeg, origSize=128659
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
content-length
50674
x-amz-id-2
R0Z2DwTWHckaytovgqzrZxYiTsuKyqpY7Z9HrhCiCxSzMZsOpcdyBXVjT2hMEgF0Nsx1cszGGA8=
last-modified
Tue, 04 May 2021 20:14:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7O6moYdyAx3glvV59b0iqKJVZY%2BwuPgsrDb3aW7%2BnkZE3UNVbUpCiOnaunI%2Bt84YeZ3GvzVTP6GWlSQ3MdwIXKJ9Q%2BBBU7ZBbgYv2tCqSN6YTgy%2Bns3tP0oJ6b4b1ddLEATfswhKPcVj7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
Ng4s_BXAKlgYANl7wgsXLYNcchH5ht8q
accept-ranges
bytes
cf-ray
69afee302d574e79-FRA
x-amz-cf-id
W-z5kVnnkolvCzoAwtZy4SROcrQUF1Zvbsp_tdfbA2CcOsQEjEazlA==
inky-website-icon-svg-3.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-3.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3415c691c1a67536e3e43d1a30a3834a06bb75049955f753ca3d71f480f9ca0a

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-3.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46529105946,FD-46529105695,P-4660171,FLS-ALL
age
281878
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46529105946,FD-46529105695,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
8CHYMFCD8CP5Z5Z2
etag
W/"69f54792a382bfea5dc508bd1346ae63"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620231182835
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA50-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
tIBZLb9NGA+nCgkC/9LbIKYCDyrlh80nPhBVnGgLz6+QeS3jX8RhGvu3o7nLpdFNFUVo2H3UqzI=
last-modified
Wed, 05 May 2021 16:13:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7H%2Bl1JV3%2B5dinzgH4BGz4b%2BygyFJjOj3drV%2Fi3VD1sbsMR3%2FJd%2BOEO98aeGTX2FqNqjo6Nh5us%2BqTqf0mSTkmV38ARNo%2FZZhfJoZuL5CofdTXRYrxBgOXhUNcH%2FlV9TjMJeJBj1eH70jw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
cT05zeL.8g6U14.nvYiPBmvBFMzJEQfS
cf-ray
69afee302d584e79-FRA
x-amz-cf-id
ozCex7xSGFFlNVXfhAhtP4KhO3XzURgd12IhphJJbdxbyzr1Vjq_8g==
inky-website-icon-svg-53.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-53.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6015b373b314875501f079b119da04a7c88b6b244ce333da1f8320869741306

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-53.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46529000002,FD-46529105695,P-4660171,FLS-ALL
age
1163300
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46529000002,FD-46529105695,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
7A3FPHE06MAVAJN9
etag
W/"99d824af94cfd843b7f8a1fe43409ff8"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620231182476
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
FgngOjL8owUs0urma059TgwJqUIWEQdADyW0n+TVrDdbtkGGYPrumXQ+0LAR5Qzhf0OMWyPF2uc=
last-modified
Wed, 05 May 2021 16:14:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHTF6M84MaqHHFgw%2Fkw%2BSR5jo4yhS%2BPvez95ipVGK4B%2FXtMmx6utrsT66jRF3SnsbDfziAB6cAKKY9xQqgBFQPpHBf7R6PU0wCWDeytz2NiRCukjlxcgDtL9XosvlGsZIy%2FMJEt1wSiuug%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
iRbloSk0w8oGxlxvkI6f5ZhvY49uDi2j
cf-ray
69afee302d594e79-FRA
x-amz-cf-id
1NVWKUKmFnhK3w2XRbRyRH8uxNVT4a7im03zh41deOUPaWM9NfHumQ==
inky-website-icon-svg-24.svg
www.inky.com/hubfs/icons/Icons%20-%20SVG/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-24.svg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
855d465f9d66780e276e21a5fd3eb9284d9902936a5b6977df68f6a1117150dc

Request headers

:path
/hubfs/icons/Icons%20-%20SVG/inky-website-icon-svg-24.svg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-46529000012,FD-46529105695,P-4660171,FLS-ALL
age
1740458
x-amz-server-side-encryption
AES256
edge-cache-tag
F-46529000012,FD-46529105695,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
13Y1Z8680VGQA1AX
etag
W/"ef063ea6ae738175f1e832cd9a33ca4d"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1620231182833
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA50-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
mWDFiGel+1pU2sbS1MrLCt1WFbJnAWQ4KUJHKPI4/+a7RVnnubJPrVHKyXteIDp/4aQBHkeGhK8=
last-modified
Wed, 05 May 2021 16:13:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5Qnf7KINQ3ojUz6o6UCUoLvzuqmhuMkdTHbG1hs9pun54Uma96Qd%2FkRlJhngKo640ljyLNC4vEe6Lfmeurnw1J8I%2BKVSdEfNAo7%2FC1bJUodZDIrnv%2B%2F1Ux51%2FzkUcRvAKSTAMvanyx4Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
6I2tGtEELCDmmDKe5pxnLERO8VI3c2HL
cf-ray
69afee302d5a4e79-FRA
x-amz-cf-id
bGDqlyfT2zmAVr_E0CZ85E3X7HyEUmsCkZz2K9Q6H-OJ7AfRneo47Q==
AdobeStock_115453550-2.jpeg
www.inky.com/hubfs/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hubfs/AdobeStock_115453550-2.jpeg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
934034b9549a94b4bd62cf878d4230b45c68553addac60e23cc5d104eddb80ff

Request headers

:path
/hubfs/AdobeStock_115453550-2.jpeg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-48699113564,P-4660171,FLS-ALL
age
69984
x-amz-server-side-encryption
AES256
edge-cache-tag
F-48699113564,P-4660171,FLS-ALL
x-edge-origin-shield-skipped
0
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="AdobeStock_115453550-2.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
FMTYYKWMSVTCF1NC
cf-bgj
imgq:85,h2pri
etag
"270c1530384e8713cd4b6b3fab5e156f"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1623423074373
date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA50-C1
x-hs-alternate-content-type
text/plain
cf-polished
qual=85, origFmt=jpeg, origSize=108861
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
content-length
88900
x-amz-id-2
YRH9UgPw/FcP9jbR4naljnLhpYYmv4NmbqnJgn2RVfQDL/DqncJS1nxQG60WD4IzhWu29fsRK0o=
last-modified
Fri, 11 Jun 2021 14:51:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgNMYYiTN1Zzqjk5QuW5Y7Aq4z4rE6urRnWEPiaoM6q5W9dnW2tV65vwSnPWBJeCvMVTDFvroPPoNfgDj6t9y303qfSQSwH51KfnQNgZTm%2FH8txfVKFlCRF7QUphtf7UD4FCOAmIPgnRyw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
eZVIJt0128sv9R60Y6stw52NEdh79CKm
accept-ranges
bytes
cf-ray
69afee302d5d4e79-FRA
x-amz-cf-id
V697q9IcGrc0lcHavVvCOpuTVeDvC5h3JfxVXJjb4l4_bY3-9lK1Ww==
mjfw_main.js
www.inky.com/hs-fs/hub/4660171/hub_generated/template_assets/14051612624/1617898323263/Custom/page/mjfw/ 		96 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.inky.com/hs-fs/hub/4660171/hub_generated/template_assets/14051612624/1617898323263/Custom/page/mjfw/mjfw_main.js
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aafaa364e16ceee3bb02ae00305751a0a2600e60ce130ff3b1b2b28949a2dd8f

Request headers

:path
/hs-fs/hub/4660171/hub_generated/template_assets/14051612624/1617898323263/Custom/page/mjfw/mjfw_main.js
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1617898323265
date
Fri, 08 Oct 2021 14:06:32 GMT
via
1.1 6f35734da951dcb591462352ba037615.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2053
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
x-amz-request-id
NCJBSPZZX0CXP360
x-amz-id-2
HKQRenL/8jhgql70FVSpr2ULvNs79ohqX04BKVVxoAVJYZovwXbUMe7R/Lfk9XIc+1qO0v7eOnI=
last-modified
Thu, 08 Apr 2021 16:12:04 GMT
server
cloudflare
etag
W/"3bfd6747d08a886cbd30b05b087a7f57"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4YCVI6zkIs9pDabkhpc%2FgcI8SQcTpWFTdf%2Bi%2BQ3p6TXbh078xn3VyLA5mRZFYiVZWHlEUGIIKPTzATHFGqdXKycIDs7FIhupukVsd7CqilF7zp0ZOKxAskQlhuOX4EmM%2Bx3J9lrMHt0xqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
7_voqS88Iao6u7PwUYqy5yD94bWhhmGa
x-amz-cf-pop
IAD66-C1
cf-ray
69afee2feca64e79-FRA
x-amz-cf-id
biWNeKODF0S9tj5cBD_pJHD2AFPTlzwcF4-NI_AahMijHJQP5Qf_WA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
4660171.js
www.inky.com/hs/scriptloader/ 		1 KB
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.inky.com/hs/scriptloader/4660171.js
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ec68727f75efbe7641fda5077ad3dc80169eb5ee236421053f829f95b39da26

Request headers

:path
/hs/scriptloader/4660171.js
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
eb3880ed-6052-4423-b0e0-6e0978473255
server
cloudflare
x-trace
2B0A9DB6B99D98F6397519761C193E8FB5740659A3000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s94aIgr4CBW%2BW%2F2VuoYMAY6adBG6GEFdMVQ8SZHzdBmnrjFGNgCKmDDuqPd9CkihBD5lrec0Sycjg9opCq5gPK0t8FJ4hGbim2vLvRku8qVQlni8l3evQUgBF0kHjBdGOGQcPQaTTiytzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
69afee302d5e4e79-FRA
expires
Fri, 08 Oct 2021 14:07:33 GMT
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,900,900i&display=swap
Requested by
Host: www.inky.com
URL: https://www.inky.com/hs-fs/hub/4660171/hub_generated/template_assets/14049870587/1630090673182/Custom/page/mjfw/mjfw_styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4b31dcd977f937aa7d0eef858a30208d41a0279dd35c25db4d1e795fed1ffdf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/hs-fs/hub/4660171/hub_generated/template_assets/14049870587/1630090673182/Custom/page/mjfw/mjfw_styles.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 14:06:32 GMT
server
ESF
date
Fri, 08 Oct 2021 14:06:32 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 08 Oct 2021 14:06:32 GMT
gtm.js
www.googletagmanager.com/ 		168 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W38C9T5
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5e3682888340c61b070917e680cc1eadba5e9e1975f6ea7e3c7aab4bcbb0b6b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60680
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 08 Oct 2021 14:06:33 GMT
gtm.js
www.googletagmanager.com/ 		176 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TG5VWM7
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e59a5d5715fa6b9bee40ae3abb3b0284ad8ab79b2d326f347d9bf737db35d9ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62957
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 08 Oct 2021 14:06:33 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.inky.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 08:57:05 GMT
x-content-type-options
nosniff
age
191368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Oct 2022 08:57:05 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.inky.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 07:34:56 GMT
x-content-type-options
nosniff
age
369097
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22572
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:56 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Oct 2022 07:34:56 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.inky.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 15:11:30 GMT
x-content-type-options
nosniff
age
341703
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Oct 2022 15:11:30 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.inky.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 11:51:27 GMT
x-content-type-options
nosniff
age
440106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23248
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:53 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 03 Oct 2022 11:51:27 GMT
01_whois_phishing_email.png
www.inky.com/hs-fs/hubfs/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hs-fs/hubfs/01_whois_phishing_email.png?width=572&name=01_whois_phishing_email.png
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
27ab8e8ab0250fb799ec6fa0322cf1e91026ddadb30d18d09b58be29abe38d40

Request headers

:path
/hs-fs/hubfs/01_whois_phishing_email.png?width=572&name=01_whois_phishing_email.png
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 ef6762d67d012a06d2761f42352c9e53.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
edge-cache-tag
F-54738361381,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-length
34708
last-modified
Tue, 28 Sep 2021 20:51:40 GMT
server
cloudflare
etag
"be7dcb271b845bde0c3261ee79ab0ca2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtoEwkN%2BB1KJ4iS4zK%2FVwkthjGfboTDnoslUo6acihZvbJl95LVbrwHRztp73l1yh52fm%2BkXgU4qGpIpFdOcgSMv3rnatq9vupTEQ11GIK2ERxfcx8GDNWoo642iE1oHkOA6z1tbIPSziQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
69afee308df44e79-FRA
x-amz-cf-id
zPUeLuFekKannMcBzpPjgUsjZW8-ql7TrDCPHGlV2ugYUb5PG8nSCA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
02_DOT_phishing_email.png
www.inky.com/hs-fs/hubfs/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hs-fs/hubfs/02_DOT_phishing_email.png?width=583&name=02_DOT_phishing_email.png
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
86cdeed3a208406fd390487c3b75fb5ba069befee48dfa1a0408b72156c16c4d

Request headers

:path
/hs-fs/hubfs/02_DOT_phishing_email.png?width=583&name=02_DOT_phishing_email.png
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 2ad0cde89ab58d454177893ae4447f50.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
edge-cache-tag
F-54740181004,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-length
54819
last-modified
Tue, 28 Sep 2021 20:51:46 GMT
server
cloudflare
etag
"ae10cc8e03b5ab116fee11c149e7efa4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhCc1apBI2YyXu%2BUH%2BuNAleDYIo6lno7HUs701AHWr5hZN8IgzREVoDrl%2BytJe9N63DEQWiLPl7cfMroO9xjIGSyaRTjKRSnlCuKwezcoGrzt9gbfJthkjX3CiWVw1duAwqnWmon%2FQsa%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
69afee308df54e79-FRA
x-amz-cf-id
RA2Elki6y5jBJQWDXTESZNmQvK0RUBQG0u05HZwe8pw4RqvTIBHQ8w==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
03_whois_akjackpot_site.png
www.inky.com/hs-fs/hubfs/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hs-fs/hubfs/03_whois_akjackpot_site.png?width=578&name=03_whois_akjackpot_site.png
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c122495b87de46de17e9f018aabfa2a2bc92ca800d12560065fb901076515eb0

Request headers

:path
/hs-fs/hubfs/03_whois_akjackpot_site.png?width=578&name=03_whois_akjackpot_site.png
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 6b7e1e42d74fd61097787cc6c1a37c35.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
edge-cache-tag
F-54741655084,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-length
27991
last-modified
Tue, 28 Sep 2021 20:51:44 GMT
server
cloudflare
etag
"e6cb93a0841e715a33668979f4a9eca0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7d60v7e%2F6nu%2Bq582IVVSDgTLIGVe62ZiBRT9XkBcQjcERk6CJUVh7UHraZ%2B0Z1iUDWZlJOzf1MCBCsd6LY4aQadxzMdxDmsXziNxeBLL8rOevUKKcHepNd7cMn8MtA%2BZWnnbn7vPQYkQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
69afee308dfb4e79-FRA
x-amz-cf-id
33Toq9A5GoJzlnfZUF4zyAQ7kB7DoJxNX3qoatoN_4uBcjfDWuKj_w==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
04_dot_instructions%20copy.jpg
www.inky.com/hs-fs/hubfs/ 		185 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hs-fs/hubfs/04_dot_instructions%20copy.jpg?width=577&name=04_dot_instructions%20copy.jpg
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da6214e2844fa6d38c954972262abda76f86934a5a1da159e303b1c381e2713

Request headers

:path
/hs-fs/hubfs/04_dot_instructions%20copy.jpg?width=577&name=04_dot_instructions%20copy.jpg
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 5195de19cbc5ce842ac6538e9a6850cb.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
edge-cache-tag
F-54741655134,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-length
189149
last-modified
Tue, 28 Sep 2021 20:51:41 GMT
server
cloudflare
etag
"f07235377a932df3d23fac110039dec2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iH8ng186mA0ZWvzAWyFnTQB%2BKAwvAUDvSwLbdq3jFLwWat%2BU6pljyA4ezfgzxWDHv8YwC5DuoLdtQzq1KxFFlASq0ZcO2gOfq4E4GiV9BNaNvOIwjfWQXY9kA2kGFo0DSl%2BPhcVUer0xJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
69afee308dfc4e79-FRA
x-amz-cf-id
OcFW6ZMO0Tkt9_IXlQABToWMEdN_GhLPrYq1nchY366TOizjLRoQ_A==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
05_whois_contact_mike.png
www.inky.com/hs-fs/hubfs/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hs-fs/hubfs/05_whois_contact_mike.png?width=571&name=05_whois_contact_mike.png
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
02a8fdc6b827bcf0eb73dbb94e9122a788751242335ac5318447200c1c07a079

Request headers

:path
/hs-fs/hubfs/05_whois_contact_mike.png?width=571&name=05_whois_contact_mike.png
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 1448f69604d5be1f9c9f0c64cfa90595.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
edge-cache-tag
F-54740950401,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-length
32290
last-modified
Tue, 28 Sep 2021 20:51:41 GMT
server
cloudflare
etag
"27ee1fcf3746838fd595077809290d65"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAxBa8J27fnMvhdVc%2FrU07yWARCEVfgWZf8V2y9G8Gap5qdGTI7oWH%2FpVuEshRN6jvL8sDXLoK%2FVhevaLgeNth31uKpvk7py7JnSlvaicf3N3qMlO3g7E5jSvBZZBjC8tjJdINoOk1Pafw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
69afee308dfe4e79-FRA
x-amz-cf-id
YBSbmkziNdOWxqQRKH8L7CTgwmuas1JWqgOkxuwfnQoeuM7LlUZQPQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
06_doft_phishing_site.png
www.inky.com/hs-fs/hubfs/ 		209 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hs-fs/hubfs/06_doft_phishing_site.png?width=573&name=06_doft_phishing_site.png
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
17218547984b8448bf19471effc4948fc986f8f0bc8131844b2bf6486bd706dc

Request headers

:path
/hs-fs/hubfs/06_doft_phishing_site.png?width=573&name=06_doft_phishing_site.png
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:34 GMT
via
1.1 936f33bed45438343f0ef2adff442815.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
edge-cache-tag
F-54740950434,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-length
214458
last-modified
Tue, 28 Sep 2021 20:51:42 GMT
server
cloudflare
etag
"03df08714569296f2d8c88459fb0ca87"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6GN0m%2FqOwImdLY5CFhg%2Bz%2BekfIS%2F%2FOAbGLbHVIANKwV8zmTuDnQbk2DlKK3Os0%2FoQYS921CYIQQHP2n8gfQO2IcWb3cYy2D2UuByqja8w0%2FWxMAYjYLcEpAz9%2FZ1g%2FVplgfAGYiIe6jDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
69afee308e004e79-FRA
x-amz-cf-id
MTA753aoHM0h8daJmVj-PgRyekJIcbPzMog68rp-qTvjK1ccg213-w==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
07_phishing_site_dot.png
www.inky.com/hs-fs/hubfs/ 		178 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hs-fs/hubfs/07_phishing_site_dot.png?width=574&name=07_phishing_site_dot.png
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e44335f2b36af76a10f307394ef0c0d70e89aa0d8560208959afcb4fdb73b60

Request headers

:path
/hs-fs/hubfs/07_phishing_site_dot.png?width=574&name=07_phishing_site_dot.png
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:34 GMT
via
1.1 7a99ed3f39c18af8fe138a695e5f657d.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
edge-cache-tag
F-54740879006,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-length
182136
last-modified
Tue, 28 Sep 2021 20:51:43 GMT
server
cloudflare
etag
"9e68f13d94d7ed04f120b79b2bdf72a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OY0WnEzRdCHqQa9ItW%2BjmLSvRWGW1%2FpUeSUEZPUM28LDM4gxUgMjWUBfW9nLnxAys3wklWEKkEJBAWnWW3%2FqVimQaKP3fYNlrdgiumiZhJqI81dXQtK5%2BAA%2BX6nLvcmKyglG0X6AKFLKRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
69afee308e014e79-FRA
x-amz-cf-id
33fsDEErfBZ2g3vU2tMZWzGOZ3BlODBF8WWGVP-WTNp6C6nbpjp27g==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
08_credential_harvesting_form.png
www.inky.com/hs-fs/hubfs/ 		165 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hs-fs/hubfs/08_credential_harvesting_form.png?width=578&name=08_credential_harvesting_form.png
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1de922dc2ae12eef0b5a5ae06be3c89b8278a326643f9407f728e7b466b74a0b

Request headers

:path
/hs-fs/hubfs/08_credential_harvesting_form.png?width=578&name=08_credential_harvesting_form.png
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 0fbab52df0695e2a561cd26eb7f9484d.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
edge-cache-tag
F-54740181390,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-length
169008
last-modified
Tue, 28 Sep 2021 20:51:41 GMT
server
cloudflare
etag
"071c0d376a7c45478f605b110be22b2a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0TNRm2qH3qf9shsev5FRA1FFfRZpVI8G5%2BI5JNHecogq4wq48vl0lizaOnPBPhLpN2UwrbmmqOuhaTjg1PD43kSskUyKdwKeFZNIsQjZ8062zcfZOPakEpHxoJliaA%2FyTR7%2BbenHmICbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
69afee308e044e79-FRA
x-amz-cf-id
3FVpv-3sETlX5Pq9bMQZlAvVKNSRCfs_OgFXf65VmfiUPXCFePo0bw==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
09_ReCAPTCHA%20.png
www.inky.com/hs-fs/hubfs/ 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hs-fs/hubfs/09_ReCAPTCHA%20.png?width=578&name=09_ReCAPTCHA%20.png
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c37d4473ae91e2e049cc9e72c2286297b7dbd1bb0a4288f3a8d48652f22f7ef3

Request headers

:path
/hs-fs/hubfs/09_ReCAPTCHA%20.png?width=578&name=09_ReCAPTCHA%20.png
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 2ad0cde89ab58d454177893ae4447f50.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
edge-cache-tag
F-54741655424,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-length
131788
last-modified
Tue, 28 Sep 2021 20:51:40 GMT
server
cloudflare
etag
"ec698cc390eea1296db88a82f6bbe134"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GF0Dy5Ix%2BhpqK4M3TUnQNbOw2snYf%2FLWMqEVkfgs9d6I356gssjLvvDETLtZwoQrYQkec%2BR4hEcjZB%2FVA85dPXZVg%2BimvSPzQje2Hrfagv6NasaY4rcF3%2BtnznFx3WBmcHBMGMHiTe0Umw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
69afee308e064e79-FRA
x-amz-cf-id
6wKEFQ8y6pqzfjwqxqteiYeZP88xgvXU_BMFm6Jks9PCWZghFEggPQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
10_error.png
www.inky.com/hs-fs/hubfs/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hs-fs/hubfs/10_error.png?width=573&name=10_error.png
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0830ad7230cbd409ce5219ad6574aff414092ab964ef2b96513bf282000e022

Request headers

:path
/hs-fs/hubfs/10_error.png?width=573&name=10_error.png
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 0fbab52df0695e2a561cd26eb7f9484d.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
edge-cache-tag
F-54740181554,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-length
129783
last-modified
Tue, 28 Sep 2021 20:51:40 GMT
server
cloudflare
etag
"8aea736e682c28e8746ac8c01f329cd9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgWX2LpnNC%2B1c131cZEZDf3I9aQX1Mo9Hc94uO7V4fJlMBwmZkqKEO1XI5zKWMVEYem1zX7nw4yGen%2B6EEVK82VtZNb%2FJtk5eOh%2BFAqnhPcy9BJnBiUhqCHa1GeIRz45LkGwf75mr705QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
69afee308e074e79-FRA
x-amz-cf-id
USise362LG3uXBaWhf6AzGVEcFhYoSeemTb8WqKHNlMnqFDP2ABfTQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
11_real_dot_site.png
www.inky.com/hs-fs/hubfs/ 		258 KB
259 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inky.com/hs-fs/hubfs/11_real_dot_site.png?width=576&name=11_real_dot_site.png
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c0fcee1a1af1b4c5fbebcd6e51655806b70aa2b5f0254a582c09f0df4eddd42

Request headers

:path
/hs-fs/hubfs/11_real_dot_site.png?width=576&name=11_real_dot_site.png
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:34 GMT
via
1.1 ef6762d67d012a06d2761f42352c9e53.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
edge-cache-tag
F-54740879360,P-4660171,FLS-ALL
x-amz-replication-status
COMPLETED
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-length
263916
last-modified
Tue, 28 Sep 2021 20:51:45 GMT
server
cloudflare
etag
"c52c12f3ca7b2ebfe1e540fb9265a67b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QI%2B03sz6HVbkandgI0w%2FKz9vw9CFGhvHytgkB0xhjkKDfuFIjK8OzGM6sn0qkSKgkCaYxeYXAH%2BFoBavDiNWLMRy%2BahyICq1SjKzI3Avb1jZsAbURCN%2FEji1FZuUosHFaxtRo%2BqK8ccpiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
69afee308e084e79-FRA
x-amz-cf-id
FWtWQKAyPbHFf8ylOGrKEiRDkq-BK8OW2COiNqx1M2tjqQPuzi8rtg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
b4cfb89a-2056-4f97-8bc0-402eb66e1434
www.inky.com/_hcms/forms//embed/v3/form/4660171/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.inky.com/_hcms/forms//embed/v3/form/4660171/b4cfb89a-2056-4f97-8bc0-402eb66e1434?callback=hs_reqwest_0&hutk=
Requested by
Host: www.inky.com
URL: https://www.inky.com/_hcms/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d54b7bd6f16af0988b2770aa935de1f5a2deb239798f234f321c7149cd3e4f3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/_hcms/forms//embed/v3/form/4660171/b4cfb89a-2056-4f97-8bc0-402eb66e1434?callback=hs_reqwest_0&hutk=
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
d0fa04f0-1676-442e-9192-543f27a774b4
cf-ray
69afee30be494e79-FRA
content-disposition
attachment; filename=no-rfd.txt
vary
Accept-Encoding
server
cloudflare
x-trace
2B33D87727DAE0E07CEDDF31FCA14045517B877F4A000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2nSFD8tH2Fsw6AHbV8qn%2Bu3ru0tIVzE9Cq4f85OeTtAmLkHiKeVMM5ah0StM3Bde%2BhC3r7h4%2FGykk5NwLtm7K6zIdulyx84Kh%2BDnivQACWZ2DqjU0yHoet5dNr4R3q3K7YQSO9iy4wvVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=utf-8
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
all.js
connect.facebook.net/en_GB/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/all.js
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b6b2890ac59fa9d7beb98b703f1aedacb840f604e87f28c1425abed333e1fc9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
fYHdod1Z39QK8tZj/w9WTg==
cross-origin-resource-policy
cross-origin
expires
Fri, 08 Oct 2021 14:17:38 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
L8jDaFrhRZnpJ7nHlVc3FOb9fz+P97hVGRehFere8KkBN+FOKrZWv9aNdg1JOBkC/Y0IIe9XNwEvVy0oFcYZCQ==
x-fb-trip-id
917726464
x-fb-content-md5
01450f08fe7394da9399928ed665d47f
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 08 Oct 2021 14:06:33 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"73244fecd11df58c1dfaf1b37006deb5"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
cfd3099998b0c37ace8024cbd802160585ba9be1c0047fefc172035184f074df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 08 Oct 2021 14:06:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 19:09:26 GMT
Server
ECS (frb/6725)
Age
521
Etag
"f9ab884058c9d8de47075baa622f0e7e+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28869
fa-brands-400.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 		73 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed

Request headers

Referer
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Origin
https://www.inky.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2197362
cf-ray
69afee311c744eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
74768
x-amz-id-2
CflMrVZ+s+wK5a+w7ghdziIkoopAJjiTgzw6XlZv3NJQK/jcsE46OhdKFL6AxYFnLGIP4vR75ow=
last-modified
Wed, 30 Jun 2021 15:46:59 GMT
server
cloudflare
etag
"5e2f92123d241cabecf0b289b9b08d4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6wV1g41BrPKu6q3daKLLm9WQt%2Bg9MMEZmGRKf0QzcC9wmCFrVcQR5HPjXq1XOFtK5gulmM41s52ingUHjQ1UyxOY5a73f0UrXZ2DFp08xmSSnZ8f6rGqw13narWf626OFz9%2Fzw%2Bj%2BVZzzVcj16CX5jdF"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
FW8E70AGTAR81VE8
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
postlisting
www.inky.com/_hcms/ 		2 KB
918 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.inky.com/_hcms/postlisting?blogId=5913297540&maxLinks=5&listingType=recent&orderByViews=false&hs-expires=1665237992&hs-version=2&hs-signature=AJ2IBuEiibrUEQKeHmMeJ5tPpRO4L3Tncw&currentUrl=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials%3Futm_content%3D180073276%26utm_medium%3Dsocial%26utm_source%3Dlinkedin%26hss_channel%3Dlcp-10363650
Requested by
Host: www.inky.com
URL: https://www.inky.com/hs/hsstatic/AsyncSupport/static-1.94/js/post_listing_asset.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46a063657d2eaccc67935453d50b61efede7263118a5d50ef5cca449fefe8fc

Request headers

:path
/_hcms/postlisting?blogId=5913297540&maxLinks=5&listingType=recent&orderByViews=false&hs-expires=1665237992&hs-version=2&hs-signature=AJ2IBuEiibrUEQKeHmMeJ5tPpRO4L3Tncw&currentUrl=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials%3Futm_content%3D180073276%26utm_medium%3Dsocial%26utm_source%3Dlinkedin%26hss_channel%3Dlcp-10363650
pragma
no-cache
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
69afee315f544e79-FRA
date
Fri, 08 Oct 2021 14:06:33 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-hubspot-correlation-id
35208667-0f9f-4f70-adf6-e39cefe09f18
x-trace
2BCF5DD75209B82954852B66E1A2D1AA29B2171A9A000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpGd8qafCHqQd1PTMp7KeLDugEVZVdF09RD4VEeJApxSOYilE4IxGi9WHoLm0R3QqxSkNvqOGOKy6eCx0%2FHhpmF9u8gTSmS8mpZnl9zNlzxmpGFwcOaLMFlwcf6%2BFZ%2F4Bwt85dz7SVGZNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-credentials
false
x-robots-tag
none
has-permission
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 		0
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=4660171&callback=jsonpHandler
Requested by
Host: www.inky.com
URL: https://www.inky.com/hs/hsstatic/HubspotToolsMenu/static-1.109/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-hs-worker-debug-mode
false
server
cloudflare
x-hubspot-correlation-id
8ea79fe1-755c-4b75-8be6-e822eb95b3ae
x-trace
2B0CE24B4E64C57288E1C2E6BA5A9E2F8A243002AC000000000000000000
date
Fri, 08 Oct 2021 14:06:33 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
cf-cache-status
DYNAMIC
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
cache-control
max-age=0
access-control-allow-credentials
true
cf-ray
69afee318e52696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG5VWM7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 08 Oct 2021 14:06:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 19:17:49 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=18061
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
d57d941c56ae95b874e95340beb17c30.js
cdns.canddi.com/p/ 		0
422 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdns.canddi.com/p/d57d941c56ae95b874e95340beb17c30.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG5VWM7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.243.18 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
content-encoding
gzip
last-modified
Fri, 08 Oct 2021 14:06:33 GMT
server
nginx
vary
Accept-Encoding, Accept
x-cache
EXPIRED
p3p
policyref="https://www.canddi.com/w3c/p3p.xml", CP="ADMa PSAa PSDa IVAo IVDo CONi TELi OUR IND DSP ALL COR"
cache-control
max-age=1800, public
x-server
dashboard-api-nginx-deployment-7f5f6ff754-qnsrm
strict-transport-security
max-age=15724800
accept-ranges
bytes
content-type
application/javascript
content-length
20
expires
Fri, 08 Oct 2021 14:36:33 GMT
cnv.js
assets.convertiv.com/sp/2.14.0/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.convertiv.com/sp/2.14.0/cnv.js
Requested by
Host: d11dxp04.na1.hubspotlinks.com
URL: https://d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgq13pl2SV1-WJV7CgFFvW69y6yW3Y6c-4V99TSk3jJT9SW79YLHh5dy04CW4h41Rd59Q-66W89cMvM1w3T-3W77gxgy7jKmcFW2_XJks2dhRtGVkRt5B45TJQsVpMkrY3TKWVkW5KpQY55FlCBBW427Y8F369ZKmW4ZrLv316qYWqW2BxhV930Y848W5Jxr8m29gNxLW7Tlpt18Zntz1W4gJth_55w1_fVkLv134n1MFjW55fHdG1CM-wKW40ydbn78M2vqN7X0Q-wK9H-1W6b9G9W7W_0jjW7MZj_d8Sb5wCW8wW6Cv1kd8ZsW84WZK53c2CnD35b61
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-55.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50cf303cfaa020fcbedd6ad1bf045a008cbb88dfc792f731f07235dd1ca13599

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 05:48:45 GMT
content-encoding
gzip
last-modified
Wed, 04 Mar 2020 07:48:52 GMT
server
AmazonS3
age
29869
etag
W/"8dba669b94e3865c9205ef8fd15ee4d1"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
text/javascript
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
qtjB6wUN6cnr3aov-vN5qEXoA26f4dtmD13_IFM_DJJIv2gzi-yHYQ==
md5.js
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.16.0/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.16.0/js/md5.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG5VWM7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f14f0efb563db7b23efaf394339a78bced6fd5ba649f049961a65476d928af5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
73795
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2546
timing-allow-origin
*
last-modified
Thu, 14 May 2020 01:29:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ebc9ef1-2d27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtxkBTxqRnA8vTmLgFQeuVdhnABMni81DTFIY%2BkHTxEmvvYSiQBSTW9YvWFXEb6coQfjzEH6x%2BG7Lrk%2Bx9n6jey%2FINQ9mjwRk462Lj978mQDwuZCt%2B%2BLs8r%2FU0NgjExnm%2FozH3uoz3%2B9LlP4EMbC0%2Fdz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
69afee31fccec2b8-FRA
expires
Wed, 28 Sep 2022 14:06:33 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W38C9T5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4776
date
Fri, 08 Oct 2021 12:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 08 Oct 2021 14:46:57 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W38C9T5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
c7395cb3e42311d894b6f20d9877912ec71e9d81c63a1292455923588c6e803b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14394
x-xss-protection
0
server
cafe
etag
14335902481360483811
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 08 Oct 2021 14:06:33 GMT
2077.js
script.crazyegg.com/pages/scripts/0089/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0089/2077.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W38C9T5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7da6db022fcbf3b2ca0a4d7e9118c6c94d76e42ac67a5a258621197e5988f074

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
content-encoding
gzip
cf-cache-status
HIT
age
6566
cf-polished
origSize=4899
cf-ray
69afee31ed3605ed-FRA
ce-version
11.1.351
last-modified
Fri, 08 Oct 2021 12:17:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-bgj
minify
js
www.googletagmanager.com/gtag/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-829684701
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W38C9T5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
62511dc98696fd33461df4e9be98fad27d34e72c9a97b11da393c9ef8d9214e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39483
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 08 Oct 2021 14:06:33 GMT
swap.js
cdn.callrail.com/companies/158776647/7d663d46157b46d8af9a/12/ 		32 B
312 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.callrail.com/companies/158776647/7d663d46157b46d8af9a/12/swap.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W38C9T5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.195.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-195-200.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-runtime
0.006574
date
Fri, 08 Oct 2021 14:06:33 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
etag
W/"d18beba8a6db32dd84b24258cf6542ac"
content-type
text/javascript; charset=utf-8
status
200 OK
cache-control
max-age=3600, public
timing-allow-origin
*
x-request-id
d26cf318-35e4-4cbd-8ef0-1b51c966adb0
events.js
tags.srv.stackadapt.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: d11dxp04.na1.hubspotlinks.com
URL: https://d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgq13pl2SV1-WJV7CgFFvW69y6yW3Y6c-4V99TSk3jJT9SW79YLHh5dy04CW4h41Rd59Q-66W89cMvM1w3T-3W77gxgy7jKmcFW2_XJks2dhRtGVkRt5B45TJQsVpMkrY3TKWVkW5KpQY55FlCBBW427Y8F369ZKmW4ZrLv316qYWqW2BxhV930Y848W5Jxr8m29gNxLW7Tlpt18Zntz1W4gJth_55w1_fVkLv134n1MFjW55fHdG1CM-wKW40ydbn78M2vqN7X0Q-wK9H-1W6b9G9W7W_0jjW7MZj_d8Sb5wCW8wW6Cv1kd8ZsW84WZK53c2CnD35b61
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.8.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-8-225.compute-1.amazonaws.com
Software
/
Resource Hash
e683c8f7b4195f66b9ac585c5c85534f498d6139e601dc31977bacbdb595d15d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Oct 2021 14:06:33 GMT
Content-Encoding
gzip
Cache-Control
max-age=30
Content-Length
4438
Connection
keep-alive
Content-Type
text/javascript
tracking.js
trk.techtarget.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk.techtarget.com/tracking.js
Requested by
Host: d11dxp04.na1.hubspotlinks.com
URL: https://d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgq13pl2SV1-WJV7CgFFvW69y6yW3Y6c-4V99TSk3jJT9SW79YLHh5dy04CW4h41Rd59Q-66W89cMvM1w3T-3W77gxgy7jKmcFW2_XJks2dhRtGVkRt5B45TJQsVpMkrY3TKWVkW5KpQY55FlCBBW427Y8F369ZKmW4ZrLv316qYWqW2BxhV930Y848W5Jxr8m29gNxLW7Tlpt18Zntz1W4gJth_55w1_fVkLv134n1MFjW55fHdG1CM-wKW40ydbn78M2vqN7X0Q-wK9H-1W6b9G9W7W_0jjW7MZj_d8Sb5wCW8wW6Cv1kd8ZsW84WZK53c2CnD35b61
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac5000602bb127a5a07be117df96c48667d2e2a9fb1bb33d5ebb7c50e4480a88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Sep 2021 16:16:59 GMT
server
cloudflare
age
86
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
expires
Fri, 08 Oct 2021 14:15:07 GMT
cache-control
max-age=1200
cf-ray
69afee321e6a4a92-FRA
cf-bgj
minify
roundtrip.js
s.adroll.com/j/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W38C9T5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:5c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00a838051c95fd70f609e56b14160f3b11f9cc925ebf863b6b6d05aa05f18410

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
9NNHadHlPAJi_ZEEDzqWdczclsfujfUk
Content-Encoding
gzip
Etag
W/"42b7053581646365ea5fe1cf37686183"
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Access-Control-Max-Age
600
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Thu, 30 Sep 2021 23:17:42 GMT
Server
AmazonS3
Date
Fri, 08 Oct 2021 13:41:31 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Via
1.1 8b360b28aeb67c1982fcc466a05eef03.cloudfront.net (CloudFront)
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
0CgaJhWiYnsRQJUECuReyqT4ps0lF9yoi8vYewcBhpX3rSpoKAVU5g==
all.js
connect.facebook.net/en_GB/ 		264 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/all.js?hash=9d953fc692aacc699f0e30a63e6a75fb
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c6807d64d3047b86f1685a181bb8a25e666ca9867e63182d4c619c827265a093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Origin
https://www.inky.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
GWE2Gur9m/5qi9eYOj6vSg==
cross-origin-resource-policy
cross-origin
expires
Sat, 08 Oct 2022 13:57:38 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
76137
x-fb-rlafr
0
x-fb-debug
Aijdscbm7x/Q8+rWioSVWkNg+0aDXWClSywHLmvsCsUBmUAJe64RBAhImT5E+z70cfGD2t7fzyrebCEtx+RQsQ==
x-fb-trip-id
917726464
x-fb-content-md5
9d4a15af87f48c222f5ea49818ba5d95
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 08 Oct 2021 14:06:33 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"6500e28cc2f85695e5ac65abfb0e9248"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html
platform.twitter.com/widgets/ Frame 54A5 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html?origin=https%3A%2F%2Fwww.inky.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C1) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
321915
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 08 Oct 2021 14:06:33 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Thu, 30 Sep 2021 18:56:47 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67C1)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
2077.json
script.crazyegg.com/pages/data-scripts/0089/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0089/2077.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0089/2077.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f490a87810719d9fce4f0d169fb0cf1d74a006dc848f696a68026e72ccee6a7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
content-encoding
gzip
cf-cache-status
HIT
age
6566
ce-version
11.1.351
content-length
1341
timing-allow-origin
*
last-modified
Fri, 08 Oct 2021 12:17:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
69afee322b572c4e-FRA
collect
www.google-analytics.com/j/ 		2 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=841514436&t=pageview&_s=1&dl=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials%3Futm_content%3D180073276%26utm_medium%3Dsocial%26utm_source%3Dlinkedin%26hss_channel%3Dlcp-10363650&ul=en-us&de=UTF-8&dt=Attackers%20Impersonate%20U.S.%20Department%20of%20Transportation%20to%20Harvest%20Microsoft%20Credentials&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=217947237&gjid=1112619769&cid=1424448064.1633701993&tid=UA-91768532-1&_gid=76770568.1633701993&_r=1&gtm=2wga60W38C9T5&z=144890631
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Oct 2021 14:06:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.inky.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2665292&time=1633701993314&url=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-cr...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2665292%26time%3D1633701993314%26url%3Dhttps%253A%252F%252Fwww.inky.com%252Fblog%...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2665292&time=1633701993314&url=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-cr...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2665292&time=1633701993314&url=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-c...
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2665292&time=1633701993314&url=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials%3Futm_content%3D180073276%26utm_medium%3Dsocial%26utm_source%3Dlinkedin%26hss_channel%3Dlcp-10363650&liSync=true&e_ipv6=AQI-dK-pqIN-ZgAAAXxgOh38_Hfoq_CQBPFn3BEpKd8e9dRab16W63jWwdNzht33EVL8WOc
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:34 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
x-li-proto
http/2
x-li-pop
prod-edc2
content-type
application/javascript
content-length
0
x-li-uuid
EeWg3U4TrBZw1hWsVisAAA==

Redirect headers

date
Fri, 08 Oct 2021 14:06:33 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2665292&time=1633701993314&url=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials%3Futm_content%3D180073276%26utm_medium%3Dsocial%26utm_source%3Dlinkedin%26hss_channel%3Dlcp-10363650&liSync=true&e_ipv6=AQI-dK-pqIN-ZgAAAXxgOh38_Hfoq_CQBPFn3BEpKd8e9dRab16W63jWwdNzht33EVL8WOc
x-li-proto
http/2
x-li-pop
prod-edc2
content-length
0
x-li-uuid
g6kPy04TrBYgo4NURSsAAA==
11.1.351.js
script.crazyegg.com/pages/versioned/common-scripts/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/11.1.351.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0089/2077.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daab314890951d408604603cdd77b31b63ae2ca9cc3c313673ce259c1575f695

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 08 Oct 2021 14:06:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Oct 2021 04:51:34 GMT
server
cloudflare
age
8171
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
cf-ray
69afee325e6e05ed-FRA
content-length
22342
settings
syndication.twitter.com/ Frame 54A5 		232 B
432 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=577b5cc10e902da666c0f4ba2148035d01cbf09a
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html?origin=https%3A%2F%2Fwww.inky.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
content-encoding
gzip
last-modified
Fri, 08 Oct 2021 14:06:33 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
4be94882630b00bc9854f4ba370c4bdc5cbf075fe65bd1fd5dcb5fa8be068bb5
content-length
166
collect
stats.g.doubleclick.net/j/ 		4 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-91768532-1&cid=1424448064.1633701993&jid=217947237&gjid=1112619769&_gid=76770568.1633701993&_u=YGBACEAABAAAAC~&z=1151349524
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 08 Oct 2021 14:06:33 GMT
content-type
text/plain
access-control-allow-origin
https://www.inky.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/829684701/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/829684701/?random=1633701993353&cv=9&fst=1633701993353&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga60&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials%3Futm_content%3D180073276%26utm_medium%3Dsocial%26utm_source%3Dlinkedin%26hss_channel%3Dlcp-10363650&tiba=Attackers%20Impersonate%20U.S.%20Department%20of%20Transportation%20to%20Harvest%20Microsoft%20Credentials&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
617e3768b81dea63b0a0647c486c6d2bbad29de1ad932439ed8d4ee119a54385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Oct 2021 14:06:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1151
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/VE72WIA6JJAITAM4PZOSV5/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:5c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
negMAsSEs.M1Zq1srV8VMS7DU8lxhds7
Via
1.1 8b360b28aeb67c1982fcc466a05eef03.cloudfront.net (CloudFront)
Etag
"5816cced8568d223aa09d889f300692b"
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Mon, 19 Jul 2021 22:23:14 GMT
Server
AmazonS3
Date
Thu, 07 Oct 2021 18:16:11 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
XUfCLD6QT2jHG-sVZ-XNMHZ6sq3tCg8lQa_oWaVCGCx8LjCCuIC_ww==

Redirect headers

Date
Fri, 08 Oct 2021 03:20:07 GMT
Via
1.1 8b360b28aeb67c1982fcc466a05eef03.cloudfront.net (CloudFront)
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
X-Amz-Cf-Id
OP4MZnjwxEp73ZA68nropZi4IefbKpo2Hb7wxA-_KQRD56Nvt_8GnA==
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/VE72WIA6JJAITAM4PZOSV5/EO6PKOTODNGPVLDZHH27JW/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:5c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via
1.1 8b360b28aeb67c1982fcc466a05eef03.cloudfront.net (CloudFront)
Etag
"d41d8cd98f00b204e9800998ecf8427e"
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Date
Fri, 08 Oct 2021 04:39:22 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
D10k0BR9PqKlCJVz1IOvyGS6RHrUBe9BNlFnMgRvRzVY-msjQ0fXAA==

Redirect headers

Date
Fri, 08 Oct 2021 03:20:07 GMT
Via
1.1 8b360b28aeb67c1982fcc466a05eef03.cloudfront.net (CloudFront)
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
X-Amz-Cf-Id
2m6PW1-RmeSrcbVyw3GqDFe77QSJaez5y_WIWovob-lBzSHORZnBGA==
index.js
s.adroll.com/j/pre/VE72WIA6JJAITAM4PZOSV5/EO6PKOTODNGPVLDZHH27JW/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/VE72WIA6JJAITAM4PZOSV5/EO6PKOTODNGPVLDZHH27JW/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:5c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
qRWyVuKZKphyz0RFzR1aYmbNfCGDg9lM
Content-Encoding
gzip
Etag
W/"33ed216ef4569e95a97e55fb39d91d38"
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Access-Control-Max-Age
600
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Thu, 07 Oct 2021 03:32:31 GMT
Server
AmazonS3
Date
Fri, 08 Oct 2021 14:06:34 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
yhKXxlLbLqclEKVvqEaSNpnEt61VjDvm65yolqrn2JPfGEwA4mgIdg==
tp2
sp.inky.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sp.inky.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Server
54.90.31.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-31-9.compute-1.amazonaws.com
Software
akka-http/10.1.12 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.inky.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
content-length
0
access-control-allow-origin
https://www.inky.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-max-age
5
server
akka-http/10.1.12
tp2
sp.inky.com/com.snowplowanalytics.snowplow/ 		2 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sp.inky.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: assets.convertiv.com
URL: https://assets.convertiv.com/sp/2.14.0/cnv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.31.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-31-9.compute-1.amazonaws.com
Software
akka-http/10.1.12 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.inky.com
date
Fri, 08 Oct 2021 14:06:34 GMT
access-control-allow-credentials
true
server
akka-http/10.1.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
2
content-type
text/plain; charset=UTF-8
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-91768532-1&cid=1424448064.1633701993&jid=217947237&_u=YGBACEAABAAAAC~&z=494975799
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Oct 2021 14:06:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-91768532-1&cid=1424448064.1633701993&jid=217947237&_u=YGBACEAABAAAAC~&z=494975799
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Oct 2021 14:06:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2077.json
script.crazyegg.com/pages/sampling-data-scripts/0089/ 		640 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/sampling-data-scripts/0089/2077.json?t=453806
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.351.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0956150ea686524d63a1ce792a96fffef2c4c80d48c8ff07f8d2b078624a007a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
content-encoding
gzip
cf-cache-status
HIT
age
6565
ce-version
11.1.351
content-length
235
timing-allow-origin
*
last-modified
Fri, 08 Oct 2021 12:17:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
69afee32ec982c4e-FRA
/
www.google.com/pagead/1p-user-list/829684701/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/829684701/?random=1633701993353&cv=9&fst=1633701600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga60&sendb=1&frm=0&url=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials%3Futm_content%3D180073276%26utm_medium%3Dsocial%26utm_source%3Dlinkedin%26hss_channel%3Dlcp-10363650&tiba=Attackers%20Impersonate%20U.S.%20Department%20of%20Transportation%20to%20Harvest%20Microsoft%20Credentials&async=1&fmt=3&is_vtc=1&random=857216001&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Oct 2021 14:06:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/829684701/ 		42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/829684701/?random=1633701993353&cv=9&fst=1633701600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga60&sendb=1&frm=0&url=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials%3Futm_content%3D180073276%26utm_medium%3Dsocial%26utm_source%3Dlinkedin%26hss_channel%3Dlcp-10363650&tiba=Attackers%20Impersonate%20U.S.%20Department%20of%20Transportation%20to%20Harvest%20Microsoft%20Credentials&async=1&fmt=3&is_vtc=1&random=857216001&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Oct 2021 14:06:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activity.gif
apt.techtarget.com/activity/ 		43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apt.techtarget.com/activity/activity.gif?activityTypeId=31&cid=16628935&version=2.1.1&ref=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials%3Futm_content%3D180073276%26utm_medium%3Dsocial%26utm_source%3Dlinkedin%26hss_channel%3Dlcp-10363650&r=1633701993426
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.19.49.24 , United States, ASN17225 (ATT-CERFNET-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 08 Oct 2021 14:06:33 GMT
Last-Modified
Tue, 26 Mar 2019 18:30:29 GMT
ETag
"2b-5850384029cff"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=30
Content-Length
43
4660171.js
js.hs-banner.com/ 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/4660171.js
Requested by
Host: www.inky.com
URL: https://www.inky.com/hs/scriptloader/4660171.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18b4683501d54b788044d8887ab17cd96224cf707cd60dfec0d1b41b16a834ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
J67HQ706DE0VF4HJ
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
GlooaWWoq2WSMriocTsazHlqcuInqkUWGSn2TdFn5NhPyIZusOK7SDdzdBPKBe6VFdm0Unjv+fM=
timing-allow-origin
*
last-modified
Fri, 03 Sep 2021 20:02:04 GMT
server
cloudflare
etag
W/"59049764dc6c34d99f32ce169ffba170"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
S14_ol5hOtm0gH9JmcOqsWj.NSHDCbfl
access-control-allow-origin
https://www.inky.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
69afee347b91697b-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Fri, 08 Oct 2021 14:11:34 GMT
4660171.js
js.hs-analytics.net/analytics/1633701900000/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1633701900000/4660171.js
Requested by
Host: www.inky.com
URL: https://www.inky.com/hs/scriptloader/4660171.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
409a96e192a73fcc1dfb6e207569844ba62d6d881c703e7652309af14cb66b42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
FEV6RZ9GMP27ARKP
x-amz-server-side-encryption
AES256
cf-ray
69afee34ac1e42e7-FRA
x-amz-id-2
g94gxX6+Ciah6nuauC2CQCE/YWet1r0Pk8zL6+U2T8Xi1MWFJN0iXkVQlp4b5fSr6DpdMFG2n+s=
last-modified
Mon, 19 Jul 2021 14:58:33 GMT
server
cloudflare
etag
W/"a1a0a0643e403cb9ef550143ca3a3250"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Fri, 08 Oct 2021 14:11:33 GMT
collectedforms.js
js.hscollectedforms.net/ 		81 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: www.inky.com
URL: https://www.inky.com/hs/scriptloader/4660171.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:81ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0e8f49ce2aa1c4720cc187c184c8d800182aea43645aa3193c0614703d0c8f4

Request headers

Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Origin
https://www.inky.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
via
1.1 e89d95d090c0c86ecc7b8930e434625d.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
69380
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.247/bundles/project.js&cfRay=69a95057794cdfbf-IAD
x-cache
RefreshHit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
br
cf-ray
69afee34cd1d4e79-FRA
last-modified
Tue, 28 Sep 2021 10:08:32 UTC
server
cloudflare
etag
W/"a5dc58d02593ddd2c3c6bbe2230fc074"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
s1CYAXlTSydz_cSjotzU3Em8FOsfSJIb
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
x-amz-cf-pop
IAD89-C3
content-type
application/javascript; charset=utf-8
x-amz-cf-id
gYolixfpflNxlsS_T5_w9LhHvFOnUyk85giuQaqsc3Bz7H-pmQEBJw==
x-hs-target-asset
collected-forms-embed-js/static-1.247/bundles/project.js
VE72WIA6JJAITAM4PZOSV5
d.adroll.com/consent/check/ 		386 B
479 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/VE72WIA6JJAITAM4PZOSV5?arrfrr=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials%3Futm_content%3D180073276%26utm_medium%3Dsocial%26utm_source%3Dlinkedin%26hss_channel%3Dlcp-10363650&_s=a7b400fe327da6b28663a94deaf88bb1&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.221.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-221-73.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
fd728cb08ada59cd3d3ec8bef3b2e6909eeeed49c7dbec172184368c568f5ef6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
server
nginx/1.20.0
content-length
386
content-type
application/javascript
button.5d16ecc02fbaf599a24dfb57ab239320.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.5d16ecc02fbaf599a24dfb57ab239320.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 08 Oct 2021 14:06:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:56:33 GMT
Server
ECS (frb/6725)
Age
321931
Etag
"6b95f5a9a2ff4b885e2eafdf446d70d0+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2296
loader.js
www.gstatic.com/wcm/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/wcm/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-829684701
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 13:56:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
last-modified
Mon, 15 Mar 2021 16:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 08 Oct 2021 14:56:36 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/829684701/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/829684701/?random=1633701993568&cv=9&fst=1633701993568&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa60&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials%3Futm_content%3D180073276%26utm_medium%3Dsocial%26utm_source%3Dlinkedin%26hss_channel%3Dlcp-10363650&tiba=Attackers%20Impersonate%20U.S.%20Department%20of%20Transportation%20to%20Harvest%20Microsoft%20Credentials&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f0c2123d9e15b2a7e404638353b38d4c68ce38e711f05b54624fa39de932ae4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Oct 2021 14:06:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1180
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/829684701/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/829684701/?random=1633701993568&cv=9&fst=1633701600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa60&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials%3Futm_content%3D180073276%26utm_medium%3Dsocial%26utm_source%3Dlinkedin%26hss_channel%3Dlcp-10363650&tiba=Attackers%20Impersonate%20U.S.%20Department%20of%20Transportation%20to%20Harvest%20Microsoft%20Credentials&async=1&fmt=3&is_vtc=1&random=2508959611&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Oct 2021 14:06:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/829684701/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/829684701/?random=1633701993568&cv=9&fst=1633701600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa60&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials%3Futm_content%3D180073276%26utm_medium%3Dsocial%26utm_source%3Dlinkedin%26hss_channel%3Dlcp-10363650&tiba=Attackers%20Impersonate%20U.S.%20Department%20of%20Transportation%20to%20Harvest%20Microsoft%20Credentials&async=1&fmt=3&is_vtc=1&random=2508959611&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Oct 2021 14:06:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tweet_button.58065ae230495f5d9e4b6a916472b2c1.en.html
platform.twitter.com/widgets/ Frame B0C6 		32 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.58065ae230495f5d9e4b6a916472b2c1.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
fca9fbc2b7bad4d08e4b4cfe80420df03b1bfa4cc2988540b4e816cc905bf33f

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
321930
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 08 Oct 2021 14:06:33 GMT
Etag
"a4ee8ee440f819aba90d7a1be062a8d7+gzip"
Last-Modified
Thu, 30 Sep 2021 18:56:41 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6725)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12235
truncated
/ Frame B0C6 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
call-tracking_7.js
www.gstatic.com/call-tracking/ 		54 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/call-tracking/call-tracking_7.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 03:43:19 GMT
x-content-type-options
nosniff
age
210194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55675
x-xss-protection
0
last-modified
Wed, 03 Feb 2021 22:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-telephony"
expires
Thu, 06 Oct 2022 03:43:19 GMT
json
forms.hubspot.com/collected-forms/v1/config/ 		115 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/collected-forms/v1/config/json?portalId=4660171&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26ad9839e159c14ec27a78d9d4c0dee34f81ed62b4c3e72a0f584f1329ffe609
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
2af29067-b50d-4fdd-a1dc-d695c57f21e8
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fd7RZP%2FWZBmeJzg8gPb%2BPGJ0KuVoxQ5Ytyyp0iOnhvbfkHF%2FfeNCqcUuy1IhII0dPrKTLzAv6OQRaDTzt62n75iHDfGUtxFRo7vUBdad8AoDZFW0%2B%2FjwcMURDmJExTsvl7FQakROxQeU3wTAupP"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.inky.com
x-robots-tag
none
access-control-allow-credentials
false
cf-ray
69afee354d314a9e-FRA
access-control-allow-headers
*
wcm
www.google.de/pagead/attribution/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/829684701/wcm?cc=ZZ&dn=18337274659&cl=KSYMCJfT_oYBEN33z4sD&ct_eid=2
  • https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18337274659&cl=KSYMCJfT_oYBEN33z4sD
80 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18337274659&cl=KSYMCJfT_oYBEN33z4sD
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
application/json; charset=UTF-8
access-control-allow-origin
null
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87
x-xss-protection
0

Redirect headers

timing-allow-origin
*
date
Fri, 08 Oct 2021 14:06:33 GMT
x-content-type-options
nosniff
server
cafe
location
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18337274659&cl=KSYMCJfT_oYBEN33z4sD
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://www.inky.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
consent_tcfv2.js
s.adroll.com/j/ 		397 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/consent_tcfv2.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:5c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fff426e1f2e0f6df1fdf4fd50790a29de380123e633dde9eb76290852785221c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
FE38nrrp1HWTDadu3Uyr7nm1dYat8XV0
Content-Encoding
gzip
Etag
W/"d0e7c263fcf5865882cfb13022c3f4b4"
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Access-Control-Max-Age
600
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Thu, 29 Jul 2021 18:15:16 GMT
Server
AmazonS3
Date
Fri, 08 Oct 2021 14:05:47 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 8b360b28aeb67c1982fcc466a05eef03.cloudfront.net (CloudFront)
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
CM_4r_8sDj6kBnqsOU3S5v41d4eBqQxnKLRWsOcn24Fra-wyV127ag==
nextroll-32x32.png
s.adroll.com/i/favicon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:5c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Via
1.1 8b360b28aeb67c1982fcc466a05eef03.cloudfront.net (CloudFront)
Etag
"403a0a7dcf2d617e7ea852bfb9d11945"
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1615
Last-Modified
Mon, 28 Jun 2021 18:19:21 GMT
Server
AmazonS3
Date
Fri, 08 Oct 2021 00:14:36 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
K8O8a_lxKwR4g06kXLjqCpDMPksEmQ4_6Hf85eIiI5WgsV68mYmZtg==
jot
syndication.twitter.com/i/ 		43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1633701993874%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22fcb1942%3A1632982954711%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Fri, 08 Oct 2021 14:06:33 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
4be94882630b00bc9854f4ba370c4bdc5cbf075fe65bd1fd5dcb5fa8be068bb5
x-transaction
8842b33cfda10bcf
expires
Tue, 31 Mar 1981 05:00:00 GMT
sa.css
tags.srv.stackadapt.com/ 		65 B
292 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.8.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-8-225.compute-1.amazonaws.com
Software
/
Resource Hash
c157d58154b3dfd729c41920e4a28023f93e8918f08ff290293930a15e6e81ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Oct 2021 14:06:33 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
65
Content-Type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
881 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.8.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-8-225.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Oct 2021 14:06:34 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
651
Content-Type
image/jpeg
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-hubspot-correlation-id
d08504c5-f3e5-4a36-ad48-abe8488de134
x-trace
2B5253E200BAB83015487FF786D7716E4B7B43B422000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
69afee364de34e61-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35
x-robots-tag
none
saq_pxl
tags.srv.stackadapt.com/ 		213 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=bNn-JTx5qLksvJROpfMIMQ&is_js=true&landing_url=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials%3Futm_content%3D180073276%26utm_medium%3Dsocial%26utm_source%3Dlinkedin%26hss_channel%3Dlcp-10363650&t=Attackers%20Impersonate%20U.S.%20Department%20of%20Transportation%20to%20Harvest%20Microsoft%20Credentials&host=https://www.inky.com&sa_conv_data_css_value=%20%220-b336dee3-115b-4980-7154-abd1886d38b3%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9dc76e04bc9e847887b701e5e3f8b91a55bc7764b
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.8.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-8-225.compute-1.amazonaws.com
Software
/
Resource Hash
6a61b75825379d18038460dd8b96867a7f054117f71f509c01113d1fcac3f7a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 08 Oct 2021 14:06:34 GMT
Access-Control-Allow-Methods
GET
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://www.inky.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
213
like.php
www.facebook.com/plugins/ Frame A5C6 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbc11c639392b4%26domain%3Dwww.inky.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.inky.com%252Ff35cadf41294d38%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials&layout=button&locale=en_GB&sdk=joey&share=true&show_faces=false&width=120
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js?hash=9d953fc692aacc699f0e30a63e6a75fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbc11c639392b4%26domain%3Dwww.inky.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.inky.com%252Ff35cadf41294d38%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials&layout=button&locale=en_GB&sdk=joey&share=true&show_faces=false&width=120
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
I5AmPX6eorluHIYUwvruqbWBh1t0b8sfNZdvBa0iuD0o/D+yAzQDEZlCMWRMTv3uBd6jeVROYX073dAGX1AiIg==
content-length
0
date
Fri, 08 Oct 2021 14:06:34 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
view
js.hs-banner.com/cookie-banner/activity/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/cookie-banner/activity/view
Protocol
H2
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.inky.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 08 Oct 2021 14:06:34 GMT
content-type
application/octet-stream
content-length
0
access-control-allow-origin
https://www.inky.com
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials
true
access-control-max-age
604800
timing-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69afee394a86d721-FRA
__ptq.gif
track.hubspot.com/ 		45 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=17&fi=b4cfb89a-2056-4f97-8bc0-402eb66e1434&fci=7a0a048f-7ff2-4e9d-89fe-d03ac5617153&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3169173831&v=1.1&a=4660171&pi=54734389294&ct=blog-post&ccu=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials&cpi=54734389294&cgi=5913297540&lpi=54734389294&lvi=54734389294&lvc=en&pu=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials%3Futm_content%3D180073276%26utm_medium%3Dsocial%26utm_source%3Dlinkedin%26hss_channel%3Dlcp-10363650&t=Attackers+Impersonate+U.S.+Department+of+Transportation+to+Harvest+Microsoft+Credentials&cts=1633701994410&vi=c5b94deec5f05d695a01e2cbee52e6ca&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:34 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
0776d236-ce0b-460a-82bc-cc072c34d109
cf-ray
69afee3919a3696a-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4HDWkhD0PgHlz72UtDz5kpVPqjSWbT158VMsn9NoQkoA3CQTspiT%2FRq%2BoNsybyT47Ngb9VYsSfUwR09bMaBwDx%2BOqEcks1UA3%2Bb3TdhVxI5jk8Hc7ba0p4WA%2F1at7GuGqF%2BdSZQmzLwDel4Lhta"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=b4cfb89a-2056-4f97-8bc0-402eb66e1434&fci=7a0a048f-7ff2-4e9d-89fe-d03ac5617153&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3169173831&v=1.1&a=4660171&pi=54734389294&ct=blog-post&ccu=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials&cpi=54734389294&cgi=5913297540&lpi=54734389294&lvi=54734389294&lvc=en&pu=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials%3Futm_content%3D180073276%26utm_medium%3Dsocial%26utm_source%3Dlinkedin%26hss_channel%3Dlcp-10363650&t=Attackers+Impersonate+U.S.+Department+of+Transportation+to+Harvest+Microsoft+Credentials&cts=1633701994413&vi=c5b94deec5f05d695a01e2cbee52e6ca&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:34 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
cfde3aed-19c0-4404-91e3-522a4b85da89
cf-ray
69afee3929b2696a-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQW41OQOH76P0kFZcAkPNGaEUjOWsmOAqkEOl8nsa7ZveNb0B3elYKq%2FZBrGAn3xoFIvcnDGI3HDDKx8l4No5epspuhZNPoZXfzIUj92RTj3uVJ5pgHBu%2Fys%2FLHDcyLhxffwYkhioBOMe9n5B94A"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3169173831&v=1.1&a=4660171&pi=54734389294&ct=blog-post&ccu=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials&cpi=54734389294&cgi=5913297540&lpi=54734389294&lvi=54734389294&lvc=en&pu=https%3A%2F%2Fwww.inky.com%2Fblog%2Fattackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials%3Futm_content%3D180073276%26utm_medium%3Dsocial%26utm_source%3Dlinkedin%26hss_channel%3Dlcp-10363650&t=Attackers+Impersonate+U.S.+Department+of+Transportation+to+Harvest+Microsoft+Credentials&cts=1633701994414&vi=c5b94deec5f05d695a01e2cbee52e6ca&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:06:34 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
256d02ad-c372-4ea2-aad3-8efbeb6daf08
cf-ray
69afee3929b5696a-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GZ%2FhCThtOxzopM3kmwmG%2BpBnxBG20ujboLgcsxv9Y%2FpZMYnXls7pBCkze0taWvebUoDMb359MkO7aWBKMI9A5%2F8zfnPnE9VfSdon9CVpPWKOeY6zl993mhzkHV4GG6oS9GyBClAk65RLYShrY3Q"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
view
js.hs-banner.com/cookie-banner/activity/ 		0
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/cookie-banner/activity/view
Requested by
Host: js.hs-banner.com
URL: https://js.hs-banner.com/4660171.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

timing-allow-origin
*
date
Fri, 08 Oct 2021 14:06:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-hubspot-correlation-id
08e495fa-b816-4d06-8b7e-29411052591c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.inky.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials
true
cf-ray
69afee3a1baad721-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
perf
www.inky.com/_hcms/ 		2 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.inky.com/_hcms/perf
Requested by
Host: www.inky.com
URL: https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-fetch-mode
cors
origin
https://www.inky.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
__cfruid=746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992; _gcl_au=1.1.1579924058.1633701993; _ga=GA1.2.1424448064.1633701993; _gid=GA1.2.76770568.1633701993; _gat_UA-91768532-1=1; _sp_ses.22d5=*; _sp_id.22d5=227e6d7c-d12a-46d8-a1ca-fc1cc5e97d3e.1633701993.1.1633701993.1633701993.08efd4e9-b449-4928-9523-9c5ea4bc319d; cnv_sp=01c4ccb9-1c30-4aa8-a258-f5f684b0b953
content-length
938
:path
/_hcms/perf
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
www.inky.com
referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.inky.com/blog/attackers-impersonate-u.s.-department-of-transportation-to-harvest-microsoft-credentials?utm_content=180073276&utm_medium=social&utm_source=linkedin&hss_channel=lcp-10363650
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/json

Response headers

cf-ray
69afee4b78684e79-FRA
date
Fri, 08 Oct 2021 14:06:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-hubspot-correlation-id
071c9502-edaf-4731-9781-bc82f77891ea
x-trace
2BAE80B2F74B228A2726B5E83071CC1394B27DC4E9000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfeoYIVOIhvUy21Gd6n6JKue3qPWzHEku6UxP9AJOnErwshivARAWxlJBQBzHEcNjAKnI322Tg97MSzmS%2Fx19HVu5QdYs%2FziW5L4usYv2ForYXIYMVq9pRRQBnFyq7vKnju0yjIpou%2B4aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-credentials
false
x-robots-tag
none
content-length
2

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect boolean| originAgentCluster object| dataLayer object| __core-js_shared__ object| Sslac object| IN function| $ function| jQuery function| hsjQuery function| hs_i18n_log function| hs_i18n_substituteStrings function| hs_i18n_insertPlaceholders function| hs_i18n_getMessage function| bindToWindowOnError object| globalRoot function| hns object| hubspot object| hbspt object| __hsRoot object| hspreserve undefined| React undefined| reqwest function| OutpostErrorReporter undefined| Pikaday function| hns2 function| hmerge undefined| I18n undefined| ReactDOM undefined| require undefined| requirejs undefined| define undefined| exports undefined| module undefined| bootstrap object| HSFR object| _hsq function| hs_reqwest_0 object| hsPostListings function| hsPopulateListingFeed function| hsOnReadyPopulateListingFeed_204029563_1633701992729 object| jQuery171066643470074134 object| hsVars function| getParameterByName string| source string| medium string| campaign string| term string| content string| utm_parameter1 function| jsonpHandler object| google_tag_manager object| google_tag_data string| _linkedin_data_partner_id object| GlobalSnowplowNamespace function| snowplow string| GoogleAnalyticsObject function| ga function| saq function| _saq object| techtargetic string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded object| FB object| __twttrll object| twttr object| __twttr boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| CE2BH function| CE_URL_FINGERPRINT object| adroll_exp_list object| _hsp object| __adroll_consent_data function| md5 function| gtag function| _googWcmImpl string| _googWcmAk object| __hsCollectedFormsDebug function| _googWccDebug function| _googCallTrackingImpl function| _gaPhoneImpl object| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| $jscomp string| BANNER_VERSION string| TCF_VERSION string| IABWRITE_NO_COOKIE object| __adroll_consent_banner object| __adroll_consent_prev_lastchild object| _paq function| sanitizeKey boolean| _hstc_loaded string| google_wcc_status function| __cmp function| __tcfapi boolean| _hspb_loaded object| res string| current_window_url_param boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hspb_ran

22 Cookies

Domain/Path Name / Value
.www.inky.com/ Name: __cfruid
Value: 746c08cbfaa2e3bb72fe22e67bbba14bf921539e-1633701992
.inky.com/ Name: _gcl_au
Value: 1.1.1579924058.1633701993
.inky.com/ Name: _ga
Value: GA1.2.1424448064.1633701993
.inky.com/ Name: _gid
Value: GA1.2.76770568.1633701993
.inky.com/ Name: _gat_UA-91768532-1
Value: 1
.hubspot.com/ Name: __cf_bm
Value: adB0n6F3g65YgmU2TG.534RZ4.Q8Vbj0dFETiJa2Dp8-1633701993-0-ARW+bo5M33UgsQN+8cNpfIv5KHB5p1PqkN2C65C3ruWLj2+Lm+c1qca5O4YFomyfzpIMZlkD64o9FfI1paihU+g=
.inky.com/ Name: _sp_ses.22d5
Value: *
.inky.com/ Name: _sp_id.22d5
Value: 227e6d7c-d12a-46d8-a1ca-fc1cc5e97d3e.1633701993.1.1633701993.1633701993.08efd4e9-b449-4928-9523-9c5ea4bc319d
.techtarget.com/ Name: __cf_bm
Value: R7xDpvJnaFRKrQBIqPCYpHryqM.1QkNzRna7z7BUOPI-1633701993-0-AdzSn8t6ABGvDaPteIUt/VxcdYS54YwK3V6tYgaEZi36N9UF5DF8h/yMUbBTrl1B+ZGtZh796PmqjLHDGZE8NNM=
.doubleclick.net/ Name: IDE
Value: AHWqTUl7QXOqY9SfQ5EbexyX9e2saunHi_7PNie8LNDeIL7UOBqyBeXcREfRz0N-
.linkedin.com/ Name: UserMatchHistory
Value: AQKpcVN2z1AxQwAAAXxgOh0ApWf4PC4igfacvmoNDInNuohUQzi2jzXSKuhLEZ3H1IFNXEuSVHuEIQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJsi6HpCQmPwwAAAXxgOh0A6QRkwBsfO3BacauB7BKUN8ISwvFWQrHT9PBdJLWaU9Z0KA0_w7f-QPYPvNwGkw
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&ceba11d1-fa5c-4287-8b15-7c9eef715bba"
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2467:u=1:x=1:i=1633701993:t=1633788393:v=2:sig=AQHKSBqqTZg2-57plJwOR7tfBEMJVJF1"
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b336dee3-115b-4980-7154-abd1886d38b3.IusLRh97PSIa%2BZg5Hp4OkTUgmmHj730Ez9ZnE34mtwY
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-b336dee3-115b-4980-7154-abd1886d38b3%24ip%2491.199.118.75.Bls6y2NdnB9ow%2FxaYnNU2P4etdQCLiI%2FHMgVUx6%2FUmM
apt.techtarget.com/ Name: TS01fac3f6
Value: 012c6646594761a3fd94db151ea37a139a520e4f66a082e72e302d96947044c4e269d25834a2c9686fa1b54061a21934a45f5543f4
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&20211008140633c0e0171e-b689-4dcc-88d4-ee9b56537b61AQFhKAzOn7OwT__tCwY-o2AyMiXhVVHe"
.linkedin.com/ Name: li_gc
Value: MTswOzE2MzM3MDE5OTM7MjswMjFjeLgHLtbVMiZDl8spnNVUtjm6Nd+8r04FTMEox7HpQA==
.inky.com/ Name: cnv_sp
Value: 01c4ccb9-1c30-4aa8-a258-f5f684b0b953

1 Console Messages

Source Level URL
Text
network error URL: https://script.crazyegg.com/pages/scripts/0078/5986.js
Message:
Failed to load resource: the server responded with a status of 410 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.hubspot.com
apt.techtarget.com
assets.convertiv.com
cdn.callrail.com
cdn2.hubspot.net
cdnjs.cloudflare.com
cdns.canddi.com
connect.facebook.net
d.adroll.com
d11dxp04.na1.hubspotlinks.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
hubs.li
js.hs-analytics.net
js.hs-banner.com
js.hscollectedforms.net
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.adroll.com
script.crazyegg.com
snap.licdn.com
sp.inky.com
stats.g.doubleclick.net
syndication.twitter.com
tags.srv.stackadapt.com
track.hubspot.com
trk.techtarget.com
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.inky.com
www.linkedin.com
104.244.42.8
108.174.10.14
13.225.87.55
142.250.185.66
151.139.243.18
206.19.49.24
2600:9000:225e:5c00:6:9280:1080:93a1
2606:2800:234:59:254c:406:2366:268c
2606:2c40::c73c:6702
2606:4700:3037::6815:4e07
2606:4700::6810:125e
2606:4700::6810:5505
2606:4700::6811:44b0
2606:4700::6811:81ab
2606:4700::6811:f4cc
2606:4700::6812:15bf
2606:4700::6812:1e69
2606:4700::6812:5c
2606:4700::6812:a34
2606:4700::6813:9308
2606:4700::6813:9a53
2620:119:50e4:101::6cae:b55
2620:1ec:21::14
2a00:1450:4001:803::2008
2a00:1450:4001:810::2003
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::200a
2a00:1450:400c:c00::9b
2a02:26f0:6c00::210:ba0b
2a02:26f0:6c00::210:ba11
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
35.168.195.200
52.205.8.225
52.48.221.73
54.90.31.9
00a838051c95fd70f609e56b14160f3b11f9cc925ebf863b6b6d05aa05f18410
02a8fdc6b827bcf0eb73dbb94e9122a788751242335ac5318447200c1c07a079
047b9b74686c6a74e926097d28820ddf0b10994f0ba0932f8edc986bf8a1d8ba
07bb44e69b9e0b890be4eb145632dfaa5c4d48cee258a7ec484f4d607b1fd16e
0956150ea686524d63a1ce792a96fffef2c4c80d48c8ff07f8d2b078624a007a
0c0fcee1a1af1b4c5fbebcd6e51655806b70aa2b5f0254a582c09f0df4eddd42
0cf469052f011566187feab5b6d3b5ca0b409998eae4900cad2f0c5ee224f076
0f0c2123d9e15b2a7e404638353b38d4c68ce38e711f05b54624fa39de932ae4
17218547984b8448bf19471effc4948fc986f8f0bc8131844b2bf6486bd706dc
18b4683501d54b788044d8887ab17cd96224cf707cd60dfec0d1b41b16a834ea
1cc423b713042e7f031abea5d376fbe260ffe404204d006da97734cb2271f426
1de922dc2ae12eef0b5a5ae06be3c89b8278a326643f9407f728e7b466b74a0b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26ad9839e159c14ec27a78d9d4c0dee34f81ed62b4c3e72a0f584f1329ffe609
27ab8e8ab0250fb799ec6fa0322cf1e91026ddadb30d18d09b58be29abe38d40
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f9d91a354279ae9600088ebac84ee928b90ee6ed2d87a2d9d188747a7ff22f3
33992895f60b3d46ed7f1b5d0f6e7bd5f1316a39349f7d50915eb48d766c5fa5
3415c691c1a67536e3e43d1a30a3834a06bb75049955f753ca3d71f480f9ca0a
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170
39b202b9a1e28a99db343abcf496268fbb37fea43416e5099a9c2b9934183ffc
3b98b770ede13e084c8799f8cb498b3828fccc59369d98c94d1fa9e3ae601c3f
3e6b47492e567f24365b69bb93c3baeb22e28b994d8aa78c2bd6d7463a533d24
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e
409a96e192a73fcc1dfb6e207569844ba62d6d881c703e7652309af14cb66b42
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea
43ac0ae9e90f01a0afabe35cc0aaa377336aac90759e74770251de89db0af44c
475b0d7206466f7697a94ce42f4d69d22ed7bbf34013be684093fa3393bed879
4b31dcd977f937aa7d0eef858a30208d41a0279dd35c25db4d1e795fed1ffdf2
4da6214e2844fa6d38c954972262abda76f86934a5a1da159e303b1c381e2713
4ec68727f75efbe7641fda5077ad3dc80169eb5ee236421053f829f95b39da26
5066eb8c5e597263405f571bf0e8ae80bab9fbe2322c2f95f0b8d76e3b1a8ca8
50cf303cfaa020fcbedd6ad1bf045a008cbb88dfc792f731f07235dd1ca13599
5110806a76e601c5dae3cf1f0ccb3c8245f85c1fc45550b6794b87cafcc8b93e
51583a0cf96be11c2e6f966f1575c9804dbeb09b10c2906eca870b319dfec9e2
54df0148d6da489c160a781a5ecb6ba67611c27405bf2c047997af62a16caede
564970ca3723a64d7b53f0013336ac0c9ce98095092b146db1d3e715af9d1bff
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5e3682888340c61b070917e680cc1eadba5e9e1975f6ea7e3c7aab4bcbb0b6b4
5ecb285028473354835a3f78befd9d0dca8ea9aeea3e07f5368b565e927a7a04
5f14f0efb563db7b23efaf394339a78bced6fd5ba649f049961a65476d928af5
617e3768b81dea63b0a0647c486c6d2bbad29de1ad932439ed8d4ee119a54385
62511dc98696fd33461df4e9be98fad27d34e72c9a97b11da393c9ef8d9214e7
69aea70ed00c6297e407afc0b1ccf6db9629eedc412bf0779467f3e462d346e3
6a0375fbb1b1cf7fbf3ce7c5014a75ddc974325d029f2bfcac652da23b8016ef
6a61b75825379d18038460dd8b96867a7f054117f71f509c01113d1fcac3f7a3
6ac089f5f1fe40dc6f4279ed44a86244800edf020b5f5add666467ec026fbddf
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
723fbf8d73cd4e75f64f7d21558585aa1658b11332e87bd288f6987e398ecfb4
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
74f9ed2313caf906226892361688adc61b60238a59f25af65d9743355eee815a
771324ae4a560483891a9bd337355ce91d26930c2776ef0d962af9bbe88eb901
78e9692792add64aa8fb3866cfe91a0336544268cbd70dd6e2c21136039cb047
79c1af1bac5243f1ea3b6930ffed18caa0dd80096fa54d7b56f519a2f9bf7ef5
7a58db67a5dcde12662868bde321be853777eecc5a973a09a963e50dee7e8507
7a7d6a52225baae5c38ae3c75b025f025798ab05aed480fa2d4650fb94efc90e
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7da6db022fcbf3b2ca0a4d7e9118c6c94d76e42ac67a5a258621197e5988f074
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855d465f9d66780e276e21a5fd3eb9284d9902936a5b6977df68f6a1117150dc
8689a4fccbe5d28d8091fb32c8decbed5159d30861dee3ed604426038907cf10
86cdeed3a208406fd390487c3b75fb5ba069befee48dfa1a0408b72156c16c4d
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d578112caf732d2d87102fc27471f76c5fc0ea43a2ca27e2e8500820cea5138
8e44335f2b36af76a10f307394ef0c0d70e89aa0d8560208959afcb4fdb73b60
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
92ee88f405da44cb713427ec8eda9e9c41f3f764442f98cb93c76c6329e657a2
92f06aa0c08d9c33784919876a0bf62eac35390b0d6f5d514131c209b4e05324
92fe9226922b323ea1ecdfaff17d5ba6f15955730888c9fb33c6b6b3421bd6c4
934034b9549a94b4bd62cf878d4230b45c68553addac60e23cc5d104eddb80ff
98c73c2f42dfd0656d5af03420c651c0d76bee43e0ca0f5ca391d47b02d8ef52
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
9fb2d2b4efd9725057d87e960115ff137596ca2a73723688cbf2bd502ee28bbe
a0e8f49ce2aa1c4720cc187c184c8d800182aea43645aa3193c0614703d0c8f4
a5789f099c795bde2831ced3eed1236ef4a21e99cdfdd48856ef3d8205a6f1fa
a6015b373b314875501f079b119da04a7c88b6b244ce333da1f8320869741306
a7392ee4cf4273e3600833bf0c3f9b078072ebd01302b795a9d38dc622f3d455
aafaa364e16ceee3bb02ae00305751a0a2600e60ce130ff3b1b2b28949a2dd8f
ac5000602bb127a5a07be117df96c48667d2e2a9fb1bb33d5ebb7c50e4480a88
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b23385c2f8745fffba70643c884aacbfeb0fc5c9e0ac6d2bc95098b055d6ca85
b6b2890ac59fa9d7beb98b703f1aedacb840f604e87f28c1425abed333e1fc9a
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c122495b87de46de17e9f018aabfa2a2bc92ca800d12560065fb901076515eb0
c1534e7ec1f21224f153911b3fdb3107dd589e0f46fd06b52aaaa65c51805004
c157d58154b3dfd729c41920e4a28023f93e8918f08ff290293930a15e6e81ce
c37d4473ae91e2e049cc9e72c2286297b7dbd1bb0a4288f3a8d48652f22f7ef3
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c6807d64d3047b86f1685a181bb8a25e666ca9867e63182d4c619c827265a093
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7395cb3e42311d894b6f20d9877912ec71e9d81c63a1292455923588c6e803b
ce20bf6892926586223505a0013107cff17c27cfcf4d6064f3ec1bff95e72d20
cf3e0ecae28a70c5e010c24c160321243efe54f497d49a6a8f31ca12ee7eb972
cfd3099998b0c37ace8024cbd802160585ba9be1c0047fefc172035184f074df
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
d54b7bd6f16af0988b2770aa935de1f5a2deb239798f234f321c7149cd3e4f3b
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
daab314890951d408604603cdd77b31b63ae2ca9cc3c313673ce259c1575f695
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de631a39041884e8e3e9866b8c83000ecb2e25169717870e2a41b589604d25e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46a063657d2eaccc67935453d50b61efede7263118a5d50ef5cca449fefe8fc
e59a5d5715fa6b9bee40ae3abb3b0284ad8ab79b2d326f347d9bf737db35d9ba
e668a8c0f1ed837da184d25114f1e5577af320932407a9c1b4337fea9f5cd46f
e683c8f7b4195f66b9ac585c5c85534f498d6139e601dc31977bacbdb595d15d
e7836e6e99b38cf5429a2780f7c5e13db1247e39503d6cd228d2fbd27ecf217c
ebdd736bacc0d5ec4a229edb007d4462882f24332a949d97f5d2ac8601399e91
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efaae52b12a9929fdbfd305a883750ae365852ac6f031ed726c0eaa5c840ccb6
f0830ad7230cbd409ce5219ad6574aff414092ab964ef2b96513bf282000e022
f35c52596780faa647385b4c22e232e3bdede90af7c80b234be63ea55d9918cf
f490a87810719d9fce4f0d169fb0cf1d74a006dc848f696a68026e72ccee6a7c
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f9f709d853d98fcc7f55df3d2d0081362c673c937379e30db281b8cf48e8fbf8
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
fca9fbc2b7bad4d08e4b4cfe80420df03b1bfa4cc2988540b4e816cc905bf33f
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd728cb08ada59cd3d3ec8bef3b2e6909eeeed49c7dbec172184368c568f5ef6
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df
fff426e1f2e0f6df1fdf4fd50790a29de380123e633dde9eb76290852785221c