got-phished.com Open in urlscan Pro
35.222.212.161 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hr.providerer.net/?r_id=01HBQC3W9EKB9ADWEWZ27Q3GHM
Effective URL:
https://got-phished.com/phished
Submission: On October 16 via manual (October 16th 2023, 11:51:39 am UTC) from IL — Scanned from DE

Summary HTTP 50 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 15 domains to perform 50 HTTP transactions. The main IP is 35.222.212.161, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is got-phished.com.
TLS certificate: Issued by R3 on September 25th 2023. Valid for: 3 months.

This is the only time got-phished.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	35.222.212.161 35.222.212.161	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:bc59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:170... 2a02:26f0:1700:11::b856:6785	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:d133	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:886::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:4cba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:f8a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
10	2a04:4e42:400... 2a04:4e42:400::644	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:eff9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:211... 2600:9000:211e:4600:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:224... 2600:9000:2240:f600:3:471f:5240:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:211... 2600:9000:211e:ac00:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.58 13.225.78.58	16509 (AMAZON-02) (AMAZON-02)
50	19

14 35.222.212.161 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 161.212.222.35.bc.googleusercontent.com

hr.providerer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
got-phished.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.wizer-training.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bc59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:11::b856:6785 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d133 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscta.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:886::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4cba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f8a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a04:4e42:400::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eff9 (United States)

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:4600:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-ssl.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2240:f600:3:471f:5240:93a1 (United States)

ASN16509 (AMAZON-02, US)

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:211e:ac00:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-cloudfront.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-58.fra2.r.cloudfront.net

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4560 embed-ssl.wistia.com — Cisco Umbrella Rank: 8638 pipedream.wistia.com — Cisco Umbrella Rank: 7286 embed-cloudfront.wistia.com distillery.wistia.com — Cisco Umbrella Rank: 7083	872 KB
11	got-phished.com got-phished.com	2 MB
5	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 7018 api.hubspot.com — Cisco Umbrella Rank: 5258 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 6556 track.hubspot.com — Cisco Umbrella Rank: 2658	26 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	3 KB
3	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4980 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5639	26 KB
2	wizer-training.com api.wizer-training.com	4 KB
1	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 7501	1 KB
1	gstatic.com fonts.gstatic.com	35 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	88 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5287	22 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2528	21 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2519	21 KB
1	hscta.net js.hscta.net — Cisco Umbrella Rank: 24323	7 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2742	1 KB
1	providerer.net 1 redirects hr.providerer.net	145 B
50	15

	Domain	Requested by
11	got-phished.com	got-phished.com
10	fast.wistia.com	got-phished.com fast.wistia.com
4	fonts.googleapis.com	got-phished.com
3	embed-cloudfront.wistia.com	fast.wistia.com
2	pipedream.wistia.com	fast.wistia.com
2	api.hubspot.com	js.usemessages.com
2	api.wizer-training.com	got-phished.com
2	consent.cookiebot.com	got-phished.com consent.cookiebot.com
1	distillery.wistia.com	fast.wistia.com
1	embed-ssl.wistia.com
1	track.hubspot.com
1	perf-na1.hsforms.com	got-phished.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	got-phished.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	js.hscta.net	got-phished.com
1	js.hs-scripts.com	got-phished.com
1	hr.providerer.net	1 redirects
50	23

This site contains links to these domains. Also see Links.

Domain
app.wizer-training.com

Subject Issuer	Validity	Valid
got-phished.com R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-06` - `2024-04-06`	a year	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-17` - `2024-04-17`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
api.wizer-training.com R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
*.wistia.com Amazon RSA 2048 M01	`2023-01-31` - `2024-02-29`	a year	crt.sh
pipedream-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M03	`2023-09-11` - `2024-10-09`	a year	crt.sh
stats-tap-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M01	`2023-09-13` - `2024-10-11`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://got-phished.com/phished
Frame ID: 6208E8405F12248102E1D0F61288D330
Requests: 49 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: DAE7EF19427989889DC041C0B0BFEFBA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Security Awareness Training

Page URL History Show full URLs

https://hr.providerer.net/?r_id=01HBQC3W9EKB9ADWEWZ27Q3GHM HTTP 302
https://got-phished.com/phished Page URL

Detected technologies

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

50
Requests

100 %
HTTPS

89 %
IPv6

15
Domains

23
Subdomains

19
IPs

2
Countries

2873 kB
Transfer

4533 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://app.wizer-training.com/
Title: Check Trainings

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hr.providerer.net/?r_id=01HBQC3W9EKB9ADWEWZ27Q3GHM HTTP 302
https://got-phished.com/phished Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request phished Show response
got-phished.com/
Redirect Chain

https://hr.providerer.net/?r_id=01HBQC3W9EKB9ADWEWZ27Q3GHM
https://got-phished.com/phished

7 KB
7 KB

499ms
148ms

Document
text/html

35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

baa6f67b389e501e9b898153d6914802667e065ed83c14d26c4f12284bd091e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 6742
content-type: text/html; charset=utf-8
date: Mon, 16 Oct 2023 11:51:32 GMT
etag: W/"1a56-QDbE7gl38LKesi93o1WWTelh2wA"
strict-transport-security: max-age=15724800; includeSubDomains
x-powered-by: Express

Redirect headers

content-length: 54
content-type: text/html; charset=utf-8
date: Mon, 16 Oct 2023 11:51:31 GMT
location: https://got-phished.com/phished
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin

GET
H2 200 css
fonts.googleapis.com/ 2 KB
891 B 261ms
48ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,800&display=swap

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13ca4842038641c42757dadc032305d79c15813b794858ab7a619277614dae60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Oct 2023 11:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:51:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Oct 2023 11:51:32 GMT

GET
H2 200 styles.css
got-phished.com/assets/fonts/material-outline-icons/ 1 KB
1 KB 417ms
415ms Stylesheet
text/css 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://got-phished.com/assets/fonts/material-outline-icons/styles.css

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

25e0db9643d7f31d66f5f135bd284815e91f077da8eaa5b9c0ade1d5f0befdcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/phished
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 29 Sep 2023 15:22:21 GMT
x-powered-by: Express
etag: W/"4e3-18ae1889bc8"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1251

GET
H2 200 5120248.js Show response
js.hs-scripts.com/ 2 KB
1 KB 460ms
174ms Script
application/javascript 2606:4700::6810:bc59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/5120248.js

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bc59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b822ac613f5c4785cd00bd5250a5b282228fc6956da694f5634ac08d001fa290

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 961ac633-99f8-4109-b4db-64d30f1d87f0
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 961ac633-99f8-4109-b4db-64d30f1d87f0
last-modified: Mon, 16 Oct 2023 11:28:20 GMT
server: cloudflare
x-trace: 2BEAE937C613097E55896483F51307D3FC1D773028000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://got-phished.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-fg7ss
cf-ray: 81701730cd0f2c43-FRA
expires: Mon, 16 Oct 2023 11:52:33 GMT

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 107 KB
24 KB 327ms
42ms Script
application/javascript 2a02:26f0:1700:11::b856:6785
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: got-phished.com
URL: https://got-phished.com/phished
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:11::b856:6785 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 02b9de7b7bf138e700920ae29919c78cf2188a5725d20499e79225860d164a67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date: Mon, 16 Oct 2023 11:51:33 GMT
content-encoding: gzip
last-modified: Wed, 27 Sep 2023 07:15:18 GMT
etag: "0476c5e12f1d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=170
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 24413
expires: Mon, 16 Oct 2023 11:54:23 GMT

GET
H2 200 current.js Show response
js.hscta.net/cta/ 18 KB
7 KB 267ms
57ms Script
application/javascript 2606:4700::6812:d133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscta.net/cta/current.js

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1f58a3e48f23d9036625e9f26553d5da8f45516cf308b6ae6fb2b0fe0d13b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-encoding: br
age: 33
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=cta-embed-js/static-1.226/bundles/current.js&cfRay=8170165fe9529048-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"7a7ad36467619447fadd7b98ce7f3800"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: cta-embed-js/static-1.226/bundles/current.js
date: Mon, 16 Oct 2023 11:51:32 GMT
x-amz-version-id: vhhL_YuOEeyrE1us6iU1p_IC2N0DFzup
via: 1.1 bcfffcf7e0fc8cd9cfe4125369a9f036.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 06a32ffe-a145-4dfe-a088-9d71ce349a03
x-cache: Hit from cloudfront
cache-tag: staticjsapp-CtaEmbed-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-evy-trace-route-configuration: listener_https/all
x-request-id: 06a32ffe-a145-4dfe-a088-9d71ce349a03
last-modified: Wed, 04 Oct 2023 01:26:06 UTC
server: cloudflare
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-q9rvq
cf-ray: 8170172cc96d1e5a-FRA
x-amz-cf-id: Slu9hVmTtYmoPplGf6z6SPk9rM8EnWTChcyEkxmntW0Kzi7FCzCM1Q==

GET
H2 200 15.51dc4b76.chunk.css
got-phished.com/static/css/ 11 KB
11 KB 272ms
271ms Stylesheet
text/css 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://got-phished.com/static/css/15.51dc4b76.chunk.css

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

c983b409aa7927cb591b75a2ef935b736d24129e8253cab3c7fb40f4f3d561a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/phished
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 29 Sep 2023 15:23:37 GMT
x-powered-by: Express
etag: W/"2b02-18ae189c4a8"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 11010

GET
H2 200 main.5d8be383.chunk.css
got-phished.com/static/css/ 121 KB
122 KB 416ms
415ms Stylesheet
text/css 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://got-phished.com/static/css/main.5d8be383.chunk.css

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

4ccdbd9a519309980a9ebf4f490fe7ba2a53a3d3a6eb0b6463264a1205e93712

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/phished
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 29 Sep 2023 15:23:37 GMT
x-powered-by: Express
etag: W/"1e5ae-18ae189c4a8"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 124334

GET
H2 200 15.9d013d6e.chunk.js Show response
got-phished.com/static/js/ 1 MB
1 MB 273ms
272ms Script
application/javascript 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://got-phished.com/static/js/15.9d013d6e.chunk.js

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

8e44fb0b4cda686bd6aa06cdde687ba7ab16de55a097ac08a64976ef1a1e3b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/phished
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 29 Sep 2023 15:23:37 GMT
x-powered-by: Express
etag: W/"132430-18ae189c4a8"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1254448

GET
H2 200 main.e939e8b3.chunk.js Show response
got-phished.com/static/js/ 334 KB
335 KB 416ms
415ms Script
application/javascript 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://got-phished.com/static/js/main.e939e8b3.chunk.js

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

ca08386c769e19356e491faed941803ac86836082a57db7bbe0dff7c82e01e50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/phished
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 29 Sep 2023 15:23:37 GMT
x-powered-by: Express
etag: W/"53658-18ae189c4a8"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 341592

GET
H2 200 bc-v4.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame DAE7 627 B
811 B 152ms
42ms Document
text/html 2a02:26f0:3500:886::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:886::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer: https://got-phished.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=30056826
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 11:51:33 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Sat, 28 Sep 2024 08:58:39 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1697457093418_388276619_105952310_19_681_44_42_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 cc.js Show response
consent.cookiebot.com/67b76de5-3442-4d94-9916-428b32bce00b/ 371 B
596 B 80ms
80ms Script
application/x-javascript 2a02:26f0:1700:11::b856:6785
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/67b76de5-3442-4d94-9916-428b32bce00b/cc.js?renew=false&referer=got-phished.com&dnt=false&init=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:11::b856:6785 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14bf45cdca5de1ada7644c4189d5f0d7cbf0b44af421c95fb2103e64ff3ed5a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:33 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=60
cross-origin-resource-policy: cross-origin
content-length: 359
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
H2 200 css
fonts.googleapis.com/ 679 B
440 B 91ms
89ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Heebo

Requested by

Host: got-phished.com
URL: https://got-phished.com/static/css/main.5d8be383.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

985949b8fad5482ff01b2b3027a1c5a0b63d52dfc9977f9dbe3d482c68a0767f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Oct 2023 11:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:13:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Oct 2023 11:51:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
710 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:400,500

Requested by

Host: got-phished.com
URL: https://got-phished.com/static/css/main.5d8be383.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2dda54e54c481d666851dbdeb8f66d397ec9fbfc803472f6d15e9217fabec93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Oct 2023 11:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 10:59:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Oct 2023 11:51:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
562 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,500,600

Requested by

Host: got-phished.com
URL: https://got-phished.com/static/css/main.5d8be383.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d5c55334086c8063bb57d27065e4d4d218b6290d7225aff975a021b32fc8731

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Oct 2023 11:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:51:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Oct 2023 11:51:33 GMT

GET
H2 200 5120248.js Show response
js.hs-analytics.net/analytics/1697457000000/ 66 KB
21 KB 418ms
242ms Script
text/javascript 2606:4700::6810:4cba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1697457000000/5120248.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5120248.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4cba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2b312fbcbc50d004d2de9b7ba5f9a1f2c4aa48d0405009ba8eb8c8e65fff0bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:33 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: J2X1WZ9QZQ2PZMPA
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: dc57c204-6be5-4d52-b7e1-3347084c655a
x-envoy-upstream-service-time: 18
x-amz-id-2: E8n6LVEPHBokyGvcSkUr5Ej8f6FDL0C6F4AEN6grTsu/gCp7kSD+utbm/c9ET5dHs2Evc4LFV10=
x-evy-trace-listener: listener_https
x-request-id: dc57c204-6be5-4d52-b7e1-3347084c655a
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 12 Oct 2023 15:03:44 GMT
server: cloudflare
etag: W/"2d955e973b792a145a2c43594cef758a"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-8ghtd
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 817017330d293829-FRA
expires: Mon, 16 Oct 2023 11:56:33 GMT

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 75 KB
23 KB 419ms
244ms Script
application/javascript 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5120248.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acabd35f2b1e9987602b0dd006d22beaaf59d64d55aa0b1182953f605b4aedca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://got-phished.com/
Origin: https://got-phished.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.603/bundles/project.js&cfRay=817017330b4d694c-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"05df44f442894aeff6db4cae78774575"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.603/bundles/project.js
date: Mon, 16 Oct 2023 11:51:33 GMT
x-amz-version-id: CUHT59SEc6aYYLtp23JCKXXA_T1K86mL
via: 1.1 f01dafb3bec9893b47152910d47900a4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 4b7a1f22-0428-4f45-9501-52cc89aaed74
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
x-evy-trace-route-configuration: listener_https/all
x-request-id: 4b7a1f22-0428-4f45-9501-52cc89aaed74
last-modified: Thu, 12 Oct 2023 02:04:49 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOYHO8MAR1BhH5Mu3%2BPdxSsPpqDbDvSy4e2cJvCHQiRJHj5pjDAPOoesKXaEusV7leTAP80QQ9awuxPqKw%2FZnQOSbscHMt5hE6DupuwzzqjL27twaIlcWPhzc0PPRr69Q19YV0XnRJd%2F2ZgP"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-bnhh6
cf-ray: 817017330b4d694c-FRA
x-amz-cf-id: g-jAnuVaYtuHbQQ4RvWzpTZn73tD3RpVdN1oPJfWelRiyaVp2Q-W_g==

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/5120248/ 70 KB
21 KB 424ms
249ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/5120248/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5120248.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10b45747b96b18ff1d59fb059a8466ee5ede337e0225e2215a7b12c25bac33bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:33 GMT
x-amz-version-id: z_puhP9MRPTels6C747Erkb0YZJ3DPyh
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: DK6R33F1RDNVYZSC
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 2d7d8229-3a1f-4708-9f80-8fdcc6edf8e9
x-envoy-upstream-service-time: 36
x-amz-id-2: HCwB3N18drEOq+gYiKfpJAhqfJzfeRprBItBbEtsEMnMUyUkYDiKDRfgdRy3pslifRp9YLOKe+8=
x-evy-trace-listener: listener_https
x-request-id: 2d7d8229-3a1f-4708-9f80-8fdcc6edf8e9
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 26 Sep 2023 19:30:22 GMT
server: cloudflare
etag: W/"efd8190687ba525778b4418092851ea8"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://videos.wizer-training.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-8ghtd
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 817017330d7a2c4b-FRA
expires: Mon, 16 Oct 2023 11:56:33 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 76 KB
22 KB 415ms
240ms Script
application/javascript 2606:4700::6811:f8a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5120248.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f8a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10e7b81bac41ad0da1d3f4a3498669f984e84db9d54eedf10e8e7d5b059c5d08

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:33 GMT
x-amz-version-id: q7mMdyrgJRb2V1PNW0MT.lJmDYHWhi5r
via: 1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 480
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.14392/bundles/project.js&cfRay=81700b7a0f84380e-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: bc6657ef-4fa0-44ae-8ff3-04c3ad03205b
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: bc6657ef-4fa0-44ae-8ff3-04c3ad03205b
last-modified: Tue, 10 Oct 2023 02:47:57 UTC
server: cloudflare
etag: W/"8150bb6bff68cbcd9e5f8f6c23b586ae"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-hgw6b
cf-ray: 8170173309e637f5-FRA
x-amz-cf-id: SCjdvGaHZfJ3Cn64gypcb9T0RYC5wjegj_T89zZNz1DyXhO4SM-a9w==
x-hs-target-asset: conversations-embed/static-1.14392/bundles/project.js

GET
H2 200 reactPlayerWistia.286f8ef0.chunk.js Show response
got-phished.com/static/js/ 6 KB
6 KB 322ms
321ms Script
application/javascript 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://got-phished.com/static/js/reactPlayerWistia.286f8ef0.chunk.js

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

e490e645edb31fd016bfc53b41971fcd421acd5fc4bdd66452c96bc2dd5522ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/phished
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:33 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 29 Sep 2023 15:23:37 GMT
x-powered-by: Express
etag: W/"177b-18ae189c4a8"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 6011

GET
H2 200 wizer_bg_logo_white.2a75021d.svg
got-phished.com/static/media/ 6 KB
6 KB 314ms
313ms Image
image/svg+xml 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://got-phished.com/static/media/wizer_bg_logo_white.2a75021d.svg

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

5f438d14adda199463fc44ce9e32fe0d5494b3af4de658b82e5890a019621023

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/phished
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:33 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 29 Sep 2023 15:23:37 GMT
x-powered-by: Express
etag: W/"1631-18ae189c4a8"
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 5681

GET
H2 200 phishing.36dbb6cd.svg
got-phished.com/static/media/ 7 KB
7 KB 314ms
314ms Image
image/svg+xml 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://got-phished.com/static/media/phishing.36dbb6cd.svg

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

1b4d60cfe13805f33f23527f884619463b4d5c688d17835e10f5203afeb6fec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/phished
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:33 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 29 Sep 2023 15:23:37 GMT
x-powered-by: Express
etag: W/"1c1b-18ae189c4a8"
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 7195

GET
H2 200 arrowDownPhishing.fe5d22eb.svg
got-phished.com/static/media/ 604 B
834 B 301ms
301ms Image
image/svg+xml 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://got-phished.com/static/media/arrowDownPhishing.fe5d22eb.svg

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

eafc098f5e53e49f564606de79ca398632a0538e75538dfd18f7ac6ec49ab502

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/phished
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:33 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 29 Sep 2023 15:23:37 GMT
x-powered-by: Express
etag: W/"25c-18ae189c4a8"
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 604

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
88 KB 847ms
61ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MQ5Q4MBM7N&l=ga4DataLayer

Requested by

Host: got-phished.com
URL: https://got-phished.com/static/js/15.9d013d6e.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e9cb40eb81fe816da47b49d87871b8cda9a0489464377e23330763e01a7b5195

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90189
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 16 Oct 2023 11:51:34 GMT

GET
H2 200 water.e55d26d4.svg
got-phished.com/static/media/ 20 KB
20 KB 312ms
311ms Image
image/svg+xml 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://got-phished.com/static/media/water.e55d26d4.svg

Requested by

Host: got-phished.com
URL: https://got-phished.com/static/css/main.5d8be383.chunk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

ab4ef091c82daa5d555d4c02a10ea3ce27f42065ec673ee195e5baeb66e06e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/static/css/main.5d8be383.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:33 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 29 Sep 2023 15:23:37 GMT
x-powered-by: Express
etag: W/"506f-18ae189c4a8"
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 20591

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 35 KB
35 KB 828ms
41ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://got-phished.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 22:38:07 GMT
x-content-type-options: nosniff
age: 220407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35448
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Oct 2024 22:38:07 GMT

GET
H2 200 got-phished.com Show response
api.wizer-training.com/api/v1/white_label/company/by-domain/customDomainWeb/ 1 KB
2 KB 945ms
186ms XHR
application/json 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.wizer-training.com/api/v1/white_label/company/by-domain/customDomainWeb/got-phished.com

Requested by

Host: got-phished.com
URL: https://got-phished.com/static/js/15.9d013d6e.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

Resource Hash

b36defd8d316a6bef9304085628500c4c258458fd97c18c6a581c52dc596f146

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://got-phished.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:34 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 1456
x-xss-protection: 0
referrer-policy: no-referrer
etag: W/"5b0-BoeeX4BpZ+MFpINWjtw22WzG88o"
expect-ct: max-age=0
x-download-options: noopen
access-control-allow-methods: GET,POST,PUT,HEAD,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://got-phished.com
access-control-allow-credentials: true

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 216ms
199ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=5120248&conversations-embed=static-1.14392&mobile=false&messagesUtk=38073e07d93e4592b5ac072252fedb91&traceId=38073e07d93e4592b5ac072252fedb91

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://got-phished.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://got-phished.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 81701734bd53694c-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Mon, 16 Oct 2023 11:51:34 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pl2P2EjTMxDZHtBCE8c%2Fnl44RzCpXLtLaZOVyGVE7P1SGFhaZ%2FpmYdcJ4VF16aylcgCJinFejCGqIFvG9mvklKPY64I40GDZ0ZKVkMUfNhcDwwrWFl8Qw4G1u6ZcdV5OH9beetIeUZsPlrEgZg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 36
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-v4vbd
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 3e310338-b2ca-4e15-b261-50d40d2d0f06
x-request-id: 3e310338-b2ca-4e15-b261-50d40d2d0f06
x-trace: 2B73F30CD8FFD09C3354E22CD2F8AFB1AEBA4C664E000000000000000000

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 265 B
1 KB 198ms
197ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ade6079d9359d2f0cfe739035663e008176a0817cebe6116375fc2fafc153384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://got-phished.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://got-phished.com/phished
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d334d3bc-c4a0-4179-a229-7d64efad8bac
x-envoy-upstream-service-time: 37
content-length: 206
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d334d3bc-c4a0-4179-a229-7d64efad8bac
server: cloudflare
x-trace: 2BF24419253DC9994330D77C63C02D57648F6847A1000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://got-phished.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-fg7ss
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g29UB9S3zHfjWAY%2FwcPfyiCE8KnozOPvQsuuoZ%2FoahUwqM%2F5aYDkhEcofZObpxUhs8pcxTYONiSh05axpVzklThlp58mVUWHZCoyCUlTmiSNe%2B3AFOg23X%2BXR%2BSxjO97DqsIyxPQMVSeFEo3fA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 81701735ff21694c-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 246 B
1 KB 159ms
158ms Fetch
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=5120248&currentUrl=https%3A%2F%2Fgot-phished.com%2Fphished

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97824daa6d5a75e1aa86b8148af2fa935276f4aa8abe1d050fd861d325a5686e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 32faea3d-2f87-4683-ab75-3e203b33d84b
content-encoding: br
x-envoy-upstream-service-time: 12
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 32faea3d-2f87-4683-ab75-3e203b33d84b
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://got-phished.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBqGOsMSZo6%2B9h6mz3yZQD4rA0rZrOBpAM4NwgxKzPpWGuXS97wO3KYyyo4tlUCd2Wf32yrEJRJK%2BTOXa5FDt4PkBB3Zhg8E5kyJdaZpfAhz0lJgg5X8uT3R8cyAfLmkxLEE6WzzmvfBe74B89MRma64LHMfrzKRfMY%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 81701734bd4c694c-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-r55k7

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 735 KB
125 KB 503ms
41ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: got-phished.com
URL: https://got-phished.com/static/js/15.9d013d6e.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fb05b51f9caf308607ca5b9d254dcf39b3801315f03337cd318ce057325c1b1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:34 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 2472
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 127644
x-served-by: cache-iad-kjyo7100155-IAD, cache-fra-eddf8230060-FRA
x-browser-version: 118
last-modified: Fri, 13 Oct 2023 14:08:56 GMT
server: AmazonS3
x-timer: S1697457094.450383,VS0,VE0
etag: "c59a9bf1b115957358969a10431581e8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 9de661d852791da4eb27b4bd4c092e47ba5dddeb
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6, 372

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
1 KB 568ms
152ms Image
image/gif 2606:4700::6811:eff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:eff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Mon, 16 Oct 2023 11:51:34 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: b0793f55-d3c3-48a4-8247-334b1cc6f093
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b0793f55-d3c3-48a4-8247-334b1cc6f093
Last-Modified: Mon, 16 Oct 2023 11:51:34 GMT
Server: cloudflare
X-Trace: 2B93AE113E5EA37F2819213D4E769029D0B880DC49000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-swd7n
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 817017385cc2bc03-FRA

GET
H2 200 ud6nby85sm.json Show response
fast.wistia.com/embed/medias/ 4 KB
2 KB 136ms
44ms Fetch
application/json 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/ud6nby85sm.json

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

47e4bafb3134595082180ec1f9b56f48accc8f276de09343dba4e2df8d79ee38

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 9bba1485ff47cf63bc393925f38d12fc.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD61-P1
age: 143481
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 128
content-length: 1671
x-request-id: e615eacd-7e17-48b5-b876-6bd9f8f90e42
x-served-by: cache-iad-kjyo7100039-IAD, cache-fra-eddf8230059-FRA
x-runtime: 0.126248
x-browser-version: 118
server: envoy
x-timer: S1697457095.751563,VS0,VE1
etag: W/"47e4bafb3134595082180ec1f9b56f48"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: plvwHXe0baaq5RZdlTOj0COHzkWhROoAOHZHGTVyEUMw67NLO2AOlw==
x-cache-hits: 2, 1

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 277ms
176ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3857904254&v=1.1&a=5120248&pu=https%3A%2F%2Fgot-phished.com%2Fphished&t=Security+Awareness+Training&cts=1697457094647&vi=d71a29c7035ca15b082c44af07ff5e77&nc=true&u=86665159.d71a29c7035ca15b082c44af07ff5e77.1697457094644.1697457094644.1697457094644.1&b=86665159.1.1697457094644&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ec71a3b4-7ad3-4c8e-a403-650aeb0d1244
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 14
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ec71a3b4-7ad3-4c8e-a403-650aeb0d1244
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvRdJNOJvznZ9kf5gz1ajPxBPCteyieFyNHXHyiPhWH4tJZwY9mFxWPL%2Fwwop0yaia5c8WgCexK2m8Te0n6sD2SDfxxBuMz7Sbz1d1%2FvRAVxWg5EP%2BtH8afxyHNAJrDCZP3sbrub%2FY%2FFF%2BGNRoQb"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-674b9fb979-p49q2
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8170173a4d38373d-FRA
x-robots-tag: none

GET
H2 200 got-phished.com Show response
api.wizer-training.com/api/v1/white_label/company/by-domain/customDomainWeb/ 1 KB
2 KB 184ms
184ms XHR
application/json 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.wizer-training.com/api/v1/white_label/company/by-domain/customDomainWeb/got-phished.com

Requested by

Host: got-phished.com
URL: https://got-phished.com/static/js/15.9d013d6e.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

Resource Hash

b36defd8d316a6bef9304085628500c4c258458fd97c18c6a581c52dc596f146

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://got-phished.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:34 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 1456
x-xss-protection: 0
referrer-policy: no-referrer
etag: W/"5b0-BoeeX4BpZ+MFpINWjtw22WzG88o"
expect-ct: max-age=0
x-download-options: noopen
access-control-allow-methods: GET,POST,PUT,HEAD,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://got-phished.com
access-control-allow-credentials: true

GET
H2 200 captions.js Show response
fast.wistia.com/assets/external/ 162 KB
33 KB 42ms
42ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/captions.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

787117993ff133017ebd9d26de2d6f3388939be176cb1172181c6ae83b7b5bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:34 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 2940
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 33730
x-served-by: cache-iad-kiad7000140-IAD, cache-fra-eddf8230060-FRA
x-browser-version: 118
last-modified: Fri, 13 Oct 2023 14:08:56 GMT
server: AmazonS3
x-timer: S1697457095.811557,VS0,VE0
etag: "169f486705b9050afcba140df329f189"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 9de661d852791da4eb27b4bd4c092e47ba5dddeb
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 62, 81

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 79 KB
21 KB 44ms
43ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dae356e5ba8c4f402084b3831b9836e10c3e7fdd7fa24cf88a3c4211e42a66b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://got-phished.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:34 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 2647
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 21026
x-served-by: cache-iad-kiad7000044-IAD, cache-fra-eddf8230059-FRA
x-browser-version: 118
last-modified: Fri, 13 Oct 2023 14:08:56 GMT
server: AmazonS3
x-timer: S1697457095.897800,VS0,VE0
etag: "a349eca1d68c9a8939b28cff1f372a58"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 9de661d852791da4eb27b4bd4c092e47ba5dddeb
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3, 211

GET
H2 200 ud6nby85sm.json Show response
fast.wistia.com/embed/captions/ 2 KB
1 KB 214ms
214ms Fetch
application/json 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/captions/ud6nby85sm.json

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/captions.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

fd1071098e50bc8fafd2ff49d8b23a6f077212439a4538e3baa87bcda7886b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 40b60aeaf88b52755048e453b78f096e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD61-P1
age: 0
x-cache: Miss from cloudfront, HIT, MISS
x-envoy-upstream-service-time: 89
content-length: 765
x-request-id: cf4aabdd-3c09-4019-a027-0b797c1a011f
x-served-by: cache-iad-kiad7000114-IAD, cache-fra-eddf8230059-FRA
x-runtime: 0.086922
x-browser-version: 118
server: envoy
x-timer: S1697457095.899182,VS0,VE172
etag: W/"fd1071098e50bc8fafd2ff49d8b23a6f"
vary: Accept-Encoding,X-Forwarded-Proto
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: gIwqohcVsL5LkUHIMUQ-TpvIAPQAMte2BQL5MTpzEBvmlqiJhk9X6Q==
x-cache-hits: 0, 0

GET
H2 200 interFontFace.js Show response
fast.wistia.com/assets/external/ 45 KB
18 KB 43ms
42ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/interFontFace.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/captions.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e3d653cf287a3212e8c5f8d68f2af6563d062b2aaf37348d0b1c5c1798dc22a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://got-phished.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:34 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3321
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 18267
x-served-by: cache-iad-kjyo7100141-IAD, cache-fra-eddf8230059-FRA
x-browser-version: 118
last-modified: Fri, 13 Oct 2023 14:08:56 GMT
server: AmazonS3
x-timer: S1697457095.909122,VS0,VE0
etag: "9273139b4f23d8c9635da27dfe1931ba"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 9de661d852791da4eb27b4bd4c092e47ba5dddeb
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12, 118

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Referer
Origin: https://got-phished.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 a1546c9b7265507f4fb908d9039c7db0.webp
embed-ssl.wistia.com/deliveries/ 56 KB
57 KB 618ms
450ms Image
image/webp 2600:9000:211e:4600:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/a1546c9b7265507f4fb908d9039c7db0.webp?image_crop_resized=1920x1080
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4600:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 8bac71ccb81f3bcd179fe3e3a6fb61ee9fb18523a5a59908aaa8344f0c4acea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:35 GMT
access-control-request-method: *
via: 1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
edge-cache-tag: a1546c9b7265507f4fb908d9039c7db0
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 305
content-disposition: inline
surrogate-key: a1546c9b7265507f4fb908d9039c7db0 thumbnail-delivery
last-modified: Tue, 28 Feb 2023 11:39:30 UTC
server: envoy
etag: -TMvUehWvvkUj-zCDNXAzXz3tqQ=
vary: Origin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: none
x-amz-cf-id: 6xQdKiGzWQb_BNvw_fMYhnihP0mXQ1ScrOTY7tH352WVSTuAdfvVwA==

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
329 B 234ms
133ms Fetch
text/plain 2600:9000:2240:f600:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:f600:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://got-phished.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 16 Oct 2023 11:51:35 GMT
via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 1
content-length: 2
x-amz-cf-id: QVZNuzN2hhCpdSA3V5tOeWNiSzjapV4ZW3CxsNNy2Kfmiq1kisaKwA==

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 473 KB
115 KB 42ms
42ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c69d1d24eb7ec785685f0cba2609b03862c7df093103b45153751096aa4f9a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://got-phished.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:35 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3074
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 117665
x-served-by: cache-iad-kiad7000111-IAD, cache-fra-eddf8230059-FRA
x-browser-version: 118
last-modified: Fri, 13 Oct 2023 14:08:56 GMT
server: AmazonS3
x-timer: S1697457096.625616,VS0,VE0
etag: "155c28b4352d36b9a83707626ce6cca4"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 9de661d852791da4eb27b4bd4c092e47ba5dddeb
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 174

GET
H2 200 ud6nby85sm.m3u8 Show response
fast.wistia.com/embed/medias/ 734 B
1 KB 44ms
43ms XHR
application/x-mpegurl 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/ud6nby85sm.m3u8

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a9597d08f05f1eda205f2816b09995376a4658bafc29184a462f798c18f82914

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:35 GMT
via: 1.1 eb9a7c491927f70f3921f0803caae61c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD61-P1
age: 109771
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 27
content-length: 734
x-request-id: 51fe6858-0723-4e49-a290-fa00f83fcd82
x-served-by: cache-iad-kcgs7200124-IAD, cache-fra-eddf8230059-FRA
x-runtime: 0.025949
x-browser-version: 118
server: envoy
x-timer: S1697457096.760123,VS0,VE1
etag: W/"a9597d08f05f1eda205f2816b0999537"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: -dq67zpPsaS9-0X0MfoeT-U2Y5nwuLol89J1Af6u8NYHbe9o7o8Wsg==
x-cache-hits: 1, 1

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
2 KB 42ms
41ms Image
image/gif 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://got-phished.com/
Origin: https://got-phished.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:35 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1739
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kjyo7100021-IAD, cache-fra-eddf8230059-FRA
x-browser-version: 118
last-modified: Wed, 10 May 2023 19:48:54 GMT
server: AmazonS3
x-timer: S1697457096.765142,VS0,VE0
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8271863, 134

GET
H2 200 95595f9d5a2d174dc2fefc5a85c0eef6c25f96cb.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 1 KB
2 KB 138ms
42ms XHR
application/vnd.apple.mpegurl 2600:9000:211e:ac00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/95595f9d5a2d174dc2fefc5a85c0eef6c25f96cb.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:ac00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 6bd80b6edb251675670162cbb2510870e0ea1d9c72b8a85618c3fac9f7cbb572

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 05:22:04 GMT
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 109771
edge-cache-tag: 95595f9d5a2d174dc2fefc5a85c0eef6c25f96cb-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 380
content-length: 1462
surrogate-key: 95595f9d5a2d174dc2fefc5a85c0eef6c25f96cb-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: AdoL4jmBF4LoZcp71T1f-a9okOh82spSRgDpAvVQ-LhVtVoeGR6dYw==
expires: Mon, 14 Oct 2024 05:22:04 GMT

GET
H2 200 seg-1-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/95595f9d5a2d174dc2fefc5a85c0eef6c25f96cb.m3u8/ 485 KB
486 KB 50ms
50ms XHR
video/mp2t 2600:9000:211e:ac00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/95595f9d5a2d174dc2fefc5a85c0eef6c25f96cb.m3u8/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:ac00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: b6af15c9a2a553d977b02155445a85b1ae526a7cbb866aa1cee4376869c14f00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 05:22:05 GMT
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 109770
edge-cache-tag: 95595f9d5a2d174dc2fefc5a85c0eef6c25f96cb-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 60
content-length: 496696
surrogate-key: 95595f9d5a2d174dc2fefc5a85c0eef6c25f96cb-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: LrG2XUzvbUY_LvtNqOVa7sxSh4-mu0q_nTZj_Q-KUO0Gd8CebxZjXw==
expires: Mon, 14 Oct 2024 05:22:05 GMT

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 23 KB
6 KB 50ms
49ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ebe506778ec4bf3f365a090a99575851b0e49e289b6381ee90124f7c3ffdcaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://got-phished.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:35 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 2877
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 5792
x-served-by: cache-iad-kjyo7100027-IAD, cache-fra-eddf8230059-FRA
x-browser-version: 118
last-modified: Fri, 13 Oct 2023 14:08:56 GMT
server: AmazonS3
x-timer: S1697457096.962138,VS0,VE0
etag: "301a60a3eca06e575ab6247b2d2f7ab4"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 9de661d852791da4eb27b4bd4c092e47ba5dddeb
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 116

POST
H2 204 x
distillery.wistia.com/ 0
0 245ms
132ms Fetch 13.225.78.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-58.fra2.r.cloudfront.net
Software: envoy /
Resource Hash

Request headers

Referer: https://got-phished.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 16 Oct 2023 11:51:36 GMT
via: 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
x-amz-cf-id: AGiVIuYdkZB8y2j4SzmLXP1cAIkn9SOrKSOz5_Yk_IMHa3UQPQmaHA==

GET
H2 200 44d2a9922c5c43ff5fa41a10c95bea282a685ca3.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 1 KB
2 KB 275ms
275ms XHR
application/vnd.apple.mpegurl 2600:9000:211e:ac00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/44d2a9922c5c43ff5fa41a10c95bea282a685ca3.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:ac00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 1f32aa7f1db5b96ff04d7af1ba79e0248c3e64520a9e270c6e917c409916a872

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 11:51:36 GMT
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
edge-cache-tag: 44d2a9922c5c43ff5fa41a10c95bea282a685ca3-hls-segment
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 139
content-length: 1462
surrogate-key: 44d2a9922c5c43ff5fa41a10c95bea282a685ca3-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: mPsNZBM6Y_LUxUgt8D5Y5VLuVGkHNqb1vSJBN26muiInvnQHtjcbgg==
expires: Tue, 15 Oct 2024 11:51:36 GMT

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
329 B 134ms
134ms Fetch
text/plain 2600:9000:2240:f600:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:f600:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://got-phished.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 16 Oct 2023 11:51:36 GMT
via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 1
content-length: 2
x-amz-cf-id: Hv27SCuPXwZV_TMkxxFx6dI2W30KUliEkpgUtSrXezypWPDcxk_GPg==

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
got-phished.com/	1970-01-20 19:50:09	Name: __hstc Value: 86665159.d71a29c7035ca15b082c44af07ff5e77.1697457094644.1697457094644.1697457094644.1
got-phished.com/	1970-01-20 19:50:09	Name: hubspotutk Value: d71a29c7035ca15b082c44af07ff5e77
got-phished.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
got-phished.com/	1970-01-20 15:30:58	Name: __hssc Value: 86665159.1.1697457094644
.hubspot.com/	1970-01-20 15:30:58	Name: __cf_bm Value: 4jU5DpDufYoOeAeatwcAbQQHqXe1P7k6LKqsHjsY.k0-1697457094-0-AXsVEVbms1xlNeBRmoJsy3HjaKmCPBtgb1uheNbjww+0irRiymSCpBmZygl1C0F4XvsLGWSoOicZVa2WlH3zlBQ=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
api.wizer-training.com
consent.cookiebot.com
consentcdn.cookiebot.com
cta-service-cms2.hubspot.com
distillery.wistia.com
embed-cloudfront.wistia.com
embed-ssl.wistia.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
got-phished.com
hr.providerer.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscta.net
js.hubspot.com
js.usemessages.com
perf-na1.hsforms.com
pipedream.wistia.com
track.hubspot.com
www.googletagmanager.com
13.225.78.58
2600:9000:211e:4600:1e:c86:4140:93a1
2600:9000:211e:ac00:1e:c86:4140:93a1
2600:9000:2240:f600:3:471f:5240:93a1
2606:4700:4400::6812:22e5
2606:4700::6810:4cba
2606:4700::6810:bc59
2606:4700::6811:eff9
2606:4700::6811:f8a8
2606:4700::6812:d133
2606:4700::6813:9b53
2a00:1450:4001:800::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2008
2a02:26f0:1700:11::b856:6785
2a02:26f0:3500:886::f09
2a04:4e42:400::644
35.222.212.161
02b9de7b7bf138e700920ae29919c78cf2188a5725d20499e79225860d164a67
10b45747b96b18ff1d59fb059a8466ee5ede337e0225e2215a7b12c25bac33bf
10e7b81bac41ad0da1d3f4a3498669f984e84db9d54eedf10e8e7d5b059c5d08
13ca4842038641c42757dadc032305d79c15813b794858ab7a619277614dae60
14bf45cdca5de1ada7644c4189d5f0d7cbf0b44af421c95fb2103e64ff3ed5a8
1b4d60cfe13805f33f23527f884619463b4d5c688d17835e10f5203afeb6fec1
1d5c55334086c8063bb57d27065e4d4d218b6290d7225aff975a021b32fc8731
1f32aa7f1db5b96ff04d7af1ba79e0248c3e64520a9e270c6e917c409916a872
25e0db9643d7f31d66f5f135bd284815e91f077da8eaa5b9c0ade1d5f0befdcf
3ebe506778ec4bf3f365a090a99575851b0e49e289b6381ee90124f7c3ffdcaf
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
47e4bafb3134595082180ec1f9b56f48accc8f276de09343dba4e2df8d79ee38
4ccdbd9a519309980a9ebf4f490fe7ba2a53a3d3a6eb0b6463264a1205e93712
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5f438d14adda199463fc44ce9e32fe0d5494b3af4de658b82e5890a019621023
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bd80b6edb251675670162cbb2510870e0ea1d9c72b8a85618c3fac9f7cbb572
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
787117993ff133017ebd9d26de2d6f3388939be176cb1172181c6ae83b7b5bde
8bac71ccb81f3bcd179fe3e3a6fb61ee9fb18523a5a59908aaa8344f0c4acea0
8e44fb0b4cda686bd6aa06cdde687ba7ab16de55a097ac08a64976ef1a1e3b99
97824daa6d5a75e1aa86b8148af2fa935276f4aa8abe1d050fd861d325a5686e
985949b8fad5482ff01b2b3027a1c5a0b63d52dfc9977f9dbe3d482c68a0767f
a1f58a3e48f23d9036625e9f26553d5da8f45516cf308b6ae6fb2b0fe0d13b4e
a2dda54e54c481d666851dbdeb8f66d397ec9fbfc803472f6d15e9217fabec93
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a9597d08f05f1eda205f2816b09995376a4658bafc29184a462f798c18f82914
ab4ef091c82daa5d555d4c02a10ea3ce27f42065ec673ee195e5baeb66e06e35
acabd35f2b1e9987602b0dd006d22beaaf59d64d55aa0b1182953f605b4aedca
ade6079d9359d2f0cfe739035663e008176a0817cebe6116375fc2fafc153384
b36defd8d316a6bef9304085628500c4c258458fd97c18c6a581c52dc596f146
b6af15c9a2a553d977b02155445a85b1ae526a7cbb866aa1cee4376869c14f00
b822ac613f5c4785cd00bd5250a5b282228fc6956da694f5634ac08d001fa290
baa6f67b389e501e9b898153d6914802667e065ed83c14d26c4f12284bd091e9
c69d1d24eb7ec785685f0cba2609b03862c7df093103b45153751096aa4f9a95
c983b409aa7927cb591b75a2ef935b736d24129e8253cab3c7fb40f4f3d561a6
ca08386c769e19356e491faed941803ac86836082a57db7bbe0dff7c82e01e50
dae356e5ba8c4f402084b3831b9836e10c3e7fdd7fa24cf88a3c4211e42a66b2
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e2b312fbcbc50d004d2de9b7ba5f9a1f2c4aa48d0405009ba8eb8c8e65fff0bb
e3d653cf287a3212e8c5f8d68f2af6563d062b2aaf37348d0b1c5c1798dc22a0
e490e645edb31fd016bfc53b41971fcd421acd5fc4bdd66452c96bc2dd5522ac
e9cb40eb81fe816da47b49d87871b8cda9a0489464377e23330763e01a7b5195
eafc098f5e53e49f564606de79ca398632a0538e75538dfd18f7ac6ec49ab502
fb05b51f9caf308607ca5b9d254dcf39b3801315f03337cd318ce057325c1b1d
fd1071098e50bc8fafd2ff49d8b23a6f077212439a4538e3baa87bcda7886b25
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

got-phished.com Open in urlscan Pro 35.222.212.161 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

89 %IPv6

15 Domains

23 Subdomains

19 IPs

2 Countries

2873 kBTransfer

4533 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

got-phished.com Open in urlscan Pro
35.222.212.161 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

89 %
IPv6

15
Domains

23
Subdomains

19
IPs

2
Countries

2873 kB
Transfer

4533 kB
Size

5
Cookies

50 HTTP transactions
1 data transactions