phished.io Open in urlscan Pro
2606:4700::6812:ea2  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request dos-and-donts-for-a-successful-internal-phishing-campaign Show response phished.io/blog/	109 KB 27 KB	265ms 112ms	Document text/html	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88bb148dec88ce18d19508bac993bb59dcb1406ceea4fc9c019640d02a6351ee Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control public, s-maxage=31536000, max-age=0 cf-cache-status DYNAMIC cf-ray 81fc5c437fc123b2-LHR content-encoding br content-security-policy-report-only script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=CGWiUSGuZCQWYn5YfcsZNOOfkv43y8GFAzyyUTWqFWU-1698927928-0-AZBISb3A6ekAiPN2Lo5hdXT_TSShfAXSZCHpbFyg9ds0UOA86o2SFZ0Qp-ufXVrsFEFjCBmOKOiStu2C2ZaFqOUM8hw6co5tyo9_b-37KzGxHvhD3Q52FMB5hOFShjccBp1TvW_63QjqURToCwoXYfE; report-to cf-csp-endpoint content-type text/html; charset=UTF-8 date Thu, 02 Nov 2023 12:25:28 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache report-to {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=CGWiUSGuZCQWYn5YfcsZNOOfkv43y8GFAzyyUTWqFWU-1698927928-0-AZBISb3A6ekAiPN2Lo5hdXT_TSShfAXSZCHpbFyg9ds0UOA86o2SFZ0Qp-ufXVrsFEFjCBmOKOiStu2C2ZaFqOUM8hw6co5tyo9_b-37KzGxHvhD3Q52FMB5hOFShjccBp1TvW_63QjqURToCwoXYfE"}],"group":"cf-csp-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload vary Accept-Encoding,User-Agent x-content-type-options nosniff x-frame-options SAMEORIGIN x-ua-compatible IE=edge x-xss-protection 1; mode=block
GET H2	200	polyfill.min.js Show response cdn.polyfill.io/v3/	165 B 647 B	93ms 26ms	Script text/javascript	2a04:4e42:200::282 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.polyfill.io/v3/polyfill.min.js?callback=polyfillsAreLoaded&flags=gated Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 1226047cd8676c6ca6bc2d32eee2a69e214f45dfcf09d96fc2d397499bd40d40 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 02 Nov 2023 12:25:29 GMT age 165815 detected-user-agent Chrome/119.0.0 server-timing HIT-CLUSTER, fastly;desc="Edge time";dur=1 alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 149 referrer-policy origin-when-cross-origin vary User-Agent, Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type text/javascript; charset=UTF-8 access-control-allow-origin * normalized-user-agent chrome/119.0.0 cache-control public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	otSDKStub.js Show response cookie-cdn.cookiepro.com/scripttemplates/	21 KB 7 KB	136ms 51ms	Script application/javascript	2606:4700:4400::ac40:936c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT content-md5 R1P6TtSHAQZyvOSI/KawHw== age 27562 x-ms-lease-status unlocked last-modified Thu, 02 Nov 2023 01:43:44 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 50fcd882-c01e-006f-6833-0d32be000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 cf-ray 81fc5c44bdc723be-LHR expires Fri, 03 Nov 2023 12:25:29 GMT
GET H2	200	style.min.133.css phished.io/assets/css/	171 KB 31 KB	87ms 87ms	Stylesheet text/css	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/assets/css/style.min.133.css Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 030550e6648183b555393a33d7ea2d532ecce62317e8c146918b40a4757c5691 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Tue, 10 Oct 2023 13:56:48 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type text/css; charset=utf-8 cache-control max-age=31536000 cf-ray 81fc5c4438e923b2-LHR alt-svc h3=":443"; ma=86400 expires Fri, 01 Nov 2024 12:25:29 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	339 KB 106 KB	185ms 90ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5WNNJ3N Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash cc90a0f6ec01e6ff1f1e43067f9caaf97d1933049f3ad5acb070e31fdac43b45 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 107894 x-xss-protection 0 last-modified Thu, 02 Nov 2023 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 02 Nov 2023 12:25:29 GMT
GET DATA	200 OK	truncated /	97 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 254d3e9791224a320efefd3fd2e69909ddd528b65725fd0c401d6d1052e866c3 Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	phished_icon.jpg phished.io/uploads/files/	4 KB 4 KB	86ms 85ms	Image image/jpeg	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://phished.io/uploads/files/phished_icon.jpg Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 27ce38c6a49c9bc09ca1e8fe6d3ad60e7ab31f2b0b44b10049f4f7d0428f787b Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Tue, 27 Apr 2021 20:42:55 GMT server cloudflare content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 81fc5c44692d23b2-LHR alt-svc h3=":443"; ma=86400 content-length 4143 expires Sat, 02 Dec 2023 12:25:29 GMT
GET DATA	200 OK	truncated /	94 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7cd0a7ffcdf211256a87f470ec66c8d8105f72e88e03b20f139437029d30b036 Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	FooterIcons_ISO27001.svg phished.io/uploads/files/	14 KB 5 KB	72ms 71ms	Image image/svg+xml	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://phished.io/uploads/files/FooterIcons_ISO27001.svg Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c96bc2d39cf1bf23d472983a0b1ab857519307b04ca94697784c30e4ee85437 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Thu, 12 Jan 2023 10:56:00 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type image/svg+xml cache-control max-age=2592000 cf-ray 81fc5c44693123b2-LHR alt-svc h3=":443"; ma=86400 expires Sat, 02 Dec 2023 12:25:29 GMT
GET H2	200	FooterIcons_AICPA_SOC.svg phished.io/uploads/files/	34 KB 11 KB	82ms 81ms	Image image/svg+xml	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://phished.io/uploads/files/FooterIcons_AICPA_SOC.svg Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 180bd8b52b4ce3caa39266bf3de59e5aeb0d573cdc5f2f8fc3aed25a4935602e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Thu, 12 Jan 2023 10:56:27 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type image/svg+xml cache-control max-age=2592000 cf-ray 81fc5c44693223b2-LHR alt-svc h3=":443"; ma=86400 expires Sat, 02 Dec 2023 12:25:29 GMT
GET H2	200	FooterIcons_CyberEssentials_CertifiedPlus.svg phished.io/uploads/files/	10 KB 4 KB	77ms 77ms	Image image/svg+xml	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://phished.io/uploads/files/FooterIcons_CyberEssentials_CertifiedPlus.svg Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72e5753aa3322c65570a838bdf31b49d6507fd5f60ea1a5a1f730bbc48a104cc Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Thu, 12 Jan 2023 10:56:37 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type image/svg+xml cache-control max-age=2592000 cf-ray 81fc5c44693423b2-LHR alt-svc h3=":443"; ma=86400 expires Sat, 02 Dec 2023 12:25:29 GMT
GET H2	200	v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response static.cloudflareinsights.com/beacon.min.js/	20 KB 7 KB	150ms 84ms	Script text/javascript	2606:4700::6810:3965 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Request headers Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Origin https://phished.io accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT content-encoding gzip last-modified Tue, 10 Oct 2023 21:38:13 GMT server cloudflare etag W/"2023.10.0" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 81fc5c44dac07738-LHR
GET H3	200	unlink.svg phished.io/assets/img/icons/	879 B 693 B	99ms 99ms	Image image/svg+xml	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://phished.io/assets/img/icons/unlink.svg Requested by Host: phished.io URL: https://phished.io/assets/css/style.min.133.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42b7e29df2eb6dcdc8ab616fd7376d260878f5d4a32f9e5bfeb0a2c4b913e688 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/assets/css/style.min.133.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Wed, 21 Apr 2021 07:57:04 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type image/svg+xml cache-control max-age=2592000 cf-ray 81fc5c44d9ac653a-LHR alt-svc h3=":443"; ma=86400 expires Sat, 02 Dec 2023 12:25:29 GMT
GET H2	200	6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2 fonts.gstatic.com/s/quicksand/v22/	26 KB 26 KB	140ms 44ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/quicksand/v22/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2 Requested by Host: phished.io URL: https://phished.io/assets/css/style.min.133.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b47478ebfad192488b281cb20b85ef93444ff24c547c4a03511e400defb38aa5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://phished.io/ Origin https://phished.io accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Fri, 27 Oct 2023 00:07:33 GMT x-content-type-options nosniff age 562676 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26160 x-xss-protection 0 last-modified Thu, 28 Jan 2021 23:17:30 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 26 Oct 2024 00:07:33 GMT
GET H3	200	lazy.min.133.js Show response phished.io/assets/js/	525 B 532 B	85ms 85ms	Script text/javascript	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/assets/js/lazy.min.133.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 70ceff449b84ff10b0a50ad40d2eb928163ef450b9820f16130f62818e1e7dc6 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Tue, 10 Oct 2023 13:56:48 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type text/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 81fc5c4519fb653a-LHR alt-svc h3=":443"; ma=86400 expires Fri, 01 Nov 2024 12:25:29 GMT
GET H3	200	jquery.min.133.js Show response phished.io/assets/js/	87 KB 32 KB	98ms 98ms	Script text/javascript	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/assets/js/jquery.min.133.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Wed, 21 Apr 2021 07:57:04 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type text/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 81fc5c4519fd653a-LHR alt-svc h3=":443"; ma=86400 expires Fri, 01 Nov 2024 12:25:29 GMT
GET H3	200	swiper-bundle.min.133.js Show response phished.io/assets/js/	137 KB 37 KB	167ms 166ms	Script text/javascript	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/assets/js/swiper-bundle.min.133.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c26293076ae548cd0614c5946e9c16f34bd7810fd2f63deeaa28df61ce935229 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Wed, 21 Apr 2021 07:57:04 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type text/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 81fc5c4519ff653a-LHR alt-svc h3=":443"; ma=86400 expires Fri, 01 Nov 2024 12:25:29 GMT
GET H3	200	lightgallery.min.133.js Show response phished.io/assets/js/	25 KB 7 KB	97ms 96ms	Script text/javascript	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/assets/js/lightgallery.min.133.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1985cf480c8e5e945a7025996f740338bbfeaa9718b8a883949470d5979c235 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Wed, 21 Apr 2021 07:57:04 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type text/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 81fc5c451a01653a-LHR alt-svc h3=":443"; ma=86400 expires Fri, 01 Nov 2024 12:25:29 GMT
GET H3	200	bodyScrollLock.min.133.js Show response phished.io/assets/js/	3 KB 1 KB	168ms 167ms	Script text/javascript	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/assets/js/bodyScrollLock.min.133.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 866f0301eda412172e6011cd70d0b1a15dd106414c901d73b01c4de129762de2 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Wed, 21 Apr 2021 07:57:04 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type text/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 81fc5c451a04653a-LHR alt-svc h3=":443"; ma=86400 expires Fri, 01 Nov 2024 12:25:29 GMT
GET H3	200	headroom.min.133.js Show response phished.io/assets/js/	4 KB 2 KB	176ms 175ms	Script text/javascript	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/assets/js/headroom.min.133.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 228f6ed3762377fd6238c8c25d5e295088fdc3fe01a26b1b9d5ecb4ab31bc33c Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Wed, 21 Apr 2021 07:57:04 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type text/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 81fc5c451a06653a-LHR alt-svc h3=":443"; ma=86400 expires Fri, 01 Nov 2024 12:25:29 GMT
GET H3	200	scroll-to.min.133.js Show response phished.io/assets/js/	716 B 664 B	94ms 94ms	Script text/javascript	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/assets/js/scroll-to.min.133.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 685eeed765f56677cfff1a5b67c0b9b05e4feb974d9c645abc14c8f2fc097ac5 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Tue, 10 Oct 2023 13:56:48 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type text/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 81fc5c451a07653a-LHR alt-svc h3=":443"; ma=86400 expires Fri, 01 Nov 2024 12:25:29 GMT
GET H3	200	set-current-valuta.min.133.js Show response phished.io/assets/js/	546 B 585 B	176ms 175ms	Script text/javascript	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/assets/js/set-current-valuta.min.133.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b423797b5a9d8ae449bc6023fd26945d904a8fc82e653e0ddc2e65b4a6c929c8 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Tue, 10 Oct 2023 13:56:48 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type text/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 81fc5c451a0a653a-LHR alt-svc h3=":443"; ma=86400 expires Fri, 01 Nov 2024 12:25:29 GMT
GET H3	200	numbers.min.133.js Show response phished.io/assets/js/	941 B 769 B	90ms 89ms	Script text/javascript	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/assets/js/numbers.min.133.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1fa8a3f6a70fd4a67170a6de16fdb9539c2e6e75afd99fd309dff16b101aabc1 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Tue, 10 Oct 2023 13:56:48 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type text/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 81fc5c451a0e653a-LHR alt-svc h3=":443"; ma=86400 expires Fri, 01 Nov 2024 12:25:29 GMT
GET H2	200	lottie-player.min.js Show response cdnjs.cloudflare.com/ajax/libs/lottie-player/1.5.7/	329 KB 72 KB	117ms 41ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/lottie-player/1.5.7/lottie-player.min.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8573c4f39cbb2549ad801cf48e86d2bd8d3925120a43876851a8d747ab9f5a1b Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 122513 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 73001 last-modified Mon, 25 Apr 2022 15:38:14 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "6266c066-11d29" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIQhbib0YtU9kbGVq3SXsZ9U8XmoLS1yPtvBt9hyJBzge%2F1Wc4tLRlQkdXGxRX16Ly5W5ss9Ch%2BfnT4JReDPtvr0582Jkf8Xp8p8o6bWhuhZkNyxUq1gaRZ52zGx3l44i0Ak76%2Fc%2FkEsgzvPnxegoF%2Bd"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 81fc5c458fb37780-LHR expires Tue, 22 Oct 2024 12:25:29 GMT
GET H3	200	lang.min.133.js Show response phished.io/assets/js/	804 B 680 B	167ms 167ms	Script text/javascript	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/assets/js/lang.min.133.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 83382af844b6678aacda56eed5233676b8b1acf031a0f4c2aa2349dca0eab06c Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Tue, 10 Oct 2023 13:56:48 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type text/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 81fc5c452a22653a-LHR alt-svc h3=":443"; ma=86400 expires Fri, 01 Nov 2024 12:25:29 GMT
GET H3	200	search.min.133.js Show response phished.io/assets/js/	2 KB 812 B	168ms 167ms	Script text/javascript	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/assets/js/search.min.133.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f9fde3028e236b0432f074bb6b0e9ecf717031763a0520dfdde57bfb967242e0 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Tue, 10 Oct 2023 13:56:48 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type text/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 81fc5c452a23653a-LHR alt-svc h3=":443"; ma=86400 expires Fri, 01 Nov 2024 12:25:29 GMT
GET H3	200	nav-dropdown.min.133.js Show response phished.io/assets/js/	2 KB 890 B	70ms 69ms	Script text/javascript	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/assets/js/nav-dropdown.min.133.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15706722919c1dfe7c0c12686aca90d6039d03341be1cceb1fd5bbf2e08de132 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Tue, 10 Oct 2023 13:56:48 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type text/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 81fc5c452a25653a-LHR alt-svc h3=":443"; ma=86400 expires Fri, 01 Nov 2024 12:25:29 GMT
GET H3	200	nav-mobile.min.133.js Show response phished.io/assets/js/	1 KB 704 B	168ms 168ms	Script text/javascript	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/assets/js/nav-mobile.min.133.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb26af94948317bf9bed17ef27b6752bf7aad8d9a6ea5b0efbc085eb6f87cc9d Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Tue, 10 Oct 2023 13:56:48 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type text/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 81fc5c452a28653a-LHR alt-svc h3=":443"; ma=86400 expires Fri, 01 Nov 2024 12:25:29 GMT
GET H2	200	c6b2ab12-cd04-4a92-9fe6-58dda5fe2fcc.json Show response cookie-cdn.cookiepro.com/consent/c6b2ab12-cd04-4a92-9fe6-58dda5fe2fcc/	3 KB 2 KB	150ms 86ms	XHR application/x-javascript	2606:4700:4400::ac40:936c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cookie-cdn.cookiepro.com/consent/c6b2ab12-cd04-4a92-9fe6-58dda5fe2fcc/c6b2ab12-cd04-4a92-9fe6-58dda5fe2fcc.json Requested by Host: cookie-cdn.cookiepro.com URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f9f6622e7c6e93e7c206a31d53bad86f393849474bbbeb65ab54f39f169dc129 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT content-md5 R3G/b6jwrs1UVOgYfE7L1w== age 21101 x-ms-lease-status unlocked last-modified Wed, 21 Jun 2023 13:25:52 GMT server cloudflare vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id df773bb4-e01e-0057-0d52-0d967e000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 cf-ray 81fc5c459f7b88af-LHR
GET H3	200	lazysizes.min.133.js Show response phished.io/assets/js/	8 KB 4 KB	94ms 94ms	Script text/javascript	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/assets/js/lazysizes.min.133.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Wed, 21 Apr 2021 07:57:04 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type text/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 81fc5c459b32653a-LHR alt-svc h3=":443"; ma=86400 expires Fri, 01 Nov 2024 12:25:29 GMT
GET H3	200	lg-video.min.133.js Show response phished.io/assets/js/	8 KB 3 KB	97ms 96ms	Script text/javascript	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/assets/js/lg-video.min.133.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79324c6694c6184c5efbf691acdf6815b627b6c3a9f1e95b21c9b7069fee478b Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Wed, 21 Apr 2021 07:57:04 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type text/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 81fc5c45bb56653a-LHR alt-svc h3=":443"; ma=86400 expires Fri, 01 Nov 2024 12:25:29 GMT
GET H2	200	otBannerSdk.js Show response cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/	404 KB 94 KB	60ms 58ms	Script application/javascript	2606:4700:4400::ac40:936c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/otBannerSdk.js Requested by Host: cookie-cdn.cookiepro.com URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT content-md5 XJk1ZZTljtwHFT3qcIJg+w== age 50965 x-ms-lease-status unlocked last-modified Fri, 09 Jun 2023 01:34:32 GMT server cloudflare vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id f6dfab97-701e-009e-5190-9a2b93000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 cf-ray 81fc5c463fe823be-LHR expires Fri, 03 Nov 2023 12:25:29 GMT
GET H3	200	form.min.133.js Show response phished.io/assets/js/	1 KB 897 B	65ms 64ms	Script text/javascript	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/assets/js/form.min.133.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16b41539b06270af0370be5f84279fa9f328b789d8796fd5d7b99f8ed5ed7c4e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Tue, 10 Oct 2023 13:56:48 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type text/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 81fc5c464c6d653a-LHR alt-svc h3=":443"; ma=86400 expires Fri, 01 Nov 2024 12:25:29 GMT
GET H3	200	nav.min.133.js Show response phished.io/assets/js/	686 B 618 B	62ms 62ms	Script text/javascript	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/assets/js/nav.min.133.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa2dc3db05ec28702bc9f9598e34336d8f30d0343b53630a7348e7b8490ccf0c Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Tue, 10 Oct 2023 13:56:48 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type text/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 81fc5c465c7c653a-LHR alt-svc h3=":443"; ma=86400 expires Fri, 01 Nov 2024 12:25:29 GMT
GET H3	200	modal.min.133.js Show response phished.io/assets/js/	2 KB 958 B	69ms 69ms	Script text/javascript	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/assets/js/modal.min.133.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eee605fa444e2093be875b28f5c046da88e46b6f84e3df9724884fda0705c9fa Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Tue, 10 Oct 2023 13:56:48 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type text/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 81fc5c465c7f653a-LHR alt-svc h3=":443"; ma=86400 expires Fri, 01 Nov 2024 12:25:29 GMT
GET H3	200	header.min.133.js Show response phished.io/assets/js/	618 B 625 B	74ms 74ms	Script text/javascript	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/assets/js/header.min.133.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51211a55788e7ad1cb7fb4e33a09c4877afb54aed6693818a48894d932a8db75 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Tue, 10 Oct 2023 13:56:48 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type text/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 81fc5c466c99653a-LHR alt-svc h3=":443"; ma=86400 expires Fri, 01 Nov 2024 12:25:29 GMT
GET H3	200	slider.min.133.js Show response phished.io/assets/js/	4 KB 2 KB	78ms 78ms	Script text/javascript	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/assets/js/slider.min.133.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 17275db4b12434f9588099cfff7d747e9bb126c9bbe67e1d6ac58420914e5f29 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Tue, 10 Oct 2023 13:56:48 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type text/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 81fc5c467ca3653a-LHR alt-svc h3=":443"; ma=86400 expires Fri, 01 Nov 2024 12:25:29 GMT
GET H2	200	stat.js Show response www.clickcease.com/monitor/	142 KB 43 KB	189ms 69ms	Script application/javascript	2600:9000:223e:b600:15:a0d3:77c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.clickcease.com/monitor/stat.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:b600:15:a0d3:77c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-amz-version-id Cf02rYNryv9UIBzoGOQeQJTZ2QU2vf2Y content-encoding gzip via 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront) date Thu, 02 Nov 2023 12:25:19 GMT x-content-type-options nosniff content-security-policy frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests; x-amz-cf-pop FRA56-P4 age 12 x-amz-server-side-encryption AES256 strict-transport-security max-age=31536000; includeSubDomains x-cache Hit from cloudfront referrer-policy no-referrer-when-downgrade last-modified Tue, 12 Sep 2023 09:05:15 GMT server AmazonS3 etag W/"e112b8bf96f23bc2970347a3c98e37fc" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript permissions-policy microphone 'none'; camera 'none'; x-amz-cf-id 7CDfyvNqJz3Hq05v1nabRS-pAHOHRiboK_8IpRn_7Ka593W0dF-GmQ==
GET H3	200	PH-webbanner-Whitepapers-03.svg phished.io/uploads/files/	50 KB 16 KB	76ms 76ms	Image image/svg+xml	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://phished.io/uploads/files/PH-webbanner-Whitepapers-03.svg Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c33fe45ea1a382cdbd597953fd280ee9129750453e0b8d15da3ebfb4af8e3876 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC last-modified Mon, 13 Mar 2023 13:47:26 GMT server cloudflare content-encoding br vary Accept-Encoding,User-Agent content-type image/svg+xml cache-control max-age=2592000 cf-ray 81fc5c468cbf653a-LHR alt-svc h3=":443"; ma=86400 expires Sat, 02 Dec 2023 12:25:29 GMT
GET H2	200	en.json Show response cookie-cdn.cookiepro.com/consent/c6b2ab12-cd04-4a92-9fe6-58dda5fe2fcc/6a9c919f-f538-414e-b0c3-6a6342d68a0d/	78 KB 16 KB	74ms 73ms	Fetch application/x-javascript	2606:4700:4400::ac40:936c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cookie-cdn.cookiepro.com/consent/c6b2ab12-cd04-4a92-9fe6-58dda5fe2fcc/6a9c919f-f538-414e-b0c3-6a6342d68a0d/en.json Requested by Host: cookie-cdn.cookiepro.com URL: https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 422084f50e0d9d86c670de292679bd01e7f54bcb6c4e44f8deb95839798dd492 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT content-md5 P1NWr6rateYVQETaSTJdTA== x-ms-lease-status unlocked last-modified Wed, 21 Jun 2023 13:25:55 GMT server cloudflare vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 4f769151-001e-0094-3044-a48f24000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 cf-ray 81fc5c4709e888af-LHR
GET H2	200	6615327.js Show response js.hs-scripts.com/	1 KB 1 KB	457ms 387ms	Script application/javascript	2606:4700::6810:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/6615327.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNNJ3N Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4969bed8c75333dc1cd00af182f019cf79601dac47d29fb91f4744c132cbdbe3 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status EXPIRED x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 2bd2e5a8-0359-4af4-95f4-71153813e9b7 x-envoy-upstream-service-time 10 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 2bd2e5a8-0359-4af4-95f4-71153813e9b7 last-modified Thu, 02 Nov 2023 12:09:37 GMT server cloudflare x-trace 2B50F19952E8ECF931D7F03D43948FD2DD83B119E9000000000000000000 vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://phished.io x-evy-trace-virtual-host all cache-control public, max-age=60 access-control-allow-credentials true x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5b5c96c966-pgbpv cf-ray 81fc5c483bf563af-LHR expires Thu, 02 Nov 2023 12:26:29 GMT
GET H/1.1	200 OK	lp.js Show response metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/	6 KB 6 KB	162ms 33ms	Script application/x-javascript	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/lp.js Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software / Resource Hash 10261b710e399a8cee22c8ff4118167d91ac58254f5bf0291036d2219dd5cf25 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=15552000; includeSubDomains; preload Last-Modified Thu, 22 Sep 2022 17:10:43 GMT x-amz-request-id tx00000000000005b4fe6b0-00653ba59b-521f6452-sfo2a etag "9a8767fa98da937fb02cdbbc52a101bb" x-envoy-upstream-healthchecked-cluster Vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin X-HW 1698927929.dop245.lo4.t,1698927929.cds107.lo4.shn,1698927929.dop245.lo4.t,1698927929.cds320.lo4.c Content-Type application/x-javascript Cache-Control max-age=84706 x-rgw-object-type Normal Connection Keep-Alive Accept-Ranges bytes Content-Length 5776
GET H2	200	otFlat.json Show response cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/assets/	13 KB 3 KB	66ms 66ms	Fetch application/json	2606:4700:4400::ac40:936c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/assets/otFlat.json Requested by Host: cookie-cdn.cookiepro.com URL: https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT content-md5 5mNZducabMgxSDzBo+ZI8w== x-ms-lease-status unlocked last-modified Fri, 09 Jun 2023 01:34:23 GMT server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id d67bceeb-901e-00a9-79ce-06f93f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 cf-ray 81fc5c47db2088af-LHR expires Fri, 03 Nov 2023 12:25:29 GMT
GET H2	200	otPcPanel.json Show response cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/assets/v2/	63 KB 14 KB	48ms 48ms	Fetch application/json	2606:4700:4400::ac40:936c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/assets/v2/otPcPanel.json Requested by Host: cookie-cdn.cookiepro.com URL: https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 00b7928237d68d4ee4ee4d9c48e47ca0295e1d93ad19da367f813595efc7c539 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT content-md5 07cVpPdWjCoTA4Y+5CRcPA== age 8729 x-ms-lease-status unlocked last-modified Fri, 09 Jun 2023 01:34:25 GMT server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 2634e5c7-701e-00a1-4b14-a4e330000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 cf-ray 81fc5c47db2388af-LHR expires Fri, 03 Nov 2023 12:25:29 GMT
GET H2	200	otCommonStyles.css Show response cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/assets/	21 KB 4 KB	63ms 63ms	Fetch text/css	2606:4700:4400::ac40:936c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/assets/otCommonStyles.css Requested by Host: cookie-cdn.cookiepro.com URL: https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT content-md5 oWkBTLgDDXvrUsd93y/Zxg== x-ms-lease-status unlocked last-modified Fri, 09 Jun 2023 01:34:39 GMT server cloudflare vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id ac87b79a-901e-004d-0fe5-ebf7a1000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 cf-ray 81fc5c47db2688af-LHR expires Fri, 03 Nov 2023 12:25:29 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	148ms 44ms	Script text/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNNJ3N Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 02 Nov 2023 11:51:32 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 2037 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Thu, 02 Nov 2023 13:51:32 GMT
GET H2	200	ot_guard_logo.svg Show response cookie-cdn.cookiepro.com/logos/static/	497 B 474 B	45ms 45ms	Fetch image/svg+xml	2606:4700:4400::ac40:936c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cookie-cdn.cookiepro.com/logos/static/ot_guard_logo.svg Requested by Host: cookie-cdn.cookiepro.com URL: https://cookie-cdn.cookiepro.com/scripttemplates/202306.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT content-md5 tXyZydHjxQshFMbbBT1/8A== age 8728 x-ms-lease-status unlocked last-modified Thu, 02 Nov 2023 01:43:55 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 7693c862-301e-006b-7848-0dbfb9000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 cf-ray 81fc5c487c0c88af-LHR expires Fri, 03 Nov 2023 12:25:29 GMT
GET H2	200	Logo-Phished.png cookie-cdn.cookiepro.com/logos/279bff69-1abd-42bb-bcea-c903f99556fa/39c7188e-2c4e-4973-85d1-26cb793df646/ee7b70ed-af8f-4313-8b9f-84e6a572dd94/	1 KB 1 KB	46ms 46ms	Image image/png	2606:4700:4400::ac40:936c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cookie-cdn.cookiepro.com/logos/279bff69-1abd-42bb-bcea-c903f99556fa/39c7188e-2c4e-4973-85d1-26cb793df646/ee7b70ed-af8f-4313-8b9f-84e6a572dd94/Logo-Phished.png Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4dee039c098da887cc34b55142d63d437067c7e86b39b7276bfad6ca77d2a8f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status HIT content-md5 88TrIarezaYDFJki51XeEQ== age 17715 cf-polished origSize=1880 content-length 1069 x-ms-lease-status unlocked cf-bgj imgq:100,h2pri last-modified Mon, 19 Apr 2021 11:45:00 GMT server cloudflare etag 0x8D903289069BA48 vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 24e546a6-301e-006b-4bbb-a3bfb9000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 81fc5c489b9c23be-LHR expires Fri, 03 Nov 2023 12:25:29 GMT
GET H2	200	poweredBy_cp_logo.svg cookie-cdn.cookiepro.com/logos/static/	5 KB 2 KB	45ms 45ms	Image image/svg+xml	2606:4700:4400::ac40:936c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cookie-cdn.cookiepro.com/logos/static/poweredBy_cp_logo.svg Requested by Host: phished.io URL: https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:936c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 02 Nov 2023 12:25:29 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT content-md5 uInNdQwuuw8s7lYl3cE7eQ== age 51678 x-ms-lease-status unlocked last-modified Mon, 23 Oct 2023 16:06:51 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 74c1dd99-901e-0096-4a07-06319c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 cf-ray 81fc5c489b9f23be-LHR expires Fri, 03 Nov 2023 12:25:29 GMT
POST H2	200	collect www.google-analytics.com/	35 B 237 B	52ms 51ms	Ping image/gif	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 02 Nov 2023 12:25:29 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin https://phished.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	6615327.js Show response js.hs-analytics.net/analytics/1698927900000/	66 KB 21 KB	232ms 158ms	Script text/javascript	2606:4700::6810:4eba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1698927900000/6615327.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/6615327.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:4eba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22bd65f4b03143209c20a346a7ad8276a2b0924a04398167f557b7889f584e9c Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:30 GMT x-amz-version-id null content-encoding br cf-cache-status MISS x-amz-request-id PHWY5V4EZ7T67XS4 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 648c6fba-8c37-423e-9a92-a8040c815fd4 x-envoy-upstream-service-time 19 x-amz-id-2 Tk9q8VVBfyZBRArTrsuKf0lc+PGasrVQYVAQ15wAB//E1wnXkDHyU0hZ5KVGRO5V7/rWyKJQ4Bg= x-evy-trace-listener listener_https x-request-id 648c6fba-8c37-423e-9a92-a8040c815fd4 x-evy-trace-route-configuration listener_https/all last-modified Thu, 12 Oct 2023 15:08:52 GMT server cloudflare etag W/"1d9ad5e5789e062e39442a4344fdaa82" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-gcx66 cache-control max-age=300,public access-control-allow-credentials false cf-ray 81fc5c4b299f23b8-LHR expires Thu, 02 Nov 2023 12:30:30 GMT
GET H2	200	banner.js Show response js.hs-banner.com/v2/6615327/	67 KB 20 KB	218ms 143ms	Script text/javascript	2606:4700:4400::ac40:991b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/v2/6615327/banner.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/6615327.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c37a40a23c0e0348dde6736c5b114e0ecf32e8a45afb12dffa9f16fa5a2c0e03 Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:30 GMT x-amz-version-id C7pHHlYzovLDmzwaWVGcPASJUCUXQa4d content-encoding br cf-cache-status REVALIDATED x-amz-request-id NBNVXMNQYZKHQKQX x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id df40d3a8-32e4-4dc9-8753-3b20c17f90a3 x-envoy-upstream-service-time 37 x-amz-id-2 99Dwy66CcGeuAOolsB8ISeitAlnnZLKxwXL8PrDrqAXcnxyC3d63M9SoHdgSo/S3cfzQB+sMASI= x-evy-trace-listener listener_https x-request-id df40d3a8-32e4-4dc9-8753-3b20c17f90a3 x-evy-trace-route-configuration listener_https/all last-modified Wed, 18 Oct 2023 16:46:22 GMT server cloudflare etag W/"5171179256a28ab20087a82ec4b5937a" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://info.phished.io x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-snk2v vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 81fc5c4b2dd924ab-LHR expires Thu, 02 Nov 2023 12:30:30 GMT
GET H2	200	fb.js Show response js.hsadspixel.net/	6 KB 4 KB	128ms 55ms	Script application/javascript	2606:4700::6811:e5a3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsadspixel.net/fb.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/6615327.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:e5a3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2148aae183c99fd22de0fa5ac66943716f59908dc935b3b3ca7f02cfdeca17f4 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:30 GMT x-amz-version-id MNLx4JOx3WSJAJIp0HalotEMdYQEQdMj via 1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT x-amz-cf-pop IAD12-P3 age 259 x-amz-server-side-encryption AES256 x-evy-trace-route-service-name envoyset-translator content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.494/bundles/pixels-release.js&cfRay=81fc55f84db34194-LHR x-cache Hit from cloudfront x-hubspot-correlation-id 6919d2e9-933a-4ff6-b105-3c6b56c65eec cache-tag staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod content-encoding br x-envoy-upstream-service-time 1 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 6919d2e9-933a-4ff6-b105-3c6b56c65eec last-modified Fri, 27 Oct 2023 13:56:49 UTC server cloudflare etag W/"14edbc97b72939e54b0993394190ecf8" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-hs-cache-status HIT x-evy-trace-virtual-host all cache-control max-age=600 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-7c89bb96b9-cq5v7 cf-ray 81fc5c4b2abe3867-LHR x-amz-cf-id qWbmCLH6o8xEWIpD9cmxXHSJyuhs7cbZoOgBbpBBHzRrudkBA9qhnw== x-hs-target-asset adsscriptloaderstatic/static-1.494/bundles/pixels-release.js
GET H2	200	json Show response api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/	115 B 1 KB	226ms 136ms	XHR application/json	2606:4700::6811:cacc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=6615327 Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:cacc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c91eedcce04ca5d47f5836055da328dfa77fcc5091da7733bb5c07f8f17b48f4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:30 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 2f23a2a6-4f69-4c31-860c-254fca5f6760 content-encoding br x-envoy-upstream-service-time 3 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 2f23a2a6-4f69-4c31-860c-254fca5f6760 server cloudflare x-trace 2B9B1A451290022D2C515C188B85D06700D5B20BF2000000000000000000 vary origin, Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://phished.io x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5b5c96c966-kz7hh access-control-max-age 180 access-control-allow-credentials false x-evy-trace-virtual-host all report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spcjk34v25l17f3ygYuWbUDR1a36bcdm%2B2C%2B2%2Fr5ns4RiRuOZ4E2IzTJUwYA0aQ38S3uNeM4LE35k7AGHJa4RLhupGxaNtTMZfv733QZl8hlXeI93X76Vs2zK5fQwIiz0R4ZWBpUupvjGVk2"}],"group":"cf-nel","max_age":604800} cf-ray 81fc5c4ca82248cd-LHR access-control-allow-headers *
GET H2	200	__ptq.gif track.hubspot.com/	45 B 1 KB	264ms 186ms	Image image/gif	2606:4700::6813:9b53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1709910937&v=1.1&a=6615327&rcu=https%3A%2F%2Fphished.io%2Fblog%2Fdos-and-donts-for-a-successful-internal-phishing-campaign&pu=https%3A%2F%2Fphished.io%2Fblog%2Fdos-and-donts-for-a-successful-internal-phishing-campaign&t=Do%27s+and+don%27ts+for+a+successful+phishing+campaign+%7C+Phished.io&cts=1698927930275&vi=4325dcefce24393b7c3964e9584ce13e&nc=true&u=168221886.4325dcefce24393b7c3964e9584ce13e.1698927930263.1698927930263.1698927930263.1&b=168221886.1.1698927930263&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:30 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 740a8222-733a-473c-82c8-ded7d6e0efdb p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 40 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 740a8222-733a-473c-82c8-ded7d6e0efdb server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Le7Nd7Da8Rwo9hiBSLdlr8O4NVynyVfm9eFB11bXX9saIQ7hktJ7WRg4WKKc9SjTF5gbLgaS7uJERR9XVLztaSd%2FrvdjxfX7hml2JiS0IR3j2kLEkz8XO5An%2F0NLnplOsj%2FvTQLWFpnWWP8N0AGG"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-674b9fb979-n9jgv x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 81fc5c4cdcde730f-LHR x-robots-tag none
POST H3	204	rum Show response phished.io/cdn-cgi/	0 137 B	43ms 42ms	XHR text/plain	2606:4700::6812:ea2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://phished.io/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:ea2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 content-type application/json Response headers date Thu, 02 Nov 2023 12:25:30 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://phished.io x-frame-options DENY access-control-allow-credentials true cf-ray 81fc5c4c6ee4653a-LHR
GET H2	200	js Show response www.googletagmanager.com/gtag/	201 KB 73 KB	61ms 59ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-801014484 Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 485b2f21f1bc144223381b6d1645febdf457a4d920d02d4cd656d5286e324fcb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:30 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 74205 x-xss-protection 0 last-modified Thu, 02 Nov 2023 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 02 Nov 2023 12:25:30 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	201 KB 73 KB	69ms 69ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-801014484&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WNNJ3N Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c4f7f2105adb466cb112e097a45170f46e6f2ee47857ec3c7514479a15aa266b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 12:25:30 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 74138 x-xss-protection 0 last-modified Thu, 02 Nov 2023 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 02 Nov 2023 12:25:30 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/801014484/	3 KB 2 KB	213ms 87ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801014484/?random=1698927930601&cv=11&fst=1698927930601&bg=ffffff&guid=ON&async=1&gtm=45be3au1&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fphished.io%2Fblog%2Fdos-and-donts-for-a-successful-internal-phishing-campaign&hn=www.googleadservices.com&frm=0&tiba=Do%27s%20and%20don%27ts%20for%20a%20successful%20phishing%20campaign%20%7C%20Phished.io&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=132977163.1698927931&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-801014484 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6c3663192dec0b762b82081f5fb91eb043744d5c9229d7ccb2754d7a1c0a155d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 12:25:30 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1318 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/801014484/	42 B 455 B	155ms 56ms	Image image/gif	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/801014484/?random=1698927930601&cv=11&fst=1698926400000&bg=ffffff&guid=ON&async=1&gtm=45be3au1&u_w=1600&u_h=1200&url=https%3A%2F%2Fphished.io%2Fblog%2Fdos-and-donts-for-a-successful-internal-phishing-campaign&frm=0&tiba=Do%27s%20and%20don%27ts%20for%20a%20successful%20phishing%20campaign%20%7C%20Phished.io&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN66zAL8wJuxZQeRN9UcMXX5bHrfFaVA&random=2468952251&rmt_tld=0&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 12:25:30 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.co.uk/pagead/1p-user-list/801014484/	42 B 455 B	171ms 60ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.co.uk/pagead/1p-user-list/801014484/?random=1698927930601&cv=11&fst=1698926400000&bg=ffffff&guid=ON&async=1&gtm=45be3au1&u_w=1600&u_h=1200&url=https%3A%2F%2Fphished.io%2Fblog%2Fdos-and-donts-for-a-successful-internal-phishing-campaign&frm=0&tiba=Do%27s%20and%20don%27ts%20for%20a%20successful%20phishing%20campaign%20%7C%20Phished.io&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN66zAL8wJuxZQeRN9UcMXX5bHrfFaVA&random=2468952251&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://phished.io/blog/dos-and-donts-for-a-successful-internal-phishing-campaign User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 12:25:30 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT